From owner-freebsd-fs@FreeBSD.ORG  Tue Jul 29 14:17:06 2008
Return-Path: <owner-freebsd-fs@FreeBSD.ORG>
Delivered-To: freebsd-fs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6773F1065678
	for <freebsd-fs@freebsd.org>; Tue, 29 Jul 2008 14:17:06 +0000 (UTC)
	(envelope-from rmacklem@uoguelph.ca)
Received: from ccshst09.cs.uoguelph.ca (ccshst09.cs.uoguelph.ca
	[131.104.94.206])
	by mx1.freebsd.org (Postfix) with ESMTP id 093C48FC1A
	for <freebsd-fs@freebsd.org>; Tue, 29 Jul 2008 14:17:05 +0000 (UTC)
	(envelope-from rmacklem@uoguelph.ca)
Received: from muncher.cs.uoguelph.ca (muncher.cs.uoguelph.ca [131.104.91.102])
	by ccshst09.cs.uoguelph.ca (8.13.1/8.13.1) with ESMTP id m6TEH0K4029316;
	Tue, 29 Jul 2008 10:17:02 -0400
Received: from localhost (rmacklem@localhost)
	by muncher.cs.uoguelph.ca (8.11.7p3+Sun/8.11.6) with ESMTP id
	m6TERwc13965; Tue, 29 Jul 2008 10:27:59 -0400 (EDT)
X-Authentication-Warning: muncher.cs.uoguelph.ca: rmacklem owned process doing
	-bs
Date: Tue, 29 Jul 2008 10:27:58 -0400 (EDT)
From: Rick Macklem <rmacklem@uoguelph.ca>
X-X-Sender: rmacklem@muncher.cs.uoguelph.ca
To: =?utf-8?B?RGFnLUVybGluZyBTbcO4cmdyYXY=?= <des@des.no>
In-Reply-To: <86myk06e18.fsf@ds4.des.no>
Message-ID: <Pine.GSO.4.63.0807291020260.12515@muncher.cs.uoguelph.ca>
References: <Pine.GSO.4.63.0807161832470.5025@muncher.cs.uoguelph.ca>
	<86myk06e18.fsf@ds4.des.no>
MIME-Version: 1.0
Content-Type: MULTIPART/MIXED;
	BOUNDARY="-559023410-851401618-1217341678=:12515"
X-Scanned-By: MIMEDefang 2.63 on 131.104.94.206
Cc: freebsd-fs@freebsd.org
Subject: Re: Which GSSAPI library does FreeBSD use?
X-BeenThere: freebsd-fs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Filesystems <freebsd-fs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-fs>
List-Post: <mailto:freebsd-fs@freebsd.org>
List-Help: <mailto:freebsd-fs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-fs>,
	<mailto:freebsd-fs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jul 2008 14:17:06 -0000

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

---559023410-851401618-1217341678=:12515
Content-Type: TEXT/PLAIN; charset=utf-8; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE



On Tue, 29 Jul 2008, Dag-Erling Sm=C3=B8rgrav wrote:

> Rick Macklem <rmacklem@uoguelph.ca> writes:
>> Hope this isn't too simplistic for this list, but I need to know which
>> GSSAPI library sources are being used. They don't appear to be either
>> vanilla MIT nor Heimdal.
>
> Homegrown (by Doug Rabson, dfr@) with portions borrowed from Heimdal.
>
Ok, thanks. I was able to work around my problem by statically linking
my gssd against libraries built from vanilla Heimdal sources. It looks
like it inherited the heimdal-0.6 bug, which ignores the lack of the
GSS_C_SEQUENCE_FLAG and checks it even if it wasn't specified. This
breaks the client side of RPCSEC_GSS, since somewhat out-of-order
Sun RPCs, is normal. (RPCSEC_GSS uses a window of recent seq#s to
protect against replay attempts.)

Should I email Doug or submit a bug report, to see if someone is willing
to work on fixing this?

Thanks again, rick

---559023410-851401618-1217341678=:12515--