[1917] in Kerberos_V5_Development
Re: Cygnus changes for your consideration
daemon@ATHENA.MIT.EDU (Mark Eichin)
Thu Oct 31 13:45:49 1996
To: "Theodore Y. Ts'o" <tytso@MIT.EDU>
Cc: Mark Eichin <eichin@cygnus.com>, krbdev@MIT.EDU
From: Mark Eichin <eichin@cygnus.com>
Date: 31 Oct 1996 13:09:18 -0500
In-Reply-To: "Theodore Y. Ts'o"'s message of Thu, 31 Oct 1996 12:39:44 -0500
expansions:
> + krshd "plumbing" fixes
krshd does a lot of things wrong regarding pipe closing and select; I
thought I'd folded these in months ago, but apparently didn't. They
make krshd much more reliable when using both stdout and stderr (such
as with "rsh dd"...)
> + kdc: better edata error handling, memory management, sam support
Aside from the stuff I mentioned in response to barry's comment, these
diffs fix a couple of bogus malloc's (that you get lucky on unless you
actually use one-or-more preauth types) and also permit an edata
routine to fail and not provide anything -- ie. have the server not
*send* a particular preauth data type if it can't construct it,
instead of barfing on the whole request.
> + kdc: v4: ken's multiple-server time skew fixes
Two v5 kdc's, more than 1 second apart. Get a v4 tgt from the one with
the later time, then immediately use it on the one with the earlier
time. Some math is done with the assumption of perfect sync, the end
value goes negative, gets truncated to 255, and thus always issues a
21.5 hour v4 ticket regardless of the tgt lifetime. This fixes it.
> + krb5.hin/k5-int.h rearrangement (for windows?)
> Expand, please?
Oops, was going to cover that seperately. That got on the list
because the diffs look awful, but in fact it's only the rearrangement
of where things get FAR et. al. from (there's now a seperate header
for it, so profile need not include krb5.h.) You'll pick that up as
part of Michael Graff's win32 changes later, so you probably don't
need it for 1.0.
_Mark_ <eichin@cygnus.com>
Cygnus Support, Eastern USA
