[OpenAFS-devel] k_pioctl() vs. ktc_GetToken()
Alf Wachsmann
alfw@SLAC.Stanford.EDU
Wed, 26 Jun 2002 13:17:58 -0700 (PDT)
We are having problems in some situations to get AFS token forwarding
to work with OpenSSH. Looking at its source code I find that they are
using "k_pioctl(..., VIOCGETTOK, ...)" to get the tokens.
I have extracted the important part of the code in a little test program
and can reproduce the following behavior (at least on Red Hat Linux 7.2
and OpenAFS-1.2.5 and 1.2.3):
The k_pioctl() function call does not return any token at all if a
machine has an expired token together with a valid token in memory.
If I am using ktc_GetToken() instead everything is fine - the expired
token is not mentioned but the valid one is returned.
Independant from whether or not OpenSSH should use k_pioctl(), shouldn't
it return the valid token(s) no matter if there is an expired token
around or not?
-- Alf.
-----------------------------------------------------------------------
Alf Wachsmann | e-mail: alfw@slac.stanford.edu
SLAC Computing Service | Phone: +1-650-926-4802
2575 Sand Hill Road, M/S 97 | FAX: +1-650-926-3329
Menlo Park, CA 94025, USA | Office: Bldg. 50/323
-----------------------------------------------------------------------
http://www.slac.stanford.edu/~alfw (PGP)
-----------------------------------------------------------------------