What operating system is the client running on? Is this a K4 request being produced from OpenAFS on Windows?
I have suspected that there is a threading problem in the OpenAFS for Windows
client which is overwriting buffers being written to the network but have been unable
to catch it reliably. If you have a system which is consistently producing bad data
at a known point it would be good to see if we can trace it down.
Jeffrey Altman
John Hascall wrote:
6303373b766d61124537XXXXXXXX0000494153544154452e4544550067710e403f6166730000c . 7 ; v m a . E 7 u s e r . . I A S T A T E . E D U . g q . @ ? a f s . .
I'm not sure, but the tail bit of it looks like part of a krb4 initial ticket request by "user" for "[EMAIL PROTECTED]", with lifetime 5 hours 15 minutes, around 21 January 2004 (assuming little-endian).
Yes, I've been convinced that this is a valid V4 packet whose first two bytes (04 03) were somehow corrupted with 10 garbage bytes (63 03 37 3b 76 6d 61 12 45 37) and I went off on a wrong tangent upon seeing the 0x6X first byte). At this point, I'm going to assume the user has either munged hardware or DLLs.
It's really quite interesting to dump out rejected packets, you see some fascinating crap, here's another:
<04><03>__vmware_user__D2521F2GPKdgDby9P77qlo_w*glhuA3un*!sh!<00><00>IASTATE.EDU<00>^HN<0e>@?afs<00><00
(a 53 character principal name is too long for k4) (curious how both of these invalid packets used '?', 5h15m, for the lifetime).
John _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
