Historically, the SSF value in Cyrus-SASL for GSSAPI connections has been
hard coded to "56" (DES). The MIT project added capability to provide back
a derived SSF for Cyrus-SASL to use. However, Heimdal does not appear to
have a corresponding value that can be passed into Cyrus-SASL. This has
been a significant issue for years, and it would be nice to be able to
obtain the same information regardless of Kerberos implementation.
In the MIT code, this is provided via:
GSS_C_SEC_CONTEXT_SASL_SSF
Is there something similar in Heimdal that I'm missing, or should I open an
issue on GitHub for this functionality to be added?
Thanks!
Warm regards,
Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
