Heimdal rc-hmac and gss_wrap_iov
abartlet at samba.org
Thu Aug 7 02:48:32 MDT 2014
On Wed, 2014-08-06 at 11:13 +0200, Andreas Schneider wrote:
> On Monday 28 July 2014 14:32:59 Andreas Schneider wrote:
> > Hi Love,
> > Günther and I are currently working on MIT Kerberos support for the Samba AD
> > DC.
> > We would like to always use the gss_(un)wrap_iov*() functions but it isn't
> > possible with Heimdal codebase right now.
> > a) gss_wrap_iov doesn't work with rc4-hmac
> > b) gss_wrap_iov doesn't support GSS_IOV_BUFFER_TYPE_STREAM
> > Metze already started to hack on this and I took over. The current changes
> > are currently here:
> > https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/master-gss_wr
> > ap_iov
> > Could you please take a look if you're fine with the approach. I'm a total
> > GSSAPI newbie so I have a hard time finding the right functions to call and
> > split up the blob. So advice and help is very welcome.
> Ping! :)
I realise this is still very much a WIP, but when you get further it is
best to proposed Heimdal changes on github, those seem to be dealt with
In the meantime, I've CC'ed heimdal-discuss.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical