I want to create a client on a window 98 station (pc35) who will authenticate as user and who will contact a service server/pc36 on pc36
First, I create a cache on the W 98 station:
kinit -S server/[hidden email]
I check that the TGT and the service ticket are in the cache with klist. I have 2 krb5 tickets. It's OK.
Now, I have to import them in the client.
(From now, we are in a C program using gssapi. I will only speak about the client: it fails in a situation where the server is not usefull)
I put "[hidden email]" in a gss_buffer_t. I set the length. I gss_import_name this in a gss_name_t (local_name) and I release the buffer.
I do the same thing with the server name "server/[hidden email]" in server_name
I acquire the credential with the user name and default walues:
majs = gss_acquire_cred(&mins, local_name,
GSS_C_INDEFINITE, GSS_C_NO_OID_SET, GSS_C_INITIATE,
&cred_handle, NULL, NULL);
I try to acquire the security_context and it fails.
majs = gss_init_sec_context(&mins, cred_handle,
&context_handle, server_name, GSS_C_NULL_OID,
GSS_C_MUTUAL_FLAG | GSS_C_DELEG_FLAG, GSS_C_INDEFINITE,
NULL, GSS_C_NO_BUFFER, &oid, tocken, NULL, NULL);
The error is "An invalid name was supplied". I suppose it refers to the service name (server/[hidden email]).
I have made an other test with a different name for the server:
The KDC is exactly the same. I get the TGT and the service ticket in the cache. I just modify the service name in the client code. I put "server/pc36" instead of "server/[hidden email]". It fails again but the error generated by gss_init_sec_context is different and I don't understand it.
The majs (major status) is 524288
gss_display_status says: "No context has been established"
The minor status is -2045022973
What should I do to make it work?
My krb5.ini seems to be OK but I can send it to you if you want...