Perry Smith wrote:
Ken,
I am not sure I answered your question before.
I went back and used Mac's tcpdump utility to look at the data coming
over the wire. It is *not* clear text. So, I am assuming it is using
Kerberos to encrypt the data. If I still have not answered your
question, I can either dig further into the code and/or ask some Mac
guys on the net -- but I've not found Mac guys that really know the
details like this.
Looking at prot_fill in prot.c, s->saslssf is true when the client is
authenticating using Kerberos and false when the client is using
"password" (which I assume is clear text password authentication).
Right, I assumed that the problem is in the security layer code. So
you're using GSSAPI, not KERBEROS_V4, correct?
--
Kenneth Murchison
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
