Subject: Re: patch to add rfc2228 support to ftpd
To: Aidan Cully <>
From: Tomas Svensson <>
List: tech-userlevel
Date: 03/26/2002 15:39:45
I think it adds a lot of kerberized obfuscation that may not be needed
for other security methods. It also assumes that the data is always
encrypted by a function then sent with write() which isn't the case
with TLS.

It's probably better if you make a table that is checked at AUTH time
that sets method-dependent functions for pbsz, prot, write, read,
printf, putc, ccc etc.

About the style, you should probably read /usr/share/misc/style...


Tuesday, March 26, 2002, 12:39:26 PM, you wrote:

AC> On Tue, Mar 26, 2002 at 10:57:35AM +0100, Tomas Svensson wrote:
>> 1) Does it work without kerberos?

AC> It should...

>> 2) Does kerberos work with it?

AC> Krb5 (AKA GSSAPI).  I'll do krb4 later, but the commit doesn't
AC> necessarily need to block on that.

AC> --aidan