Curious about final KRB5/GSSAPI patch inclusion.
Daniel Kouril
kouril at ics.muni.cz
Wed May 22 00:16:39 EST 2002
On Tue, May 21, 2002 at 10:01:37AM -0400, Nicolas.Williams at ubsw.com wrote:
>
> SEAM's GSS implementation is, indeed, fully dynamic, that is, it uses
> dlopen() to get at the shared objects implementing specific GSS mechanisms.
> Unfortunately the GSS-API is not enough - some mechanism-specific APIs are
> needed to properly handle credentials and what not, so SEAM's GSS
> implementation can't be used with OpenSSH because the underlying mechanism
> APIs are not public.
There is draft, which tryies to add these missing functions. See
draft-ggf-gss-extensions-05.txt available from
http://www.gridforum.org/security/gsi/index.html --> GSS-API Extensions
A kerberos implementation of these functions should be trivial.
--
Dan
More information about the openssh-unix-dev
mailing list