[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-inetutils] Important update of telnetd.
From: |
Mats Erik Andersson |
Subject: |
Re: [bug-inetutils] Important update of telnetd. |
Date: |
Wed, 8 Aug 2012 16:25:00 +0200 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
onsdag den 8 augusti 2012 klockan 14:43 skrev Simon Josefsson detta:
> Mats Erik Andersson <address@hidden> writes:
>
> > The client needs shishi_done() in order to incorporate
> > any issued and valid ticket into the cache.
>
> Ah, yes, that would be good to do. Maybe there should be a Shishi
> interface for saving the cached tickets. InetUtils could invoke this to
> achieve it though:
>
> shishi_tkts_to_file (shishi_tkts_default (handle), shishi_tkts_default_file
> (handle))
>
> However maybe saving received tickets should be done automatically by
> Shishi.
The tickets are automatically saved as soon as I insert shishi_done().
Without my manual insertion of shishi_done() the forced abolition
of krb5shishi_cleanup() will allow a session go through with
authorization and encryption, but the tickets will not propagate
into the cache, as a simple experiment with "shishi -l" verifies.
However, I am observing in my playing around with different acting
client users, that there frequently happens to be multiple tickets
for "address@hidden" issued for the service "host/localhost".
Is this in order, or could it be that libshishi is not tracking
already granted tickets sufficiently well? The initial ticket
stays the same, but then there are multiple service tickets
that look identical in printout from "shishi -l". Even with
two client users I find three or more service tickets.
Regards,
Mats