[32455] in Kerberos
Re: GSSAPIDelegateCredentials only works for REQUIRES_PRE_AUTH
daemon@ATHENA.MIT.EDU (Adam Megacz)
Thu Jun 10 14:44:37 2010
To: kerberos@mit.edu
From: Adam Megacz <megacz@cs.berkeley.edu>
Date: Thu, 10 Jun 2010 18:40:28 +0000
Message-ID: <xuu2d3vyhgtf.fsf@gentzen.megacz.com>
Mime-Version: 1.0
X-Complaints-To: usenet@dough.gmane.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Russ Allbery <rra@stanford.edu> writes:
> I haven't looked at the code personally, but what I recall from what other
> people have said is that the code is structured so that doing proper error
> reporting is fairly difficult.
I can see how it might be difficult to get a message back to the client,
but it can't be all that hard to syslog it at the server... I don't find
that too discouraging.
> It can also quite hard to get OpenSSH upstream to take GSSAPI-related
> patches, depending on how those patches strike them.
This, on the other hand, is very discouraging.
Thanks for the heads-up.
- a
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
