svn commit: samba r6800 - in branches/SAMBA_4_0/source: auth/gensec auth/kerberos auth/ntlmssp include

abartlet at samba.org abartlet at samba.org
Sun May 15 23:42:11 GMT 2005 

Author: abartlet
Date: 2005-05-15 23:42:11 +0000 (Sun, 15 May 2005)
New Revision: 6800

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6800

Log:
A big GENSEC update:

Finally remove the distinction between 'krb5' and 'ms_krb5'.  We now
don't do kerberos stuff twice on failure.  The solution to this is
slightly more general than perhaps was really required (as this is a
special case), but it works, and I'm happy with the cleanup I achived
in the process.  All modules have been updated to supply a
NULL-terminated list of OIDs.

In that process, SPNEGO code has been generalised, as I realised that
two of the functions should have been identical in behaviour.

Over in the actual modules, I have worked to remove the 'kinit' code
from gensec_krb5, and placed it in kerberos/kerberos_util.c.

The GSSAPI module has been extended to use this, so no longer requires
a manual kinit at the command line.  It will soon loose the
requirement for a on-disk keytab too.

The general kerberos code has also been updated to move from
error_message() to our routine which gets the Heimdal error string
(which may be much more useful) when available.

Andrew Bartlett


Added:
   branches/SAMBA_4_0/source/auth/kerberos/kerberos_util.c
Modified:
   branches/SAMBA_4_0/source/auth/gensec/gensec.c
   branches/SAMBA_4_0/source/auth/gensec/gensec.h
   branches/SAMBA_4_0/source/auth/gensec/gensec_gssapi.c
   branches/SAMBA_4_0/source/auth/gensec/gensec_krb5.c
   branches/SAMBA_4_0/source/auth/gensec/spnego.c
   branches/SAMBA_4_0/source/auth/kerberos/kerberos.h
   branches/SAMBA_4_0/source/auth/kerberos/kerberos.mk
   branches/SAMBA_4_0/source/auth/kerberos/kerberos_verify.c
   branches/SAMBA_4_0/source/auth/ntlmssp/ntlmssp.c
   branches/SAMBA_4_0/source/include/structs.h


Changeset:
Sorry, the patch is too large (1500 lines) to include; please use WebSVN to see it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6800

More information about the samba-cvs mailing list