[Touch-packages] [Bug 1956833] Re: No GSS-SPNEGO support in jammy

Sat, 08 Jan 2022 12:25:50 -0800 

** Bug watch added: Debian Bug tracker #1003355
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003355

** Also affects: cyrus-sasl2 (Debian) via
   https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003355
   Importance: Unknown
       Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu.
https://bugs.launchpad.net/bugs/1956833

Title:
  No GSS-SPNEGO support in jammy

Status in cyrus-sasl2 package in Ubuntu:
  In Progress
Status in cyrus-sasl2 package in Debian:
  Unknown

Bug description:
  In jammy:
  root@j1:~# saslpluginviewer | head | grep SPNEGO
  root@j1:~# 

  Confirming against a windows 2016 active directory server, fully patched:
  root@j1:~# ldapwhoami -Y GSS-SPNEGO
  ldap_sasl_interactive_bind: Unknown authentication method (-6)
          additional info: SASL(-4): no mechanism available: No worthy mechs 
found

  
  gssapi (kerberos) works:
  root@j1:~# ldapwhoami -Y GSSAPI
  SASL/GSSAPI authentication started
  SASL username: administra...@internal.example.fake
  SASL SSF: 256
  SASL data security layer installed.
  u:INTEXAMPLE\Administrator

  root@j1:~# klist
  Ticket cache: FILE:/tmp/krb5cc_0
  Default principal: administra...@internal.example.fake

  Valid starting     Expires            Service principal
  01/08/22 22:31:48  01/09/22 08:31:48  
krbtgt/internal.example.f...@internal.example.fake
          renew until 01/09/22 22:31:45
  01/08/22 22:34:53  01/09/22 08:31:48  
ldap/win-kriet1e5elo.internal.example.fake@
          renew until 01/09/22 22:31:45
          Ticket server: 
ldap/win-kriet1e5elo.internal.example.f...@internal.example.fake

  
  In focal, GSS-SPNEGO works:
  root@f1:~# saslpluginviewer | head | grep SPNEGO
    GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSSAPI GSS-SPNEGO DIGEST-MD5 
EXTERNAL NTLM CRAM-MD5 PLAIN LOGIN ANONYMOUS
    GS2-IAKERB GS2-KRB5 SCRAM-SHA-1 SCRAM-SHA-256 GSSAPI GSS-SPNEGO DIGEST-MD5 
NTLM CRAM-MD5 PLAIN LOGIN ANONYMOUS

  Confirming with ldapwhoami:
  root@f1:~# ldapwhoami -Y GSS-SPNEGO
  SASL/GSS-SPNEGO authentication started
  SASL username: administra...@internal.example.fake
  SASL SSF: 256
  SASL data security layer installed.
  u:INTEXAMPLE\Administrator

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/1956833/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to