search for: mech_gssapi_krb5_userok

...pport when using a kerberos ticket in the default realm. However when I attempt to authenticate using cross realm authentication the login fails (logs below). After perusing the source code I beleive that the problem is as such: All taking place in mech-gssapi.c 1. mech_gssapi_userok(...) calls mech_gssapi_krb5_userok 2. mech_gssapi_krb5_userok(...) calls krb5_kuserok(...) to verify that the given Kerberos prinicpal can log in as the requested user. 3. The authentication process is running as the Dovecot user so: 3a. krb5_kuserok(...) looks for ~dovecot/.k5login to authorize cross realm logins 3b. There is n...

...re now stored in struct gssapi_auth_request, making the inbuf parameter to the mech_gssapi_{sec_context,wrap,unwrap} functions superfluous. The parameters should be removed. 5. The k5principals list won't be processed on Solaris. The code added to the end of mech_gssapi_krb5_userok would have to be moved to a separate function and then be called from the Solaris code. 6. GCC tells me about assignment to incompatible pointer types in the code that iterates through gssapi_k5principals. I must be missing something. The patch is licensed unde...