foolproof method of determining Kerberos version?

Kevin Coffman kwc at
Mon Jan 19 11:09:51 EST 2004

CITI's NFSv4 code for Linux needs to pass GSS-API context information
to/from the kernel.  This requires knowledge of the private Kerberos
structure krb5_gss_ctx_id_rec which is defined in
lib/gssapi/krb5/gssapiP_krb5.h.  This structure changes in 1.3.2.  Is there
a foolproof way to determine at compile-time and/or run-time what version of
Kerberos we are using so we can deal with this?  Is there a better way for
us to deal with this?

The [de]serialization routines don't help us since they keep the output

BTW, just looking at this, these routines don't appear to have been updated
to match the changes to the context structure changes in 1.3.2?  i.e. the
code in kg_ctx_externalize() still assumes integers for initiate, seed_init,
and established.


More information about the krbdev mailing list