gss-sample

Tom Yu tlyu at MIT.EDU
Sat Mar 16 22:15:33 EST 2002


>>>>> "Kevin" == Kevin J Dunlap <kevin.dunlap at nominum.com> writes:

>> From the README in the MIT distribution:

Kevin> * The gss-sample test application suite is known to not communicate
Kevin>    with the gss-sample suite in 1.1.x and earlier releases. This is
Kevin>    the result of changes to increase functionality; fixes to allow for
Kevin>    backwards compatibility will occur in a later release.

Kevin> I am pretty new to Kerberos and not sure where the changes were
Kevin> made that make this backwards incompatibility.  Are these
Kevin> changes isolated to the sample code or are the changes in the
Kevin> GSS-API libraries (libgssapi*.a) ?

These changes are to the sample code.  Basically, while both the 1.1.x
and the 1.2.x gss-sample programs use the same GSSAPI tokens to
communicate, the non-GSSAPI portions of the protocol used by each set
of gss-sample programs is different.

Kevin> I have another system with FreeBSD 4.5 and Kerberos 1.2.4
Kevin> installed.  Should I be able to take a gss-client from 1.1.1
Kevin> distribution and compile it using Kerberos 1.2.4 libraries and
Kevin> expect the gss-client to be able to work with a gssserver from
Kevin> 1.1.1?

Yes.  Approximately this strategy has been used in the past for
testing at Connectathon, among other places.

Kevin> I have tried this and it doesn't work,  so I am trying to figure out
Kevin> what I am doing wrong.

Is the build failing in some way, or are you encountering some error
at run time?

---Tom



More information about the Kerberos mailing list