"Sam Hartman" <[EMAIL PROTECTED]> wrote in message news:tsl65vl6nmi.fsf@;konishi-polis.mit.edu... > It seems unlikely that you've got keytab problems if it ever works. > What call is returning the decrypt integrity check failed? The > rd_priv call or the rd_req call? > > Is it possible that your network code is somehow mangling data it is > sending some of the time? For example, does your code deal with nulls > in the output? > > > What this error means is that when some Kerberos message is decrypted, > the checksum does not agree with the message content. This either > means the message was modified or the key is wrong. The most common > cause is a persistent failure of krb5_rd_req caused by keytab keys not > agreeing with the KDC, but that seems not to be the case here. >
Thanks for the answer Sam. I found my mistake in the meantime. I read data in a temporary buffer then copying it into a krb5_data variable using strncpy which would truncate the data if any null character would appear in it, which doesn't seem to happen each time. I should use memcpy. Pretty obvious right now but I've struggled single it out. Christian. ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
