Re: rudimentary preauth working

help-shishi

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rudimentary preauth working

From:	Elrond
Subject:	Re: rudimentary preauth working
Date:	Fri, 21 Apr 2006 14:51:23 +0200
User-agent:	Mutt/1.5.9i

On Thu, Apr 20, 2006 at 09:35:55PM +0200, Simon Josefsson wrote:
> Elrond, debian packages of 0.0.24 with the recent pre-auth stuff is
> available from:
> 
> http://josefsson.org/shishi/debian/0.0.24/

downloaded a few hours ago, rebuild, installed (except
shishid).

> If you can confirm that pre-auth at least sort-of work, I'll release
> it.

1) After finding the option to enforce preauth in heimdal,
   I can confirm that it works with my heimdal-kdc. ;)

2) w2k3 as kdc breaks (including a free(random-adress), see
   next mail.)

Here's a subset of the "-v" * 4 output (let me know, if you
want it all):

        Sending AS-REQ...
        name:NULL  type:SEQUENCE
            name:etype  type:SEQ_OF
              name:NULL  type:INTEGER
              name:?1  type:INTEGER  value:0x12
              name:?2  type:INTEGER  value:0x10
              name:?3  type:INTEGER  value:0x03
...
        -----BEGIN SHISHI KRB-ERROR-----
        foHAMIG9oAMCAQWhAwIBHqQRGA8yMDA2MDQyMTEyMzcxNlqlBQIDCrMDpgMCARmp
        FxsVVzJLM0RPTS5TQU1CQS1UTkcuT1JHqiowKKADAgEBoSEwHxsGa3JidGd0GxVX
        MkszRE9NLlNBTUJBLVRORy5PUkesTQRLMEkwMaEDAgELoioEKDAmMCSgAwIBA6Ed
        BBtXMkszRE9NLlNBTUJBLVRORy5PUkdlbHJvbmQwCaEDAgECogIEADAJoQMCAQ+i
        AgQA
        -----END SHISHI KRB-ERROR-----
...
        name:NULL  type:SEQ_OF
          name:NULL  type:SEQUENCE
            name:padata-type  type:INTEGER
            name:padata-value  type:OCT_STR
          name:?1  type:SEQUENCE
            name:padata-type  type:INTEGER  value:0x0b
            name:padata-value  type:OCT_STR  
value:30263024a003020103a11d041b57324b33444f4d2e53414d42412d544e472e4f5247656c726f6e64
          name:?2  type:SEQUENCE
            name:padata-type  type:INTEGER  value:0x02
            name:padata-value  type:OCT_STR  value:
          name:?3  type:SEQUENCE
            name:padata-type  type:INTEGER  value:0x0f
            name:padata-value  type:OCT_STR  value:
        -----BEGIN SHISHI METHOD-DATA-----
        MEkwMaEDAgELoioEKDAmMCSgAwIBA6EdBBtXMkszRE9NLlNBTUJBLVRORy5PUkdl
        bHJvbmQwCaEDAgECogIEADAJoQMCAQ+iAgQA
        -----END SHISHI METHOD-DATA-----
        Types of PA-DATA in KRB-ERROR: 11, 2, 15.
...
        Unsupported pre-auth required


Hope it helps you figure out, what goes on there.


    Elrond

[Prev in Thread]

Current Thread

[Next in Thread]

rudimentary preauth working, Simon Josefsson, 2006/04/19
- Re: rudimentary preauth working, Simon Josefsson, 2006/04/20
  - Re: rudimentary preauth working, Simon Josefsson, 2006/04/20
    - Re: rudimentary preauth working, Elrond, 2006/04/20
    - Re: rudimentary preauth working, Elrond <=
    - Re: rudimentary preauth working, Simon Josefsson, 2006/04/21
    - Re: rudimentary preauth working, Simon Josefsson, 2006/04/21
    - Re: rudimentary preauth working, Elrond, 2006/04/21
    - Re: rudimentary preauth working, Simon Josefsson, 2006/04/21

Prev by Date: Re: kerberos and ldap: Standards?
Next by Date: wrong free in shishi_krberror_pretty_print
Previous by thread: Re: rudimentary preauth working
Next by thread: Re: rudimentary preauth working
Index(es):
- Date
- Thread