Preauth plugin adding PA-FX-COOKIE
Linus Nordberg
linus at nordu.net
Mon May 16 05:43:40 EDT 2011
Hi,
How can a preauth plugin affect the pa-data cookie being returned in a
KRB-ERROR? It looks like a cookie is unconditionally created and added
by get_preauth_hint_list() after the edata_proc function (get_edata) for
the plugin has been invoked.
Adding a get_cookie method to krb5plugin_preauth_server_ftable_v1 or
adding a krb5_pa_data *pa_cookie argument to edata_proc would be two
possible solutions.
Thanks,
Linus
More information about the krbdev
mailing list