gss_export_sec_context/gss_import_sec_context
Stefan (metze) Metzmacher
metze at samba.org
Fri Jul 24 02:59:22 MDT 2009
Love Hörnquist Åstrand schrieb:
>
> 23 jul 2009 kl. 13:56 skrev Stefan (metze) Metzmacher:
>
>> Hi Love,
>>
>> from reading the source code using
>> gss_export_sec_context() and gss_import_sec_context()
>> will loose the delegated credentials information.
>> Is that a bug or a feature?
>
> Unless, I think its a feature.
>
>> Is there any other way to transfer the delegated credentials
>> via a DATA_BLOB to another process?
>
> gss_store_cred() might help you (not implemented in heimdal yet)
>
> There is no protable way to do this that works for all mechs.
>
> gss_krb5_copy_ccache() + gss_krb5_import_cred() will partly get you there.
And how do I create a blob that I can pass between the process
that does the gss_krb5_copy_ccache() and the process that will do
the gss_krb5_import_cred()?
> If you want a gss_export_cred() we should probably make one.
gss_export_cred() and gss_import_cred() would be very useful.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20090724/fe9346c9/attachment.pgp>
More information about the samba-technical
mailing list