[OpenAFS-port-darwin] aklog.loginLogout with V5 only?

[Henry B. Hotz]

I did some test tcpdump's a few months ago.  If you point at a 
K4/kaserver then it uses Kerb4.  If you configure to point at a K5 
server then it only uses K5 and 5 to 4 translation.

There was traffic on port 88 to kinit, get the afs service ticket, 
and on 4444 to translate it for kernel use.  A klist showed the afs 
service ticket under Kerberos 5 tickets, not Kerberos 4.  Test was 
done under whatever Jaguar version was current at the time.

In other words it appears to respect what you put in /etc/krb5.conf 
(/Library/Preferences/edu.mit.Kerberos).

I have not read the code.  The plug-in version I was using is at 
least a year old, and probably more.

At 12:01 PM -0500 12/31/03, port-darwin-request@openafs.org wrote:
>Date: Tue, 30 Dec 2003 18:10:38 -0500
>From: Everette Gray Allen <Everette_Allen@ncsu.edu>
>To: port-darwin@openafs.org
>Subject: [OpenAFS-port-darwin] aklog.loginLogout with V5 only?
>
>Has anyone updated Alexei Kosut's aklog.loginLogout kerberos plug-in for
>   OSX to use only V5 calls?  We are looking at going all v5 and this is
>our last hold out on the mac side.  We would do the work but don't want
>to reinvent the wheel.  Does anyone know of any reason why the
>conversion could not be made?
>
>--
>Everette Gray Allen		Systems Programmer II
>ITD Computing Services	Macintosh Support Specialist
>2620 Hillsborough St, Campus Box 7109
>Raleigh, NC 27695-7109
>919-515-4558		Everette_Allen@ncsu.edu

-- 
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu