[17070] in Kerberos_V5_Development
Re: gss_krb5_import_cred fails for Samba
daemon@ATHENA.MIT.EDU (Andrew Bartlett)
Sat Jul 23 01:55:16 2011
From: Andrew Bartlett <abartlet@samba.org>
To: Nico Williams <nico@cryptonector.com>
Date: Sat, 23 Jul 2011 15:55:04 +1000
In-Reply-To: <CAK3OfOhW4Rhs+GaNRqar52YW531mtAif+_67oG2r_GxnY7Xg=Q@mail.gmail.com>
Message-ID: <1311400506.2545.25.camel@ruth>
Mime-Version: 1.0
Cc: "lukeh@PADL.COM" <lukeh@padl.com>, "krbdev@mit.edu" <krbdev@mit.edu>,
"samba-technical@samba.org" <samba-technical@samba.org>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, 2011-07-22 at 23:43 -0500, Nico Williams wrote:
> Oh, I see. Speaking of match by key (where I assume you mean by
> {enctype, kvno}), Heimdal does it.
Yes, and when we compile Samba3 against Heimdal it works well, using
this API.
The trouble all started when our autoconf tests started finding this in
MIT, but with differences in behaviour.
We additionally have a patch to have Heimdal use only enctype, because
Samba3 use 0 and -1 as the kvno values (yes really!), as it does not
record the kvno during the join.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
