OPenAFS and OpenSSH replacing kafs
Ben Lindstrom
mouring at etoh.eviladmin.org
Tue Mar 2 08:25:08 EST 2004
On Sun, 29 Feb 2004, Sergio Gelato wrote:
> * Ben Lindstrom [2004-02-28 18:36:03 -0600]:
> > I have patches for OS/X to compile. I'll work on finalizing this because
> > some of this needs to go upstream (I plan on gutting the krb5_init_ets()
> > since it is a private API and is not needed on most systems). I need to
> > track down why extactly zlib.h hates being where it is, but this at least
> > is a workaround.
>
> The Kerberos framework includes <TargetConditionals.h> which defines
> TARGET_OS_MAC, and /usr/include/zconv.h inexplicably suppresses the
> "typedef unsigned char Byte;" line in that case. Looks like a simple
> case of broken headers. For my builds I'll just copy zlib.h and zconv.h
> to the build directory, patch the copy of zconv.h and continue. Your
> solution of including zlib.h before krb5.h is probably also OK as a
> workaround.
If this is a real bug in the headers. Then apple should be informed and
they should correct the issue.
> Your patches seem to be missing the SessionCreate() calls to the
> Security framework (the moral equivalent to setpag() I believe).
> Also, Michaud's patch was using the CCache API to manage the Kerberos
> credentials when linking against the Kerberos framework. That sort of
> detail could make the difference between "compiles" and "works". But
> we'll see; I'll try to find time to work on this on Monday.
>
This is a separate issue. If you look at the Apple source code it is an
optional patch for CCache API. Unless Apple has stripped out the other
forms of fetching creditionals.
I have no quarms importing CCache API if one is presented to me. Just not
sure I liked the way Apple did it. But I only took a few moments glance
at it.
- Ben
More information about the openssh-unix-dev
mailing list