[OpenAFS] mod_waklog

Jeffrey Altman jaltman@secure-endpoints.com
Wed, 4 Apr 2012 12:53:22 -0400


Please give the patches to the upstream maintainer.  In this mailing list th=
ey will only be forgotten.

Jeffrey Altman


On Apr 4, 2012, at 12:38 PM, Stephen Quinney <stephen@jadevine.org.uk> wrote=
:

> I've seen a few discussions on this mailing list about using
> mod_waklog, particularly regarding x86_64. I've recently had the
> chance to spend some time looking at it and now have it working on
> RHEL6 for both i386 and x86_64.
>=20
> I took the latest code from the git repository (details at
> http://www.modwaklog.org/download.php) and started by applying the 3
> patches from http://userpages.umbc.edu/~aaronk/waklog/ which have been
> mentioned on this list before.
>=20
> To get it working with Kerberos 1.8 and newer without globally setting
> the allow_weak_crypto option to true I had to add a call to
> krb5_allow_weak_crypto() in mod_waklog.c, I think this could be done
> better as the code now won't work on machines with older versions of
> Kerberos.
>=20
> I also had to modify the set of libraries which are linked against so
> that only libafsrpc and libafsauthent are used.
>=20
> I've attached the two small patches required.
>=20
> Cheers,
>=20
> Stephen
> <modwaklog-libs.patch>
> <modwaklog-weakcrypto.patch>