[torquedev] GSSAPI

Sergio Gelato Sergio.Gelato at astro.su.se
Fri Feb 16 15:36:34 MST 2007


* Åke Sandgren [2007-02-15 22:29:12 +0100]:
> On Thu, 2007-02-15 at 13:57 -0700, Garrick Staples wrote:
> > How do people feel about the gssapi support?  Is it ready for trunk?
> 
> If you don't mind too much we would like to look it over again and talk
> to some kerberos gurus first.
> The last time i looked it didn't give me the "fuzzy warm feeling".

I'm afraid I have to second that. (And no, I don't call myself a
Kerberos guru either.)

I've only just started looking at the implementation, but what little
I've seen has convinced me that more work is desirable.

My main gripe so far is that the implementation doesn't apply any
message integrity checks to the client-server connection. I don't
think it would be a good idea to release a version without MIC support.

I have several more items on my wishlist, but they could just as
well be dealt with on the trunk; i.e., they are matters of detail.

In the AFS support: the path to aklog (and indeed the name of the aklog
program) ought to be configurable. And I wouldn't want to rely on aklog
being able to change the PAG of its parent process: I believe OpenAFS 
no longer supports that feature on the latest Linux kernels.

The code makes assumptions about the format of the string returned by
gss_display_name() which may not hold for all mechanisms and
implementations. A more flexible way of mapping principal names to 
local names may be useful at some point. (Probably not urgent.)


More information about the torquedev mailing list