gss_import_name() fails on HPUX .. need help

Tue Sep 1 16:08:40 EDT 2009

Hi Tom,

Sorry I was on vacation for few days.. so could not get you the required
information..

I changed the mech_type from GSS_C_NULL_OID to GSS_C_NT_USER_NAME and
gss_import_name worked on HP.. don't know if that is the right thing to do
or not. My
server principal is in servername/fullyqualified_hostname at domain format.
However, gss_acquire_cred is mem-faulting when I am calling it like shown
below :(

Here is the code snippet:

.......................
    OM_uint32              maj_stat=0, min_stat=0;
    gss_cred_id_t          claimant_cred_handle = GSS_C_NO_CREDENTIAL;
    gss_buffer_desc        name_buffer;
    char                   server_name[CSMGSSMAXSTRLEN];
......................
    name_buffer.length = strlen(server_name);
    name_buffer.value = server_name;
    /* Here the server_name is a Fully Qualified Name */

    maj_stat = gss_import_name(&min_stat, &name_buffer, mech_type,
&target_name);
.............
    /* Here is the gss_acquire_cred which is mem faulting for me on HP */
   maj_stat = gss_acquire_cred(&min_stat,
                                GSS_C_NO_NAME,
                                0,
                                GSS_C_NO_OID_SET,
                                GSS_C_INITIATE,
                                &claimant_cred_handle,
                                NULL,
                                NULL );
...........................

Thanks in advance,
Manoj

  From:       Tom Yu <tlyu at MIT.EDU>                                                                                                      

  To:         Manoj Mohan/Lenexa/IBM at IBMUS                                                                                               

  Cc:         "krbdev at MIT.EDU" <krbdev at MIT.EDU>                                                                                          

  Date:       08/25/2009 07:40 AM                                                                                                        

  Subject:    Re: gss_import_name() fails on HPUX .. need help                                                                           

Manoj Mohan <manojm at us.ibm.com> writes:

> Hi,
>
> I was able to setup my client server programs successfully when
> KDC/client/server were on same host (linux).
> However, when I am trying to keep KDC on linux, and client/server on HP..
> its failing in gss_import_name on the
> client side with error or GSS_S_CALL_INACCESSIBLE_READ.
>
> I tried to google this, but most of the links were indicating the patch
> could be an issue.. but apparently that seems to
> be okay.
> Do I need to install something special on HP-UX. I can see that patches
> look good..
>
> $ swlist -lproduct | grep -i gss
>   GSS-API               B.11.11        GSS-API Version 1.0
>   PHSS_29487            1.0            GSS-API Version 1.0 Cumulative
patch
>
> ........
>     name_buffer.length = strlen("ol_vardhan_al/neto.abcdef.abc.com");
>     name_buffer.value = server_name;
>     maj_stat = gss_import_name(&min_stat, &name_buffer, mech_type,
> &target_name);
> ..................
>
> On KDC, I can see that ol_vardhan_al/neto.abcdef.abc.com entry is there
> (via list_principals)
>
> Any idea.. what I am missing?

You do not appear to have quoted the source code that sets the
"server_name" variable.  It is difficult to tell what the problem may
be without having this information.