[PATCH] krb5 ticket refresh chain
Stefan (metze) Metzmacher
metze at samba.org
Mon Jan 5 14:04:25 GMT 2009
boyang schrieb:
> Hi, everybody:
> nautilus and smbspool rely on krb5 ticket to connect to servers,
> therefore, it can locks account when krb5 ticket expires. The
> recommended question here is destroying krb5 ticket in case that it can
> be expired and renew/rekinit it when possible. We handle errors such as
> KRB5_REALM_CANT_RESOLVE, KRB5_AP_ERR_TKT_EXPIRED or KRB5_FCC_NOFILE to
> make krb5 ticket refresh chain more robust.
> When we cannot renew/rekinit ticket, or login in cache mode, destroy
> krb5 ticket and try to renew/rekinit it later when KDC available. when
> krb5 ticket expired, we rekinit it if it is possible.
> Patches are in the attachment, thanks!
I push this to master, can someone else please review the backports?
And maybe git cherry-pick -x the master commits.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20090105/c591c3df/signature.bin
More information about the samba-technical
mailing list