[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Use of different keytabs before gss_acquire_cred
"Markus Moeller" <huaraz@moeller.plus.com> writes:
> I have a server program which does the following:
>
> putenv("KRB5_KTNAME=FILE:/etc/my.keytab");
> gss_import_name(..);
> gss_acquire_cred(..);
> gss_accept_sec_context();
Heimdal resolves the KRB5_KTFILE when running krb5_init_context() are you
sure you don't call any gss functions before setting KRB5_KTNAME ?
You can use gsskrb5_register_acceptor_identity() to change keytab.
I'm not sure why it would fail to pick up KRB5_KTNAME (unless you are using
a setuid application.
Love
PGP signature