3.0.26a DNS update bug ?

Gerald (Jerry) Carter jerry at samba.org
Wed Sep 12 13:35:07 GMT 2007

Hash: SHA1

Martin Zielinski wrote:
> Hello!
> I'm using samba-3.0.26a and heimdal 0.7.2
> I failed creating a non-existing DNS entry on the ADS-DC during the
> domain join or the "net ads dns register" command (modifying an existing
>  entry succeeds).
> I found out, that "dnsgss.c - dns_negotiate_sec_ctx()" calls the
> heimdal function "gss_import_name()" with an
> "oid" "\052\206\110\206\367\022\001\002\002\002".
> This oid does not exist in the heimdal sources. So gss_import_name will
> allways fail.
> And - as far as i understand it - the name has allready been resolved
> earlier with the krb5_parse_name function.
> So if I call:
> err = dns_negotiate_gss_ctx_int(mem_ctx, conn, keyname,
>                 host_principal, gss_ctx, srv_type );
> instead of
> err = dns_negotiate_gss_ctx_int(mem_ctx, conn, keyname,
>                 targ_name, gss_ctx, srv_type );
> the dns update succeeds (in heimdal gss_name_t and krb5_principal are
> the same).
> Bye,
> ~ Martin
> P.S. And no, I don't *really* know, what happens here, and I haven't
> tried it with MIT.

Thanks Martin,  Would you file a bug on this.  I know that I
have only tested the dns updates using the MIT libs.

cheers, jerry
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba-technical mailing list