[PATCH] krb5 ticket refresh chain
Stefan (metze) Metzmacher
metze at samba.org
Mon Jan 5 07:47:12 GMT 2009
Hi BoYang,
> nautilus and smbspool rely on krb5 ticket to connect to servers,
> therefore, it can locks account when krb5 ticket expires. The
> recommended question here is destroying krb5 ticket in case that it can
> be expired and renew/rekinit it when possible. We handle errors such as
> KRB5_REALM_CANT_RESOLVE, KRB5_AP_ERR_TKT_EXPIRED or KRB5_FCC_NOFILE to
> make krb5 ticket refresh chain more robust.
> When we cannot renew/rekinit ticket, or login in cache mode, destroy
> krb5 ticket and try to renew/rekinit it later when KDC available. when
> krb5 ticket expired, we rekinit it if it is possible.
> Patches are in the attachment, thanks!
I'm currently rewriting this to avoid set_event_dispatch_time() and
cancel_named_event(), as both only work on the first event with the
given name.
You can find my work in progress here:
http://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master3-tevent2
It would be nice if you could help me to rebase my changes on top of
your patches or rewrite your changes based on the ideas in my changes.
As I have no setup to really test my changes.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20090105/d1ee1a99/signature.bin
More information about the samba-technical
mailing list