bug-inetutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-inetutils] Present release goals


From: Mats Erik Andersson
Subject: Re: [bug-inetutils] Present release goals
Date: Sun, 16 Oct 2011 23:31:52 +0200
User-agent: Mutt/1.5.18 (2008-05-17)

söndag den 16 oktober 2011 klockan 15:22 skrev Simon Josefsson detta:
> address@hidden (Alfred M. Szmidt) writes:
> 
> >       * Rework Kerberos support, separating Kerberos4 code
> >     from KerberosV code, and make proper implementation
> >     of Shishi code that works on all platforms we want
> >     to support.
> >
> > Maybe Simon could do this? Simon, do you have time?  I'm not at all
> > familiar with Kerberos.
> 
> I don't have a lot of time, but I have some interest in seeing this
> done.  I think that we should drop all Kerberos 4 code.  Nobody should
> care about Kerberos 4 anymore since it is insecure (based on DES).  The
> Kerberos V5 stuff in InetUtils worked fine both with MIT/Heimdal/Shishi
> not so long ago, but we could certainly improve documentation so that it
> becomes easier to setup and test.

I attempted test builds on OpenSolaris, OpenBSD, and FreeBSD
with activated kerberos support in the configuration, but I
found some compilations errors that were due to the fact that
macros and code did not properly distinguish between definitions
and prototypes originating in Kerberos4 and in Kerberos5, respectively.
I even believe the SHISHI macro was not without blame in this respect.
These observations were the most discuraging I made.

For certain I observed that the conditionals made implicit
assumptions on the non-existance of header files from the
excluded implementations. I will have to repeat the experiments
to give exact locations or error messages, but I did invest several
hours in reading headers on GNU/Linux, OpenBSD, and OpenSolaris,
in order to begin understanding the cause of failures for the latter.
On GNU/Linux I could build with support of either library, but I
never got as far as checking the executables against the Kerberos
server I have running under OpenBSD, since its tickets only concern
secure shell access and PostgreSQL access, not telnet access as is
relevent in GNU Inetutils.

Best regads,
  Mats



reply via email to

[Prev in Thread] Current Thread [Next in Thread]