Heimdal V.S. MIT on SAMBA4

[John E. Malmberg]

Andrew Bartlett wrote:
>>John E. Malmberg wrote:
>>
>>
>>>Is there some place that I can get a list of the changes that were
>>>done to Heimdal Kerberos for SAMBA 4?
> 
> Is this just the general rule (more than one krb5 == pain), or something
> extra and specific to OpenMVS?

> Because we do not install or rely on shared libraries for krb5 or ldap,
> we avoid most of that pain.  (They are just more items in the
> objectlist).

I really do not know at this point, my suspicion is that the person 
thinks that SAMBA is taking over the Kerberos Server ports and not just 
being a client.
> 
>>>The maintainer of the MIT port of Kerberos for OpenVMS would like
>>>to know what changes to the MIT port would be needed for it to be
>>>used.
> 
> Correct.  I've made some notes in auth/kerberos/kerberos-notes.txt.
> 
> Separate to that, I've started to use Heimdal's ASN.1 compiler (which
> doesn't rely on the rest of Heimdal) instead of our hand-done ASN.1.
> I'm hoping to plug some SPNEGO memory leaks that way...

And at this point, I have no idea what that means. :-)

> Frankly, moving to compiling against MIT will require a lot of work on
> MIT, and doing it badly could jeopardise the whole Kerberos area in
> Samba4.  As such, I had hoped to push this off until after we have a
> release out the door, when I hope we will have a final list of
> requirements, and might have a chance of doing it 'well'.
> 
> (Samba3 has much less use of krb5, and has a very heavy weight of
> compatibility glue around it's neck.  In particular I don't want that
> weight to kill the chance of getting a release out).

I understand, I am just being a middle-man on this, and I will forward 
your notes to the Kerberos maintainer for OpenVMS.  Right now my focus 
is just getting something to build.

-John
wb8tyw at qsl.net
Personal Opinion Only