krb5_set_password from 1.10alpha1 fails with 1.6 server

Greg Hudson ghudson at MIT.EDU
Thu Dec 22 06:12:45 EST 2011


On 12/22/2011 02:47 AM, Russ Allbery wrote:
> Heimdal has deprecated krb5_change_password and its krb5_set_password
> tries both protocols in turn.  I try to avoid using functions deprecated
> on Heimdal, but in this case it looks like the APIs are indistinguishable
> to Autoconf but one should use krb5_change_password on MIT and
> krb5_set_password on Heimdal for maximum compatibility.  Sigh.  I was
> really trying to get rid of all the implementation-specific #ifdefs.

I believe if you call krb5_set_password with a NULL value of
change_password_for, we will issue an old-style request.

Put another way, the APIs are not tied directly to the wire protocols,
but specifying a target principal ties you to the new protocol.


More information about the Kerberos mailing list