Fixes for S3 DCE/RPC GSSAPI with Heimdal
Luke Howard
lukeh at padl.com
Thu Apr 21 10:07:57 MDT 2011
On 21/04/2011, at 5:54 PM, simo wrote:
> On Thu, 2011-04-21 at 17:42 +0200, Luke Howard wrote:
>>> On Thu, 2011-04-21 at 11:07 +0200, Luke Howard wrote:
>>>> You can iterate through the keytab, not ideal and won't work for user to user, but fine for most use. That's what XAD - which effectively used 1.7 - did.
>>>
>>> Ouch, that really is a hack... As Simo is willing to live without this
>>> feature on earlier krb5 versions, I don't proposed to do that.
>>
>>
>> Certainly not ideal. But it shouldn't be too inefficient.
>
> If it is not too difficult I'd rather be able to still compile Samba on
> RHEL5 if possible (which has 1.6).
Unfortunately AFAIK you'll need to roll your own GSS-API in that case (as you did in the past, right?). I didn't start working for MIT until 1.7 :-)
-- Luke
More information about the samba-technical
mailing list