From: | ghudson@mit.edu |
Subject: | git commit |
Add PAC APIs which can include a client realm
These APIs are needed for KDC handling of cross-realm S4U2Self
tickets; see [MS-SFU] 3.2.5.x. Note that we currently do not allow
re-signing a PAC to include the realm; the caller must create a new
one.
[ghudson@mit.edu: added documentation; changed names and parameter
order; edited commit message]
https://github.com/krb5/krb5/commit/3b56f54e31ee8db2b15a059e0d53609c1f4c3b83
Author: Isaac Boukris <iboukris@gmail.com>
Committer: Greg Hudson <ghudson@mit.edu>
Commit: 3b56f54e31ee8db2b15a059e0d53609c1f4c3b83
Branch: master
doc/appdev/refs/api/index.rst | 2 +
src/include/krb5/krb5.hin | 50 +++++++++++++++
src/lib/krb5/krb/authdata.h | 3 +-
src/lib/krb5/krb/pac.c | 31 ++++++++--
src/lib/krb5/krb/pac_sign.c | 32 ++++++++--
src/lib/krb5/krb/t_pac.c | 132 +++++++++++++++++++++++++++++++++++++++++
src/lib/krb5/libkrb5.exports | 2 +
src/lib/krb5_32.def | 2 +
8 files changed, 242 insertions(+), 12 deletions(-)