[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heidmal Keytab Format



I think that is just an entry that has been expired/deleted.

When an entry is deleted from a keytab file   instead of rewriting the entire file   kerberos will
change the length of teh entry to -length   and zero out all bytes for the actual entry itself.


I.e.  When you find an entry where length is negative   it means a deleted entry  so just skip -length bytes forward
and read the next entry in the file.



On 5/2/06, Michael B Allen <mba2000@ioplex.com> wrote:
I'm writing a custom keytab utility. I've noticed there's stuff after
the last record.

The following is the tail end of debug output from my test program. You
can see it decodes records ok and then encounters a record size of
c7FFFFFF:

...
00010:  07 6d 69 61 6c 6c 65 6e 00 00 00 01 43 aa 35 40  |.miallen....C.5@|
0,1,,miallen,FOO.NET,0x43aa3540,23,16,91b4700007ccc4c760c4e9767f157a7e
00000:  00 00 00 39 00 02 00 07 46 4f 4f 2e 4e 45 54 00  |...9....FOO.NET.|
00010:  04 48 54 54 50 00 0d 71 75 61 72 6b 2e 66 6f 6f  |.HTTP..quark.foo|
3,1,HTTP,quark.foo.net,FOO.NET,0x44163d06,3,8,f8a285e09b3e7492
00000:  ff ff ff c7 00 00 00 00 00 00 00 00 00 00 00 00  |................|
00010:  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  |................|
keytab.c:168:keytab_decode: unexpected record size: 4294967239

What is it? How do I know when I've reached the last record? When creating
a Heimdal keytab do I need to put this sufff in? Do MIT keytabs have
this trailer?

Mike