First draft of pkinit plugin code now in Subversion
Kevin Coffman
kwc at citi.umich.edu
Tue Nov 28 12:43:00 EST 2006
On 11/27/06, Olga Kornievskaia <aglo at citi.umich.edu> wrote:
>
>
> Sam Hartman wrote:
> > Hi.
> >
> > Thanks for the code.
> >
> > I've confirmed that it does in fact work in the success case. It was
> > relatively easy to build and the README did document enough of how to
> > get the code working.
> >
> >
> >
> > The code seems to crash in the following cases:
> >
> > 1) A cert is used that is not authorized to gain access to the account
> > in question. For example if I use a hartmans cert to try and log
> > into testprinc, it crashes the kdc.
> > 2) If the CA directory is not hashed, the KDC cannot find the CA cert
> > to use and crashes.
> >
> Sam, I'm unable to reproduce the problem you are describing. I've tried
> both cases and my setup fails appropriately without crashes. Could you
> describe your setup a little more?
I just commited the fix for the crash when trying to create e-data on
error returns. I think this should solve both of these problems.
More information about the krbdev
mailing list