[OpenAFS] gssklog-0.10 - better support for SEAM and SSPI with cross realm
Christian Pfaffel
flash@itp.tu-graz.ac.at
10 Sep 2003 11:38:37 +0200
"Douglas E. Engert" <deengert@anl.gov> writes:
> The gssklog was updated to to allow one to use the Sun Solaris SEAM
> gss routines. This required some additional handling of the
> GSS mech_types so as to select Kerberos if it was available.
>
> The gssklog when run on Windows can use the SSPI. When used with
> cross realm the SSPI in some situations could not determine the realm
> of the server. If this happens, DNS will be queried to
> look for a TXT record of the form _kerberos.<hostname.domain> or
> _kerberos.<domain> and pass this to SSPI to use as the realm.
> See: <draft-ietf-cat-krb-dns-locate-02.txt>
>
>
> The SEAM code has only partial testing, as the the systems I had
> did not have encryption. There may also be some problems
> when used in a mixed environment with enc_types.
>
>
> Please treat this as a beta release. I am looking for feedback.
> If you compile with -DDEBUG added to the CFLAGS, bother the client
> and server wil write additional information to stderr.
>
> ftp://achilles.ctd.anl.gov/pub/DEE/README.GSSKLOG
> ftp://achilles.ctd.anl.gov/pub/DEE/gssklog-0.10.tar
> ftp://achilles.ctd.anl.gov/pub/DEE/gssklog-0.10.run.zip
>
rpms for RedHat can be found at:
ftp://itp.tugraz.at/pub/redhat/itp/9/gssklog-0.10-1.i386.rpm
ftp://itp.tugraz.at/pub/redhat/itp/7.3/gssklog-0.10-1.i386.rpm
ftp://itp.tugraz.at/pub/redhat/itp/SRPM/gssklog-0.10-1.src.rpm
regards,
Christian
--
Christian Pfaffel <flash@itp.tu-graz.ac.at>
Technische Universität Graz Telefon: +43 / 316 / 873 - 81 90
Institut für Theoretische Physik Telefax: +43 / 316 / 873 - 86 78
Petersgasse 16, A-8010 Graz http://fubphpc.tu-graz.ac.at/~flash/pubkey.gpg