[2771] in Kerberos-V5-bugs
krb5-appl/458: ftp generates service principal from cluster, not host
daemon@ATHENA.MIT.EDU (donn@u.washington.edu)
Thu Aug 7 15:18:29 1997
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, donn@u.washington.edu
Date: Thu, 7 Aug 1997 12:14:46 -0700
From: donn@u.washington.edu
Reply-To: donn@u.washington.edu
To: krb5-bugs@MIT.EDU
>Number: 458
>Category: krb5-appl
>Synopsis: ftp should use gethostbyaddr() to get canonical service princ.
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Aug 07 15:15:01 EDT 1997
>Last-Modified:
>Originator: Donn Cave
>Organization:
University of Washington University Computing Services
>Release: 1.0pl1
>Environment:
Anywhere host names are aliased.
System: AIX melville 2 4 000010504900
>Description:
Kerberos authentication fails with wrong principal name when ftp
attempts to connect to a DNS-supported cluster - where the name
used to connect (say "ftphost") is not the name of the host (say
"ftphost4".) Or I guess in any other DNS aliased situation.
>How-To-Repeat:
Use Kerberos authenticated ftp, specify an aliased host.
>Fix:
I cured this by inserting a gethostbyaddr() right after the
gethostbyname() in hookup(). If that succeeds, I copy the name
out of hp->h_name.
>Audit-Trail:
>Unformatted:
