Proposal: krb5_get_init_creds_opt_set_change_password_prompt
Douglas E. Engert
deengert at anl.gov
Tue Dec 5 10:19:51 EST 2006
Sam Hartman wrote:
>>>>>>"Douglas" == Douglas E Engert <deengert at anl.gov> writes:
>
>
> Douglas> Kevin Coffman wrote:
>
> >> Branch users/coffman/gic_opt_ext has my propoal for extending
> >> the get_init_creds_opt structure and making use of it to pass
> >> preauth options through the to preauth plugins.
> >>
> >> There is currently extra test code in kinit.c which does not
> >> belong. Hopefully it is obvious. There is currently *not* a
> >> compatibility function/macro to match Heimdal's
> >> krb5_get_init_creds_opt_set_pkinit() function.
>
> Douglas> Since PAM_KRB5 is a common source routine that needs to
> Douglas> call krb5_get_init_creds_* it would be nice if both MIT
> Douglas> and Heimdal used the same API....
>
> As I've said before, we cannot have a pkinit-specific entry point in
> libkrb5 for licensing reasons.
Well, if MIT can get PKINIT to work, without a special krb5_get_init_creds_opt_*
then maybe Heimdal can too. I would still like to see the same API,
>
> --Sam
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the krbdev
mailing list