svn rev #21693: trunk/src/ include/ kdc/
Tom Yu
tlyu at MIT.EDU
Sun Jan 4 20:45:01 EST 2009
hartmans at MIT.EDU writes:
> http://src.mit.edu/fisheye/changelog/krb5/?cs=21693
> Commit By: hartmans
> Log Message:
> xrealm_non_transitive not trust_non_transitive
>
> Kerberos does not imply trust in the existence of a cross-realm key.
> Trust is implied when a foreign principal is placed on an ACL: the remote realm
> is trusted to authenticate that principal and is trusted
> not to confuse one principal with another.
> Keep terminology consistent.
>
>
> Changed Files:
> U trunk/src/include/kdb_ext.h
> U trunk/src/kdc/kdc_util.c
> Modified: trunk/src/include/kdb_ext.h
> ===================================================================
> --- trunk/src/include/kdb_ext.h 2009-01-03 23:20:26 UTC (rev 21692)
> +++ trunk/src/include/kdb_ext.h 2009-01-03 23:20:31 UTC (rev 21693)
> @@ -39,8 +39,8 @@
> #define KRB5_KDB_NO_AUTH_DATA_REQUIRED 0x00400000
> /* Private flag used to indicate principal is local TGS */
> #define KRB5_KDB_TICKET_GRANTING_SERVICE 0x01000000
> -/* Private flag used to indicate trust is non-transitive */
> -#define KRB5_KDB_TRUST_NON_TRANSITIVE 0x02000000
> +/* Private flag used to indicate xrealm relationship is non-transitive */
> +#define KRB5_KDB_xrealm_NON_TRANSITIVE 0x02000000
Is "xrealm" intentionally lowercase?
More information about the krbdev
mailing list