[927] in Kerberos_V5_Development
Howard Chu: Kerberos for Windows
daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri Oct 20 23:02:52 1995
To: krbdev@MIT.EDU
Date: Fri, 20 Oct 1995 23:02:43 EDT
From: Sam Hartman <hartmans@MIT.EDU>
------- Forwarded Message
Received: from PACIFIC-CARRIER-ANNEX.MIT.EDU by po9.MIT.EDU (5.61/4.7) id AA12234; Fri, 20 Oct 95 22:04:25 EDT
Received: from lccma.bos.locus.com by MIT.EDU with SMTP
id AA07024; Fri, 20 Oct 95 22:04:16 EDT
Received: from orchard.la.locus.com by lccma.bos.locus.com with SMTP (PP) id <22027-0@lccma.bos.locus.com>; Fri, 20 Oct 1995 22:04:13 +0000
Received: from traveller.la.locus.com by orchard.la.locus.com (AIX 3.2/UCB 5.64/4.03)
id AA14070; Fri, 20 Oct 1995 19:01:22 -0700
Received: by troy.la.locus.com (AIX 3.2/UCB 5.64/4.03)
id AA28103; Fri, 20 Oct 1995 19:06:21 -0700
Date: Fri, 20 Oct 1995 19:06:21 -0700
From: hyc@locus.com (Howard Chu)
Message-Id: <9510210206.AA28103@troy.la.locus.com>
To: hartmans@MIT.EDU
Subject: Kerberos for Windows
Newsgroups: comp.protocols.kerberos
In-Reply-To: <199510161929.PAA13636@tertius.mit.edu>
References: <199510161729.NAA07230@quicksand.cis.ufl.edu>
Organization: Locus Computing Corporation, Los Angeles, California
Cc:
Howdy,
just thought I'd drop you a line to let you know what I've been doing
with the K5beta5 release. I've integrated krb4 library with the krb5 library
into a single DLL, and added a memory-based credentials cache for K5. I've also
written a kdc_time function (a copy of send_to_kdc) that tries to obtain the
KDC's clock time using Time protocol (port 37) and (S)NTP (port 123). I'm still
trying to rationalize the merge of the separate config files into a single .ini
file; while in most cases one would expect sites to have either K4 or K5, and
in cases where both are active, the realms and auth servers would probably be
the same, you can't guarantee that.
Also a small fix to the profile library to make it work better with Windows;
the Windows WritePrivateProfile* routines eliminate all whitespace when
rewriting the .ini file, and the profile's parse_std_line would complain if
there wasn't a space in front of an '=' ...
I've also written a Kclient replacement that uses my integrated library, so it
can be configured for K4 or K5. It can also automatically set the PC's clock
to match the KDC's clock.
I've stripped as much non client-related code out of the K5 library as possible
to trim the size down. There's no admin or kstream functionality. All we wanted
is a DLL that will allow a client program to authenticate itself to a server,
nothing more. Since we plan to ship this with our PC-Interface product, and our
export license restricts our use of encryption technology, none of the DES
entry points are exported.
If any of this stuff is of interest to you guys, let me know. It may take a
while to package up, but we should be able to send diffs along at some point.
I will probably use this as a base for a K5 extenstion to Mac AuthMan as well,
but that work isn't underway yet.
Howard Chu Principal Member of Technical Staff
hyc@locus.com Locus Computing Corporation
------- End of Forwarded Message
