[CDRIVER-2536] Cannot auth with MIT Kerberos if rdns=false is in krb5.conf Created: 07/Mar/18 Updated: 10/Feb/23 |
|
| Status: | Backlog |
| Project: | C Driver |
| Component/s: | auth |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Minor - P4 |
| Reporter: | A. Jesse Jiryu Davis | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Epic Link: | CDRIVER-4575 |
| Description |
|
On Ubuntu with Cyrus SASL and MIT Kerberos, if I put the following in /etc/krb5.conf:
... then the C Driver cannot authenticate to our Kerberos test server. This seems true whether I use the server's hostname or IP address in the URI, and whether I set CANONICALIZE_HOST_NAME to true or false. Is this expected, or is there a bug in _mongoc_sasl_get_canonicalized_name? |
| Comments |
| Comment by A. Jesse Jiryu Davis [ 08/Mar/18 ] |
|
Once we know the answer we might need to update the comment above _mongoc_sasl_get_canonicalized_name:
|