Heimdal upgrade, really happening this time

Andrew Bartlett abartlet at samba.org
Mon Aug 9 01:37:42 UTC 2021 

On Mon, 2021-08-09 at 11:12 +1200, Andrew Bartlett via samba-technical
wrote:
> On Fri, 2021-07-09 at 22:29 +1200, Andrew Bartlett via samba-
> technical
> wrote:
> > We now have a mostly-working branch of current Heimdal on current
> > Samba, compiling on all our supported system, which is pretty
> > impressive.
> 
> I just wanted to wrap back to the list with an update.  Thanks to
> some
> great work with Luke Howard recently, host of our pull requests with
> Heimdal have either been merged or will be shortly (as in, I made the
> requested changes and expect them to be accepted).
> 
> This means that we are actually fairly close to upstream Heimdal,
> closer than we ever have been I dare to suggest.
> 
> The remaining changes outstanding are:
> ...

There are also, which were on the Samba side, the attached.

I'm not really sure about them - I think

source4/heimdal/lib/krb5/init_creds_pw.c KRB5_NT_ENTERPRISE_PRINCIPAL
ctx->flags.canonicalize = 1

is trying to do the same as the Samba-side commit:

testprogs/blackbox/ --enterprise --canonicalize

Is that the case, and so could we drop the Heimdal side now?

I also don't know what 
source4/heimdal/lib/krb5/mcache.c anonymous resolving
is for or fixes.  Can you shed some light on this?

Thanks,

Andrew Bartlett

-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-source4-heimdal-lib-krb5-mcache.c-anonymous-resolvin.patch
Type: text/x-patch
Size: 4476 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20210809/c977b049/0001-source4-heimdal-lib-krb5-mcache.c-anonymous-resolvin.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-source4-heimdal-lib-krb5-init_creds_pw.c-KRB5_NT_ENT.patch
Type: text/x-patch
Size: 917 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20210809/c977b049/0002-source4-heimdal-lib-krb5-init_creds_pw.c-KRB5_NT_ENT.bin>

More information about the samba-technical mailing list