Skip Menu |
 

From: ghudson@mit.edu
Subject: git commit

Add support for client keytab from cred store

The new credential store extensions added support for specifying a
specific ccache name and also a specific keytab to be used for accepting
security contexts, but did not add a way to specify a client keytab
to be used in conjunction with the Keytab initiation support added also
in 1.11

This patch introduces a new URN named client_keytab through which a
specific client_keytab can be set when calling gss_acquire_cred_from()
and Keytab Initiation will use that keytab to initialize credentials.

[ghudson@mit.edu: minor C style fix]

https://github.com/krb5/krb5/commit/38cc076579888695a5820ceb44fe43020f5b61e1
Author: Simo Sorce <simo@redhat.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 38cc076579888695a5820ceb44fe43020f5b61e1
Branch: master
src/lib/gssapi/krb5/acquire_cred.c | 53 +++++++++++++++++++++++++++++-------
src/lib/gssapi/krb5/gssapiP_krb5.h | 1 +
2 files changed, 44 insertions(+), 10 deletions(-)
From: ghudson@mit.edu
Subject: git commit

Add gss_import_cred_from client keytab test

Modify t_credstore.c to be more flexible and adjust t_gssapi.py
accordingly. Add a test to t_client_keytab.py which acquire creds
using a programmatically specified client keytab.

https://github.com/krb5/krb5/commit/f43dfa88148724fb8a9543015c69fa1b2b24bb66
Author: Greg Hudson <ghudson@mit.edu>
Commit: f43dfa88148724fb8a9543015c69fa1b2b24bb66
Branch: master
src/tests/gssapi/t_client_keytab.py | 16 ++++--
src/tests/gssapi/t_credstore.c | 95 ++++++++++++++++++-----------------
src/tests/gssapi/t_gssapi.py | 6 +--
3 files changed, 63 insertions(+), 54 deletions(-)