PAC Validation
Andrew Bartlett
abartlet at samba.org
Tue Jun 28 05:20:09 EDT 2005
In my work on Samba4, I'm trying to actually handle the kerberos PAC
(compared with Samba3 approach of ignoring the problem).
As such, I'm trying to both parse the PAC (reasonably easy, with Samba's
NDR layer), and to validate the signatures.
Has anybody on this list actually managed to follow the specification
Microsoft published, using the MIT Kerberos API? I'm particularly
interested in public code I can just reference, but I'll take hits as
well :-)
In my attempts so far, I've extended Heimdal's kerberos and GSSAPI, but
I've not yet made it work.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20050628/8b87e6f1/attachment.bin
More information about the krbdev
mailing list