[4931] in Kerberos
Kerberos V B4-2 - Problem with session key
daemon@ATHENA.MIT.EDU (Roland Gigler)
Wed Apr 5 10:36:30 1995
To: kerberos@MIT.EDU
Date: 5 Apr 1995 13:29:21 GMT
From: roland@tegernsee.zfe.siemens.de (Roland Gigler)
Reply-To: roland@tegernsee.zfe.siemens.de
Hi
I try to write a small application with a Client and a Server.
I would like to have a session key for both parts to do any following
communication.
I generate in the client an authentication header with krb5_mk_req
(ap_req_options = 0;) and send it to the server.
But there I have problems getting the session key.
I use krb5_rd_req/krb5_rd_req_simple to verify the
KRB_AP_REQ message I get from the client.
That works fine. normally retval = 0. If the ticket is expired, I get
KRB5_AP_ERR_TKT_EXPIRED. If the Principal for the Server of the senders address
it not ok, I get the right error back.
au_data now holds pointers to the ticket and the authenticator. But
when I follow these pointers, I get nothing I can use.
The authenticator should include the principal for the client, a timestamp, checksum and seq_number. But the values are bad.
The same with the ticket. Specially ticket->enc_part2 should hold the session key.
So my questions are:
1. Have I forgotten a step on server side
2. Or is there needed something special in ap_req_options at client side
for krb5_mk_req
Thanks for Help
Roland
---
-------------------------------------------------
Roland Gigler
roland@tegernsee.eng.sc.rolm.com
(roland@tegernsee.zfe.siemens.de)
-------------------------------------------------