patches to make bind9 with TKEY/GSS updates easier to configure
tridge at samba.org
tridge at samba.org
Wed Dec 1 22:02:35 UTC 2010
Hi Mark,
> If you can send me a stack backtrace that would be useful, I suspect I
> missed something.
sure, the full backtrace is here:
http://samba.org/tridge/bind9-patches/backtrace.txt
This is with current CVS, plus your patch. It is without any of my
patches.
I launched it like this:
KRB5_KTNAME=dns.keytab KRB5_CONFIG=krb5.conf gdb --args /home/tridge/project/bind9/git/bin/named/.libs/named -m record,size,mctx -c named.conf -g -T clienttest -n 1
The named.conf is here:
http://samba.org/tridge/bind9-patches/named.conf
the rest of the contents of the tsiggss test directory are from this
patch:
http://samba.org/tridge/bind9-patches/0006-tkey-added-a-tkey-TSIG-GSS-testsuite.patch
Note that the named.conf is an adjustment to the tsiggss test to use
the existing tkey-gssapi-credential and tkey-domain options, instead
of the new tkey-gssapi-keytab option. Unfortunatey you have to run
with KRB5_CONFIG set, plus either KRB5_KTNAME or KEYTAB_FILE set
(depending on kerberos version). That is one of the things that the
tkey-gssapi-keytab patch fixes.
I also had to make a trivial adjustment to your patch to fix the
prototype for insert_trustedkey() in dighost.c
Cheers, Tridge
More information about the bind-workers
mailing list