get_cred starting realm

Benjamin Kaduk kaduk at MIT.EDU
Wed Apr 29 18:24:07 EDT 2015

On Wed, 29 Apr 2015, Nico Williams wrote:

> > The LSA itself permits insertion; our MSLSA interface to it may not be
> > quite so generous, though I don't remember offhand.
> Does it permit storing of ccconfigs?  (That would be handy.)

   2060     if (krb5_is_config_principal(context, creds->server)) {
   2061         /* mslsa cannot store config creds, so we have to bail.
   2062          * The 'right' thing to do would be to return an appropriate error,
   2063          * but that would require modifying the calling code to check
   2064          * for that error and ignore it.
   2065          */
   2066         return KRB5_OK;
   2067     }

Though, I expect that code was written ten or fifteen years ago and the
comment may be stale.


More information about the krbdev mailing list