Author: baggins Date: Wed Dec 9 11:42:45 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- add enable-ntlm-digest option to gssapi section that allows to disable
ntml digest support in GSSAPI NTLM code.
Rationale:
heimdal gssapi code tries all methods for SPNEGO and pokes KDC
with NTLM digest probes creating unnecessary work for KDC
if it does not support NTLM or digests
---- Files affected:
packages/heimdal:
heimdal-ntlm-digest.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/heimdal/heimdal-ntlm-digest.patch
diff -u /dev/null packages/heimdal/heimdal-ntlm-digest.patch:1.1
--- /dev/null Wed Dec 9 12:42:45 2009
+++ packages/heimdal/heimdal-ntlm-digest.patch Wed Dec 9 12:42:39 2009
@@ -0,0 +1,27 @@
+--- heimdal-1.3.1/lib/gssapi/ntlm/accept_sec_context.c.orig 2009-11-21
16:41:51.000000000 +0100
++++ heimdal-1.3.1/lib/gssapi/ntlm/accept_sec_context.c 2009-12-09
12:36:21.000000000 +0100
+@@ -44,7 +44,23 @@
+ struct ntlm_server_interface *interface = NULL;
+
+ #ifdef DIGEST
+- interface = &ntlmsspi_kdc_digest;
++ krb5_context context = NULL;
++ krb5_error_code ret;
++ krb5_boolean b;
++
++ ret = krb5_init_context(&context);
++ if (ret)
++ return GSS_S_FAILURE;
++
++ b = krb5_config_get_bool_default(context, NULL, TRUE,
++ "gssapi",
++ "enable-ntlm-digest", NULL);
++
++ if (b) {
++ interface = &ntlmsspi_kdc_digest;
++ }
++
++ krb5_free_context(context);
+ #endif
+ if (interface == NULL)
+ return GSS_S_FAILURE;
================================================================
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
