File: README

package info (click to toggle)
gssproxy 0.5.1-2
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 1,080 kB
  • ctags: 1,348
  • sloc: ansic: 16,369; python: 559; xml: 474; makefile: 359; sh: 79
file content (20 lines) | stat: -rw-r--r-- 870 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

This is the gss-proxy project.

The goal is to have a GSS-API proxy, with standardizable protocol and a
[somewhat portable] reference client and server implementation.  There
are several motivations for this some of which are:

 - Kernel-mode GSS-API applications (CIFS, NFS, AFS, ...) need to be
   able to leave all complexity of GSS_Init/Accept_sec_context() out of
   the kernel by upcalling to a daemon that does all the dirty work.

 - Isolation and privilege separation for user-mode applications.  For
   example: letting HTTP servers use but not see the keytabe entries for
   HTTP/* principals for accepting security contexts.

 - Possibly an ssh-agent-like SSH agent for GSS credentials -- a
   gss-agent.

gss-proxy uses libverto for dealing with event loops. Note that you need to
have at least one libverto event library installed (e.g. libverto-tevent).