[OpenAFS-devel] What is this Packet Anyway?

Kevin Coffman kwc@citi.umich.edu
Thu, 16 Sep 2004 09:25:41 -0400


IBM/Transarc broke something with the Windows code at some point such 
that it would no longer talk to a "normal" K4 server.  I'll dig through 
my mail to find reference to a fix that we got.  Meanwhile, see

http://mailman.mit.edu/pipermail/kerberos/2004-January/004372.html


> Contrary to popular rumor it appears that the Windows AFS client  
> (Transarc 3.6 2.48 anyway, not talking about 1.3.x) does *not* use  
> standard Kerberos 4 (though it does use port 750) for its  
> authentication exchanges.  Neither does it use RX.
> 
> The authentication request I captured is the following (and is  
> identical for two different versions of Windows).  The Ethernet, IP,  
> and UDP headers are stripped, leaving the following:
> 
> > 0000  63 03 62 87 f8 b9 73 c2 a7 01 68 6f 74 7a 00 00    
> > c.b...s...hotz..
> > 0010  4a 50 4c 2e 4e 41 53 41 2e 47 4f 56 00 44 3f 47    
> > JPL.NASA.GOV.D?G
> > 0020  41 bf 61 66 73 00 00                              A.afs..
> 
> There is no RX header.  It doesn't start off with the "04 02" or "04  
> 03" that a Kerberos 4 request would.  What is this thing?  It fails all  
> the Heimdal code checks for what it might be and winds up not causing  
> any action whatever.
> 
> I will note that if you strip off the first 10 bytes the remainder is  
> the same as what you get if you strip off the first 2 bytes of a normal  
> Kerberos 4 authentication request.
> 
> If no one knows what this is, can they at least give me some pointers  
> to where the kaserver code would handle the request?  I get lost in all  
> the RX stuff (that shouldn't even be relevant since this isn't an RX  
> packet).
> ------------------------------------------------------------------------ 
> ----
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu
> 
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
>