Stefan (metze) Metzmacher metze at
Fri Jul 24 02:59:22 MDT 2009

Love Hörnquist Åstrand schrieb:
> 23 jul 2009 kl. 13:56 skrev Stefan (metze) Metzmacher:
>> Hi Love,
>> from reading the source code using
>> gss_export_sec_context() and gss_import_sec_context()
>> will loose the delegated credentials information.
>> Is that a bug or a feature?
> Unless, I think its a feature.
>> Is there any other way to transfer the delegated credentials
>> via a DATA_BLOB to another process?
> gss_store_cred() might help you (not implemented in heimdal yet)
> There is no protable way to do this that works for all mechs.
> gss_krb5_copy_ccache() + gss_krb5_import_cred() will partly get you there.

And how do I create a blob that I can pass between the process
that does the gss_krb5_copy_ccache() and the process that will do
the gss_krb5_import_cred()?

> If you want a gss_export_cred() we should probably make one.

gss_export_cred() and gss_import_cred() would be very useful.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list