[PATCH] Implement GSE as a gensec module for GSSAPI in s3
Andrew Bartlett
abartlet at samba.org
Thu Jan 5 21:58:32 MST 2012
On Thu, 2012-01-05 at 07:40 +1100, Andrew Bartlett wrote:
> On Wed, 2012-01-04 at 12:11 +0100, Stefan (metze) Metzmacher wrote:
> > Hi Andrew,
> >
> > > It now passes make test. I had to unify the principal selection logic
> > > between the gse code and the session setup code to avoid MIT-kerberos
> > > generated DNS lookups in make test:
> > >
> > > http://git.samba.org/?p=abartlet/samba.git/.git;a=commitdiff;h=23ad69757911f2af86558c5752420e9e70228160
> > >
> > > A similar change needs to be made to the smb seal client, and a ktest
> > > similar to the rpcclient test needs to be added.
> > >
> > > So, after a long gestation, finally I think this is ready to be
> > > submitted to autobuild!
> >
> > I'll take a look at it and may push it, ok?
>
> Thanks metze!
Thanks for pushing the parts you had, and for finding the MIT krb5
gss_wrap_iov bug!
To try and help, I've updated my branch, dropping the untested patch for
the smb2 torture test and rebasing on top of your reindent work:
https://git.samba.org/abartlet/samba.git/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/s3-rpc-gensec
I also put my full branch s3-rpc-gensec-wip past an autobuild, and it
passes:
https://git.samba.org/abartlet/samba.git/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/s3-rpc-gensec-wip
Let me know if there is anything more I can do to help,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list