[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Kerberos 5 Support for OpenLDAP-release
We also need someone to look through the old Kerberos4 code
to resolve outstanding issues. ldap_init() not working and
detection/handling of Kerberos4 varients.
As far as contributing, please review our contributing/programming
guidelines (http://www.openldap.org/devel/) and then submit an
appropriate patch (http://www.openldap.org/its/), preferrably
against devel code. New functionality must be brought in through
our devel branch. Since Ben spoke up, I'll leave the review
to him.
Kurt
At 07:26 AM 9/17/99 -0400, Ben Collins wrote:
>On Fri, Sep 17, 1999 at 11:14:20AM -0400, Jeffrey Mahoney wrote:
>>
>>
>> Hello -
>>
>> A few days ago, I started searching for Kerberos 5 support (or any
>> hints of development) for OpenLDAP.
>>
>> I didn't find anything, so I wrote it myself.
>>
>> What's the code review process, etc for code integration into the
>> OpenLDAP project?
>>
>> Basically, my code is an API translation from krb4 calls to krb5 calls.
>>
>> I've added an LDAP_AUTH_KRB5 authentication type, as well as an
>> ldap_krb5_bind{,_s} call for TGT-based binds.
>>
>> Kerberos password authentication is supported, but overridden if the
>> "userpassword" field is non-null.
>>
>> I've posted my changes on the web at http://www.csh.rit.edu/~jeffm/ldap
>
>Great! I've been meaning to work on this myself. Questions, is this against the
>openldap 2 devel source, or the 1.2.x source? I ask, because it really needs to
>be against the devel tree. Another question, does this support the Krb5 DES
>encrypted sessions? If not, do you know if thats possible?
>
>I'll check out your patch, if it looks ok, I'll try to merge it into the CVS some
>time this weekend.
>
>Ben
>
>