[OpenAFS] Password transition to krb5 - your methods?

Ken Hornstein kenh@cmf.nrl.navy.mil
Thu, 25 Oct 2007 13:07:50 -0400

>The MIT License is compatible with OpenAFS.  Someone could simply copy
>the necessary routines out of MIT Kerberos and build a package that
>doesn't require MIT Kerberos at all.

The problem is that since crypto functions are involved, it would require
a good chunk of the MIT library (and the db library).

>Or the inverse could be done.  The kaserver database routines could be
>extracted and added to a tool that could be built by MIT without AFS
>being present.  Since MIT already has all of the crypto library
>functions necessary, going in this direction might be less work.

Actually, afs2k5db doesn't link against AFS at all.  It uses AFS header
files, but you could get around that.

I agree with you that logically afs2k5db should probably live in
MIT Kerberos ... but good luck in fighting THAT windmill :-/  The
reason I suggested fixing afs2k5db up and putting it in OpenAFS was
that it didn't require Hell to freeze over to make it happen :-)