Mac OS X: Calling krb5_init_context and krb5_cc_resolve from a Directory Service Plugin
Alexandra Ellwood
lxs at MIT.EDU
Mon Jan 20 14:02:00 EST 2003
>A quick check in the latest Security Framework for 10.2 does not define
>"SessionGetInfo()". This must be a private API call, since it isn't in any
>header file, but is in the framework.
Yes, it's private currently. You can find the sources and relevant
header in the Darwin repository under the "Security" module.
>Is there some reason that the credential cache code is not publicly
>available for the OS X version (besides it using private API calls)? This
>would be very useful for debugging.
>
>There seems to be a lot of important source code (ccache for example) that
>is not available for the OS X version of Kerberos. This not only makes
>debugging more difficult, but prevents others from verifying the correctness
>of the implementation.
Historically KfM contained a lot of encumbered code -- ie: code with
licenses which wouldn't let us open source. Now that we no longer
support Mac OS 9, most of the non-Apple encumbered code is gone. We
are in the process of working out a solution with Apple.
While we would like to do this as soon as possible, we have very few
resources. As a result, important features which people have been
clamoring for (eg: DNS support) take precedence. That's why it's
taken so long.
In the meantime, I would like to emphasize again that the MIT
Macintosh Development team is happy to help developers who are having
problems with KfM. Please ask questions and report bugs when you
encounter problems! We are trying to make KfM easier for developers
to use, and your feedback is invaluable.
Hope this helps,
--lxs
--
-----------------------------------------------------------------------------
Alexandra Ellwood <lxs at mit.edu>
MIT Information Systems http://mit.edu/lxs/www/
-----------------------------------------------------------------------------
--
More information about the krbdev
mailing list