Latest commit bd8ffcf
Jan 4, 2014
This way the init system will not proceed starting dependencies until gssproxy is actually ready to serve requests. In particular this is used to make sure the nfsd proc file has been touched before the nfsd server is started. Resolves: https://fedorahosted.org/gss-proxy/ticket/114 Signed-off-by: Simo Sorce <firstname.lastname@example.org> Reviewed-by: Günther Deschner <email@example.com>
|Failed to load latest commit information.|
This is the gss-proxy project. The goal is to have a GSS-API proxy, with standardizable protocol and a [somewhat portable] reference client and server implementation. There are several motivations for this some of which are: - Kernel-mode GSS-API applications (CIFS, NFS, AFS, ...) need to be able to leave all complexity of GSS_Init/Accept_sec_context() out of the kernel by upcalling to a daemon that does all the dirty work. - Isolation and privilege separation for user-mode applications. For example: letting HTTP servers use but not see the keytabe entries for HTTP/* principals for accepting security contexts. - Possibly an ssh-agent-like SSH agent for GSS credentials -- a gss-agent. gss-proxy uses libverto for dealing with event loops. Note that you need to have at least one libverto event library installed (e.g. libverto-tevent).