[16812] in Kerberos_V5_Development
Re: Preauth plugin adding PA-FX-COOKIE
daemon@ATHENA.MIT.EDU (Alejandro Perez Mendez)
Tue May 17 03:14:54 2011
Message-ID: <4DD22069.4020107@um.es>
Date: Tue, 17 May 2011 09:14:49 +0200
From: Alejandro Perez Mendez <alex@um.es>
MIME-Version: 1.0
To: krbdev@mit.edu
In-Reply-To: <87liy73rqr.fsf@nordberg.se>
Content-Type: text/plain; charset="utf-8"
Errors-To: krbdev-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hi Linux.
I cannot tell you how it is suppoused to be done, but I can tell you how I did it :). To create the PA-FX-COOKIE PADATA just include it in the e-data element of the KRB_ERROR message, as you will do to generate any other "custom" PADATA.
RegardsAlejandro
El 16/05/11 11:43, Linus Nordberg escribió:> Hi,>> How can a preauth plugin affect the pa-data cookie being returned in a> KRB-ERROR? It looks like a cookie is unconditionally created and added> by get_preauth_hint_list() after the edata_proc function (get_edata) for> the plugin has been invoked.>> Adding a get_cookie method to krb5plugin_preauth_server_ftable_v1 or> adding a krb5_pa_data *pa_cookie argument to edata_proc would be two> possible solutions.>> Thanks,> Linus>> _______________________________________________> krbdev mailing list krbdev@mit.edu> https://mailman.mit.edu/mailman/listinfo/krbdev_______________________________________________krbdev mailing list krbdev@mit.eduhttps://mailman.mit.edu/mailman/listinfo/krbdev
