I made some progress on the Kerberos stuff.

For Integrity, Daniel’s fix didn’t quite work because it didn’t account for the length of the mic token length field…

Instead of doing a SETPOS, I fixed up the xdrs directly with the tail of the last buffer.

I also re-organized the xdr_iov for XDR_ALLOCHDR to explicitly have a buffer for the length field (which is not part of the gss_iov). This makes the debug code work better.

Now krb5 and krb5i work, but krb5p doesn’t work, so a bit more debug to figure out what’s wrong there. I suspect a similar problem with the length of the output, but it needs to be fixed up a little differently.

Frank