[11712] in Kerberos-V5-bugs
[krbdev.mit.edu #6789] Re: document preferred_preauth_types
daemon@ATHENA.MIT.EDU (Nicolas Williams via RT)
Tue Sep 28 13:14:27 2010
Mail-followup-to: rt@krbdev.mit.edu
mail-copies-to: never
From: "Nicolas Williams via RT" <rt-comment@krbdev.MIT.EDU>
In-Reply-To: <rt-6789@krbdev.mit.edu>
Message-ID: <rt-6789-33189.19.4519440276961@krbdev.mit.edu>
To: "'AdminCc of krbdev.mit.edu Ticket #6789'":;"'AdminCc of krbdev.mit.edu Ticket #6789'":;@MIT.EDU
Date: Tue, 28 Sep 2010 13:14:25 -0400 (EDT)
Reply-To: rt-comment@krbdev.MIT.EDU
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu
On Tue, Sep 28, 2010 at 08:49:49AM -0400, Sam Hartman wrote:
> In a discussion on krbdev, Nico told Russ that krb5.conf could force
> preauth.
> Russ said he was unaware of that option; Nico thought he must have been
> mistaken.
> However, Quoting get_in_tkt.c:
>
> ret = krb5int_libdefault_string(context, realm,
> KRB5_CONF_PREFERRED_PREAUTH\
> _TYPES,
> &preauth_types);
Reading the code I got the impression that this ony works when the KDC
requires pre-auth.
> This option should be documented.
It should be, yes.
Nico
--
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs
