krb5_get_in* routines
Eugeny S. Mints
Eugeny.Mints at oktet.ru
Wed Nov 27 06:09:01 EST 2002
On Tue, 26 Nov 2002, Sam Hartman wrote:
> krb5_get_in_* routines are old and do not deal properly with
> preauthentication.
Mmm.. I have deal with krb5-1.2.5. As I see flag
KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST may be set only by call
to krb5_get_init_creds_opt_set_preauth_list(). But
krb5_get_init_creds_opt_set_preauth_list() never has been
called. So call to make_preauth_list in
krb5_get_init_creds() (get_in_tkt.c) never happened and
hence padata parameter is NULL during krb5_do_preauth() call
(again in krb5_get_init_creds() (get_in_tkt.c)) and so
krb5_do_preauth() immidiatly returns.
So how really krb5_get_init_creds() handles
preauthentication? Sorry if I miss something.
Thanks,
Eugeny
More information about the krbdev
mailing list