directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jiajia Li (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (DIRKRB-344) Encryption type negotiation issue between client and KDC
Date Thu, 23 Jul 2015 05:23:05 GMT

     [ https://issues.apache.org/jira/browse/DIRKRB-344?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jiajia Li resolved DIRKRB-344.
------------------------------
    Resolution: Fixed

Add this feature in kerby client and add the test.
commit ea31281af2feaecca7787a7b1fd2667e3256e05a
Author: plusplusjiajia <jiajia.li@intel.com>
Date:   Thu Jul 23 13:26:10 2015 +0800

    DIRKRB-344 Encryption type negotiation issue between client and KDC(kerby client will
retry after preatuh fail.)

> Encryption type negotiation issue between client and KDC
> --------------------------------------------------------
>
>                 Key: DIRKRB-344
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-344
>             Project: Directory Kerberos
>          Issue Type: Bug
>            Reporter: Kai Zheng
>            Assignee: Jiajia Li
>
> When client using an encryption type that's not used by KDC side, it will throw exception
because of some related issue in negotiation, like below:
> {noformat}
> KRB error occured while processing request:Additional pre-authentication required
> java.lang.NullPointerException
> 	at org.apache.kerby.kerberos.kerb.crypto.EncryptionHandler.decrypt(EncryptionHandler.java:163)
> 	at org.apache.kerby.kerberos.kerb.common.EncryptionUtil.unseal(EncryptionUtil.java:135)
> 	at org.apache.kerby.kerberos.kerb.server.preauth.builtin.EncTsPreauth.verify(EncTsPreauth.java:48)
> 	at org.apache.kerby.kerberos.kerb.server.preauth.PreauthHandle.verify(PreauthHandle.java:46)
> 	at org.apache.kerby.kerberos.kerb.server.preauth.PreauthHandler.verify(PreauthHandler.java:96)
> 	at org.apache.kerby.kerberos.kerb.server.request.KdcRequest.preauth(KdcRequest.java:330)
> 	at org.apache.kerby.kerberos.kerb.server.request.KdcRequest.process(KdcRequest.java:122)
> 	at org.apache.kerby.kerberos.kerb.server.KdcHandler.handleMessage(KdcHandler.java:85)
> 	at org.apache.kerby.kerberos.kerb.server.impl.DefaultKdcHandler.handleMessage(DefaultKdcHandler.java:67)
> 	at org.apache.kerby.kerberos.kerb.server.impl.DefaultKdcHandler.run(DefaultKdcHandler.java:52)
> 	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> 	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> 	at java.lang.Thread.run(Thread.java:745)
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message