[104] in pc-kerberos
Upcoming potential changes in KRBV4*.DLL
daemon@ATHENA.MIT.EDU (Chris Shabsin)
Tue Jul 25 11:27:31 1995
To: pc-kerberos@MIT.EDU
Reply-To: shabby@MIT.EDU
Date: Tue, 25 Jul 1995 11:08:19 EDT
From: Chris Shabsin <shabby@MIT.EDU>
There are a number of changes I have slated for the Kerberos V4
libraries for PC platforms this summer. I'm planning on cleaning up a
lot of things:
o Make sure the distribution contains all necessary code (including
com_err, version server, and other library code, if necessary).
o Revamp the makefiles to fall under a consistent scheme. One
question about this entry is one of compatibility. Are most
developers using Microsoft NMAKE today? Should I put in some work
to allow for, say, Gnu make, or dmake to work?
o Add support for compiling under Win32.
o Replace the current DES library with the one from the Cygnus release
of CNS. This version is faster than the current version, it is the
same version being used in Kerberos 5, and the code was developed
for Cygnus in Switzerland. This last point may enable the creation
of a version of Kerberos for use outside the United States and
Canada. This should have absolutely no impact on sites already
running Kerberos.
o The DES library will be changed to iterate over the MIT and Transarc
style string_to_key algorithms in such a way to allow the libraries
to be used by sites using either an MIT- or Transarc-style realm
without recompilation. The library will preserve the state
information indicating which algorithm was last successfully used
for authentication, thereby even allowing the library to be used to
change the user's password in various realm types.
o I'll be taking out the leash code from the KRBV4WIN DLL and making a
seperate KINIT.DLL that can be called directly or via stubs left
behind in KRBV4WIN. New code should be directed to the KINIT DLL,
as hopefully we can at some point in the distant future take out
support for calling these API's through KRBV4WIN. This will allow
future modifications to KINIT to allow a site to get a user Kerberos
V4 and V5 tickets at the same time, for example.
o I'll be doing much testing on all of these changes to attempt to
ensure backwards-compatibility with the older version of the
library.
If anyone has any comments, criticisms, or questions about the methodology
proposed here, please voice them as soon as possible. Thank you.
-----------
-Chris Shabsin -shabby@mit.edu
-member, SIPB, PWLCSBHNM, VWA, LSC, LSI, DCNS, MIT OS/2 UG
echo Prpv a\'rfg cnf har cvcr | tr A-Za-z N-ZA-Mn-za-m
