[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
krb5_mk_req is returning some weird krb5 error.
I'm trying to fix the libpam-heimdal module in debian. (version 1.2.0)
Now I went through the code and tried to find out what did go wrong. The
log message shows me:
login: (pam_krb5): none: pam_sm_authenticate: entry
login: pam_krb5: verify_krb_v5_tgt(): krb5_mk_req(): Unknown code
krb5 7, errornr: -1765328377
login: (pam_krb5): matthijs: pam_sm_authenticate: exit (failure)
login: (pam_krb5): matthijs: krb5_cc_destroy: ctx->cache:
This is the peace of code where it goes wrong:
/* Talk to the kdc and construct the ticket. */
retval = krb5_mk_req(context, &auth_context, 0, *service, phost,
NULL, ccache, &packet);
auth_context is not initialized, but as far as I read the documentation
the krb5_mk_req call constructs it.
As you see krb5_mk_req returns a wrong value. So my question is what am
I doing wrong here, or what could go wrong ?
I think I forget somewhere a call before doing the call krb5_mk_req().
If I try this module against MIT then it works.
The upgrade to 1.2.0 is to fix a few bugs in debian and to move to a new
upstream. And also to have the same codebase for libpam-krb5 and
libpam-heimdal in debian.
I'm pretty out of options right now what it could be...
PS: if someone wants to look into the code it's available here: