[krbdev.mit.edu #2974] get_init_creds_keytab can return bogus REALM_UNKNOWN
Tom Yu via RT
rt-comment at krbdev.mit.edu
Tue Mar 22 17:43:11 EST 2005
locate_kdc() can return REALM_UNKNOWN if an attempt to look up the name
of a master KDC fails. This should not cause an error from
get_init_creds() if this happens while attempting to look up a master
KDC subsequent to successfully getting credentials from a slave. This
manifested as a spurious "Cannot find KDC for requested realm" from the
fallback implementation in the kadmin client, but only when attempting
to use a keytab to get credentials for kadmin. The needed change is
parallel to one already made in get_init_creds_password().
More information about the krb5-bugs
mailing list