Fixes for S3 DCE/RPC GSSAPI with Heimdal
Love Hörnquist Åstrand
lha at kth.se
Wed Apr 27 08:28:54 MDT 2011
27 apr 2011 kl. 03:10 skrev "Andrew Bartlett" <abartlet at samba.org>:
>>>> You still unconditionally remove gss_release_oid() when I asked you to
>>>> ifdef it out for heimdal given it has problems, but MIT technically
>>>> requires it.
>>> Does anyone on the list know a sane way to detect this behaviour, or at
>>> the very least if we have compiled against heimdal? I can't key off
>>> SAMBA4_INTERNAL_HEIMDAL because the same should, if I understandrele
>>> correctly, happen against a system heimdal that Samba3 happens to be
>>> compiled against.
>>> I do find this situation (and the lack of any clear documentation
>>> describing the correct course of action) very frustrating. Sadly my
>>> frustrating isn't enough to cause this situation not to exist.
>> What gss function return an allocated oid ? I'm asking since gss-Release-oid is not part of the api.
> MIT gss_init_sec_context and gss_accept_sec_context apparently.
ISC and ASC dont require use of gss_release_oid if conforming to the standard. MIT conforms for their base mechs.
More information about the samba-technical