[16494] in Kerberos_V5_Development
Re: X-CACHECONF in cache type 0504
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Nov 19 14:45:22 2010
From: Greg Hudson <ghudson@mit.edu>
To: Tim Alsop <Tim@cybersafe.com>
In-Reply-To: <C90C4DA5.279F1%Tim.Alsop@CyberSafe.com>
Date: Fri, 19 Nov 2010 14:45:15 -0500
Message-ID: <1290195915.2633.1280.camel@ray>
Mime-Version: 1.0
Cc: "krbdev@MIT.EDU" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, 2010-11-19 at 10:54 -0500, Tim Alsop wrote:
> Thanks. I guess, what I need to know is, do we need to store our own
> configuration data with krb5_ccache_conf_data as the name and X-CACHECONF
> as the realm ?
If you want the MIT and Heimdal klist to ignore those entries, yes. (If
by "the name" you mean "the first component of the principal".)
> It seems that the name krb5_ccache_conf_data is referring
> to a function name in the MIT/Heimdal code ?
No, it's just a well-known string. There's no function by that name.
> We do not have a function
> with this name in our code, and do not plan to add such a function, so if
> we use different name in cache to store configuration data, will this
> break interoperability ?
If you used a different first component, it would break interoperability
in the sense that recent MIT/Heimdal klist would show those config
entries, and the MIT/Heimdal krb5_cc_get_config/krb5_cc_set_config APIs
would be unable to operate on your entries.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
