Getting rid of smb_krb5_send_and_recv_func()
Andrew Bartlett
abartlet at samba.org
Wed Apr 30 15:31:50 MDT 2014
On Wed, 2014-04-30 at 11:54 +0200, Andreas Schneider wrote:
> Hi,
>
> with Andrew his patches and the preloadable socket_wrapper we're now able to
> get rid of smb_krb5_send_and_recv_func().
>
> I've prepared a patchset here:
>
> https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/smb_krb5_send_and_recv_func
>
>
> A local 'make test' completed successfully.
My main concern is that this implies that we are backing down from
Kerberos due to it failing, rather than actually handling this properly.
That is, I think we fall into the KDC not found case, and fall back to
NTLM, when Samba is operating in single process mode.
We need to combine this with a fork or threads based async handler to
get the tickets and do GSSAPI.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list