[01/10] secur32: Implement AcquireCredentialsHandle for Kerberos.
Dmitry Timoshkov
dmitry at baikal.ru
Mon Oct 16 04:55:39 CDT 2017
Hans Leidekker <hans at codeweavers.com> wrote:
> > Our team also decided to use Rob's patch as a base for SSP, and in addition
> > we've also implemented Kerberos ticket management API.
> >
> > Main difference between your and our approaches is the architecture.
> > We decided to add support for Kerberos using an approximation to what
> > Windows has in place: implement Authentication Package (AP) manager in
> > secur32 (LSA APIs) which dinamically loads APs listed in the registry.
> > All the real code (both SSP and AP) is implemented in kerberos.dll,
> > which dynamically loads libkrb5.so and gssapi_krb5.so.
>
> I assume you still need to load the native libraries dynamically
> because one is used to implement the AP and the other for the SSP, and
> either could be absent?
That's correct. We also were considering using libkrb5.so directly in the SSP
to avoid another dependency.
> > Did you consider moving the Kerberos support into separate kerberos AP/SSP dll?
>
> I didn't, I followed the NTLM pattern in secur32.
NTLM support also needs to be moved to msv1_0.dll, but we decided to postpone
that step.
I'm attaching the version of our patches that I have around for the reference.
Feel free to use them as a base for your patches, or I could just send them
to wine-patches (with proper sign-offs).
--
Dmitry.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0001-kerberos-Add-a-stub-for-Kerberos5-Authentication-Pac.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0008.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0002-secur32-Add-an-initial-implementation-of-authenticat.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0009.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0003-kerberos-Add-support-for-KerbQueryTicketCacheMessage.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0010.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0004-add-wincred.h-include-for-missing-SecHandle-definiti.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0011.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0005-kerberos-fix-KerbQueryTicketCacheMessage-to-return-a.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0012.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0006-add-terminating-null-to-kerberos-name-variable.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0013.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0007-create-new-kerberos-ssp-based-on-GSSAPI-ssp.-Delete-.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0014.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0008-fix-negotiate-ssp-to-choose-between-kerberberos-and-.patch
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20171016/974b88b0/attachment-0015.ksh>
More information about the wine-devel
mailing list