[78] in pc-kerberos
Re: leash and DOS
daemon@ATHENA.MIT.EDU (Paul B. Hill )
Mon Apr 3 11:32:08 1995
To: "Gregory M. Diskin" <diskin+@andrew.cmu.edu>
Cc: shabby@MIT.EDU, pc-kerberos@MIT.EDU
Date: Mon, 3 Apr 95 11:30:24
From: pbh@MIT.EDU (Paul B. Hill )
Hi,
The DOS version of the Kerberos libraries and kinit are dependent on LWP.
This is because there is no standard binding to DOS based TCP/IP stacks.
Some of the #ifdefs to support FTP's stack are already in place but the work
was never finished. Some other site may have done this work but the patches
have never been submitted to us.
The latest released sources for the Kerberos libraries and Leash can be
found via ftp on athena-dist.mit.edu:/pub/kerberos/README.pc. The binaries
at net-dist.mit.edu:/pub/dos/kerberos should work in MIT style realms but
may have some problems in Transarc style realms. To build the sources on
athena-dist you will also need some of the zip files that can be found on
net-dist.mit.edu:/pub/dos/for-developers.
UMich has completed the work to make the krbv4win.dll work in either style
of realm. The problem was that we used the CMU patches to iterate over the
string to key algorithm. The CMU patches do not maintain the state
inforamtion so changing the password always used the MIT string to key
algorithm. UMich's changes also allow passwords longer than 8 characters
when using a Transarc style realm. We should have these changes integrated
into our source within a month and then we will make a new release.
>
>BTW, I had less success getting the later version of leash running
>(version of 9/8/94), as well as the binary in
>net-dist.mit.edu:pub/dos/kerberos-bin.
Could you please be more specific in describing the problems encountered?
Some quick thoughts. Normally we put the krbrealm.con and krb.con files in
c:\net\kerb. You can override this be setting an environment variable, NDIR.
Assuming the files are in the default location then NDIR would be set to
c:\net. The libraries will append the kerb subdirectory.
Last summer we did change the ticket format by a few bytes. We changed one
value from and int to a long. This should be binary compatible with FTP's
Kerberos ticket cache. At the same time the libraries were modified so that
if Kerbmem is not loaded and the krbtktfile environment variable is set the
tickets will be stored on disk. This work allows Kerberized applications
from FTP and MIT to use the same cache. (We have not tested this since FTP
hasn't sent us a recent version of their software.)
>I have just been running your execs without recompiling any source code.
>Are there any other sources I should be accessing or should I be trying
>to rebuild
>these binaries locally?
You should not have to rebuild the Windows work. As mentioned earlier you
will have to modifiy some sources and recompile to get the DOS kinit to work
with FTP's stack.
>I will appreciate any help that either of you can give me.
>Thanks,
>Gregg Diskin
>Research Programmer
>Carnegie-Mellon University
>
