[6296] in Kerberos
Re: preauthentication in K5
daemon@ATHENA.MIT.EDU (Rita Bettenhausen)
Thu Nov 30 13:17:49 1995
Date: 30 Nov 1995 09:55:21 -0800
From: "Rita Bettenhausen" <Rita.Bettenhausen@quickmail.llnl.gov>
To: "Richard Basch" <basch@lehman.com>
Cc: "kerberos" <kerberos@MIT.EDU>,
"Douglas Engert" <Douglas.Engert@quickmail.llnl.gov>,
"Glenn Machin" <Glenn.Machin@quickmail.llnl.gov>
RE>>preauthentication in K5B5? 11/30/95
Does the Beta 6 preauthentication handle the case of changing realm names?
Also, when will this code be available or is it now?
Rita
--------------------------------------
Date: 11/30/95 9:00 AM
To: Rita Bettenhausen
From: Richard Basch
Preauthentication works in the latest code, which will be in Beta 6.
Actually, multiple encryption types mostly work too, and I have just
included Triple-DES support. There are some additional changes that
need to be done to accomodate multiple encryption type selection from
the application.
-Richard
On Thu, 30-November-1995, "Doug Engert" wrote to "Rita Bettenhausen, kerberos"
saying:
> Rita Bettenhausen writes:
> >
> > K5B5 kinit is not doing preauthentication. Was preauthentication in an
> > earlier K5 version? Is there a patch to get preauthentication?
> >
> > Rita Bettenhausen
> > bettenhausen1@llnl.gov
> >
>
> Rita,
>
> Looking at the K5 beta 5 code, shows that the call to
> krb5_obtain_padata in krb5/krb/get_in_tkt.c at line 145 has been
> commented out. The comment at line 122 says it is not supported. This
> might be a perfect opertunity to get it working. Also looking at the
> kinit.c shows two krb5_preauthtype types, preauth = NULL and
> preauth_list[2] which is never used.
>
> Douglas E. Engert
> Systems Programming
> Argonne National Laboratory
> 9700 South Cass Avenue
> Argonne, Illinois 60439
> (708) 252-5444
>
> Internet: DEEngert@anl.gov
--
Richard Basch URL: http://web.mit.edu/basch/www/home.html
Lehman Brothers, Inc. Email: basch@lehman.com, basch@mit.edu
101 Hudson St., 33rd Floor Fax: +1-201-524-5828
Jersey City, NJ 07302-3988 Voice: +1-201-524-5049
------------------ RFC822 Header Follows ------------------
Received: by quickmail.llnl.gov with SMTP;30 Nov 1995 08:58:22 -0800
Received: (from smap@localhost) by lehman.Lehman.COM (8.6.12/8.6.12) id
LAA11655; Thu, 30 Nov 1995 11:54:12 -0500
Received: from relay.mail.lehman.com(192.9.140.112) by lehman via smap (V1.3)
id tmp011644; Thu Nov 30 11:54:09 1995
Received: from kublai.lehman.com by relay.lehman.com (4.1/LB-0.6)
id AA13839; Thu, 30 Nov 95 11:54:06 EST
Received: from badger.lehman.com by kublai.lehman.com (4.1/Lehman Bros. V1.6)
id AA04467; Thu, 30 Nov 95 11:54:03 EST
Received: by badger.lehman.com (SMI-8.6/Lehman Bros. V1.5)
id LAA12371; Thu, 30 Nov 1995 11:54:03 -0500
Date: Thu, 30 Nov 1995 11:54:03 -0500
Message-Id: <199511301654.LAA12371@badger.lehman.com>
To: Doug Engert <DEEngert@anl.gov>
Cc: "Rita Bettenhausen" <Rita.Bettenhausen@quickmail.llnl.gov>,
"kerberos" <kerberos@MIT.EDU>
Subject: Re: preauthentication in K5B5?
In-Reply-To: <199511301516.JAA17420@stafford.ctd.anl.gov>
References: <n1394454890.49402@quickmail.llnl.gov>
<199511301516.JAA17420@stafford.ctd.anl.gov>
From: "Richard Basch" <basch@lehman.com>
