[14596] in Kerberos
Re: kinit error
daemon@ATHENA.MIT.EDU (Marc Richter)
Tue Jun 26 03:12:50 2001
Date: Tue, 26 Jun 2001 09:08:55 +0200
From: Marc Richter <mrichter@eu.uu.net>
To: Sam Hartman <hartmans@MIT.EDU>
Cc: kerberos@MIT.EDU
Message-ID: <20010626090855.B12937@devnull.de.uu.net>
Reply-To: Marc Richter <mrichter@eu.uu.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <tsl4rt4jkps.fsf@sweet-transvestite.mit.edu>; from hartmans@mit.edu on Mon, Jun 25, 2001 at 05:47:11PM -0400
On Mon, Jun 25, 2001 at 05:47:11PM -0400, Sam Hartman wrote:
> >>>>> "Marc" == Marc Richter <mrichter@UU.NET> writes:
>
> Marc> Hi ! Is there a known problem when trying to kinit on a
> Marc> host with a lot of VIF's on Solaris 2.6?
>
> No, but there may be a problem.
We're using krb5 Release 1.1.1 at the moment.
I've heard that the number of IP adresses in previous releases was
in some way hard-coded to 32 max. Is this version affected ?
> Marc> The problem is:
>
> Marc> If I do an kinit on this host, with only the main interface
> Marc> (hme0) active, I get my ktgt.
>
> Marc> If I now activate all the VIF's (round about 40) and then do
> Marc> an kinit I get the error:
>
> Marc> kinit: invalid argument while getting initial credentials
>
>
> Sounds like y,you either failed to enumerate all the interfaces in
> src/lib/krb5/os/localaddr.c or worse that the number of addresses you
> requested overflowed a UDP packet.
>
> There is an option to kinit to tell it to request a ticket valid from
> any address. Try that.
Which option do you mean ?
I couldn't find anything in the man page.
thanks
--Marc
