oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gssapi: support for client keytab in gss_acquire_cred (#383)

Browse Source 
For compatibility with MIT Kerberos, support automatic acquisition of initiator
credentials if a client keytab is available. The default path on non-Windows is
/var/heimdal/user/%{euid}/client.keytab, but can be overriden with the
KRB5_CLIENT_KTNAME environment variable or the default_client_keytab_name
configuration option. If a client keytab does not exist, or exists but does not
contain the principal for which initiator credentials are being acquired, the
system keytab is tried.
This commit is contained in:
Luke Howard
2018-12-31 16:13:20 +11:00
parent 58b77bb485
commit af0d8ef677
7 changed files with 55 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/krb5/version-script.map
View File

@@ -745,6 +745,7 @@ HEIMDAL_KRB5_2.0 {
_krb5_crc_update;
_krb5_get_krbtgt;
_krb5_build_authenticator;
_krb5_kt_client_default_name;
# Shared with libkdc
_krb5_AES_SHA1_string_to_default_iterator;