[38987] in Kerberos
Re: heimdal http proxy
daemon@ATHENA.MIT.EDU (Grant Taylor)
Sun Sep 12 12:56:27 2021
To: kerberos@mit.edu
From: Grant Taylor <gtaylor@tnetconsulting.net>
Message-ID: <78619294-b425-bf71-934b-78381efa8564@spamtrap.tnetconsulting.net>
Date: Sun, 12 Sep 2021 10:53:40 -0600
MIME-Version: 1.0
In-Reply-To: <6589bffb-75be-62f3-5e3e-6c0b315dd865@secure-endpoints.com>
Content-Type: multipart/mixed; boundary="===============4606736742997951984=="
Errors-To: kerberos-bounces@mit.edu
--===============4606736742997951984==
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
micalg=sha-256; boundary="------------ms040703030202070302020500"
--------------ms040703030202070302020500
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
On 9/12/21 5:49 AM, Jeffrey Altman wrote:
> The answer is "yes", but someone would need to development the=20
> implementation and submit a pull request.
Here's a silly thought.
What about using something like socat to listen on local port 88 and=20
have it use the upstream proxy via CONNECT requests (possibly with=20
authentication) to reach the internal KDC, thus making the socat duck=20
quack as if it's the KDC.
It's a bit of a hack. But would it suffice for limited use?
--=20
Grant. . . .
unix || die
--------------ms040703030202070302020500
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCC
CzkwggUhMIIECaADAgECAhA/wgXwQl9mDHSg5enGHBeSMA0GCSqGSIb3DQEBCwUAMIGWMQsw
CQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm
b3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENs
aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMB4XDTIwMTExNjAwMDAw
MFoXDTIxMTExNjIzNTk1OVowKzEpMCcGCSqGSIb3DQEJARYaZ3RheWxvckB0bmV0Y29uc3Vs
dGluZy5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6cGNMlSUFPM3zVw+
VgSslz2QRtMj+FerQ0DpmgbhUzqm5hMRe0hMA2OBf41HDAeOV0RKcLx2+HozHlyQST2xagOX
xiv91aEXezh8bEBfnOI564Ej/JfusomfoM7ByVXcLp3K3fOssHos6IXiAD6WT+jcRs7Cg+Gl
bYyoDLDLXw4i/N+YRcp3JrwT+4g/i//wAea1qTEd+ZnfcqtvCHaiJrr16xEpzuraLcmH5qtN
/c+5kkRN3zpJvQvPX7fMBdxiSjb/cb070DC1RIO+THkhQqJ4bxHhrwcvC5RME0iwnSo52a/i
FSNzciw/SM37F5tMTjDs+F6iUT85K2IWyGkpAgMBAAGjggHTMIIBzzAfBgNVHSMEGDAWgBQJ
wPL8C9qU21/+K9+omULPyeCtADAdBgNVHQ4EFgQU9SQ1EWwdWU0yBrPcbiR81rwNThUwDgYD
VR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUF
BwMCMEAGA1UdIAQ5MDcwNQYMKwYBBAGyMQECAQEBMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8v
c2VjdGlnby5jb20vQ1BTMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2VjdGlnby5j
b20vU2VjdGlnb1JTQUNsaWVudEF1dGhlbnRpY2F0aW9uYW5kU2VjdXJlRW1haWxDQS5jcmww
gYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDovL2NydC5zZWN0aWdvLmNvbS9T
ZWN0aWdvUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1cmVFbWFpbENBLmNydDAjBggr
BgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wJQYDVR0RBB4wHIEaZ3RheWxvckB0
bmV0Y29uc3VsdGluZy5uZXQwDQYJKoZIhvcNAQELBQADggEBABWLZrz0NricNKP3jS03B7lH
KNfBetFHWlaarCghIjhyA3yoXizPMP1wsY+ARMT22BKNVmLlP1CvDoLuEQbThvT5hRa7HPc2
2yVX6MkgSZByW2xrkhKGAIdtl+mELX27GZM+xe+k84OO1hA0Egyha2gg0UWlAiTGkIYjNLg0
6zg1QP7Bj4P/19hbi8Z9FFu38CztkgKZPSKMV3kPxZopa/mOWOQXxHcs03Ph/qnwj5HfkeWI
WE7TARmmU7w8AoxEONC1tB6bsdX3M+4YVbgwgiihhiVGflHfGI4bgKkuN4sqesRnX8C9mvv5
o7dYJe4kKuv0ZeIj8x1Hh2PGvn7GuRgwggYQMIID+KADAgECAhBNlCwQ1DvglAnFgS06KwZP
MA0GCSqGSIb3DQEBDAUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKTmV3IEplcnNleTEU
MBIGA1UEBxMLSmVyc2V5IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEu
MCwGA1UEAxMlVVNFUlRydXN0IFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xODEx
MDIwMDAwMDBaFw0zMDEyMzEyMzU5NTlaMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3Jl
YXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExp
bWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQg
U2VjdXJlIEVtYWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjztlApB
/975Rrno1jvm2pK/KxBOqhq8gr2+JhwpKirSzZxQgT9tlC7zl6hn1fXjSo5MqXUfItMltrMa
XqcESJuK8dtK56NCSrq4iDKaKq9NxOXFmqXX2zN8HHGjQ2b2Xv0v1L5Nk1MQPKA19xeWQcpG
EGFUUd0kN+oHox+L9aV1rjfNiCj3bJk6kJaOPabPi2503nn/ITX5e8WfPnGw4VuZ79Khj1YB
rf24k5Ee1sLTHsLtpiK9OjG4iQRBdq6Z/TlVx/hGAez5h36bBJMxqdHLpdwIUkTqT8se3ed0
PewDch/8kHPo5fZl5u1B0ecpq/sDN/5sCG52Ds+QU5O5EwIDAQABo4IBZDCCAWAwHwYDVR0j
BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFAnA8vwL2pTbX/4r36iZQs/J
4K0AMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
AQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/
aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRo
b3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2Vy
dHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBBRHUAqznCFfXejpVt
MnFojADdF9d6HBA4kMjjsb0XMZHztuOCtKF+xswhh2GqkW5JQrM8zVlU+A2VP72Ky2nlRA1G
wmIPgou74TZ/XTarHG8zdMSgaDrkVYzz1g3nIVO9IHk96VwsacIvBF8JfqIs+8aWH2PfSUrN
xP6Ys7U0sZYx4rXD6+cqFq/ZW5BUfClN/rhk2ddQXyn7kkmka2RQb9d90nmNHdgKrwfQ49mQ
2hWQNDkJJIXwKjYA6VUR/fZUFeCUisdDe/0ABLTI+jheXUV1eoYV7lNwNBKpeHdNuO6Aacb5
33JlfeUHxvBz9OfYWUiXu09sMAviM11Q0DuMZ5760CdO2VnpsXP4KxaYIhvqPqUMWqRdWyn7
crItNkZeroXaecG03i3mM7dkiPaCkgocBg0EBYsbZDZ8bsG3a08LwEsL1Ygz3SBsyECa0waq
4hOf/Z85F2w2ZpXfP+w8q4ifwO90SGZZV+HR/Jh6rEaVPDRF/CEGVqR1hiuQOZ1YL5ezMTX0
ZSLwrymUE0pwi/KDaiYB15uswgeIAcA6JzPFf9pLkAFFWs1QNyN++niFhsM47qodx/PL+5jR
87myx5uYdBEQkkDc+lKB1Wct6ucXqm2EmsaQ0M95QjTmy+rDWjkDYdw3Ms6mSWE3Bn7i5Zgt
wCLXgAIe5W8mybM2JzGCBDIwggQuAgEBMIGrMIGWMQswCQYDVQQGEwJHQjEbMBkGA1UECBMS
R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdv
IExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNBIENsaWVudCBBdXRoZW50aWNhdGlvbiBh
bmQgU2VjdXJlIEVtYWlsIENBAhA/wgXwQl9mDHSg5enGHBeSMA0GCWCGSAFlAwQCAQUAoIIC
VzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTA5MTIxNjUz
NDBaMC8GCSqGSIb3DQEJBDEiBCDubUjoEGY4v64dgIg7Gku53wOY/Pq4xc5/hDxSs+r0KTBs
BgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFlAwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcw
DgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEo
MIG8BgkrBgEEAYI3EAQxga4wgaswgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVy
IE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRl
ZDE+MDwGA1UEAxM1U2VjdGlnbyBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1
cmUgRW1haWwgQ0ECED/CBfBCX2YMdKDl6cYcF5Iwgb4GCyqGSIb3DQEJEAILMYGuoIGrMIGW
MQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdT
YWxmb3JkMRgwFgYDVQQKEw9TZWN0aWdvIExpbWl0ZWQxPjA8BgNVBAMTNVNlY3RpZ28gUlNB
IENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBAhA/wgXwQl9mDHSg
5enGHBeSMA0GCSqGSIb3DQEBAQUABIIBAEs30J0l8rEhKZsl5+jxf9F6vfcB6Uwn23qxeCQI
IcwpDmV1j3dbDLhyPQ3DnAGRMgMyk5Qz3PMomiPl9cdKCE4ThCjtOEAeAnlxBVkf1WIgz+/G
wN/kZYJuOKrhCMPN/bCSUJcWGkaNHF5NHNd2uUOV55gmJWw8gGQ9Rj9bxrKtOB1iAVnIUw7L
OKZeGdpjWV8mlIulNa8rFPU2TXQyjuxQCXfF93M8B8Ye45OiLYDVpSIVheoUq84QNSSpaxTZ
W2zM1RzCruZQNd9QgQ2nPrx413elpy3vwY3WiXqOsVmZazI5TnnTTqS7Y7XSlobyQsYm9wpo
3CUUBbG9yatGl0gAAAAAAAA=
--------------ms040703030202070302020500--
--===============4606736742997951984==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--===============4606736742997951984==--
