svn rev #21472: branches/mskrb-integ/src/ include/ kdc/
lhoward@MIT.EDU
lhoward at MIT.EDU
Tue Dec 16 04:05:45 EST 2008
http://src.mit.edu/fisheye/changelog/krb5/?cs=21472
Commit By: lhoward
Log Message:
Allow the sign_authorization_data() backend method to return a client
principal's attributes, from the decoded authorization data (in the case
of a cross-realm client for which there is no local KDB entry).
This is used to prevent a cross-realm protocol transition ticket being
used for delegation.
Changed Files:
U branches/mskrb-integ/src/include/kdb_ext.h
U branches/mskrb-integ/src/kdc/do_as_req.c
U branches/mskrb-integ/src/kdc/do_tgs_req.c
U branches/mskrb-integ/src/kdc/kdc_util.c
U branches/mskrb-integ/src/kdc/kdc_util.h
More information about the cvs-krb5
mailing list