When does krb5_rd_req return ENOENT?

Fredrik Tolf fredrik at dolda2000.com
Mon Sep 20 19:55:49 EDT 2004


I'm having a bit of trouble here... I have written a server program that
uses Kerberos authentication, and it has been working beautifully until
today when it crashed (a bug in my code that I've fixed since).

When I started it again, krb5_rd_req has started returning ENOENT
everytime I call it. I suspect that there's some Kerberos tempfile
somewhere that has got corrupted, but I don't know which.

Unfortunately, the Kerberos libraries on the system haven't been
compiled with debugging, so it has been hard for me to make any
conclusive findings, but I've managed to track it down this far:
1. I call krb5_rd_req.
2. krb5_rd_req calls krb5_rd_req_decoded, which returns ENOENT. From
there, the lack of debugging info simply makes it impossible to debug
any further. All the calls that krb5_rd_req_decoded makes are decoded
into the krb5_rd_req symbol for some reason, so I can't find out what
functions it calls.
3. From an strace, I've managed to find out that the Kerberos library
opens the replay cache, reads it, and then tries to open a file with the
empty string as file name (which explains the ENOENT). It then closes
the replay cache.

I've linked against the MIT Krb5 libraries, version 1.2.7.

Can someone be as kind as to shed some light on this problem for me?

Fredrik Tolf




More information about the Kerberos mailing list