Failing ASN.1 tests with PKINIT on HP-UX
Greg Hudson
ghudson at mit.edu
Sun Sep 28 01:21:53 EDT 2025
On 9/27/25 06:17, Osipov, Michael (IN IT IN) via Kerberos wrote:
>> (gdb) where
>> #0 0x60000000c8a788d0:0 in get_tag () at asn1_encode.c:370
>> #1 0x60000000c8a79f70:0 in split_der () at asn1_encode.c:605
[...]
>> 777 encode_run(req, "pa_pk_as_req", "",
>> acc.encode_krb5_pa_pk_as_req);
I'd be interested in the stack trace going back to near this call
site--specifically, which encode_krb5_*() function is called.
The reason I ask is that encode_krb5_pa_pk_as_req() should not reach
split_der(). So I wonder if a different function is being executed
somehow, like encode_krb5_auth_pack().
If I'm right, then we'll have the mystery of why
acc_encode_krb5_pa_pk_as_req contains the wrong function pointer. The
structure is populated by krb5int_accessor().
More information about the Kerberos
mailing list