old ovsec and kadm5 interfaces and protocol
raeburn at MIT.EDU
Tue Aug 5 15:28:23 EDT 2008
Does anyone know of software using the OV kadmin library interface
(ovsec_kadm_init and friends) or version 1 of the kadm5 API (-
DUSE_KADM5_API_VERSION=1) in the MIT kadmin library? Version 2 has
been the default for any code using the kadm5_* functions without
defining USE_KADM5_API_VERSION specially.
We do build a Kerberos password-changing program using the old API,
but at least as far back as 1.2.2, it wasn't actually installed by
default, just built for some internal testing.
We don't install the header files needed to use these functions, but
that doesn't stop some people from building against the internal
headers in our source tree. We're hoping to delete the support for
the v1 API (and the corresponding RPC protocol) sometime soon, as it
significantly complicates some bits of the code, making them harder to
maintain. If we can ditch v1, analysis of the code becomes easier,
and some of it can probably be maintained with tools like rpcgen
instead of by hand.
So if you're using the v1 APIs in the MIT kadm5 libraries, speak up,
or your programs may start breaking in a coming release....
More information about the krbdev