Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Logic is a pretty flower that smells bad.

devel / comp.protocols.kerberos / Re: KRB5 ccache on MACOS

SubjectAuthor
o Re: KRB5 ccache on MACOSMarkus Moeller

1
Re: KRB5 ccache on MACOS

<mailman.0.1633890286.8998.kerberos@mit.edu>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=174&group=comp.protocols.kerberos#174

  copy link   Newsgroups: comp.protocols.kerberos
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!.POSTED.pch.mit.edu!not-for-mail
From: hua...@moeller.plus.com (Markus Moeller)
Newsgroups: comp.protocols.kerberos
Subject: Re: KRB5 ccache on MACOS
Date: Sun, 10 Oct 2021 19:23:53 +0100
Organization: TNet Consulting
Lines: 5
Message-ID: <mailman.0.1633890286.8998.kerberos@mit.edu>
References: <sjtabp$7tp$2@ciao.gmane.io>
Mime-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="pch.mit.edu:18.7.21.50";
logging-data="5482"; mail-complaints-to="newsmaster@tnetconsulting.net"
To: <kerberos@mit.edu>
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=fNjnmOAtoeS+VHUqm/kOgnem3MS65X9MezxE8pPNGG3KIkeCamOWbp2MwwGLzT0KHHN/joknP+ZRuP5PTju7cRrAKXXHWIleHHMurUMpdGaEHUVe7wmcmM1n7nbsqlPeXUt9NcYkPK+DDLEQbFEVDnUQsSOZpr2VfumayOufufBH2EtgkhP4tsbgWZ3GKzgaY0a2rUntzsDLuP0P4ExU1vbMHrvawv6hBECvklrUKrbJihFKfdMJzzbBSBnpthx1ySve9NE5dsi43NOuM2MeDF1ZHfpa5ELuK0eEa3yGx84qJ/TgG8aFgy5OgAWBQx5tlIGy13CRTSiqTdtrscsqSg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=84Hv3gMsa7PMesGC1ny+Pg6fK72sa9u1d7NvU8CCla8=;
b=cIGyujKwLdfkbjbQl1kPvF5kyiJp9+EgomNLEZ1hTxlJJkMWL+uUWNmo+lPuHzKqhQBEYOgpWOQMe7DKRBtuAWNJDDi50R2tWBFuXo/TMKjJnxpaxcH+XmXIpJRrT0wNc/0IeCx/z9+zSe+Q1Lphxsq+k6N7oCLq/dp8WbvtB2B+vxs1MYEPj//Lcl2uas095lYCs9SwwjF/M4kEs1kdm7VMnGmohF6Gwl+YP85MV+ODUK4ZsQgqK+wwWAfciZcsqQJNslqppLq4dnfgX6d+uq/HV0bRezJisEi7sKOnTBrpSEAxtlNK/4zMjBatRotK8jcOtPCPBHHDHTd9jjSX2A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=84Hv3gMsa7PMesGC1ny+Pg6fK72sa9u1d7NvU8CCla8=;
b=Y5ghWPtGn8KgSavdjujPfUoC1bi8cejLsxKLn4mguXy/VbOspA37/uEG3GG6E4eODlu5WzKC1ooUhyhuaqt9q459fzKXx2JyvFRaLeBkB4BdFjTMLJGIVhPmyQQE1C78N+1G4LyHdSrQanVamB04Yb8n9NzERafV9TaOZ74y3PU=
Authentication-Results: spf=pass (sender IP is 116.202.254.214)
smtp.mailfrom=m.gmane-mx.org; mit.edu; dkim=none (message not signed)
header.d=none; mit.edu;
dmarc=none action=none header.from=moeller.plus.com;
Received-SPF: Pass (protection.outlook.com: domain of m.gmane-mx.org
designates 116.202.254.214 as permitted sender)
receiver=protection.outlook.com; client-ip=116.202.254.214;
helo=ciao.gmane.io;
X-Injected-Via-Gmane: http://gmane.org/
In-Reply-To: <sjtabp$7tp$2@ciao.gmane.io>
X-MSMail-Priority: Normal
Importance: Normal
X-Newsreader: Microsoft Windows Live Mail 16.4.3528.331
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3528.331
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: ca9adbba-b412-4584-ae32-08d98c1b34ff
X-MS-TrafficTypeDiagnostic: SJ0PR01MB7416:
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-Microsoft-Antispam-PRVS: <SJ0PR01MB7416DFCD06AD1CCBA67058B3E0B49@SJ0PR01MB7416.prod.exchangelabs.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: HRAY+I0Mzqc/HHhIDVyQHL3vTYubDhdyfRfuqBzE8qUAZmVaoDdoiYSQo3BcTgMU6T+3xzBUIA30YwFTlSiag58FW2cZKS9olMAnZup2+2Xj6U5owtfX9MaUuyaJfYiAQDCPUMQnmHaRnRlT/1TrjAq6J4Cdtmk9dXeIHSfYUgTr4/3nXpoRJOuYEz8MQRcr5CkVvxws8f3Qd1rtBxHMQTiezxpz9k2+kZj91EwJTIW9CEHUyxanpfa0Ot76Vi8dZ+zR1J0arEVP/4GH4wL55X5pM3IzLxQKtIt+sjZCVsIRJTzknkNRGh9MLNV4q32Onhr/vIx2LlRELC8vXGXvtSqoD2vNWDGUiZTl537XWC73f7V8THmNbLNnPEAo5kxv0/3kCfhr8G043sjKpf5yPAWsoUCIsqL2rem/YhtbXCExUITDNKd2Crg+Y4h8gPigproba0ZRH2KCpbZC0H729pLYciLMLoFPNynZrO3fMWTUwvBLt/dLOMO0DxTueObajd7rtJWLkYvn7Is0lZdiLYgCULkGldWTDsxmhiJMMdcwGknLd5/nTzB7eMAJxikBwWpLD37l+PiRxMx3lMZS8tQftCn5t5uLSQ99WJE+pJp2TNvbS4JX6B3EfrFR++Gxr+/CML9lklEu/bSOBegQFAm+5sEXPgWRRxKNkQMnbEyw/rQepuQ4Q9ddP4rDHlnv4HBIIq3U5sZGhRR+2wKfgbq/ogtmRsyPr5sHswAROJI=
X-Forefront-Antispam-Report: CIP:116.202.254.214; CTRY:DE; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:ciao.gmane.io; PTR:ciao.gmane.io; CAT:NONE;
SFS:(4636009)(83170400001)(6666004)(316002)(786003)(36906005)(34206002)(5660300002)(26005)(7636003)(7596003)(356005)(68406010)(70586007)(336012)(42882007)(508600001)(9786002)(9746002)(2906002)(9686003)(83380400001)(8676002)(966005)(88516005);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-Transport-Forked: True
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2021 18:24:33.0792 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: ca9adbba-b412-4584-ae32-08d98c1b34ff
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT024.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR01MB7416
X-OriginatorOrg: mitprod.onmicrosoft.com
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
 by: Markus Moeller - Sun, 10 Oct 2021 18:23 UTC

Hi,

I tried to use the MIT version 1-19 instead on my MAC but run into a
different issue. The same code works on Linux but on MAC I get this SPNEGO
error. Any hint why this might be the case ?

gss_init_sec_context()failed: Unspecified GSS failure. Minor code may
provide more information. SPNEGO cannot find mechanisms to negotiate

major_status = gss_init_sec_context(&minor_status,
GSS_C_NO_CREDENTIAL,
&gss_context,
server_name,
gss_mech_spnego,
0,
0,
GSS_C_NO_CHANNEL_BINDINGS,
&input_token, NULL, &output_token,
NULL, NULL);

Thank you
Markus

"Markus Moeller" wrote in message news:sjtabp$7tp$2@ciao.gmane.io...

Hi

I was trying to share a FILE ccache between different process/logins on a
MAC but it seems gss_init_sec_context ignores KRB5CCNAME on a MAC. Is that
correct ? If so is there a way to share the API ccache ?

The case I have is a background job seems to use the API ccache of when
the user was logged in. When I log off and log in again I can't access the
original ccache anymore i.e. I can't update the credentials and need to kill
and restart the background job.

Thank you
Markus

________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor