[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gss_krb5_import_creds can't work with memory keytab

On Thu, 2005-12-01 at 20:49 +1100, Andrew Bartlett wrote:
> On Thu, 2005-12-01 at 09:20 +0100, Love Hörnquist Åstrand wrote:
> > Andrew Bartlett <abartlet@samba.org> writes:
> > 
> > > I've been trying to move Samba4 across to using the new
> > > gss_krb5_import_creds function.  This should reduce our custom hacks
> > > significantly, and I thought it provided the correct semantics.
> > [...]
> > > the code in keytab_memory.c
> > > could be changed to record the list of keytabs (with reference counting
> > > etc), much as the in-memory ccache code does.
> > 
> > I think I like reference counting better, how about this ?
> It's my preferred option.  I'll test this out and let you know.

This works, except that the reference count 'works' on a keytab of name
'MEMORY:'.  Perhaps this should be a special case that always makes a
new keytab?  I'm thinking an application may have relied on the previous
behaviour.  (early Samba3 I know used 'MEMORY:', but only ever had one

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net

This is a digitally signed message part