keytab - MIT Keytab Binary File Format Encoder / Decoder
Michael B Allen
mba2000 at ioplex.com
Wed May 3 13:13:43 EDT 2006
On Wed, 03 May 2006 18:53:12 +0200
Love Hörnquist Åstrand <lha at kth.se> wrote:
>
> Michael B Allen <mba2000 at ioplex.com> writes:
>
> > 2) What codeset are strings? Are they UTF-8 or locale dependant?
>
> "kerberos codeset", today, basicly ascii.
Good. Than it won't hurt to call it UTF-8 :->
> > 3) Are my assumptions about num_components correct: 1 for no service,
> > 2 with service?
>
> See code in Heimdal, depends on version. Hint, there is no such thing as
> "name" and "service" in kerberos5, its just a list of
> components. foo/bar/baz/kaka/cookie at EXAMPLE.ORG is a valid name.
Ahh, I see. Is the realm always present? So it's:
struct keytab_entry {
int32_t size;
uint16_t num_components;
counted_octet_string realm;
counted_octet_string components[num_components];
uint32_t name_type;
uint32_t timestamp;
uint8_t vno8;
keyblock key;
uint32_t vno;
};
counted_octet_string {
uint16_t length;
uint8_t data[length];
};
> The "vno32" as you name it, is a heimdal extention, and now adays java
Interesting. MS ktpass.exe enmits the 32 bit kvno.
Mike
More information about the Kerberos
mailing list