Yes. non-MIT and non-Heimdal homegrown special kerberos software which is
simple, minimalistic and only provides those simple functions that
Ethereal would need.
Ethereal has quite a few dependencies as it is already. Being dependent on
even more
external libraries is the only concern I have.
I have not fully understood the entire problem space yet but I belive that
what ethereal would require would
be much much simpler than a full blown kerberos implementation.
I belive it would be sufficient for ethereal to just implement a very small
and simple subset of kerberos.
There are usually quite a few shortcuts to take when the only thing you
need/want is what ethereal needs.
A lot of work? maybe, as much work as a full blown and fully functional
generic kerberos implementation? probably far from it.
Just being able to pick up the secret keys and open up and dissect the
encrypted part of kerberos blobs would be a good start
and since we already have helper functions for des, rc4, md4 and md5 in
ethereal already that is probably a good start that might cover most
common cases already.
I found the source you referred to, thanks for the pointer. While the code
I found does not match exactly the keytab file i created as a reference/test
it was close enough (the code i found reffered to an unknown (too lazy to
look furhter) to my version of the keytab file (where one of the guint32
fields were actually a guint16 field in my keytab).
----- Original Message -----
From: "Eric Wedel"
Sent: Tuesday, February 03, 2004 4:03 PM
Subject: RE: [Ethereal-dev] telnet/authentication Kerberos stuff
> Managed to miss the last couple of sentences of your e-mail.
> If I read them right, the intent is to use skeletal non-MIT
> kerberos code?
>
> Having reimplemented most of kerberos above the cipher/hash level,
> my feeling is that even a minimal library is quite a lot of work.
> If the concern about MIT kerb is export issues, perhaps Heimdal
> is an option?
>
> regards, Eric