X-CACHECONF in cache type 0504

Greg Hudson ghudson at MIT.EDU
Fri Nov 19 14:45:15 EST 2010

On Fri, 2010-11-19 at 10:54 -0500, Tim Alsop wrote:
> Thanks. I guess, what I need to know is, do we need to store our own
> configuration data with krb5_ccache_conf_data as the name and X-CACHECONF
> as the realm ?

If you want the MIT and Heimdal klist to ignore those entries, yes.  (If
by "the name" you mean "the first component of the principal".)

>  It seems that the name krb5_ccache_conf_data is referring
> to a function name in the MIT/Heimdal code ?

No, it's just a well-known string.  There's no function by that name.

>  We do not have a function
> with this name in our code, and do not plan to add such a function, so if
> we use different name in cache to store configuration data, will this
> break interoperability ?

If you used a different first component, it would break interoperability
in the sense that recent MIT/Heimdal klist would show those config
entries, and the MIT/Heimdal krb5_cc_get_config/krb5_cc_set_config APIs
would be unable to operate on your entries.

More information about the krbdev mailing list