any hidden dependency for krb5_context?
Greg Hudson
ghudson at MIT.EDU
Wed Jul 2 17:38:28 EDT 2014
Apologies for the slow response.
On 06/17/2014 03:16 PM, Bin Lu wrote:
> I just noticed that in the profile structure of the krb5_context object, it contains the profile filename instead of the content. And I tested if I do not remove the configuration file, it works too in other threads.
The filename and content are both saved. We re-read the file if we
detect that it changed; I guess if the file goes away, we might discard
the contents.
> But this is not what I want as we might have multiple krb5_context objects with different config files. How can I enforce krb5_init_context() to save the content of the profile, not just the file name?
In krb5 1.10 we added the ability to create profile objects using a
vtable of callbacks:
http://web.mit.edu/kerberos/krb5-latest/doc/plugindev/profile.html
http://k5wiki.kerberos.org/wiki/Projects/Pluggable_configuration
You can then use krb5_init_context_profile to use the created profile
object.
There are a couple of enhancements we'd like to have, but haven't yet
implemented:
* The ability to create an empty profile (not backed by any file) and
just set values in it.
* The ability to make GSSAPI use a designated krb5_context so that a
context created using a specified profile object can be used with GSSAPI.
More information about the krbdev
mailing list