Re: heimdal -> MIT kdc migration

On Tue, Aug 26, 2025 at 09:35:39AM -0700, Gleb Smirnoff wrote:
T> On Tue, Aug 26, 2025 at 08:31:13AM -0700, Gleb Smirnoff wrote:
T> T> On Tue, Aug 26, 2025 at 08:13:26AM -0700, Rick Macklem wrote:
T> T> R> Ok. If you install FreeBSD-13.5 and then "pkg install heimdal", you get a
T> T> R> working Heimdal-7.8 in ports.
T> T> R> 
T> T> R> Now, I have another challenge. Fixing the master passwords.
T> T> R> I'll work on it later to-day.
T> T> 
T> T> I have applied two commits from Heimdal from 2012 that add 'kadmin dump -f MIT'
T> T> feature to our base heimdal and polished them to compile.  So far it doesn't
T> T> work yet, either create an empty dump or create a core dump, instead of
T> T> database dump :) I'll see how difficult it is going to further resolve that to
T> T> a working condition. If I succeed, then having 'dump -f MIT' in base without
T> T> any ports would be the best solution.  Can also be merged to FreeBSD 14.4.
T> 
T> Good news.  In the above paragraph I was testing my change incorrectly - threw
T> the new binary on a system running unpatched libraries.  When run correctly,
T> it successfully produced something that looks like a correct dump in MIT format.
T> I haven't yet tried to load it into MIT kdc yet, though.

Bad news: while kadmin -f MIT works, the library change broke kdc :) Looks like
more work is needed here.  I will probably get back to this only next week.

The branch as is shared here:

https://github.com/glebius/FreeBSD/tree/kadmin-dump-MIT

-- 
Gleb Smirnoff