[4414] in Kerberos
Re: Krb5B43 <-> DCE security ?
daemon@ATHENA.MIT.EDU (George Baltz)
Sat Dec 31 21:27:04 1994
To: kerberos@MIT.EDU
Date: 31 Dec 1994 20:51:04 -0500
From: gwb@yorick.umd.edu (George Baltz)
In article <3e1fd4$80@exile.oec.com>, Jim Doyle <doyle@scratchy.oec.com> wrote:
>
>Does anyone have patches against Krb5 B4.3 to make it talk to
>a DCE security server (I am running OSF DCE 1.0.3).
>
>Here's the symptoms of the problem of an Athena K5 kinit against
>a DCE SEC server:
>
>kinit: ASN.1 identifier doesn't match expected value while getting initial credentials
I sent a message to krb5-bugs about this just before I left for break...
The problem is that the DCE server is using ASN.1 "constructed
indefinite" encoding for some of the fields, and the krb5 B4p3 isn't
prepared for it. I've got some (very rough) patches to at least get
kinit (& klist) to believe in the DCE server (DEC DCE 1.3).
I think it's a fallout from removing the dependence on ISODE in the
build. Dunno (yet) if it's possible to still use it.
--
George Baltz N3GB 301-405-3059 gwb@umd5.umd.edu
Captain (Emeritus), UMD Hors d'Oeuvres Team "Another totally unslanted
Computer Science Center, University of Maryland opinion from yet another
College Park, MD 20742-2411 editor of the Daily Feed"
