Strange behavior of libkrb5 since karmic ...
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krb5 (Debian) |
Fix Released
|
Unknown
|
|||
krb5 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Karmic |
Fix Released
|
High
|
Thierry Carrez |
Bug Description
Since karmic libkrb5 is acting weird. When a user fail to give a valid password, it loops until account is locked ... After some wireshark capture and some comparaison between 1.6 (from Jaunty) et the 1.7 of Karmic i succeded to make a patch which solve the problem...
In 1.7 while the client get KDC_ERR_
In 1.6 it loops only if it receive KDC_ERR_
I'm tired ;) it's 1am here if you need more info just ask here. patch + pcaps in attachement
Btw, there is no problem without our configuration since it's the same we were used to use in jaunty and it was generated by pam-auth-config tool :)
Changed in krb5 (Debian): | |
status: | Unknown → New |
Changed in krb5 (Debian): | |
status: | New → Fix Released |
Changed in krb5 (Ubuntu Karmic): | |
importance: | Undecided → High |
Changed in krb5 (Ubuntu Karmic): | |
assignee: | Canonical Server Team (canonical-server) → Thierry Carrez (ttx) |
status: | New → In Progress |
tags: |
added: verification-done removed: verification-needed |
Hello, again... Looks like this problem has already been fixed in the MIT krb5 developpement tree. The way they did it is more clean than mine :)
So using my patch is only a workaround until Debian rebuild their package against a newer krb5 release.