Bug 46266 - KDC check fails due to "Record Mark" option in network package
KDC check fails due to "Record Mark" option in network package
Status: RESOLVED WONTFIX
Product: UCS
Classification: Unclassified
Component: UMC - System diagnostic
UCS 4.2
Other Linux
: P5 normal (vote)
: ---
Assigned To: UMC maintainers
UMC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-02-09 08:05 CET by Stefan Gohmann
Modified: 2020-07-03 20:53 CEST (History)
2 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 2: A Pain – users won’t like this once they notice it
User Pain: 0.046
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments
testsystem-tcpdump.pcap (5.02 KB, application/vnd.tcpdump.pcap)
2018-02-09 08:08 CET, Stefan Gohmann
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Gohmann univentionstaff 2018-02-09 08:05:56 CET
The KDC diagnostic check tries to communicate with the KDC. In one case, the KDC returned a "Record Mark" option in the answer: https://tools.ietf.org/html/draft-ietf-tpix-tcpopt-00#section-6

Unfortunately, our check throws an error in this case.
Comment 1 Stefan Gohmann univentionstaff 2018-02-09 08:08:13 CET
Created attachment 9381 [details]
testsystem-tcpdump.pcap

Test system tcpdump which is OK, recorded via tcpdump -i lo -p -s 0 -n -w testsystem-tcpdump.pcap
Comment 3 Arvid Requate univentionstaff 2018-02-12 19:13:09 CET
Looking at both traces I see the "Record Mark" in both cases, but in the testsystem-tcpdump I see that a second AS-REQ is sent which doesn't show this field.

Looking at the code of umc/python/diagnostic/plugins/22_kdc_service.py I see a comment that the author already detected problems with pyasn1 0.1.9-2 (UCS 4.3). Maybe that's related?
Comment 4 Ingo Steuwer univentionstaff 2020-07-03 20:53:01 CEST
This issue has been filed against UCS 4.2.

UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.