[1525] in Kerberos-V5-bugs
Re: comments about use of autoconf
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Wed Jul 5 17:17:41 1995
Date: Wed, 5 Jul 1995 17:17:33 +0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: "E. Jay Berkenbilt" <ejb@ERA.COM>
Cc: krb5-bugs@MIT.EDU
In-Reply-To: E. Jay Berkenbilt's message of Wed, 5 Jul 1995 17:07:52 -0400,
<9507052107.AA02946@soup.era.com>
Date: Wed, 5 Jul 1995 17:07:52 -0400
From: "E. Jay Berkenbilt" <ejb@ERA.COM>
Unlikely, but it looks like the Kerberos V5 support in the pop server
and clients is not really operational. If that's the case, I may work
on that. Also, the pop server distributed with V5 is based on the
obsolete BSD popper code. qpop2.1.4 from Qualcomm (free) already has
V4 support. If I add V5 support to that, do you want the patches? I
ran a recursive diff between a clean popper distribution and the one
in V5 and see that file locking was also added, and that it was
autoconfiscated and purged of strings following #endif, and given a -s
flag for standalone operation. Otherwise, I saw no substantive
changes.
The approach which is currently used in the V5 POP server and clients is
deprecated; the plan is to use RFC 1734's GSSAPI AUTH extension to POP,
which is actually a standard.
This is why I haven't put a lot of work into the current POP server and
clients, we'll be eventually ripping them out and replacing it with
newer versions of the the POP server (perhaps Qualcomm's qpop; if that's
really a newer and better server, then we can use that) using GSSAPI
AUTH command to do its Kerberos authentication.
If you're interested in doing this, you should talk to John Gardiner
Myers (jgm+@CMU.EDU). I believe he may have some subroutines for
implementing the AUTH command that may be helpful.
I was planning on giving this project to a UROPer to do, probably for
the IAP timeframe, but if you'd like to work on it, please let me know.
- Ted
