question about krb5_verify_authenticator_checksum
Jeffrey Altman
jaltman2 at nyc.rr.com
Sat Mar 4 10:42:44 EST 2006
John Hascall wrote:
> Can somebody explain the what is going on with
> "if(authenticator->cksum == NULL) return -17;"
> (see below). I am getting this wierd error -17 out
> of NetBSD's telnetd when trying to connect with
> Hummingbird's telnet client. Is an authenticator
> checksum optional? Or is it truly an error?
>
> Thannks,
> John
Specifying a checksum is a required part of the
TELNET AUTH KRB5 option. If the Telnet client is
not specifying one it is a protocol error at that
layer.
What the krb5_verify_authenticator_checksum() function
does is verify that the checkum in the authenticator
matches the checksum of the data you are passing into
the function as 'data' and 'len'. If the authenticator
checksum doesn't exist you can't compare it to the input
to verify and therefore it is an error.
Jeffrey Altman
More information about the Kerberos
mailing list