[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Time to Display My Ignorance, or What Is This Packet Anyway?

The Heimdal kdc doesn't appear to support the Windows Transarc clients.  
  What are they doing anyway?  The on-the-wire packet doesn't look like  
either a K4 request or a kaserver request.  It's sent from the AFS  
client to port 750.  After stripping off the Ethernet/IP/UDP headers  
I'm left with the following authentication request:

> 0000  63 03 62 87 f8 b9 73 c2 a7 01 68 6f 74 7a 00 00    
> c.b...s...hotz..
> 0010  4a 50 4c 2e 4e 41 53 41 2e 47 4f 56 00 44 3f 47    
> 0020  41 bf 61 66 73 00 00                              A.afs..

There is no RX header.  It doesn't start off with the same data that a  
Kerberos 4 request has.  What is this thing?  If fails all the Heimdal  
code checks for what it might be and winds up not causing any action  
whatever.  (It ought to cause some kind of warning message I think, but  
it doesn't even do that.)

Did OpenAFS change the form of the auth requests from IBM/Transarc some  
time ago?  If I start reading the kaserver code will I find out what's  
going on?

Test packet was generated on NT4 with the Transarc AFS 3.6 2.48 client.  
  The packet generated on XP appears identical.  The packet generated by  
a "normal" Kerberos 4 client looks very different (no trailing "afs"  
for instance).
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu