From xemacs-m  Fri May  9 18:30:30 1997
Received: from computer.eng.mindspring.net (computer.eng.mindspring.net [207.69.183.4])
	by xemacs.org (8.8.5/8.8.5) with ESMTP id SAA10935
	for <xemacs-beta@xemacs.org>; Fri, 9 May 1997 18:30:29 -0500 (CDT)
Received: (from ahobson@localhost)
          by computer.eng.mindspring.net (8.8.4/8.8.4)
	  id SAA00124; Fri, 9 May 1997 18:57:59 -0400 (EDT)
From: Andrew Hobson <ahobson@eng.mindspring.net>
To: xemacs-beta@xemacs.org
Subject: Patch for efs with kerberized ftp
Mime-Version: 1.0 (generated by tm-edit 7.106)
Content-Type: multipart/mixed;
 boundary="Multipart_Fri_May__9_18:57:58_1997-1"
Content-Transfer-Encoding: 7bit
Date: 09 May 1997 18:57:58 -0400
Message-ID: <kjohaki77t.fsf@computer.eng.mindspring.net>
Lines: 78
X-Mailer: Gnus v5.4.51/XEmacs 20.2(beta3)

--Multipart_Fri_May__9_18:57:58_1997-1
Content-Type: text/plain; charset=US-ASCII

I couldn't seem to get kerberized ftp to work correctly with efs.  The 
problem is that there doesn't seem to be a way for the kerberos ftp
client to negotiate an authenticated session after being invoked with
the "-n" option.

So instead of having efs perform the kerberos magic, I added a new
variable efs-kerberos-private.  If non-nil, it overides the gateway
setting in efs-login.  As a side effect, I negotiate a "private"
session so that the link will be encrypted.  This is not very clean,
but it does make the changes slightly smaller.

If someone can show me a cleaner way to do this, I would be most
grateful.

These are the customizations I made to my .emacs:
(require 'efs)
(setq efs-ftp-program-name "/usr/krb5/bin/ftp")
(setq efs-ftp-program-args '("-i" "-g" "-v"))
(setq efs-kerberos-private t)

I'm running xemacs-20.2-b3.

Drew


--Multipart_Fri_May__9_18:57:58_1997-1
Content-Type: text/plain; charset=US-ASCII


--- efs.el	1997/05/08 17:35:20	1.1
+++ efs.el	1997/05/08 17:34:20
@@ -1696,7 +1696,9 @@
    ;; passive
    "^[Pp]assive \\|"
    ;; client codes
-   "^[Hh]ash mark "))
+   "^[Hh]ash mark "
+   ;; kerberos GSSAPI stuff
+   "^GSSAPI \\|"))
 ;; Response to indicate that the requested action was successfully completed.
 
 (defvar efs-failed-msgs
@@ -4247,6 +4249,8 @@
 	     (setq result (efs-login-send-pass
 			   efs-gateway-host
 			   (efs-get-user efs-gateway-host) proc)))
+	(if efs-kerberos-private
+	    (setq gate 'kerberos-private))
 	
 	;; Analyze result of OPEN.
 	(if (car result)
@@ -4286,6 +4290,8 @@
 			    (efs-nslookup-host to))
 		       (setq to (concat to "@" port))))
 		 (format "quote user \"%s\"@%s" user to)))
+	      ((eq gate 'kerberos-private)
+	       (format "private"))
 	      (t
 	       (format "quote user \"%s\"" user))))
 	(msg (format "Logging in as user %s%s..." user
@@ -4317,7 +4323,11 @@
        ((string-equal "332 " code)
 	;; Need an account, but no password
 	(setq result (efs-login-send-acct host user proc gate)))
-     
+
+       ((and efs-kerberos-private (string-equal "200 " code))
+	;; we're good to go
+	nil)
+            
        ((null (car result))
 	;; logged in proceed
 	nil)

--Multipart_Fri_May__9_18:57:58_1997-1--

