Simo's Blog

<back

Just before the holidays I started working on a new project to mate Samba 4 and MIT Kerberos.

Samba 4 embeds a copy of Heimdal Kerberos, and I want to use MIT instead as that’s what is ditributed in RHEL and Fedora and it is the implementation of Kerberos we use in FreeIPA.

Samba 4 is basically one gigantic mess of spaghetti code (No it is not that bad, but dependencies are intricate :-)

Because it embeds the Heimdal KDC it also uses the Heimdal client library and it conflicts with the MIT Kerberos one of course. So here I am building a plugin that can act as separation layer that will, hopefully, keep the namespaces separated (thanks RTLD_LOCAL).

It is going to be an interested ride.

(if you want to take a look feel free to check my personal samba git repo on git.samba.org and soon I will also publish the krb5 repo with the other half somewhere too …)