From: | ghudson@mit.edu |
Subject: | SVN Commit |
Add "pa_type" configuration to ccaches
* When producing preauth data, keep track of the type of padata in the
KDC's list of acceptable types which prompted the module to produce
padata.
* After obtaining credentials, store that value as a "pa_type"
configuration item in the out_ccache.
* Read that allowed preauth type from an in_ccache, if possible.
* If we have an allowed preauth type, only call "real" modules that
handle that value when filling in responder items and producing a
client request.
https://github.com/krb5/krb5/commit/4e89b0b186ec90a6a06dd761d61ab45d82db599a
Author: Nalin Dahyabhai <nalin@dahyabhai.net>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 4e89b0b186ec90a6a06dd761d61ab45d82db599a
Branch: master
src/include/k5-int.h | 12 +++++++
src/lib/krb5/krb/get_in_tkt.c | 66 +++++++++++++++++++++++++++++++++++++
src/lib/krb5/krb/init_creds_ctx.h | 2 +
src/lib/krb5/krb/preauth2.c | 17 +++++++++
4 files changed, 97 insertions(+), 0 deletions(-)