krb5 commit: Clarify sign_authdata() KDB method comments
Greg Hudson
ghudson at mit.edu
Wed Sep 26 21:35:37 EDT 2018
https://github.com/krb5/krb5/commit/47ce02eeccb70a6fa08ce391ecb5a3ce42278fbf
commit 47ce02eeccb70a6fa08ce391ecb5a3ce42278fbf
Author: Isaac Boukris <iboukris at gmail.com>
Date: Wed Sep 12 16:32:57 2018 +0300
Clarify sign_authdata() KDB method comments
src/include/kdb.h | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/include/kdb.h b/src/include/kdb.h
index 5615329..7f11829 100644
--- a/src/include/kdb.h
+++ b/src/include/kdb.h
@@ -1257,14 +1257,15 @@ typedef struct _kdb_vftabl {
*
* flags: The flags used to look up the client principal.
*
- * client_princ: For S4U2Proxy TGS requests, the client principal
- * requested by the service; for regular TGS requests, the
+ * client_princ: For S4U2Self and S4U2Proxy TGS requests, the client
+ * principal requested by the service; for regular TGS requests, the
* possibly-canonicalized client principal.
*
* client: The DB entry of the client. For S4U2Self, this will be the DB
* entry for the client principal requested by the service).
*
- * server: The DB entry of the service principal.
+ * server: The DB entry of the service principal, or of a cross-realm
+ * krbtgt principal in case of referral.
*
* krbtgt: For TGS requests, the DB entry of the server of the ticket in
* the PA-TGS-REQ padata; this is usually a local or cross-realm krbtgt
More information about the cvs-krb5
mailing list