IETF Logo Mail Archive

Re: [kitten] GSS-API and timeouts

Russ Allbery <rra@stanford.edu> Wed, 04 April 2012 22:36 UTC

Return-Path: <rra@stanford.edu>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 625BF21F8495 for <kitten@ietfa.amsl.com>; Wed, 4 Apr 2012 15:36:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id swt6JMsCMPGe for <kitten@ietfa.amsl.com>; Wed, 4 Apr 2012 15:36:36 -0700 (PDT)
Received: from smtp.stanford.edu (smtp3.Stanford.EDU [171.67.219.83]) by ietfa.amsl.com (Postfix) with ESMTP id D6EEE21F8493 for <kitten@ietf.org>; Wed, 4 Apr 2012 15:36:36 -0700 (PDT)
Received: from smtp.stanford.edu (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id C0806441177 for <kitten@ietf.org>; Wed, 4 Apr 2012 15:36:36 -0700 (PDT)
Received: from windlord.stanford.edu (windlord.Stanford.EDU [171.67.225.134]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.stanford.edu (Postfix) with ESMTPS id AC2664412E1 for <kitten@ietf.org>; Wed, 4 Apr 2012 15:36:36 -0700 (PDT)
Received: by windlord.stanford.edu (Postfix, from userid 1000) id 71C5F2F46D; Wed, 4 Apr 2012 15:36:36 -0700 (PDT)
From: Russ Allbery <rra@stanford.edu>
To: kitten@ietf.org
In-Reply-To: <4C60BAE9-E039-438E-B686-400753A0AFD7@padl.com> (Luke Howard's message of "Thu, 5 Apr 2012 08:33:49 +1000")
Organization: The Eyrie
References: <87obr7lfqc.fsf@latte.josefsson.org> <1333554538.22628.292.camel__5672.95260630107$1333554546$gmane$org@willson.li.ssimo.org> <87hawzjty8.fsf@latte.josefsson.org> <87y5qbnnsk.fsf@windlord.stanford.edu> <4C60BAE9-E039-438E-B686-400753A0AFD7@padl.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.4 (gnu/linux)
Date: Wed, 04 Apr 2012 15:36:36 -0700
Message-ID: <87limbnmyz.fsf@windlord.stanford.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Subject: Re: [kitten] GSS-API and timeouts
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/kitten>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2012 22:36:37 -0000

Luke Howard <lukeh@padl.com> writes:
> On 05/04/2012, at 8:18 AM, Russ Allbery wrote:

>> The lack of ability to set options on the initial call has been a
>> problem for a long time.  In a Kerberos context, it currently means
>> that one has to set a per-thread global for the ticket cache to use,
>> for example, rather than attaching some state to a specific GSS-API
>> interaction.

> The non-standard extension gss_set_sec_context_option() can create a
> context handle which can be then passed to the first
> gss_init_sec_context().

Ah, indeed!  I missed that.  Thank you.

-- 
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>

v2.23.0 | Report a Bug | By Email