[1286] in SIPB_Linux_Development
Modified aklog krb_util.c
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Mar 4 12:23:39 1996
Date: Mon, 4 Mar 1996 12:23:09 -0500
From: Greg Hudson <ghudson@MIT.EDU>
To: netbsd-afs@MIT.EDU, linux-afs-bugs@MIT.EDU
Cc: sipb-athena@MIT.EDU
I've modified the aklog krb_util.c to act in the same way as the
sipb-athena send_to_kdc.c--in particular, to use the kerberos4 port
and to use a fallback port if the kerberos4 port is not defined.
Prior to this change, it would only try port 50 if there was a
"kerberos-sec" port in /etc/services or if "kerberos" was port 750 in
/etc/services.
Let me review the status of what's happened to the sipb-athena
kerberos library:
* Originally, it would use the value of "kerberos" in
/etc/services, and fall back to 750 if it wasn't defined.
* In February 1995, I changed it to try "kerberos" and
"kerberos-sec" ports, in that order, with fallbacks to 88
and 750 if they weren't defined. On March 1, I also changed
it to use a connected socket so it wouldn't have to time out
on port 88 on BSD machines.
There was a bug in my change such that it only affected the
first try. I fixed this on July 7, 1995.
* On July 27, 1995, I changed send_to_kdc.c to use the
kerberos-sec port (or its fallback) before the kerberos
port. This was in response to a kerberos 5 KDC being
installed on kerberos.mit.edu, with old data. sipb-athena
packages built since last summer should have this change.
* On February 24, 1996, I changed the name "kerberos-sec" to
"kerberos4" for aesthetic reasons. Because it uses
fallbacks, this won't break anything.
krb_util.c has followed a similar track, with some important
divergences:
* On April 27, 1995, I modified it to try the kerberos-sec
port after the kerberos port, like the February change to
the sipb-athena kerberos. However, rather than have a
fallback, if kerberos-sec was not found in /etc/services, it
would simply default to trying only the kerberos port.
Apparently, this change had no effect until July 8, 1995,
due to a bug. Even after July 8, it would only try
kerberos-sec on the first try.
* On July 27, I modified it to use krbsec_udp_port first, but
it still had no fallback (and still had a bug which would
cause it to only try kerberos-sec on the first try). At
this point things worked mostly right on NetBSD (because our
installation puts a kerberos-sec port in /etc/services), but
not on Linux.
* Today, I modified it to rename kerberos-sec to kerberos4,
and added a fallback for both ports.
