[2346] in Kerberos-V5-bugs
pending/106: Re: Beta 7 RPC
daemon@ATHENA.MIT.EDU (Barry Jaspan)
Fri Oct 11 17:59:30 1996
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: gnats-admin@rt-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, "Barry Jaspan" <bjaspan@MIT.EDU>
Date: Fri, 11 Oct 1996 17:57:27 -0400
From: "Barry Jaspan" <bjaspan@MIT.EDU>
To: mikec@geek.grf.ov.com
Cc: Joe.Gagnon@ov.com, harryc@cam.ov.com, krb5-bugs@MIT.EDU
In-Reply-To: <325E7CA0.1661@geek.grf.ov.com> (mikec@geek.grf.ov.com)
>Number: 106
>Category: pending
>Synopsis: Re: Beta 7 RPC
>Confidential: yes
>Severity: serious
>Priority: medium
>Responsible: gnats-admin
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Fri Oct e 17:58:01 EDT 1996
>Last-Modified:
>Originator:
>Organization:
>Release:
>Environment:
>Description:
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
Mike,
What Ted told you on the phone earlier is correct. The mechanism oid
for gss-api krb5 changed during the development of beta 7. I did not
catch the incompatibility problem because I tested kadm5/OV
compatibility before the oid change was introduced into the source
tree.
As Ted explained, new servers can handle old clients, but old gss-api
servers cannot automatically support new clients, which is what you
discovered. However, because of the versioning support in the RPC
layer, KADM5 and Authenticate can remain fully compatible. I will add
versioning support the RPC library in the MIT tree to support it.
I'll send you a patch to the beta 7 RPC library when it is done so you
can test it.
Barry
