[krbdev.mit.edu #6562] kinit not working if kdc is configured with numerical IPv6 address
Xu@krbdev.mit.edu
Xu at krbdev.mit.edu
Sat Sep 12 16:45:34 EDT 2009
Hi, all:
I am writing to report a bug in 1.7 release.
In /etc/krb5.conf, if kdc is configured with numerical IPv6 address, Kerberos client will not be able to locate this kdc, and kinit will fail.
Here is an example:
=============================================
/* The content of /etc/krb5.conf with IPv6 address */
[realms]
XCIPV6.COM = {
kdc = [3ffe:2000:0:1::100]:88
default_domain = xcipv6.com
}
/* Kerberos authentication result */
qxu at durian(pts/3):/etc[112]$ kinit XCTEST100 at XCIPV6.COM
kinit(v5): Cannot resolve network address for KDC in realm XCIPV6.COM while getting initial credentials
=============================================
In my eyes, if numerical IPv4 address is supported for kdc entry in /etc/krb5.conf, so should be for numerical IPv6 address.
Investigation shows the defect is in the function "krb5_locate_srv_conf_1()" in the file "krb5-1.7/src/lib/krb5/os/locate_kdc.c", and a fix has been made out. Anyone would like to review?
P.S. How to send the fix to you guys? Email Attachment?
Thanks,
Xu Qiang
More information about the krb5-bugs
mailing list