Re: The nonce

[Alberto Fondi]

Simon Josefsson ha scritto:
> On Tue, 2006-10-24 at 16:19 +0200, Alberto Fondi wrote:
>   
> > Hi,
> >
> >     my problem is the next one:
> >
> > when i use shishi username
> > i get the following message for exemple
> >
> > request nonce (len=4) 0590673c
> > reply nonce (len=3) 90673c
> > AS exchange failed: Replay protection value (nonce) differ between 
> > request and reply.
> >
> > but there is another strange thing: there are times when i type the same 
> > command and i get the ticket?
> >
> > How could you explain this behaviour of shishi?
> >     
>
> Hi!  Interesting error, it seems that for some reason the server
> responds with a short 3 octet nonce:s.  This might indicate a protocol
> error in Shishi or in the KDC.  Which KDC is this?
>
> Can you find a pattern in the nonces that fail?  I.e., do they all start
> with '0'?
>
> To find out what nonce was used for commands that succeed, you can use
> 'shishi -d' and then 'shishi -v -v|grep nonce'.
>
> /Simon
>
>
>   
Hi Simom,


i have made different test with shishi as client and shishid ad KDC and 
with the same account and i report you the nounce couples (request, reply):

request nonce (len=4) 1fd69fea
reply nonce (len=1) ea

request nonce (len=4) 766e2dd0
reply nonce (len=1) d0

request nonce (len=4) 64e27ec2
reply nonce (len=1) c2

request nonce (len=4) 1551d4af
reply nonce (len=1) af

request nonce (len=4) 6625fc6d
reply nonce (len=2) fc6d

request nonce (len=4) 6cc4edc5
reply nonce (len=1) c5

request nonce (len=4) 6cf3b668
reply nonce (len=2) b668

request nonce (len=4) 37b72c09
reply nonce (len=3) b72c09

request nonce (len=4) 534f36d8
reply nonce (len=1) d8

As you suggested me, and as you can see from these tests, it seems like 
the reply nonce is only the last part of the request nonce, but the 
lenght of this part is variable!.

Could it be a pointer offset error ?


Alberto