[1507] in Kerberos-V5-bugs
general comment on error messages (k5 beta 5)
daemon@ATHENA.MIT.EDU (E. Jay Berkenbilt)
Fri Jun 30 09:53:05 1995
Date: Fri, 30 Jun 1995 09:49:23 -0400
From: "E. Jay Berkenbilt" <ejb@ERA.COM>
To: krb5-bugs@MIT.EDU
Kerberos 5 clients and applications seem to be full of insufficient
error messages, even without the VAGUE flag defined. If you run the
kerberized telnet with no keys in your principal database, you get the
following illuminating errors:
telnet> set authdebug
auth debugging enabled
telnet> open -a -l ejb soup
Trying 192.207.166.5...
Connected to soup.ERA.COM.
Escape character is '^]'.
>>>TELNET: I support auth type 2 2
>>>TELNET: I support auth type 2 0
>>>TELNET: I support auth type 1 0
>>>TELNET: auth_send got: 02 02 02 00
>>>TELNET: He supports 2
>>>TELNET: Trying 2 2
Kerberos V5: failure on credentials(Server not found in Kerberos database)
>>>TELNET: He supports 2
>>>TELNET: Trying 2 0
Kerberos V5: failure on credentials(Server not found in Kerberos database)
>>>TELNET: Sent failure message
and so on. The telnet code *knows* what credentials it wants. Why
doesn't it tell you in the error message? As I try to get kerberos 5
working here, I will be modifying code to improve these error
messages, and I will send a patch with respect to the clean beta 5
tree.
Otherwise, I have to say I was very pleased to be able to build k5 b5
on our solaris 2.4 machines with no modifications at all. The
autoconf-generated configure scripts are great. :-)
--
E. Jay Berkenbilt (ejb@ERA.COM)
Engineering Research Associates
