Date: Sat, 11 Jun 2005 00:17:20 +0400 From: Boris Samorodov <bsam@ipt.ru> To: freebsd-security@FreeBSD.org Subject: [Kerberos] Error at Handbook? Message-ID: <22142911@srv.sem.ipt.ru>
next in thread | raw e-mail | index | archive | help
Hi! I'm quite new to the list, but searching the archive and PRs didn't show me anything on the matter. According to FreeBSD Handbook (14.8.2 Setting up a Heimdal KDC) one should config DNS server by adding: ----- _kerberos IN TXT EXAMPLE.ORG. ----- This doesn't work. DNS servers returns: text = "EXAMPLE.ORG.". This is right, because RFC 1035 allows up to 16 character strings at this field (assuming that noting should be prepended to the field if it doesn't end with a point). Thus I've got at KDC log: ----- 2005-06-10T23:57:07 Server not found in database: krbtgt/EXAMPLE.ORG.@EXAMPLE.ORG: No such entry in the database ---- (lookat the point before '@'). Everythig is fine when changing DNS TXT record to "EXAMPLE.ORG" (without a dot at the end). I'm going to file a DOC/PR, but what security guru can say on the matter? Am I missing smth? I'm far away from thinking that I'm the only user who is using the Handbook to configure kerberos on FreeBSD... PS. KDC host: FreeBSD 5.3-STABLE Server: FreeBSD 6.0-CURRENT Client: FreeBSD 5.4-RELEASE-p1 WBR -- bsam
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?22142911>