mskrb-integ merged to trunk

Sam Hartman hartmans at MIT.EDU
Sat Jan 3 18:20:10 EST 2009

Folks, I'm pleased to announce that the mskrb-integ branch has been
merged onto the trunk.  There are a number of issues still open, many
of which we'll still want to deal with for the 1.7 release.  However
this will get everyone testing the code and honestly I think it's in
quite good shape for a project of this size going to the trunk.

* I still need to review the KDC changes.  I've reviewed parts of
  them, and attempted to review the whole set, but they were changing
  too fast.  Now that they have ] settled I need to do a complete walk-tthrough.

* I need to review some of the GSS-API changes to util_*.c I had not previously reviewed.

* Review *.exports changes one last time and sync against project write-ups.

The following changes may want to happen:

* Remove gss_export_name_object: conflicts with kitten work and is unused

* Remove enc_padata; not sure it is usefully used in the current code and would require complicated negotiations with OS vendors because of ABI stability concerns.


* Tom reports some problems with password changes

* The tgs  and AS logging needs to be updated to support protocol transition and other MS features

* Luke is still having trouble getting DCE RPC with integrity working.   encryption  works OK as I understand.

* This probably breaks Windows builds; we need to find out how and fix.

* This probably breaks KFM; we need to find out how and fix.

* This probably breaks the lite client builds; we need to find out how and fix

I'd also like to see us coordinate with Umich to see if they can
retire their mechglue library.  They indicated a desire to do that
when we ship a real mechglue.  It will be somewhat tricky.
Needless to say this is not a 1.7 blocker.

Thanks for working with us, and we look forward to a great 1.7


More information about the krbdev mailing list