questions about entry->mkvno logic in kadm5_get_principal()
Tom Yu
tlyu at MIT.EDU
Mon Oct 20 09:58:44 EDT 2008
Will Fiveash <William.Fiveash at Sun.COM> writes:
> In src/lib/kadm5/srv/svr_principal.c:kadm5_get_principal()
> there is this logic:
>
> if (handle->api_version == KADM5_API_VERSION_2)
> entry->mkvno = 0;
> else {
> /* XXX I'll be damned if I know how to deal with this one --marc */
> entry->mkvno = 1;
> }
>
> Any idea as to why mkvno differs depending on the KADM5_API_VERSION?
> I'm also wondering if that logic is correct if KADM5_API_VERSION is
> incremented (so mkvno should be 1?).
I have no idea why it's different. API version 1 is for compatibility
with the OpenVison admin system. I suspect that nobody cares about
that anymore.
> I'm asking this because I'm modifying the code at this point to look up
> the mkvno in the entry's new KRB5_TL_MKVNO tl_data but if that doesn't
> exist then mkvno will be assigned a fall back default value and I want
> to make sure it's the correct value.
If you feel like duplicating the logic, I suspect that's fine.
More information about the krbdev
mailing list