onsdag den 8 augusti 2012 klockan 14:43 skrev Simon Josefsson detta: > Mats Erik Andersson <[email protected]> writes: > > > The client needs shishi_done() in order to incorporate > > any issued and valid ticket into the cache. > > Ah, yes, that would be good to do. Maybe there should be a Shishi > interface for saving the cached tickets. InetUtils could invoke this to > achieve it though: > > shishi_tkts_to_file (shishi_tkts_default (handle), shishi_tkts_default_file > (handle)) > > However maybe saving received tickets should be done automatically by > Shishi.
The tickets are automatically saved as soon as I insert shishi_done(). Without my manual insertion of shishi_done() the forced abolition of krb5shishi_cleanup() will allow a session go through with authorization and encryption, but the tickets will not propagate into the cache, as a simple experiment with "shishi -l" verifies. However, I am observing in my playing around with different acting client users, that there frequently happens to be multiple tickets for "mats@LOCALHOST" issued for the service "host/localhost". Is this in order, or could it be that libshishi is not tracking already granted tickets sufficiently well? The initial ticket stays the same, but then there are multiple service tickets that look identical in printout from "shishi -l". Even with two client users I find three or more service tickets. Regards, Mats
