perlgssapi-developer Mailing List for Perl GSSAPI bindings (Page 2)
Brought to you by:
achimgrolms
Menu
▾
▴
perlgssapi-developer — discussion of development process
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
(99) |
Mar
(17) |
Apr
(8) |
May
(6) |
Jun
|
Jul
(1) |
Aug
(2) |
Sep
|
Oct
|
Nov
|
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
|
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2008 |
Jan
(10) |
Feb
(6) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2009 |
Jan
|
Feb
(1) |
Mar
|
Apr
|
May
(4) |
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
|
| 2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
|
|
From: Leif J. <le...@it...> - 2008-01-29 23:04:31
|
> > But *if* GSS_C_NT_HOSTBASED_SERVICE is available and > gss_nt_service_name is not used... > Why the need to define it in GSSAPI.xs? > Why to define it in "the other direction"? > > #define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE > > Hmm. Am I wrong? > > Thank you, > Achim > > the only need would be to support applications which relied on the older definition - I can't think of any. |
|
From: Achim G. <ac...@gr...> - 2008-01-29 23:03:13
|
On Tuesday 29 January 2008, Leif Johansson wrote: > > 'gss_nt_service_name' is never used in GSSAPI.pm, > > I don't understand why there ist a need to define it? > > I don't remember exactly but I think gss_nt_service_name is an MITism I agree. > and I know that Solaris kerberos is essentially MIT kerberos.=20 I agree. > I think you=20 > may need the definition to be compatible with older versions of MIT krb. GSSAPI.pm internally always uses GSS_C_NT_HOSTBASED_SERVICE. No direct dependency to 'gss_nt_service_name'. If GSSAPI.pm is build against old MIT libraries ( 1.2.x ) GSS_C_NT_HOSTBASED_SERVICE is not available, but defined by gss_nt_service_name instead. =46rom GSSAPI.xs : #if defined(MITKERB12) /* symbols not defined in MIT Kerberos 1.2.x */ #define GSS_C_NT_USER_NAME gss_nt_user_name #define GSS_C_NT_MACHINE_UID_NAME gss_nt_machine_uid_name #define GSS_C_NT_STRING_UID_NAME gss_nt_string_uid_name #define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name #define GSS_C_NT_EXPORT_NAME gss_nt_exported_name #endif But *if* GSS_C_NT_HOSTBASED_SERVICE is available and gss_nt_service_name is not used... Why the need to define it in GSSAPI.xs? Why to define it in "the other direction"? #define gss_nt_service_name GSS_C_NT_HOSTBASED_SERVICE Hmm. Am I wrong? Thank you, Achim |
|
From: Leif J. <le...@it...> - 2008-01-29 22:48:26
|
Achim Grolms wrote: > On Tuesday 29 January 2008, Markus Moeller via RT wrote: > >> Tue Jan 29 16:55:54 2008: Request 32788 was acted upon. >> Transaction: Ticket created by hu...@mo... >> Queue: GSSAPI >> Subject: Enhancement to use OpenSolaris/Solaris 10 native gss library >> Broken in: (no value) >> Severity: (no value) >> Owner: Nobody >> Requestors: hu...@mo... >> Status: new >> Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=32788 > >> >> >> On the latest Solaris 10 / OpenSolairs builds exists a krb5-config file >> but unfortunatly it does not work with gssapi as argument. Can Makefile.PL >> check for this case and set the libs to -L/usr/lib -R/usr/lib -lgss >> > > If you run > > perl Makefile.PL --help > > you get more options you can pass to the Makefile.PL command. > (for includefiles and library-paths). > > Does this work and solve your problem? > > I have no Solaris 10/OpenSolaris available for testing, > what are the conditions I can use to check for > "Makefile.PL runs on Solaris 10/OpenSolaris"? > > Why is there a need to define 'gss_nt_service_name' > if 'GSS_C_NT_HOSTBASED_SERVICE' is available? > > 'gss_nt_service_name' is never used in GSSAPI.pm, > I don't understand why there ist a need to define it? > > I don't remember exactly but I think gss_nt_service_name is an MITism and I know that Solaris kerberos is essentially MIT kerberos. I think you may need the definition to be compatible with older versions of MIT krb. Cheers Leif > Thank you, > Achim > > > |
|
From: Achim G. <ac...@gr...> - 2008-01-29 22:25:31
|
On Tuesday 29 January 2008, Markus Moeller via RT wrote: > Tue Jan 29 16:55:54 2008: Request 32788 was acted upon. > Transaction: Ticket created by hu...@mo... > Queue: GSSAPI > Subject: Enhancement to use OpenSolaris/Solaris 10 native gss library > Broken in: (no value) > Severity: (no value) > Owner: Nobody > Requestors: hu...@mo... > Status: new > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=32788 > > > > On the latest Solaris 10 / OpenSolairs builds exists a krb5-config file > but unfortunatly it does not work with gssapi as argument. Can Makefile.PL > check for this case and set the libs to -L/usr/lib -R/usr/lib -lgss If you run perl Makefile.PL --help you get more options you can pass to the Makefile.PL command. (for includefiles and library-paths). Does this work and solve your problem? I have no Solaris 10/OpenSolaris available for testing, what are the conditions I can use to check for "Makefile.PL runs on Solaris 10/OpenSolaris"? Why is there a need to define 'gss_nt_service_name' if 'GSS_C_NT_HOSTBASED_SERVICE' is available? 'gss_nt_service_name' is never used in GSSAPI.pm, I don't understand why there ist a need to define it? Thank you, Achim |
|
From: Achim G. <per...@gr...> - 2007-02-16 20:23:31
|
On Friday 16 February 2007 21:12, you wrote: > prove -v t/importnames.t > t/importnames....1..2 > ok 1 - use GSSAPI; > # ->import() failed, Miscellaneous failure > # Improper format of Kerberos configuration file As far I can see this errormessage is not from the perl GSSAPI glue layer but from the underlying Kerberosimplementation itsel= f. =46rom my point of view the machine's configuration (/etc/krb5.conf for exa= mple)=20 is the problem, not GSSAPI.pm Do you use Kerberos on that machine without any errors? Does kinit, kvno, klist and that stuff work properly? Anyway, I will fix the tests of GSSAPI.pm to be more specific and helpful and guiding in the right direction, thank you for that. Achim |
|
From: Achim G. <per...@gr...> - 2007-02-16 19:32:59
|
Hello Sup...@gm..., I am trying to investigate the problem "413320 FAIL 5.8.7 on Linux 2.6.10 (i486-linux-gnu-thread-multi)" described by you in <http://www.nntp.perl.org/group/perl.cpan.testers/2007/02/msg413320.html> Can you help me and add more specific information? I need 1. The complete output of perl Makefile.PL 2. The output (or log) of make Thank you fou your help! Achim |
|
From: Achim G. <ac...@gr...> - 2006-08-02 18:05:01
|
GSSAPI-0.23 released to CPAN
0.23 Mi Aug 2 15:48:19 UTC 2006
- Re-added support of MIT Kerberos 1.2.x
(Many have asked for this)
Thank you,
Achim
|
|
From: David L. <Dav...@qu...> - 2006-08-01 03:22:58
|
Achim Grolms wrote: >Hello, > >I was asked by many people to re-add support of MIT Kerberos 1.2.x to >GSSAPI.pm. >The changes I have made are available now in Subversion-repository > >https://svn.sourceforge.net/svnroot/perlgssapi/GSSAPI/trunk > >I have done my tests against MIT Kerberos 1.2.7. >Please test if that changes work for you. >Please let me know if that changes mean problems for you or your code. > >Thank you, >Achim > >------------------------------------------------------------------------ > >------------------------------------------------------------------------- >Take Surveys. Earn Cash. Influence the Future of IT >Join SourceForge.net's Techsay panel and you'll get the chance to share your >opinions on IT & business topics through brief surveys -- and earn cash >http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >------------------------------------------------------------------------ > >_______________________________________________ >Perlgssapi-developer mailing list >Per...@li... >https://lists.sourceforge.net/lists/listinfo/perlgssapi-developer > seems all good with VAS :) davidl@willy-wagtail:GSSAPI$ *svn info* Path: . URL: https://svn.sourceforge.net/svnroot/perlgssapi/GSSAPI/trunk/GSSAPI Repository UUID: 31cb990a-b40d-0410-a4a8-b60bf8f04707 Revision: 45 Node Kind: directory Schedule: normal Last Changed Author: achimgrolms Last Changed Rev: 45 Last Changed Date: 2006-08-01 04:12:16 +1000 (Tue, 01 Aug 2006) davidl@willy-wagtail:GSSAPI$ *perl Makefile.PL * Welcome to GSSAPI.pm setup! run "perl Makefile.PL --help" to see further installation options ---------------------------------------------------------- Searching krb5-config command... /opt/quest/bin/krb5-config ---------------------------------------------------------- using GSSAPI implementation VAS 3.0.2 (Heimdal 0.7) ---------------------------------------------------------- Adding from your Perlinstallation ($Config{lddlflags}) to LDDLFLAGS -shared ---------------------------------------------------------- Bypassing to LDDLFLAGS -shared -Wl,-rpath -Wl,/opt/quest/lib:/opt/quest/lib/support ---------------------------------------------------------- Adding own DEFINEs -DHEIMDAL ---------------------------------------------------------- Using LIBS -L/opt/quest/lib -lvas -L/opt/quest/lib/support -lgcc_s ---------------------------------------------------------- Using INC includeconfiguration -I/opt/quest/include ---------------------------------------------------------- Checking if your kit is complete... Looks good Writing Makefile for GSSAPI davidl@willy-wagtail:GSSAPI$ *make* cp GSSAPI.pm blib/lib/GSSAPI.pm cp GSSAPI/OID/Set.pm blib/lib/GSSAPI/OID/Set.pm cp GSSAPI/OID.pm blib/lib/GSSAPI/OID.pm cp GSSAPI/Status.pm blib/lib/GSSAPI/Status.pm /usr/bin/perl /usr/lib/perl5/5.8.6/ExtUtils/xsubpp -typemap /usr/lib/perl5/5.8.6/ExtUtils/typemap -typemap typemap GSSAPI.xs > GSSAPI.xsc && mv GSSAPI.xsc GSSAPI.c cc -c -I/opt/quest/include -D_REENTRANT -D_GNU_SOURCE -DTHREADS_HAVE_PIDS -DDEBUGGING -fno-strict-aliasing -pipe -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -march=i586 -mcpu=i686 -fmessage-length=0 -Wall -g -Wall -pipe -DVERSION=\"0.23\" -DXS_VERSION=\"0.23\" -fPIC "-I/usr/lib/perl5/5.8.6/i586-linux-thread-multi/CORE" -DHEIMDAL GSSAPI.c GSSAPI.c: In function `XS_GSSAPI__Status_new': GSSAPI.c:262: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__Name_new': GSSAPI.c:512: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__Name_import': GSSAPI.c:562: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__OID_new': GSSAPI.c:865: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__OID_DESTROY': xs/OID.xs:14: warning: unused variable `minor' GSSAPI.c: In function `XS_GSSAPI__OID_from_str': GSSAPI.c:927: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__OID__Set_new': GSSAPI.c:1320: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__Binding_new': GSSAPI.c:1926: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__Context_new': GSSAPI.c:2278: warning: unused variable `class' GSSAPI.c: In function `XS_GSSAPI__Context_import': GSSAPI.c:3052: warning: unused variable `class' Running Mkbootstrap for GSSAPI () chmod 644 GSSAPI.bs rm -f blib/arch/auto/GSSAPI/GSSAPI.so LD_RUN_PATH="/opt/quest/lib:/opt/quest/lib/support" cc -shared -Wl,-rpath -Wl,/opt/quest/lib:/opt/quest/lib/support GSSAPI.o -o blib/arch/auto/GSSAPI/GSSAPI.so -L/opt/quest/lib -lvas -L/opt/quest/lib/support -lgcc_s chmod 755 blib/arch/auto/GSSAPI/GSSAPI.so cp GSSAPI.bs blib/arch/auto/GSSAPI/GSSAPI.bs chmod 644 blib/arch/auto/GSSAPI/GSSAPI.bs Manifying blib/man3/GSSAPI.3pm Manifying blib/man3/GSSAPI::OID::Set.3pm Manifying blib/man3/GSSAPI::OID.3pm Manifying blib/man3/GSSAPI::Status.3pm davidl@willy-wagtail:GSSAPI$ make check make: *** No rule to make target `check'. Stop. davidl@willy-wagtail:GSSAPI$ make test PERL_DL_NONLAZY=1 /usr/bin/perl "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib', 'blib/arch')" t/*.t t/1constants....ok 1/72 skipped: GSS_S_CRED_UNAVAIL not defined on Heimdal t/2status.......ok t/checkoids.....ok t/pod...........skipped all skipped: Test::Pod 1.00 required for testing POD t/test..........ok 2/28 skipped: oid_to_str not supportetd on Heimdal t/zbugfixes.....ok All tests successful, 1 test and 3 subtests skipped. Files=6, Tests=146, 1 wallclock secs ( 0.51 cusr + 0.05 csys = 0.56 CPU) -- David Leonard Vintela Resource Central software engineer Quest Software; 303 Adelaide St, Brisbane, Australia; www.quest.com Phone: (US) +1 801 655 2755 (AU) +61 7 3023 5133 |
|
From: Achim G. <ac...@gr...> - 2006-07-31 18:22:16
|
Hello, I was asked by many people to re-add support of MIT Kerberos 1.2.x to GSSAPI.pm. The changes I have made are available now in Subversion-repository https://svn.sourceforge.net/svnroot/perlgssapi/GSSAPI/trunk I have done my tests against MIT Kerberos 1.2.7. Please test if that changes work for you. Please let me know if that changes mean problems for you or your code. Thank you, Achim |
|
From: Achim G. <ac...@gr...> - 2006-05-29 21:52:09
|
GSSAPI-0.22 released to CPAN
0.22 Mo Mai 29 21:15:17 CEST 2006
- Bufix <http://rt.cpan.org/Public/Bug/Display.html?id=18576>
- Bugfix of <http://rt.cpan.org/Public/Bug/Display.html?id=19524>
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=367377>
Thanks to Florian Ragwitz and Daniel Schepler
- Bugfix of <http://www.nntp.perl.org/group/perl.ldap/2083>
Thanks to Quanah Gibson-Mount
Thank you,
Achim
|
|
From: Florian R. <ra...@de...> - 2006-05-29 12:35:31
|
On Sat, May 27, 2006 at 06:14:22PM +0200, Achim Grolms wrote: > On Saturday 27 May 2006 17:19, Florian Ragwitz via RT wrote: > > Queue: GSSAPI > > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=3D19524 > >=20 > > Those tests usually get skiped unless $ENV{TEST_POD} is set and the SKIP > > message tells the user that, if he wants pod testing, he needs to set > > that variable. >=20 > I've had a look into tho t/test.t file: > The problem is the usage of gss_nt_service_name > in import() what makes the test always using the DNS. > (What fails if DNS it not available). >=20 > I have changed that (not to use DNS),=20 > tested with MIT and Heimdal,=20 > commitet changes to SVN Rep. >=20 > https://svn.sourceforge.net/svnroot/perlgssapi/GSSAPI/trunk >=20 > Please let me know if that changes work for you, > I will release GSSAPI 0.22 to CPAN if you think it works. I verified that your changes fix the problem. Thanks, Flo --=20 BOFH excuse #103: operators on strike due to broken coffee machine |
|
From: Achim G. <ac...@gr...> - 2006-05-28 13:40:16
|
On Friday 21 April 2006 04:36, Quanah Gibson-Mount wrote:
> The GSSAPI module fails to build on Solaris because it looks for:
[...]
> Of course, just using the shell built-in does work:
>
> which krb5-config
> /usr/pubsw/bin/krb5-config
>
> So I'd recommend defaulting to the shell builtin.
I have changed that ('which' instead of '/bin/which').
and commitet changes to SVN Rep.
=20
https://svn.sourceforge.net/svnroot/perlgssapi/GSSAPI/trunk
=20
Please let me know if that changes work for you,
I will release GSSAPI 0.22 to CPAN if you think it works.
=20
Thank you,
Achim
|
|
From: Achim G. <ac...@gr...> - 2006-05-27 16:14:46
|
On Saturday 27 May 2006 17:19, Florian Ragwitz via RT wrote: > Queue: GSSAPI > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=3D19524 > > Those tests usually get skiped unless $ENV{TEST_POD} is set and the SKIP > message tells the user that, if he wants pod testing, he needs to set > that variable. I've had a look into tho t/test.t file: The problem is the usage of gss_nt_service_name in import() what makes the test always using the DNS. (What fails if DNS it not available). I have changed that (not to use DNS),=20 tested with MIT and Heimdal,=20 commitet changes to SVN Rep. https://svn.sourceforge.net/svnroot/perlgssapi/GSSAPI/trunk Please let me know if that changes work for you, I will release GSSAPI 0.22 to CPAN if you think it works. Thank you, Achim |
|
From: Florian R. <ra...@de...> - 2006-05-27 15:19:23
|
On Sat, May 27, 2006 at 05:12:12PM +0200, Achim Grolms wrote:
> On Saturday 27 May 2006 16:15, Florian Ragwitz via RT wrote:
> > I'd suggest to either skip all tests that require networking unless some
> > condition is met, for example if $ENV{TEST_ONLINE} is set, or to be
> > smarter and try to detect if a network connection is available when
> > running the test suite.
>=20
> Skipping tests on some conditions is no problem,
> I can add that.
>=20
> But I dont't know *what* condition to test.
> Sure I can test if $ENV{TEST_ONLINE} is set, but who or what software
> sets that System-variable?
The user. Just like those pod and podcoverage test lots of people use
nowadays.
Those tests usually get skiped unless $ENV{TEST_POD} is set and the SKIP
message tells the user that, if he wants pod testing, he needs to set
that variable.
-Flo
--=20
BOFH excuse #392:
It's union rules. There's nothing we can do about it. Sorry.
|
|
From: Achim G. <ac...@gr...> - 2006-05-27 15:12:25
|
On Saturday 27 May 2006 16:15, Florian Ragwitz via RT wrote: > Sat May 27 10:15:39 2006: Request 19524 was acted upon. > Ticket <URL: http://rt.cpan.org/Ticket/Display.html?id=19524 > Thank you for sending the bugreport! > The submitter complains that the modules tests will fail while being > offline, as some of them require network access. I've checked this, he is right. I get the same fails after shutting down the networkinterface. (I think it depends on the underlying Kerberosimplemention what happens, I'm using MIT 1.3). > I'd suggest to either skip all tests that require networking unless some > condition is met, for example if $ENV{TEST_ONLINE} is set, or to be > smarter and try to detect if a network connection is available when > running the test suite. Skipping tests on some conditions is no problem, I can add that. But I dont't know *what* condition to test. Sure I can test if $ENV{TEST_ONLINE} is set, but who or what software sets that System-variable? Can you help me and answer what's the condition to test to? Achim |
|
From: Simon W. <sx...@in...> - 2006-04-21 13:48:22
|
On Fri, 21 Apr 2006, Leif Johansson wrote: > Actually you should use gssapi credentials forwarding instead. The only > time you would need to extract a krb5 cache (which you magically happen > to know is there) is for AFS, which I guess is your usecase :-) No, GSSAPI credentials forwarding doesn't do what you want. When you accept a GSSAPI context, you get a GSSAPI credentials structure containing the delegated credentials. If you want to save this out to disk so that it can be used by other programs, you need to convert that into a Kerberos structure (or a different mechanisms specific representation, if you're using a different mech), and then use an API specifc to your mechanism to store it. [ Can you take a forwarded credential from gss_accept_sec_context and stuff it into gss_init_sec_context? I guess you can, but I've never tried ... ] Delegating credentials in OpenSSH is the classic (non-perl) use case for this, but it applies for any service which needs to make delegated credentials available to other processes it invokes on behalf of the user. We current use it in a remote file editing system which prods other database services such as LDAP to make updates. All of this happens in different processes - so credentials which are held soley in memory are no use. Cheers, Simon. |
|
From: Leif J. <le...@it...> - 2006-04-21 13:33:32
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------- >> 3. >> gss_krb5_copy_ccache >> >> Is this function exported by all the GSSAPI implementations? >> (Heimdal, MIT, VAS)? > > It's certainly in Heimdal and MIT. Not sure about VAS. You only really > need it if you're writing something that accepts incoming GSSAPI > connections - we use it for a couple of servers which carry out > delegated actions on behalf of the user. > Actually you should use gssapi credentials forwarding instead. The only time you would need to extract a krb5 cache (which you magically happen to know is there) is for AFS, which I guess is your usecase :-) Cheers Leif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFESN8c8Jx8FtbMZncRAk80AKCnj42gmqOA2V1jt5y3ETYd0uTyfQCfafhd KyZKnUhBlr8y4TyUbp4P+HM= =wTRG -----END PGP SIGNATURE----- |
|
From: Achim G. <ac...@gr...> - 2006-04-21 11:12:34
|
On Friday 21 April 2006 12:47, Simon Wilkinson wrote: > On Fri, 21 Apr 2006, Achim Grolms wrote: > I think I need to come up with another way of exposing > this functionality. I'll have a think, and get back to you. Maybe putting all - GSSAPI.pm (mine, implemetationindependent) dependent - and KRB5 dependent stuff into a separate Module (yours)(like "GSSAPI::KRB5") is a solution? So people who need can get the functionality from CPAN by using the separate module, but the core GSSAPI.pm module is still implementation-independent? Achim |
|
From: Simon W. <sx...@in...> - 2006-04-21 10:47:44
|
On Fri, 21 Apr 2006, Achim Grolms wrote: > My idea was to make GSSAPI.pm implementaion-independent (Means regardless of > which implementation is used - it's transparent from the Perl-users point of > view). > > But the patch makes GSSAPI dependent to Authen::Krb5. Ah yes, indeed it does. > And Authen::Krb5 depends to MIT Kerberos (and has no Heimdal support). > From my point of view that breaks the implementation-independency. > Is my thinking wrong? No, its not. I think I need to come up with another way of exposing this functionality. I'll have a think, and get back to you. Cheers, Simon. |
|
From: Achim G. <ac...@gr...> - 2006-04-21 10:44:02
|
On Friday 21 April 2006 12:10, Simon Wilkinson wrote: > > I am worried to add code the makes the module implementation-dependend, > > My idea was to rely only to things defined in RFC2744. > > Nico Williams has an Internet-Draft which defines a different means of > doing this, which hopefully will become part of some future revison of > RFC2744 - it's a fairly widely accepted limitation of the current > GSSAPI. OK,=20 I think David Leonard can answer the question what is supported by VAS. But another point: My idea was to make GSSAPI.pm implementaion-independent (Means regardless o= f=20 which implementation is used - it's transparent from the Perl-users point o= f=20 view). But the patch makes GSSAPI dependent to Authen::Krb5. And Authen::Krb5 depends to MIT Kerberos (and has no Heimdal support). =46rom my point of view that breaks the implementation-independency. Is my thinking wrong? Thank you, Achim |
|
From: Simon W. <sx...@in...> - 2006-04-21 10:11:12
|
On Fri, 21 Apr 2006, Achim Grolms wrote: > +require AutoLoader; This probably isn't required anymore. > - SvCUR_set($arg, $var.length-1); > + SvCUR_set($arg, $var.length); > > Is there a way to write a test that shows the buggy bahaviour? > I want to add that test to the testsuite to see that the changes fix the bug. I'll try and dig something out. It's a long time since I wrote this code, and since then it has 'just worked' for us. > #-------------------------------------------------------- > 3. > gss_krb5_copy_ccache > > Is this function exported by all the GSSAPI implementations? > (Heimdal, MIT, VAS)? It's certainly in Heimdal and MIT. Not sure about VAS. You only really need it if you're writing something that accepts incoming GSSAPI connections - we use it for a couple of servers which carry out delegated actions on behalf of the user. > I am worried to add code the makes the module implementation-dependend, > My idea was to rely only to things defined in RFC2744. Nico Williams has an Internet-Draft which defines a different means of doing this, which hopefully will become part of some future revison of RFC2744 - it's a fairly widely accepted limitation of the current GSSAPI. Cheers, Simon. |
|
From: Simon W. <sx...@in...> - 2006-04-21 08:04:10
|
I've attached some patches to perl-GSSAPI which we've been sitting on locally for a while. The first fixes a couple of problems we were seeing where buffers would have the final character incorrectly removed from them. The second adds support for a copy_ccache routine to extract the GSSAPI credentials as a krb5 ccache. Hope these are of use! Cheers, Simon |
|
From: Achim G. <ac...@gr...> - 2006-04-21 07:19:53
|
On Friday 21 April 2006 04:36, Quanah Gibson-Mount wrote: Of course, just using the shell built-in does work: [...GSSAPI module and Solaris...] > which krb5-config > /usr/pubsw/bin/krb5-config > So I'd recommend defaulting to the shell builtin. Thank you, Achim (You can use use per...@li... instead of per...@pe...) |
|
From: Achim G. <ac...@gr...> - 2006-03-09 21:01:49
|
released GSSAPI 0.20 at CPAN
0.20 Th Mar 9 19:04:33 CET 2006
- Bugfix of <http://www.nntp.perl.org/group/perl.cpan.testers/29055=
9>
(ExtUtils-ParseXS-2.15 triggered broken typemap error)
Thanks to S=E9bastien Aperghis-Tramoni
and Alexandre Ghisoli
- changed Constants exporting system.
Thanks to Marc Lehmann
Thank you,
Achim
|
|
From: Alexandre G. <al...@gh...> - 2006-03-09 15:03:04
|
Achim Grolms a =E9crit : > On Wednesday 08 March 2006 19:07, Alexandre Ghisoli wrote: > > =20 >> just svn co now, I'm version 27. Still have same bug, didnt compile. >> =20 > > OK, I've found something. > It's the typemap handling of ExtUtils::ParseXS 2.15. > > I've adjusted the typemap, > and now it compiles on my ExtUtils::ParseXS 2.15 > testenvironment. > > I've committet that to SVN as Revision 28, > > Please have a look into to check if it works. > > Thank you, > Achim > =20 GREAT !! I can compile it now. Thank you for your support. Best regards, --Alexandre |
1 message has been excluded from this view by a project administrator.
