524 and NAT

Ken Hornstein kenh at cmf.nrl.navy.mil
Mon Jan 20 13:59:00 EST 2003

>Ken, why is this patch correct? It seems like you avoid initializing
>the address member at all some of the time, not initialize it to the
>address the krb524d receives from the KDC.

Remember, this is in the client-side library.  IIRC (and it's been a while
since I looked at it), the change simply makes it so that it won't fail
if there isn't an IP address in the V5 ticket (if there isn't, the client
side library fails without contacting krb524d).  At least, that's what
I remember.


More information about the krbdev mailing list