On Mon, Aug 22, 2011 at 8:16 PM, NeilBrown <neilb@xxxxxxx> wrote: > On Thu, 18 Aug 2011 12:43:07 -0400 "J. Bruce Fields" <bfields@xxxxxxxxxxxx> > wrote: > >> On Thu, Aug 18, 2011 at 07:19:06PM +1000, NeilBrown wrote: >> > I think that does exactly describes what we were seeing. >> > We ended up working around it by adding >> > >> > default_tkt_enctypes = des-cbc-md5 des-cbc-crc des3-cbc-sha1 >> > >> > to the client config, and recommending a server upgrade. >> > >> > >> > BTW I've been trying to track down why a successful kerberos negotiation >> > sends a corrupted RPCSEC_GSS_DESTROY request just before closing the >> > connection. >> >> (No useful comment here, just: thanks! That was driving me crazy, till >> it just stopped happening for no apparent reason, before I got a chance >> to look any closer...) > > It stopped happening? You mean it is already fix? Have I been look at old > code AGAIN ?? > > Though I was looking at most recent libtirpc and gssglue and I think I was > running both of these... Maybe I had a slightly old krb5-mit library? > > confused... > > NeilBrown Hi Neil, I haven't had a chance to look at this issue. I don't recall ever seeing it myself, but I may have just missed it. I'll try to replicate the problem on Wednesday -- unless you fix it and send a patch before that! ;-) I've definitely done most of my testing with fairly recent versions of Kerberos if that is indeed related. K.C. -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
