What's in the ticket caches? ------------------------------------------------------------------------------ K95 MIT Item type VarName type VarName ------------------------------------------------------------------------------- o Semaphore - int tkt_header.sema o EOCache DWORD cache_head.EndOfCache unsigned tkt_header.eof_ptr o nTickets DWORD cache_head.NumTickets - - o maxTickets DWORD cache_head.MaxTickets - - o Time (cache change) LONG cache_head.TimeStamp - - o Principal, cur CHAR[40] cache_head.Principal char* pname (1st thing in cache) o Principal Instance, cur CHAR[40] cache_head.Instance char* pinst (2nd thing in cache) o Principal Realm, cur CHAR[40] cache_head.Realm char* dynamically fetched from Service's Realm of first ticket in cache by krb_get_tf_fullname in GETTFNAME.C o Principal, perTkt CHAR[40] KTKT.principal - not stored o Principal Instance, perTkt CHAR[40] KTKT.principal_instance - not stored o Principal Realm, perTkt - not stored - not stored o Service CHAR[40] KTKT.service char* credentials.service o Service Instance CHAR[40] KTKT.service_instance char* credentials.instance o Service Realm CHAR[40] KTKT.realm char* credentials.realm o Session Key BYTE[8] KTKT.session_key uchar[8] credentials.session o Version BYTE KTKT.skvno int credentials.kvno o StringToKeyAlgorithm WORD KTKT.str_to_key stored in remember_the_function (file scope) in getintkt.c o Time (tkt issue) LONG KTKT.issue_time long credentials.issue_date o Time (tkt expiration) LONG KTKT.expiration_time int credentials.lifetime o Ticket Size BYTE KTKT.ticket_sz int credentials.ticket_st.length o Ticket BYTE[256] KTKT.ticket uchar[1250] credentials.ticket_st.dat ------------------------------------------------------------------------------- Differences between Kerb95 & MIT caches (in the cache file itself) ------------------------------------------------------------------------------- o ticket length: o K95 stores in a BYTE KTKT.ticket_sz #$-TODO:Can K95 handle DWORD-$# o MIT stores in a DWORD credentials.ticket_st.length o semaphore: o K95 doesn't use? doesn't appear in cache data structures #$-TODO:K95 semaphore ?-$# o MIT appears in tkt_header.sema #$-TODO:How Used-$# o Principal Realm, cur o type is the same, but logic of what gets returned when differs o Principal, perTkt o K95 KTKT.principal o MIT not stored per ticket but per cache o Principal Instance, perTkt o K95 KTKT.principal_instance o MIT not stored per ticket but per cache o Time (tkt expiration) #$-TODO:Names different, is use different?-$# o K95 LONG KTKT.expiration_time o MIT int credentials.lifetime ------------------------------------------------------------------------------- Different, but not a problem (I think not anyway) ------------------------------------------------------------------------------- o all strings: o K95 stores fixed size (40 byte) strings o MIT compresses all string values (stores up to (and including) the NULL) o cache header: o K95 (cache_head) stored in cache file o MIT (tkt_header) not stored in file #$-TODO:Where stored?-$# o Version o K95 stores in BYTE o MIT stores in int o StringToKeyAlgorithm KTKT.str_to_key stored in (file scope) remember_the_function in getintkt.c o Time (cache change): #$-TODO:used by K95?-$# o K95 appears in cache_head o MIT does not store ------------------------------------------------------------------------------- No difference between K95 & MIT ------------------------------------------------------------------------------- o Principal Instance, cur o Service o Service Instance o Service Realm o Session Key o Principal Realm, perTkt - not stored by either implementation, is it available to store? o Time (tkt issue) o Ticket Size o Ticket