|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Howard Chu wrote:
Alexey Melnikov wrote:Howard Chu wrote:Alexey Melnikov wrote:Howard Chu wrote:This patch implements the SASL_GSS_CREDS property, which was defined in sasl.h back in 2005.http://asg.andrew.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&searchterm=sasl_gss_creds&msg=7600Applications need this functionality to make use of Kerberos Services4User features. http://k5wiki.kerberos.org/wiki/Projects/Services4User Setting the credential in the SASL client will allow it to use an S4U2Proxy credential, among other things.Additional patches will still be needed to allow a SASL server to take advantage of this feature, as mentioned in my previous email. But thisis a small first step just to get the ball rolling.Hi Howard, This looks fine, but let me ask some questions on your patch:What about updating sasl_getprop() to match?Sure. I didn't think it was too important since the calling app is the only thing that can set it, it must already have it.Let's make everything symmetrical, if it is easy. Pretty much all props that can be set are also retrievable with sasl_getprop().OK. Assuming you only meant to retrieve the previously-set cred, this patch will do. If you mean to retrieve whatever cred got used, including e.g. what the server obtained through gss_acquire_cred() that gets a bit trickier; need to worry about who disposes of it and such.
Right. This version looks good to me.