Eudora-Mac-Cannot communicate with Kerberos
Douglas E. Engert
deengert at anl.gov
Thu Aug 1 20:42:27 EDT 2002
Ken Hornstein wrote:
>
> >I got my kclient programs from MIT, it is the newest version
> >Kerberos for windows 2.1.1.
> >
> >May you let me know what version you use?
>
> Uh, we use a really really old version, for a bunch of reasons. But it
> looks like the kclnt32.dll included with that version of MIT Kerberos only
> does Kerberos 4; you'd probably need to get the source to one and compile
> it for your version of Kerberos (unless someone else has done this already).
> I can give you the source to the one I use (if I can find it), and you
> can try compiling it if you want.
For what it is worth, we wrote a kclnt32 for use with Eudora 3.01 and above
for windows which does V5. It only has the one entry used by Eudora.
Attached is the source, but the rest of the code and windows makefile can be found at:
ftp://achilles.ctd.anl.gov/pub/kerberos.v5/kclnt32.zip
kauth.c:
#include "krb5.h"
#include "com_err.h"
/*
*
* New kclnt32 entry poing used by Eudora Pro 3.01 and above
*
* Ignore the version, since Eudora does not know what to do with it.
* use "KPOPV1.0" instead. krb5_recvauth demands a string, but
* the application only gets one shot at it, unlike K4.
*
* Returns: FALSE on failure, TRUE on success
*
*/
BOOL CALLBACK
SendTicketForService(LPSTR service, LPSTR version, int fd)
{
krb5_context k5_context = NULL;
krb5_error_code retval;
krb5_ccache ccache = NULL;
krb5_principal client = NULL;
krb5_principal server = NULL;
krb5_error FAR *err_txt = NULL;
krb5_auth_context auth_context = NULL;
if (retval = krb5_init_context(&k5_context)){
com_err("Kclnt32", retval, "while getting context");
goto cleanup;
}
if (retval = krb5_cc_default(k5_context, &ccache)) {
com_err("Kclnt32", retval, "You need to run KRB5.EXE");
goto cleanup;
}
if (retval = krb5_cc_get_principal(k5_context, ccache, &client)){
com_err("Kclnt32", retval, "while getting client");
goto cleanup;
}
if (retval = krb5_parse_name(k5_context, service, &server)) {
com_err(NULL, retval, "while parsing service name");
goto cleanup;
}
retval = krb5_sendauth( k5_context, &auth_context,
(krb5_pointer) &fd, "KPOPV1.0",
client, server,
AP_OPTS_MUTUAL_REQUIRED,
NULL,
NULL, /* no cred, use cache */
ccache, &err_txt, NULL , NULL);
if (retval) {
if (retval == KRB5_CC_NOTFOUND ) {
com_err("Kclnt32", retval, "Did you run KRB5.EXE?");
} else if (retval == KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN ){
com_err("Kclnt32",retval, "Check your server principal");
} else if (retval == KRB5_SENDAUTH_REJECTED &&
err_txt && err_txt->text.length) {
com_err("Kclnt32 Server rejected", retval, err_txt->text.data);
} else {
com_err("Kclnt32", retval, "while using sendauth");
}
goto cleanup;
}
cleanup:
if (err_txt)
krb5_free_error(k5_context, err_txt);
if (auth_context)
krb5_auth_con_free(k5_context, auth_context);
if (client)
krb5_free_principal(k5_context, client);
if (server)
krb5_free_principal(k5_context, server);
if (ccache)
krb5_cc_close(k5_context, ccache);
if (k5_context)
krb5_free_context(k5_context);
if(retval)
return FALSE;
return TRUE;
}
#ifdef _WIN32
BOOL WINAPI DllMain (HANDLE hModule, DWORD fdwReason, LPVOID lpReserved)
{
return TRUE; // successful DLL_PROCESS_ATTACH
}
#else
BOOL CALLBACK
LibMain (hInst, wDataSeg, cbHeap, CmdLine)
HINSTANCE hInst;
WORD wDataSeg;
WORD cbHeap;
LPSTR CmdLine;
{
return 1;
}
int CALLBACK __export
WEP(nParam)
int nParam;
{
return 1;
}
#endif
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list