Bug 1244 - Detect auth configuration failures and don't count them against the client
Summary: Detect auth configuration failures and don't count them against the client
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Kerberos support (show other bugs)
Version: -current
Hardware: All All
: P2 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_5_9
  Show dependency treegraph
 
Reported: 2006-10-03 05:07 AEST by Simon Wilkinson
Modified: 2023-01-13 13:56 AEDT (History)
1 user (show)

See Also:

Attachments
Patch to add support for noting server caused failures (1.77 KB, patch)
2006-10-03 05:08 AEST, Simon Wilkinson 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Simon Wilkinson 2006-10-03 05:07:18 AEST 
The attached patch allows authentication procedures to signal that
an authentication failure is caused by misconfiguration on the server,
rather than erroneous information from the client, and so not count that
authentication failure against the client.

It is particularly useful when servers are configured with GSSAPIAuthentication
on, and the required keytab is not provided by the server administrator.
Comment 1 Simon Wilkinson 2006-10-03 05:08:39 AEST 
Created attachment 1196 [details]
Patch to add support for noting server caused failures
Comment 2 Damien Miller 2008-01-20 12:23:00 AEDT 
Comment on attachment 1196 [details]
Patch to add support for noting server caused failures

This looks sane to me.
Comment 3 Damien Miller 2011-01-24 12:30:51 AEDT 
Retarget unclosed bugs from 5.7=>5.8
Comment 4 Damien Miller 2011-03-10 13:53:16 AEDT 
patch applied - this will be in 5.9
Comment 5 Damien Miller 2011-09-06 15:33:09 AEST 
close resolved bugs now that openssh-5.9 has been released