[2435] in Kerberos_V5_Development
Re: Krb and AIX4.2
daemon@ATHENA.MIT.EDU (Donn Cave)
Tue Jul 15 15:13:59 1997
In-Reply-To: <t53yb78up6j.fsf@rover.cygnus.com>
Date: Tue, 15 Jul 1997 12:17:30 -0800
To: Marc Horowitz <marc@cygnus.com>
From: Donn Cave <donn@u.washington.edu>
Cc: mmessier@magma.ca, krbdev@MIT.EDU
At 2:48 PM -0400 7/15/97, Marc Horowitz wrote:
| Donn Cave <donn@u.washington.edu> writes:
|
| >> The ftpd program doesn't log correctly, more utmp problems here. This
| >> time, ftpd isn't trying to fill out enough fields in utmp, leading to
| >> some garbage occasionally in the wtmp file. This was more of a problem
| >> under Digital UNIX, but it showed up a couple of times under AIX 4.2.
| >> The fix is to set ut_id, ut_type and ut_pid. I also reversed the ftp
| >> service principals, to prefer "host" over "ftp".
|
| The last fix is incorrect. The ftp security draft specifically says
| to try ftp first, then host.
|
| Marc
Strictly speaking, I didn't call it a fix, and I won't report it as
a bug, but on the other hand I want it to check host first, since we
don't have an ftp principal. Ftp security draft notwithstanding.
The bug or misfeature that I'll need to address before we put the MIT
ftp into production here, is the complaint when connecting to non-Kerberized
ftp service. It might be OK to make note of this, but there must be
something better than just spewing out "500 'AUTH GSSAPI': command not
understood.", which I suppose comes from the other end.
Donn Cave, University Computing Services, University of Washington
donn@u.washington.edu
