Using KfM's credentials cache with Krb5 1.3 on OS X 10.2.6
Steven Michaud
smichaud at pobox.com
Wed Jul 23 18:10:11 EDT 2003
I don't know much about either the dlopen() family or its Mach
equivalents. But these messages rang a bell ... and I remembered that
recent versions of Cyrus SASL have a dlopen.c (in the
dlcompat-20010505 directory) that contains Mach translations of
dlopen(), dlsym() and dlclose().
There's also an OpenDarwin "dlcompat" project
(http://www.opendarwin.org/projects/dlcompat/, which I haven't yet
looked at), and an Apple Tech Note (TN2071,
http://developer.apple.com/technotes/tn2002/tn2071.html) on "Porting
Command Line UNIX Tools to Mac OS X" that contains a section on
dlopen() et al.
Are Cyrus SASL's dlopen.c and the OpenDarwin dlcompat project similar
to the code that you wrote?
I'm not sure I want to take on the burden of writing and maintaining a
library that (in effect) exports the CCAPI from present and future
versions of KfM. I don't imagine you're too thrilled about that,
either :-)
But the idea does seem to be in the air ...
On Wed, 23 Jul 2003, chas williams wrote:
> In message <tsln0f5qgge.fsf at konishi-polis.mit.edu>,Sam Hartman writes:
> >Hi. I have been thinking about this more and realize that there is
> >probably a better approach.
> >
> >Your current approach is problematic because you link an
> >implementation of the CCAPI RPC into the application. However CCAPI
> >is specified at the API layer not at the RPC layer.
> >
> >Instead, what you want to do is link against the system CCAPI
> >implementation. Preferably you'd just link against the Kerberos
> >framework.
>
> i wrote some glue code to do exactly this at one point.
> still got i around. i can try to get a clean patch
> out if someone were interested. it uses the NS*() util's
> to get references to appropriate bits of the ccapi w/o
> having to link directly to the kerberos framework.
>
>
More information about the krbdev
mailing list