summaryrefslogtreecommitdiff
path: root/source4/libcli/auth/gensec_gssapi.c
AgeCommit message (Collapse)AuthorFilesLines
2007-10-10r4531: Include the OID locally, as it seems to be hard to get the includesAndrew Bartlett1-1/+5
right. Andrew Bartlett (This used to be commit a742ea1e1221058ae6a99e317fbf18c80bc49aed)
2007-10-10r4504: SettingAndrew Bartlett1-3/+2
.enabled = True on modules we know are good (and we want on be default) seems neater. Andrew Bartlett (This used to be commit 18850c66b7c8ac5e8caf08151dbb9b72cf93230f)
2007-10-10r4500: Allow GENSEC modules to be disabled by setting a flag on their moduleAndrew Bartlett1-2/+4
definition, not by hardcoded reference in loadparm.c Andrew Bartlett (This used to be commit 43558eaf7604d2bb0187e0d1ba0686935a965ad7)
2007-10-10r4494: Allow gensec_gssapi to use the SPNEGO mech provided by Heimdal (off byAndrew Bartlett1-7/+44
default at this point), and include the GSSAPI OIDs in our source, per advice by lha that this is easier than getting the includes right. Andrew Bartlett (This used to be commit 9ff8b2b4d12d364084df5c95a752ce2a0546053d)
2007-10-10r4460: Add a new GENSEC module: gensec_gssapiAndrew Bartlett1-0/+336
(disabled by default, set parametric option: gensec:gssapi=yes to enable). This module backs directly onto GSSAPI, and allows us to sign and seal GSSAPI/Krb5 connections in particular. This avoids me reinventing the entire GSSAPI wheel. Currently a lot of things are left as default - we will soon start specifiying OIDs as well as passwords (it uses the keytab only at the moment). Tested with our LDAP-* torture tests against Win2k3. My hope is to use this module to access the new SPNEGO implementation in Heimdal, to avoid having to standards-verify our own. Andrew Bartlett (This used to be commit 14b650c85db14a9bf97e24682b2643b63c51ff35)