[SCM] Samba Shared Repository - branch v4-0-test updated
- release-4-0-0alpha5-167-g0aa6d63
Stefan (metze) Metzmacher
metze at samba.org
Mon Jul 28 06:54:43 GMT 2008
Andrew Bartlett schrieb:
> On Sat, 2008-07-26 at 14:48 -0500, Stefan Metzmacher wrote:
>> The branch, v4-0-test has been updated
>> via 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9 (commit)
>> via 9fc5750156467f579ea8d7755987d091f5b579c2 (commit)
>> from 2f06fbe06be2e1b77ea013ddba853ce819e58e88 (commit)
>>
>> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-test
>>
>>
>> - Log -----------------------------------------------------------------
>> commit 0aa6d63ec571b0ca05fbfe14d2b4e9ba3e1082e9
>> Author: Stefan Metzmacher <metze at samba.org>
>> Date: Fri Jul 25 16:02:29 2008 +0200
>>
>> lib/ldb/tools: allow -W and --realm when build from samba4
>>
>> metze
>>
>> commit 9fc5750156467f579ea8d7755987d091f5b579c2
>> Author: Stefan Metzmacher <metze at samba.org>
>> Date: Fri Jul 25 16:00:50 2008 +0200
>>
>> auth/credentials: use the same enctypes when getting a TGT and a TGS
>>
>> metze
>
> What was wrong with the previous defaults? (I'm just trying to
> understand the background behind your change).
We use 'our' smb_krb5_context to do the AS-REQ and it is possible
to configure the enctypes via the krb5.conf.
And the gss_init_sec_context() creates it's own krb5_context and
the TGS-REQ had all enctypes in it and only the ones configured
and used for the AS-REQ, so it wasn't possible to disable the usage
of AES keys.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20080728/ed113dd8/signature.bin
More information about the samba-technical
mailing list