Use of kdc_send_hook with gss_init_sec_context
iboukris at gmail.com
Fri Feb 4 14:06:29 EST 2022
On Fri, Feb 4, 2022 at 8:34 PM Greg Hudson <ghudson at mit.edu> wrote:
> I don't totally understand your use case. If I read correctly, the
> platform (wasm) requires the use of websockets rather than TCP or UDP.
> So what code would register the send hook and GSS context? Does every
> application have to be modified in order to work with the platform?
> That doesn't seem like a good long-term design compared to solving the
> problem within libkrb5.
The use case is to make use of the krb5 libs in a browser environment
(similar to webathena as I understand it). While wasm provides
websockets to proxy tcp/udp it is rather complicated and requires a
dedicated proxy, so instead I wanted to use the established kdcproxy
works as you can see at github/webgss). Otherwise, I noticed that the
TLS transport is implemented as a plugin, perhaps I can implement one
More information about the krbdev