[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
rudimentary preauth working
From: |
Simon Josefsson |
Subject: |
rudimentary preauth working |
Date: |
Wed, 19 Apr 2006 18:10:03 +0200 |
User-agent: |
Gnus/5.110005 (No Gnus v0.5) Emacs/22.0.50 (gnu/linux) |
FYI, I succeeded getting basic preauth to work. The code is ugly, and
you'll have to enter the password twice (once to generate the preauth
and once to decrypt the AS-REP), and it doesn't handle non-default
salts, but seem to work against MIT KDC.
I should clean this up, so it automatically send a preauth AS-REQ when
it receive the KRB-ERROR response that indicate this problem, and only
query for a password once.
Note that you'll need to use -o preauth, or put 'preauth' in the
configuration file. This is undocumented for now, because I don't
think it should be required in the final release.
Try tomorrow's nightly build, if you don't build from CVS.
If it doesn't work, please run with 'shishi -v -v -v -v -o preauth
foo' and send the output (which will contain the password, so use a
dummy account).
More later this week, first I should get gnutls 1.4.0 released...
/Simon
address@hidden:~/src/shishi$ src/shishi -d
1 ticket removed.
address@hidden:~/src/shishi$ src/shishi jas2
Error code from server:
Additional pre-authentication required
Additional error message from server:
NEEDED_PREAUTH
Types of PA-DATA requested: 2, 11, 19, 13.
Preauth required, try `-o preauth'.
/home/jas/src/shishi/src/.libs/lt-shishi: Could not get ticket as `jas2' for
`krbtgt/JOSEFSSON.ORG'.
address@hidden:~/src/shishi$ src/shishi -o preauth jas2
Enter password for address@hidden':
Enter password for address@hidden':
address@hidden:
Authtime: Wed Apr 19 18:06:15 2006
Endtime: Thu Apr 20 02:06:14 2006
Server: krbtgt/JOSEFSSON.ORG key des3-cbc-sha1-kd (16)
Ticket key: des3-cbc-sha1-kd (16) protected by des3-cbc-sha1-kd (16)
Ticket flags: INITIAL PREAUTHENT (1536)
address@hidden:~/src/shishi$
- rudimentary preauth working,
Simon Josefsson <=
- Re: rudimentary preauth working, Simon Josefsson, 2006/04/20
- Re: rudimentary preauth working, Simon Josefsson, 2006/04/20
- Re: rudimentary preauth working, Elrond, 2006/04/20
- Re: rudimentary preauth working, Elrond, 2006/04/21
- Re: rudimentary preauth working, Simon Josefsson, 2006/04/21
- Re: rudimentary preauth working, Simon Josefsson, 2006/04/21
- Re: rudimentary preauth working, Elrond, 2006/04/21
- Re: rudimentary preauth working, Simon Josefsson, 2006/04/21