[37284] in Kerberos
Re: krb5 API: getting to e-data after krb5_get_credentials
daemon@ATHENA.MIT.EDU (Greg Hudson)
Sat Oct 31 11:39:50 2015
To: Rick van Rein <rick@openfortress.nl>,
"kerberos@mit.edu" <kerberos@mit.edu>
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <5634E0B0.2010702@mit.edu>
Date: Sat, 31 Oct 2015 11:39:28 -0400
MIME-Version: 1.0
In-Reply-To: <56348D45.40007@openfortress.nl>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On 10/31/2015 05:43 AM, Rick van Rein wrote:
> In an attempt to keep a possible extension in userspace, I'm looking to
> get to the e-data after an error message.
The API does not currently provide a facility for this for TGS requests.
If you look at lib/krb5/krb/gc_via_tkt.c, you can see where TGS reply
errors are decoded, processed, and discarded; neither the error
structure nor its e_data field is retained anywhere.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
