| commit | 740ee4a8977512c03800ef88603cf65fd044443b | |
| author | Andrew Bartlett <abartlet@samba.org> | |
| Sat, 1 Jan 2005 00:19:08 +0000 (1 00:19 +0000) | ||
| committer | Gerald (Jerry) Carter <jerry@samba.org> | |
| Wed, 10 Oct 2007 18:07:53 +0000 (10 13:07 -0500) | ||
| tree | 4178f6c62ed1bae48e51247c88a6f5c2cde15fab | treesnapshot (tar.gz zip) |
| parent | 9a6671cf9529fd7817c5ef266da3d3bea46a88c0 | commitdiff |
r4460: Add a new GENSEC module: gensec_gssapi
(disabled by default, set parametric option: gensec:gssapi=yes to enable).
This module backs directly onto GSSAPI, and allows us to sign and seal
GSSAPI/Krb5 connections in particular. This avoids me reinventing the
entire GSSAPI wheel.
Currently a lot of things are left as default - we will soon start
specifiying OIDs as well as passwords (it uses the keytab only at the
moment). Tested with our LDAP-* torture tests against Win2k3.
My hope is to use this module to access the new SPNEGO implementation
in Heimdal, to avoid having to standards-verify our own.
Andrew Bartlett
(This used to be commit 14b650c85db14a9bf97e24682b2643b63c51ff35)
(disabled by default, set parametric option: gensec:gssapi=yes to enable).
This module backs directly onto GSSAPI, and allows us to sign and seal
GSSAPI/Krb5 connections in particular. This avoids me reinventing the
entire GSSAPI wheel.
Currently a lot of things are left as default - we will soon start
specifiying OIDs as well as passwords (it uses the keytab only at the
moment). Tested with our LDAP-* torture tests against Win2k3.
My hope is to use this module to access the new SPNEGO implementation
in Heimdal, to avoid having to standards-verify our own.
Andrew Bartlett
(This used to be commit 14b650c85db14a9bf97e24682b2643b63c51ff35)