Perry Smith wrote:
Ken,

I am not sure I answered your question before.

I went back and used Mac's tcpdump utility to look at the data coming over the wire. It is *not* clear text. So, I am assuming it is using Kerberos to encrypt the data. If I still have not answered your question, I can either dig further into the code and/or ask some Mac guys on the net -- but I've not found Mac guys that really know the details like this.

Looking at prot_fill in prot.c, s->saslssf is true when the client is authenticating using Kerberos and false when the client is using "password" (which I assume is clear text password authentication).

Right, I assumed that the problem is in the security layer code. So you're using GSSAPI, not KERBEROS_V4, correct?


--
Kenneth Murchison
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Reply via email to