Ticket addresses w.r.t. forwarded tickets.
Sam Hartman
hartmans at MIT.EDU
Mon Dec 5 13:59:01 EST 2005
>>>>> "Roland" == Roland Dowdeswell <Roland.Dowdeswell at MorganStanley.com> writes:
Roland> So, by default the MIT libs when asked to forward tickets
Roland> to the remote end will decide whether to include addresses
Roland> in the forwarded ticket by checking your current TGT and
Roland> seeing whether it has addresses. And the addresses that
Roland> the libs put in the forwarded ticket are determined via a
Roland> DNS forward lookup of the remote end's hostname. I would
Roland> like to have addressed TGTs while forwarding addressless
Roland> tickets, so I've put together a tiny patch which defines a
Roland> boolean in the [libdefaults] section of $KRB5_CONFIG to
Roland> let me do this [below].
Roland> What's the chance of including this in the main tree?
We'd really like to kill off addressful tickets. I'd like to see
significant demand for this before including it. But if someone else
wants to commit the patch I would not object.
--Sam
More information about the krbdev
mailing list