svn rev #24190: trunk/src/include/
ghudson@MIT.EDU
ghudson at MIT.EDU
Mon Jul 19 00:30:47 EDT 2010
http://src.mit.edu/fisheye/changelog/krb5/?cs=24190
Commit By: ghudson
Log Message:
In the DAL documentation, describe how a module can supply referral
encrypted padata.
Changed Files:
U trunk/src/include/kdb.h
Modified: trunk/src/include/kdb.h
===================================================================
--- trunk/src/include/kdb.h 2010-07-15 04:18:00 UTC (rev 24189)
+++ trunk/src/include/kdb.h 2010-07-19 04:30:47 UTC (rev 24190)
@@ -908,7 +908,10 @@
* also set), the module should do so by simply filling in an out-of-realm
* name in entries->princ and setting all other fields to NULL. Otherwise,
* the module should return the entry for the cross-realm TGS of the
- * referred-to realm.
+ * referred-to realm. For TGS referals, the module can also include
+ * tl-data of type KRB5_TL_SERVER_REFERRAL containing ASN.1-encoded Windows
+ * referral data as documented in draft-ietf-krb-wg-kerberos-referrals-11
+ * appendix A; this will be returned to the client as encrypted padata.
*/
krb5_error_code (*get_principal)(krb5_context kcontext,
krb5_const_principal search_for,
More information about the cvs-krb5
mailing list