Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

In English, every word can be verbed. Would that it were so in our programming languages.

devel / comp.protocols.kerberos / Re: Should gss_get_name_attribute() dump the values of auth-indicators?

SubjectAuthor
o Re: Should gss_get_name_attribute() dump the values ofMachin, Glenn Douglas

1
Re: Should gss_get_name_attribute() dump the values of auth-indicators?

<mailman.110.1665700133.8148.kerberos@mit.edu>

  copy mid

https://www.rocksolidbbs.com/devel/article-flat.php?id=311&group=comp.protocols.kerberos#311

  copy link   Newsgroups: comp.protocols.kerberos
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!.POSTED.mailman.mit.edu!not-for-mail
From: machin2@llnl.gov (Machin, Glenn Douglas)
Newsgroups: comp.protocols.kerberos
Subject: Re: Should gss_get_name_attribute() dump the values of
auth-indicators?
Date: Thu, 13 Oct 2022 22:27:31 +0000
Organization: TNet Consulting
Lines: 154
Message-ID: <mailman.110.1665700133.8148.kerberos@mit.edu>
References: <SA0PR09MB653932FC9EB1D7CE0DC81BD59A259@SA0PR09MB6539.namprd09.prod.outlook.com>
<SA0PR09MB6539C35ED1E5D5A6B4AF45F39A259@SA0PR09MB6539.namprd09.prod.outlook.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="mailman.mit.edu:18.7.21.50";
logging-data="12614"; mail-complaints-to="newsmaster@tnetconsulting.net"
To: "Machin, Glenn Douglas via Kerberos" <kerberos@mit.edu>
Authentication-Results: mit.edu;
dmarc=pass (p=reject dis=none) header.from=llnl.gov
Authentication-Results: mit.edu; arc=pass smtp.remote-ip=18.9.3.17
ARC-Seal: i=4; a=rsa-sha256; d=mit.edu; s=arc; t=1665700131; cv=pass;
b=ojBD0fD3OeP3Fii6+/ZYyCvPoReIJwQErlvBFhe52gDTfDrSsy0aLt7sPN84glcoNagp5O8MJn1a1tBdmR63CI5C8P8qqtyeEIFMci0pLLLowbPvz6x5k74rDxySd4Be+1gd7Au7wKoMbMnhgNtKZAkgQp5obdT78n/+DNxo0vAtgLR3fgdPnfw5HO3nhPvzCVgLz/9WrCt7oEn4Mt9qWRqvEXAE2WpPIx8JsSs4MsWXSrqD3OhdPdX7EAQNC4FEWvVZSFc83/pi/BWEEOaFhydm+qmUGhJhrjiAdFfw2SHx+gkYpf6tS6QmmabIZ0Nz0awnQXjiB7TGCvV6lUKagQ==
ARC-Message-Signature: i=4; a=rsa-sha256; d=mit.edu; s=arc; t=1665700131;
c=relaxed/relaxed; bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
h=DKIM-Signature:DKIM-Signature:DKIM-Signature:From:To:Subject:Date:
Message-ID:MIME-Version;
b=YqnaT9EZHfhA290QSbcBDdUjfKyfSqQa3DH9SRhvIwKMl31I2xQ4j9KV3DpmV1i96+qa4HAOQS4wNcPi5GbbI/ti/yaGpXPVCmCmf3D2iObyTQaQNc8XxnNRF0c4sATaKdOdtRKRGXzkhpSTuVgDUNHchIQFUVkP1ZvJLctwxf2ZbtYmr4v6jr1GROxBjpcLK6UJ02qIvt4fnkzj+C9BL4O2H/bme0ElTerpj9LOnDa/0+oww7bBTEjCLCKdJLTBGhoZCmAXHqqeS3PlDEPVyn/QNW741fVyC0ZpSYIZxsCyhp4lV79jcMtWAd58WWuJmu0w2CWHFkvLHllkhFe6/A==
ARC-Authentication-Results: i=4; mit.edu; dkim=pass (1024-bit key)
header.d=mitprod.onmicrosoft.com header.i=@mitprod.onmicrosoft.com
header.b=aa5qNIpH;
dkim=pass (2048-bit key) header.d=llnl.gov header.i=@llnl.gov
header.b=xDhJ27h6;
dkim=fail (1024-bit key) header.d=doellnl.onmicrosoft.com
header.i=@doellnl.onmicrosoft.com header.b=bFw9h3AU reason="signature
verification failed"
Authentication-Results: mit.edu;
dkim=pass (1024-bit key) header.d=mitprod.onmicrosoft.com
header.i=@mitprod.onmicrosoft.com header.b=aa5qNIpH;
dkim=pass (2048-bit key) header.d=llnl.gov header.i=@llnl.gov
header.b=xDhJ27h6;
dkim=fail reason="signature verification failed" (1024-bit key)
header.d=doellnl.onmicrosoft.com header.i=@doellnl.onmicrosoft.com
header.b=bFw9h3AU
ARC-Seal: i=3; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass;
b=Hm0VH2ZYVDNKIs34V5RtsqFX/9HedDonARevUbOGMNBuDkLsscMBBRj0YHmVOs20xAPOynpKG2t3/FxryGLKah3Ud/jmCLaqtXngEYhkJu5o3ewb3b7zx5C4+bh5gVr3u+j0Vjl4inwWiNT5fdl5i0GE610vdYKSGGPRFjk83c4vfdvgsT/rflaKnHdXxWff+bgkPmuPVBAs7PLFq5qLEWzy70iZIF7r7DQhyqIN7zLVCkxIq4GL5xrwXf/VmZUM01WlriJLONyfFi6xe4nQGgErVCObphr9Nk9uI7F4JmUT3sPZ/pMyM/Z47Vy9fychoNKdYDe9gQvcCygEJMefog==
ARC-Message-Signature: i=3; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
b=R9g+FkvHi2io3l+TUWmLnKASAVnEnpLhHyP81bR0afDuW0f0gw7Bzhk0azLY/m/DTu7reDqaLGR8/deHWZgrMlUu3dCxcSD6wk9cvPXGL0ORavUnKynHcnaQDTh5JbAQewSrJVuw+o8gqaNvpT4SbfE2t6SiUirYAoO4WisOIpz4EYHTN66CTp/URexMcCajAM1uvi29E4IXRWxXHbWW8q2gF1PRFMWV4bry3YoeDQHve3/TXfYt3ANLsXikgzY8OY6CzP9Q+nkGfvhiuo416QVUPVqNCbOAq/y+SG9igOhcLhKUTrNtM4msqiT3dizAlS5TqH0DgztF27UN7h9vyg==
ARC-Authentication-Results: i=3; mx.microsoft.com 1; spf=pass (sender ip is
67.231.155.129) smtp.rcpttodomain=mit.edu smtp.mailfrom=llnl.gov; dmarc=pass
(p=reject sp=reject pct=100) action=none header.from=llnl.gov; dkim=pass
(signature was verified) header.d=llnl.gov; dkim=pass (signature was
verified) header.d=doellnl.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1
spf=[1,1,smtp.mailfrom=llnl.gov] dkim=[1,1,header.d=llnl.gov]
dmarc=[1,1,header.from=llnl.gov])
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
b=aa5qNIpHqhaGjz3NS4TFgUn180aHkXzuKRAL5f9VhiyzBLrq2twwoessJO6wibAGmnYzoxjHqXGJGysj13v4n61yNBHiwOOByA/aZKX9CF4E4WYt9BO/mnWGWlVXD7TWe96UP4PCmKLxpyUu5JaOS/v+TuvXrYs3e9zfnj1UpgA=
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass;
b=N3JA9ylc4/8UIvwIVug/hSooC5IdG7f6gL6fMmcP7p8wmlcVQhKmRvTfTp54CF3VSWuv71ooIX5jTghAIAHjWopu2epUumDbhpSl1wH1X7HokzEbzAkCMFd6rRc4v96c6vDcQ+mkWhiF6x58OcCbfY7nHmrbDpuARnYsDva6++MeDkXOsIKsvnsS3J/U3C7woUdZ7+HSVL/YemdWfp/4dmG6NQgASrHLTV0/kuLJTJg9Fy43KtnJKTuMVrfT2Q75FG9G7a1YGbtWfaqjr90vBaLJheV4b/Pe9v8PlizVEnhn27jmcGW6bwvHt2KrsxvWLvQP1rWE2rn+GUFd2ujM3A==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
b=bFdAJu6lFrAk1o2UlagiXKLFwamXBYVB6Y/KzSoilNAJI7QjY5U1v44e6GgPyWKdAeizNPQ8DEw7ZAhQ3csXAVmogBNeufZEYJk/gAshXl/Ao8H/jEYh86KXdA7PXbYdkTiE9pTFw7qFHIffw/Fiig8/ZB4cmKDdoUu9R0aFw+oTkbBn6dMXKI0dUhjuOIOTVTWiqZ2Kf813NcF12UiOfMmM20dLSAfsQyguSh3ooBYzqCNKXykchC6kAJtfT5wwf2uR3NrwutaZRW65PovEsJwO+Ng0Jb/WLa7MAY32t4H0n6kCEMSvtFcGhY0xtIjVNSDIMEcDIusjf0x60KlzBQ==
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is
67.231.155.129) smtp.rcpttodomain=mit.edu smtp.mailfrom=llnl.gov; dmarc=pass
(p=reject sp=reject pct=100) action=none header.from=llnl.gov; dkim=pass
(signature was verified) header.d=llnl.gov; dkim=pass (signature was
verified) header.d=doellnl.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1
spf=[1,1,smtp.mailfrom=llnl.gov] dkim=[1,1,header.d=llnl.gov]
dmarc=[1,1,header.from=llnl.gov])
Authentication-Results: spf=pass (sender IP is 67.231.155.129)
smtp.mailfrom=llnl.gov; dkim=pass (signature was verified)
header.d=llnl.gov;dmarc=pass action=none header.from=llnl.gov;
Received-SPF: Pass (protection.outlook.com: domain of llnl.gov designates
67.231.155.129 as permitted sender) receiver=protection.outlook.com;
client-ip=67.231.155.129; helo=mx0f-00379502.gpphosted.com; pr=C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=llnl.gov;
h=from : to : subject :
date : message-id : references : in-reply-to : content-type :
mime-version; s=02022021-podllnl;
bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
b=xDhJ27h6isqwuRMcElbXg6WSikvsZV7S86ICPqIaIQGzSqI0cA/S8o76WRclaJUKb747
ThD6PjU2MYFgyNm3VGISO15Bg9CYhR5Jo2DafDUQNCgZzGTKk8bRPsQ7YYm2eVpUkewc
8hgQK7NlIzDXd6RBIvqSmygbuUTsTkvErC1zw2gLTOCTNtKKmydjLW6CbbOQ7KEdMdIJ
xoy22Nf8PDCVtlmY6J3Wxk4zVbI9uq4NtH8DZUa6eXEtxW0aK/5eCJp/ry8Ar0kxq5gF
Wd5wbWhGE0rRynLDwetwSLS75Wfs7Mu05FbAT3gSgkgfKgvk09i6rqT2gsJTEwMqD//n bw==
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=fcVYTDsY9x0wI8tA5WU0fmsVvc6BaCTjivYEhZZ04GOMMGvXpkKfNmj6TXGeGZA5ZMWYFcii3IMEBbVk/eLnX4a3o+wT6Jf3E65Zvle3kx64hMRQOKt3DqF1sErmbbpd4AAT1iUV/0wH4PUVoxF3la5KggNhIjOBxqozAIT945odhz0Uf1Fb04U/+01Uovu9c5KRkp4Mx8jUicnng7FEtZOB1OkGMKSoX5CxVwE8Bzy8ZAJXN4aC/5AchfXZTII+RgUaINsv9OM0SnRhf/PxOQyeDiRg9Kn5o+0L9GtcMooY2hgkzTyBo1Bm8/NrWLZ6vLdgSz2GP7cBtuH+Vl3Vzg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
b=FWTvDS034bkzg+EGNpWpEWKrNj4LjUQHegfoCy16OBumrXHelBjP1/+FIdlIJ1IKfh17G8wsqZzGkJBYZ09kbvdpPm8RLrMY6F1gD/2InX2peNWtVjIN4gPgPSvnzbuqRkJBC0n1Z+J744G/CytUnjKnXXu2zpIsoB92KqPb5yCPwMZ3hXULA1BpfCVOBroj6YZiBJfLBMIxen4kXxGrDNcHayjGQPBs/SRz7r5iA8RFnxxrSUShPyVAQRlYS8yzHUvS3x2kL3EgmkThuU+5sNh7lPzkvwkCguBIhC5So/e5WujO6E0L+Vmg4Hh7PG+xOb8dPJ1coJNtCfH2F6fZAw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=llnl.gov; dmarc=pass action=none header.from=llnl.gov;
dkim=pass header.d=llnl.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=doellnl.onmicrosoft.com; s=selector1-doellnl-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=KKccZz/w0lBpqDY5lr1TnLUeWRDoE1xS4fLo6l7L7aM=;
b=bFw9h3AULgl72ee2eMzzPhuLvxxMjYDOw5E3h1Or68Y8nWWRhODIOITEOjYUE2Htm4G6xwj/sJXXM8ffETHaK5GELt9Z70XUotCj4/i8GbKoCbCJQAjD2D2O1HR/fPzmLrMqP/lwE1hql++cSj3iCXW9iLycNGs9y+h7v5aB5K8=
Thread-Topic: Should gss_get_name_attribute() dump the values of
auth-indicators?
Thread-Index: AQHY3xLZZel2M3RYcUWWQNuYHxNxva4M50V8
In-Reply-To: <SA0PR09MB653932FC9EB1D7CE0DC81BD59A259@SA0PR09MB6539.namprd09.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-traffictypediagnostic: SA0PR09MB6539:EE_|SJ0PR09MB7085:EE_|BN8NAM11FT082:EE_|BN6PR0101MB2979:EE_
X-MS-Office365-Filtering-Correlation-Id: 23abab7f-3e23-4bf9-1104-08daad6a21a2
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: 97q+hG4G/3oyCTXtNXg0aFtcrGRLuStRPgZUJt+XU1FuWJUKlmHNeK0GzMErzzclwOgXZSsNNuopyUgLwPdBlurXVzYgJ5d3r+mL06ieB5PTyd6NAKa3ymF7Z+vUASY/DS/wuo6A+37PWzroryOG2aoVYHczVmX7gjnDVBWmEqP37BT/LTzHNkIpgL8NFTZ9rOIJXrIzMWARy1aqwoD9TRukxL1++PC4YdPlMcm073SxSusxdLf03LoonmDi9MCSigGsUjWjz2aZyPEVOxWZpB36ojryc8ImtLyXXedH6ZOLDD6ZWgp7cFDUFZBWYdCZ6y3YIorbWrTEpR1heDJ7XurnLlO0CdkPRI2JdKnM5uJZy0N65KiWEYAHaDWw2pJfLLR8awHGC2TNpn9CGjZaee3pAuRkfWAOq2iMeed2/L9fBOe4jFuTO2jbq+vFD5czqXdajYMUmWSix9btNLFb5fcfrJLfcPAq9WdOhEqtKD4B/OiS1to7MTJRd6KqsRXx6lSI0eVhZkjQRRWhf4F3hEJUEdaMRurhmWMukIkXkyFrPS5brKhMUqeb182K18NZiSx5ks+MhAwFtajx2d33mcUkTvTIV8GqRR0mPlaMpMnfpNqjcDYwo/3losrfnAw4bIAwIxCgEetudHLRepstN+WArwvBgXD3+hjP6Iei/3LdBoM+r6XYXUlc84V2yMDugpAxdMy1nHI3k96dgVFOVIf14C8ZnMxS4866rsYLet62CHtFgjQA8JjD0dceY9BAl8oTU8A6diPBRctXA73niy5negO8y10qU9BtrqLLxGg=
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en;
SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA0PR09MB6539.namprd09.prod.outlook.com;
PTR:; CAT:NONE;
SFS:(13230022)(4636009)(366004)(451199015)(38070700005)(966005)(166002)(71200400001)(6916009)(82960400001)(498600001)(64756008)(186003)(33656002)(2906002)(91956017)(66446008)(66946007)(76116006)(38100700002)(66556008)(8676002)(122000001)(66476007)(55016003)(7696005)(2940100002)(5660300002)(52536014)(86362001)(53546011)(8936002)(6506007)(83380400001)(26005)(9686003);
DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-Original-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-Original-0: BtgEJa2z79vPELEYdFRTegsn0giMxunOuXOztzgwkvJ31t+Y02zh6jdaSKKM
i49vNyHzDFh3hQIN4v4wUvrTiXZHflf1YeLt5Sg+U2xfRUTXxxOJUkgVNHRK
SsGdpZyl9ICU4pDB2WdCubYoq6+hy0dfxTQ2OZnZklHqKgv3FkzUpnXjzntq
w7pt8KRVS8yM/sOAhT+6qTNOqFoczyUbj829sMFyVrRoupzRl0lb/pSNzPIP
j9DEuoSdlWan09CmTqCbhk46qI46QPhbrOOmEhbmdbimiU3BqQajWSmk45Yl
IidJrlapaoqZ2iFCRiEYJNfxa13ZbrQfJdagG7AqPNp5KZD/iluOVh/viIUU
QjXEekyKQyM2b9K8nPdC5QEDeOBI4P3wJi5ZZr59mns6aYLp2X8amvDjSOJI
BWiH8GUhmZAg2vocEZwdRLL073FciuhpzAsbRTfUOFhjD8MCdCrfePhWtpom
TiZRQc0PmiwtMelRgcEqPBMZIlpI8VsBMmlFAREwjmvJmIEjzDkQG1oqglg0
F5P9ovOonr3V+nZ3H5vt/SDjnKeNDgy0OipJwT3CRZHzqgZXaXoAqvF9dYnv
cMJ0y6HOO6DnQVw/R668vkSk5FkJa6jUMzzsgpj2PIsDV52bOKmMeiF149ES
Hk7onr75rf53rOX3j19uQvgxYElzFRk6hJKcgbbUklOuf/yt8gJvjYY7pJFc
2S4NMESbStx9IoZ24eZUeoGyGnajfXufhBjcJuz9XWzD5a4C2TLMdHertyQf
S6uMBzBQYbawYtx5UHdmBOJNsqobuLPI5TRrz74WJiR7Ycef2sKOr1waQp0C
ayPXpz7VZMvzFS39BgCtdjHhBogP+WqbrfFaavxw1w6uZFplCXzQUiSc5gIZ
nUvQRVuxc3T052DPsGLLieF+SUvCi+E5f4KOFawFHQqrP8W77WiEDLBLylYv
jxRyiLtqnVUAvLakD1xzkCmHkf9TyRDJHRLDmOa9V6+tipHIYe8HCIx7yMJW
PtduEjp+DUVJQFZbRirs2YabsvIII9t7vslSG/NRN7CUrGD57eFiXYVWOF4S
S9N9f/rDmIBRsWEH4g2CvYq7I5G8sy9KpbosSZQbJ3bLAXN2BsWj/zeI9Tx1
bJ1m0E9IlT59lZ/U7eOZR0pFPOd1qymnekvccZvCuAfsDebXwaMJG8bjplLl
WnH039MIlqN0x4G91UXhd4P3XCwye4c+zLdOzbnihNMDIPDwS717ntbNH0Yc
AHKcdtUDN61YfDWybIe/ko9gTxCa6DQXP46fPRBTjq31CfA7C4BpG7uxV/jH
776CbOfFbFs0mOrGKasikgmcyAR6pUfo/LCJlv9ObsxX7Dd7ThxBA6Ji64zE
Xdbbe3gsWsWRmtIFJQDgxTlBTMZ018zXlJMEt3cv+rOIxGxgqoLWgrKh+iIa
ToMtf4QENeDuHf0oG+MJNqq/4WQlf3WYi7ALX0K3dVMK2vs8uOjR7P9IiVxx
Rd1FtblGQYgJJSUhGRjuoPZzxn6yuDP4c4SGtnSL4bPG6H+aNjZYwnJXBLRj
gDbGunaME4VBJGx3t80O/E4KiYJU3YY2+D2FCZZrBUVmFGvD6vO4gkEWMpqU
YQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR09MB7085
X-Proofpoint-GUID: pAjYCIJqC2pB-CwRChmZVQaGm6EECwkB
X-Proofpoint-ORIG-GUID: pAjYCIJqC2pB-CwRChmZVQaGm6EECwkB
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.545, 18.0.895
definitions=2022-10-13_08:2022-10-13,
2022-10-13 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
impostorscore=0
suspectscore=0 mlxscore=0 lowpriorityscore=0 mlxlogscore=999 spamscore=0
malwarescore=0 phishscore=0 bulkscore=0 priorityscore=1501 clxscore=1015
adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1
engine=8.12.0-2209130000 definitions=main-2210130124
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: BN8NAM11FT082.eop-nam11.prod.protection.outlook.com
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id-Prvs: f313e783-9ec0-47ea-3066-08daad6a1e86
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ZpugwxNGqA8SD3zycOkeDR4XvCTS5lycdJvkP1eTjBfXsPa0Z33xpc5ezgoxqGToYUWvgfyMRE/EnHVzz3/Xf2ckXdz+Xa7G21RApsESABfLkjTxRgGRgV+IgLP5SwmAgM8bZx3LKw59RFNKVFRAyXP8znGhlXl/kIMjpdtoOavLbYQY4WHGa3mzhnlykCcMzGQUg3rCgTgl0vyJogdR/YH8WlRuMkQgbusglLqlt6R34IKTrYZX+Op+w5P4N+WWD4DgxD8PSVnKTZEzmQhUeuOYDhsWRXyWQAu2R1kWmNjWWB1V9C/1habOccjiw1crrRVYTMZl/soXfwyDEvkpYCCq222dN2jJSPad1uSBAipY4atI0spvFQqYKDoftHqL9JGsrj0Tfkj1rLEtOxbjKcAIrmhmj/OBwSbp2shw8TIjLTp8oNWkhEp7aOX4vnsuVHEyDeqLPjP2+y3kUMsLhwiKA2P2jmlchMZNA+rc9R3iESj7qQ0/HqeEF76W1cSBXRraH1bHZXVmZohq+RTJkTeJUG5NVvggkzk1RI2ujB9tDwGe3fFAk1/LG14RM1UhPqiFYdLwTp5CPLioeGVVXYU+yvxFlm8Pb8rkTS5P0zGHg2vkepNgV4Zq/6ezz5zAYaXvNmjjrjgOiEVtIoXtprqyKCz6CoUo9+lTxGydVkRh/0n7AafVwcGuxougRWeEUSR4ofNzil45vHXsKs8QRQ==
X-Forefront-Antispam-Report: CIP:67.231.155.129; CTRY:US; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:mx0f-00379502.gpphosted.com;
PTR:mx0f-00379502.gpphosted.com; CAT:NONE;
SFS:(13230022)(4636009)(376002)(396003)(39860400002)(136003)(346002)(451199015)(5660300002)(6862004)(52536014)(966005)(83380400001)(336012)(26005)(83320400002)(83280400002)(83290400002)(83300400002)(83310400002)(2906002)(33656002)(316002)(166002)(70586007)(7636003)(55016003)(7596003)(68406010)(786003)(498600001)(2940100002)(53546011)(9686003)(6506007)(7696005)(8676002)(356005);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Oct 2022 22:27:36.6879 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 23abab7f-3e23-4bf9-1104-08daad6a21a2
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: BN8NAM11FT082.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR0101MB2979
X-OriginatorOrg: mitprod.onmicrosoft.com
X-Content-Filtered-By: Mailman/MimeDel 2.1.34
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/options/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
X-Mailman-Original-Message-ID: <SA0PR09MB6539C35ED1E5D5A6B4AF45F39A259@SA0PR09MB6539.namprd09.prod.outlook.com>
X-Mailman-Original-References: <SA0PR09MB653932FC9EB1D7CE0DC81BD59A259@SA0PR09MB6539.namprd09.prod.outlook.com>
 by: Machin, Glenn Dougla - Thu, 13 Oct 2022 22:27 UTC

Never mind it works. It was the line:
name_buf.length = strlen(name_buf.value) + 1;

Should be:
name_buf.length = strlen(name_buf.value);

Glenn

From: Kerberos <kerberos-bounces@mit.edu> on behalf of Machin, Glenn Douglas via Kerberos <kerberos@mit.edu>
Date: Thursday, October 13, 2022 at 9:34 AM
To: Machin, Glenn Douglas via Kerberos <kerberos@mit.edu>
Subject: Should gss_get_name_attribute() dump the values of auth-indicators?

Should gss_get_name_attribute() dump the values of auth-indicators? I verified that the auth-indicators is set correctly by also setting require_auth on the SPN. When not using OTP I cannot obtain the service ticket but when using an otp I can.

I have run this on both 1.15 and 1.18 with the same results. Below is a code snippet of what I used, including the gssapi test routine dump_attribute(). It shows in gss_inquire_name() the auth-indicator as a value, but gss_get_name_attribute() indicates that operation is not available or is unsupported.

Should I be getting the values of auth-indicator?

Thanks,

Glenn

serv_maj_stat = gss_accept_sec_context(&acc_sec_min_stat, &context,

GSS_C_NO_CREDENTIAL, &send_tok,

GSS_C_NO_CHANNEL_BINDINGS,

&client, &doid, &recv_tok,

&ret_flags,

NULL, /* time_rec */

NULL); /* del_cred_handle */

maj_stat = gss_inquire_name( &min_stat, client, &is_mech_name, &mech, &attrs);
if (maj_stat != GSS_S_COMPLETE) {
display_status("gss_inquire_name", maj_stat, min_stat);
} else {
int i = 0;
struct gss_buffer_desc_struct thisattr;
if (attrs && attrs->count > 0){
for (i = 0; i < attrs->count; i++){
thisattr = attrs->elements[i];
printf("Attr[%d] of %d:%s\n",i,attrs->count,thisattr.value);
}
}
}

name_buf.value = "auth-indicators";

name_buf.length = strlen(name_buf.value) + 1;

maj_stat = gss_import_name(&min_stat, &name_buf,

(gss_OID) GSS_KRB5_NT_PRINCIPAL_NAME, &input_name);

authenticated = 0;

complete = 0;

noisy = 0;

more = -1;

dump_attribute(client, &name_buf, noisy);

What I get from gss_inquire_nameis:

Attr[0] of 1:auth-indicators

What I get from dump_attribute which calls gss_get_name_attribute is:

Looking for attribute auth-indicators

gss_get_name_attribute: The operation or option is not available or unsupported

gss_get_name_attribute: No such file or directory

(gdb) print (char *) attrs->elements[0]->value

$6 = 0x629ab0 "auth-indicators"

(gdb) print attrs->count

$8 = 1

________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://urldefense.us/v3/__https://mailman.mit.edu/mailman/listinfo/kerberos__;!!G2kpM7uM-TzIFchu!ghFrJnWiesMwp4rG1zFRL5nQMhdQiy66A4VJp-dHuhAsEUoVGkMlQJyB-M3UcTBx$<https://urldefense.us/v3/__https:/mailman.mit.edu/mailman/listinfo/kerberos__;!!G2kpM7uM-TzIFchu!ghFrJnWiesMwp4rG1zFRL5nQMhdQiy66A4VJp-dHuhAsEUoVGkMlQJyB-M3UcTBx$>

devel / comp.protocols.kerberos / Re: Should gss_get_name_attribute() dump the values of auth-indicators?

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor