Thanks on the SPNEGO stuff
Andrew Bartlett
abartlet at samba.org
Tue Jul 6 23:54:00 GMT 2004
Just a quick note of thanks for your work on the SPENGO code, the new
work looks really good!
(And as much as I enjoy the authentication stuff, I'm happy to have
somebody else figure out exact bits on the wire ;-)
The tasks I see in the near future are:
ordered negTokenInit:
We need to define some way to say that Kerberos is always first in our
list of available mechs, etc. Currently this works fine, as NTLMSSP is
our only option, but we will want to get this right in future.
Server negTokenInit:
We need the server-side negTokenInit, but that should not be hard.
Kerberos:
There have been a lot of changes in the Samba3 Kerberos code, and we
need to merge these in.
Async:
We need to make this code async, particularly for the server. See the
NTLMSSP code for how I sort of expected it to be split. GENSEC needs to
have some way to deal with all this (where we 'return' then the layer
that 'waited' calls a continuation function.
SASL:
We should hook this into the SASL code in libads, when that becomes live
again.
Andrew Bartlett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040707/b959f5c1/attachment.bin
More information about the samba-technical
mailing list