[16810] in Kerberos_V5_Development
Preauth plugin adding PA-FX-COOKIE
daemon@ATHENA.MIT.EDU (Linus Nordberg)
Mon May 16 14:53:31 2011
To: krbdev@mit.edu
From: Linus Nordberg <linus@nordu.net>
Date: Mon, 16 May 2011 11:43:40 +0200
Message-ID: <87liy73rqr.fsf@nordberg.se>
Mime-Version: 1.0
X-Complaints-To: usenet@dough.gmane.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Hi,
How can a preauth plugin affect the pa-data cookie being returned in a
KRB-ERROR? It looks like a cookie is unconditionally created and added
by get_preauth_hint_list() after the edata_proc function (get_edata) for
the plugin has been invoked.
Adding a get_cookie method to krb5plugin_preauth_server_ftable_v1 or
adding a krb5_pa_data *pa_cookie argument to edata_proc would be two
possible solutions.
Thanks,
Linus
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
