Services4User review

Luke Howard lukeh at
Fri Aug 21 11:46:19 EDT 2009

On 21/08/2009, at 5:36 PM, Luke Howard wrote:

>> /* S4U2PROXY */
>> OM_uint32
>> gss_acquire_cred_with_creds(
> Could you argue that it would be better to do away with this function,
> and allow the "delegated" credential handle to be passed directly into
> gss_init_sec_context()?

That would require that impersonator_cred_handle and  
verifier_cred_handle refer to the same credentials, which may not be a  
safe assumption.

-- Luke

More information about the krbdev mailing list