Heimdal Merge to Samba4

Andrew Bartlett abartlet at samba.org
Wed Nov 8 05:11:41 GMT 2006


On Tue, 2006-11-07 at 20:31 +1100, Andrew Bartlett wrote:
> Just a heads up that I know about the portability issues introduced with
> the merge of lorikeet-heimdal onto Samba4.  I would appreciate any
> assistance in fixing any hosts I've broken, but in any case, I expect to
> spend the next couple of days chasing this down.
> 
> Please also let me know if you find any strange kerberos behaviours.

Well, I think I've almost finished my 3 weeks of Heimdal wrangling.  The
diff between Samba's lorikeet-heimdal and Heimdal itself is now about
500 lines, mostly being a few extra hooks we need.

We have made very good progress on API extension, with the new
krb5_rd_req_ctx() replacing the ugly hack that was
krb5_rd_req_return_keyblock().

Much of the work was porting our changes into Heimdal, and handling the
subtle changes introduced when features like 'DCE_STYLE' GSSAPI were
merged.  

Soon we may be in a position to be able to unpack a Heimdal tarball into
heimdal, rather than require our own modified copy.  (We may not want
to, but having pristine upstream sources would be a very good thing).

My next aim is to use PKINIT to support smart card login to Windows
hosts in a Samba domain.  

I'll also return to the LDAP server work, with my sights set on Fedora
DS.  Oh, and I've got my wedding coming up very soon, so I might get
distracted :-)

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20061108/e7fdc4ae/attachment.bin


More information about the samba-technical mailing list