I've been looking at the heimdal-lorikeet diff.
For Samba4 we need a way to parse a keytab file location formatted like:
ldb:foo.ldb:<master key>
We had done it with this patch:
--- clean-21018/lib/hdb/keytab.c 2007-06-08 11:48:37.000000000
-0400
+++ lib/hdb/keytab.c 2007-06-08 11:09:20.000000000 -0400
@@ -59,7 +59,7 @@
return ENOMEM;
}
db = name;
- mkey = strchr(name, ':');
+ mkey = strrchr(name, ':');
if(mkey == NULL || mkey[1] == '\0') {
if(*name == '\0')
d->dbname = NULL;
Samba4 also needs the KDC to return it's 'time skew' error reply in the
same way as windows does. (kdc/kerberos5.c).
To prove that I suppose we perhaps need to do some more testing to show
that with the NTP patch (allowing windows clients to use authenticated
time) and a few other things, that we can join a unsyncronised client,
and have it come into time sync...
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
This is a digitally signed message part