Hi All,
Ming Zhi
woodhead99 at gmail.com
Tue May 26 02:54:09 EDT 2020
I have met a development issue about the kerberos's GSSAPI.
The krb5 library has a `send hook' support as is done in
`krb5_set_kdc_send_hook'. This is very useful for me, in a project where
the network traffic is restricted to a single TCP connection, which is
shared between different clients by multiplexing. And a dedicated KDC
communication channel is not available. The hook provides a perfect way for
the KDC messages to its destination over the shared tcp connection.
On the other hand, GSSAPI is cool to have a uniformed interface to
different authentication mechanisms as well as the kerberos, and it saves a
lot of effort compared to using the native krb API. And I would like to use
it for the kerberos development.
But with GSSAPI, I cannot find an official way to set the hook between the
`context' creation and the start of kdc traffic, as is done in a single
function `gss_init_sec_context'. The worst situation is that I need to get
hands dirty to change the source code.
Does any of you have some suggestions on this issue ? looking forward to
your comments.
woodhead99
More information about the Kerberos
mailing list