Coda File System

Problems with token files

From: Dr A V Le Blanc <LeBlanc_at_mcc.ac.uk>
Date: Mon, 24 Apr 2000 08:59:12 +0100
I wrote a while ago about problems with trying to save token files
on my system (coda 5.3.6 on Linux 2.2.14 (most machines) and
2.3.99-pre5 (one machine), but I didn't follow it up at the time.

This is a kerberos 5 system, compiled (as recommended in the source)
with '-DCODAAUTH' removed from the Makefile.in in coda-src/auth2.

I thought before that kclog was segfaulting; at any rate, it does
not do so now.  Instead I see this:

     avl 08:49:24 > klist
     Credentials cache: FILE:/tmp/krb5cc_0
             Principal: zlsiial_at_man.ac.uk

       Issued           Expires          Principal
     Apr 24 08:43:14  Apr 24 18:43:11  krbtgt/man.ac.uk_at_man.ac.uk
     Apr 24 08:43:28  Apr 24 18:43:11  host/avl.mcc.ac.uk_at_man.ac.uk
     avl 08:49:31 > > kclog -tofile tok zlsiial
     username: zlsiial

     Date: Mon 04/24/2000

     08:49:47 In Krb5Init()
     avl 08:49:47 > ll tok
     -rw-------   1 root     root           18 Apr 24 08:49 tok
     avl 08:49:51 > od -cx tok
     0000000   *   *   *       C   o   d   a       T   o   k   e   n       *
             2a2a 202a 6f43 6164 5420 6b6f 6e65 2a20
     0000020   *   *
             2a2a
     avl 08:49:54 > ctokens

     Token held by the Cache Manager:

     Local uid: 0
     Coda user id: 102
     Expiration time: Tue Apr 25 09:49:47 2000

In other words, kclog is successfully getting a coda token, but
not writing it correctly to the token file, which contains nothing
but '*** Coda Token ***'.  Not surprisingly, when you try to reload
this file using klog:

     avl 08:52:14 > kclog -fromfile tok zlsiial
     username: zlsiial
     Corrupted token file?
     Segmentation fault

It doesn't work.  Looking at the source:

         fputs("*** Coda Token ***", f);
         base64_encode(f, buf, len);

it looks as though the value of 'len' here is 0?

I notice that there is in the same source directory a program tokentool
for creating arbitrary tokens:

     avl 08:56:33 > ./tokentool
     ViceID                   ? 102
     Token validity (hours)   ? 24
     Shared secret (auth2.tk) ? /vice/db/auth2.tk
     Output token file name   ? /tmp/tok

This produces a file 129 bytes long.  But:

     avl 08:57:13 > kclog -fromfile /tmp/tok zlsiial
     username: zlsiial
     Corrupted token file?
     Segmentation fault

This too produces a fault when loading.  Should -tofile and
-fromfile work with kerberised Coda?

     -- Owen
     LeBlanc_at_mcc.ac.uk
Received on 2000-04-24 04:00:48