[OpenAFS] Re: gssklog-0.10 - better support for SEAM and SSPI with cross realm

Chris McClimans openafs-info@mcclimans.net
Tue, 9 Sep 2003 16:13:41 -0500


We are further along, now we at least get the gssklog/fqdn@REALM 
service tickets.
init_sec_contexts fails, but with a major code of 'Unspecified GSS 
failure'
The minor code is zero, so I'm not sure if that is going to provide any 
more information.

bash-2.03# uname -a
SunOS olive 5.8 Generic_108528-13 sun4u sparc SUNW,Sun-Blade-100
bash-2.03# kinit mccliman@CS.TTU.EDU
Password for mccliman@CS.TTU.EDU:
bash-2.03# klist
Ticket cache: /tmp/krb5cc_0
Default principal: mccliman@CS.TTU.EDU

Valid starting                       Expires                       
Service principal
Tue Sep 09 16:10:03 2003  Wed Sep 10 02:10:03 2003  
krbtgt/CS.TTU.EDU@CS.TTU.EDU
         renew until Tue Sep 16 16:10:03 2003
bash-2.03# cat /etc/gss/mech
# Mechanism Name        Object Identifier       Shared Library  Kernel 
Module
#
diffie_hellman_640_0    1.3.6.4.1.42.2.26.2.4   dh640-0.so.1
diffie_hellman_1024_0   1.3.6.4.1.42.2.26.2.5   dh1024-0.so.1
kerberos_v5             1.2.840.113554.1.2.2    gl/mech_krb5.so 
gl_kmech_krb5
bash-2.03# ./gssklog
GSS-error init_sec_context failed: major:000d0000 minor:00000000
Unspecified GSS failure.  Minor code may provide more information
No error
Problem 2 with server elm.cs.ttu.edu, trying next
GSS-error init_sec_context failed: major:000d0000 minor:00000000
Unspecified GSS failure.  Minor code may provide more information
No error
Problem 2 with server oak.cs.ttu.edu
Failed code = 2
bash-2.03# klist
Ticket cache: /tmp/krb5cc_0
Default principal: mccliman@CS.TTU.EDU

Valid starting                       Expires                       
Service principal
Tue Sep 09 16:10:03 2003  Wed Sep 10 02:10:03 2003  
krbtgt/CS.TTU.EDU@CS.TTU.EDU
         renew until Tue Sep 16 16:10:03 2003
Tue Sep 09 16:10:14 2003  Wed Sep 10 02:10:03 2003  
gssklog/elm.cs.ttu.edu@CS.TTU.EDU
         renew until Tue Sep 16 16:10:03 2003
Tue Sep 09 16:10:14 2003  Wed Sep 10 02:10:03 2003  
gssklog/oak.cs.ttu.edu@CS.TTU.EDU
         renew until Tue Sep 16 16:10:03 2003