Proposal: krb5_get_init_creds_opt_set_change_password_prompt
Jeffrey Altman
jaltman at secure-endpoints.com
Mon Nov 20 16:26:30 EST 2006
Kevin Coffman wrote:
> The attached patch does not really do any real extensions yet, but the
> plumbing is here. I didn't change KFW_kinit() in
> src/windows/kfwlogon/kfwcommon.c because I wasn't sure how to handle
> this pkrb5_ stuff. (Jeffrey is this as straight-forward as the rest
> of the changes?)
Don't worry about windows/cns or windows/kfwlogon. It can be updated
when there is a need to do so. windows/cns has not been touched in years.
> Does this look reasonable?
I would not put assert() calls into libraries. If
krb5_gic_opt_is_extended() fails, the calling function should return an
error to the caller. We don't want to cause the application to
terminate unexpectedly.
Remember to update the Windows export list: src/lib/krb5_32.def
Other than that, looks reasonable.
Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20061120/0b416922/attachment.bin
More information about the krbdev
mailing list