krb5_change_password() fails
Arpit Srivastava
arpit.orb at gmail.com
Tue Jun 4 11:48:43 EDT 2013
Thanks
While debugging, I found that it is prof_locate_server() called inside
k5_locate_server() called by locate_kpasswd() in changepw.c which is
failing.
It returns KRB5_REALM_UNKNOWN (which corresponds to Cannot find KDC for
requested realm).
As far I know the way I am calling krb5_change_password is alright. Then,
what could be the reason for this failure ?
Arpit
On Mon, Jun 3, 2013 at 9:59 PM, Greg Hudson <ghudson at mit.edu> wrote:
> On 06/03/2013 06:25 AM, Arpit Srivastava wrote:
> > 1. However, the api call fails and I am getting this error code
> 1117618064
> > in field *([out]* *result_code* - Numeric error code from server). How to
> > decipher this error code ?
>
> The result code is only meaningful if krb5_change_password returns 0.
> 1117618064 is probably stack garbage which was in the variable before
> you passed it in. Actual result codes in the range 0-7 inclusive.
>
> The way your code should interpret the results is:
>
> * If krb5_change_password returns non-zero, then the change-password
> exchange didn't work at all and you don't have a response from the
> server. Use krb5_get_error_message to interpret the return code.
>
> * If krb5_change_password returns zero, then a successful request and
> response occurred. If result_code is 0, then the password was
> successfully changed. Otherwise, you can compare the result code
> against constants like KRB5_KPASSWD_MALFORMED, or use result_code_string
> as a text form of the server's error message.
>
> > 2. Are result strings returned by this api UTF8 encoded (as mentioned in
> > RFC) ? Because I am using JNI method NewStringUTF() and getting error of
> > strings are not being valid UTF8.
>
> Since krb5_change_password did not return 0, result_string has not been
> filled in.
>
>
More information about the krbdev
mailing list