t.so.0 + 0x841d8)
#21 0x563d3a909606 main
(lmtp + 0x6606)
#22 0x7f535557bb25
__libc_start_main (libc.so.6 + 0x27b25)
Thanks,
Bryan Jacobs
On Tue, 07 Jul 2009 20:27:57 -0400
Timo Sirainen wrote:
> On Tue, 2009-03-03 at 13:56 -0500, Bryan Jacobs wrote:
> > Attached is a patch which in my environment (Linux/Heimdal 1.2.1)
> > fixes cross-realm GSSAPI authentication.
> >
> > Changes it makes:
> > 1.
urity
restrictions (world read, user only write permissions), this lets me
use GSSAPI logins with principals from either REALM1 or REALM2.
This leaves untouched the behavior in the case where krb5_kuserok is
not available.
Bryan Jacobs
Index: dovecot-1.1.11/src/auth/mech-gss
ing gss_compare_name like this? I don't know how to do
this using GSSAPI, but on the Kerberos side Heimdal provides the
function krb5_kuserok. Dovecot could also just have a configurable
file listing acceptable krb5 principals (preferably in .k5login syntax)
and check that both auth_name and
e features
you want will come along.
Bryan Jacobs
signature.asc
Description: PGP signature
