password change protocol implementation
hartmans at MIT.EDU
Wed Feb 18 14:17:44 EST 2004
>>>>> "Ken" == Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:
Ken> implementation, but maybe this isn't so bad after all. Just
Ken> so I understand ... you mean add a flag to indicate whether
Ken> or not mk_req was called, _not_ mk_priv, right? I ask
Ken> because I understood that the determining of the "direction"
Ken> was based on who issued the AP_REQ.
You are correct; I misspoke.
>> Then add functionality to krb5_genaddrs to set up an auth
>> context to use directional addresses for the sending (local)
>> but not receiving (remote) address.
Ken> So, something like:
Ken> krb5_auth_con_genaddrs(ctx, actx,
Ken> KRB5_AUTH_CONTEXT_GENERATE_LOCAL_DIR_ADDR, ...)
More information about the krbdev