[OpenAFS-devel] What is this Packet Anyway?
Henry B. Hotz
hotz@jpl.nasa.gov
Wed, 15 Sep 2004 18:57:20 -0700
Contrary to popular rumor it appears that the Windows AFS client
(Transarc 3.6 2.48 anyway, not talking about 1.3.x) does *not* use
standard Kerberos 4 (though it does use port 750) for its
authentication exchanges. Neither does it use RX.
The authentication request I captured is the following (and is
identical for two different versions of Windows). The Ethernet, IP,
and UDP headers are stripped, leaving the following:
> 0000 63 03 62 87 f8 b9 73 c2 a7 01 68 6f 74 7a 00 00
> c.b...s...hotz..
> 0010 4a 50 4c 2e 4e 41 53 41 2e 47 4f 56 00 44 3f 47
> JPL.NASA.GOV.D?G
> 0020 41 bf 61 66 73 00 00 A.afs..
There is no RX header. It doesn't start off with the "04 02" or "04
03" that a Kerberos 4 request would. What is this thing? It fails all
the Heimdal code checks for what it might be and winds up not causing
any action whatever.
I will note that if you strip off the first 10 bytes the remainder is
the same as what you get if you strip off the first 2 bytes of a normal
Kerberos 4 authentication request.
If no one knows what this is, can they at least give me some pointers
to where the kaserver code would handle the request? I get lost in all
the RX stuff (that shouldn't even be relevant since this isn't an RX
packet).
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu