[OpenAFS] gssklog-0.10 - better support for SEAM and SSPI with cross realm

Christian Pfaffel flash@itp.tu-graz.ac.at
10 Sep 2003 11:38:37 +0200

"Douglas E. Engert" <deengert@anl.gov> writes:

> The gssklog was updated to to allow one to use the Sun Solaris SEAM 
> gss routines. This required some additional handling of the
> GSS mech_types so as to select Kerberos if it was available. 
> The gssklog when run on Windows can use the SSPI. When used with
> cross realm the SSPI in some situations could not determine the realm
> of the server. If this happens, DNS will be queried to 
> look for a TXT record of the form _kerberos.<hostname.domain> or
> _kerberos.<domain> and pass this to SSPI to use as the realm. 
> See: <draft-ietf-cat-krb-dns-locate-02.txt>
> The SEAM code has only partial testing, as the the systems I had
> did not have encryption. There may also be some problems
> when used in a mixed environment with enc_types.  
> Please treat this as a beta release. I am looking for feedback.
> If you compile with -DDEBUG added to the CFLAGS, bother the client
> and server wil write additional information to stderr. 
> ftp://achilles.ctd.anl.gov/pub/DEE/README.GSSKLOG
> ftp://achilles.ctd.anl.gov/pub/DEE/gssklog-0.10.tar
> ftp://achilles.ctd.anl.gov/pub/DEE/gssklog-0.10.run.zip

rpms for RedHat can be found at:


Christian Pfaffel <flash@itp.tu-graz.ac.at>
Technische Universität Graz                 Telefon: +43 / 316 / 873 - 81 90
Institut für Theoretische Physik            Telefax: +43 / 316 / 873 - 86 78
Petersgasse 16, A-8010 Graz   http://fubphpc.tu-graz.ac.at/~flash/pubkey.gpg