[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Propagating MIT-Kerberos Database to Heimdal KDC


Johan Danielsson wrote:
> If you are desperate you can try this patch for lib/hdb/mkey.c.  I
> haven't really tested this patch in any way, but the principle should
> be correct.
Yes, I seemed to be very desperate ;-)

After I managed to recompile heimdal with your patch (which is not so
easy on a SuSE 9.0 because they fiddled around with some headers and
libraries) I was able to convert the database successfully and then

So you seemed to be on the right track.

If I convert the database with

hprop -m .k5.stash.MYCELL.b7 -d slave_datatrans.oldformat --source=mit-dump --decrypt|hpropd -n

I can even use it with the unmodified heimdal packages from the
distribution, so I don't have to worry about any security problems
that might have crept in with your quickshot patch.

This means I'll be able to work with unmodified heimdal packages and
be able to follow the security upgrades from the distribution.

Very sweet! :)

Thanks a bunch
Friedrich Delgado Friedrichs   |               mailto: fd@dfn-cert.de
DFN-CERT GmbH                  |              pgp-key: 0x94A6047F
Heidenkampsweg 41              |                Phone: +49(40)808077-555
D-20097 Hamburg                |                  FAX: +49(40)808077-556
Germany                        |

PGP signature