[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kerberos decryption and Ethereal, help requested

"Ronnie Sahlberg" <ronnie_sahlberg@ozemail.com.au> writes:

> Three final questions (for now)
> 1, I downloaded the latest snapshot, recompiled, and everything in your
> example you sent me previously worked.
> Ill go with this now to start embedding it into ethereal.
> But since this uses an API not present in the current release of Heimdal but
> in the upcoming 0.7 release,
> is it known when 0.7 will be released?

The api that was used in the example have been in heimdal since 0.1
something. Its the krb5_c mit compat glue that will be releasted with 0.7.

> 2, Are there any differences between MIT and Heimdal kerberos on what
> transforms are supported?
> Do Heimdal support all encryption types MIT support or a subset?
> In particular   do heimdal support RC4-HMAC ?   Encryption type 23   ?
> RC4-HMAC is very important to me.

Heimdal supports al enctypes that MIT supports, but you have to use a
snapshot from yet-to-be-0.7 or the 0.6 branch, both these two are generated
each night into the snapshots directory on the ftp site.

> 3, Are there any plans to make the libraries I need for this available on
> the Win32 platform?
> Afaict heimdal is only available on un*x systems?

There are windows binaries built by Thomas Nystrom in ktelnet, but nothing
is merged back in heimdal distribution.

> (4, I have still failed to get the MIT code to work, mainly due to my
> ignorance on how it works. I would really like to be able to make
> ethereal support either implementation and not force policy onto the users
> but that is a question for a different mailinglist)

using the krb5_c api should make the code compatible with both heimdal and
mit kerberos.

I just saw your other mail, very cool indeed.


PGP signature