RFR 6722928: Support SSPI as a native GSS-API provider
Nico Williams
Nico.Williams at twosigma.com
Thu Jan 17 19:04:36 UTC 2019
On Thu, Jan 17, 2019 at 11:19:14PM +0800, Weijun Wang wrote:
> Webrev updated at
>
> https://cr.openjdk.java.net/~weijun/6722928/webrev.03
>
> Changes since webrev.02:
>
> - gss_name_struct, gss_ctx_id_struct, and gss_cred_id_struct defined and
> gssapi.h is updated to use them to define pointer types gss_name_t,
> gss_cred_id_t, and gss_ctx_id_t.
Excellent.
And then you can actually define those structures and avoid casting these
pointers' types.
> - No more translation between krb5 token and SPNEGO token.
> SEC_WINNT_AUTH_IDENTITY_EX.PackageList is now used to only enable kerberos
> in SPNEGO. Thus gss_cred_id_struct contains 2 CredHandles now.
Nice! That's great. Thanks so much for doing that.
I'll review this next week,
Nico
--
More information about the security-dev
mailing list