[16821] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Preauth plugin adding PA-FX-COOKIE

daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri May 20 10:55:21 2011

From: Sam Hartman <hartmans@mit.edu>
To: Linus Nordberg <linus@nordu.net>
Date: Fri, 20 May 2011 10:55:16 -0400
In-Reply-To: <87liy73rqr.fsf@nordberg.se> (Linus Nordberg's message of "Mon,
	16 May 2011 11:43:40 +0200")
Message-ID: <tslvcx5o20b.fsf@mit.edu>
MIME-Version: 1.0
Cc: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

>>>>> "Linus" == Linus Nordberg <linus@nordu.net> writes:

    Linus> Hi, How can a preauth plugin affect the pa-data cookie being
    Linus> returned in a KRB-ERROR?  It looks like a cookie is
    Linus> unconditionally created and added by get_preauth_hint_list()
    Linus> after the edata_proc function (get_edata) for the plugin has
    Linus> been invoked.

It can't.
We need to add some facility for managing cookies in the KDC.
If you'd be interested in chatting about a design I'd be delighted to
discuss.

--Sam
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16821] in Kerberos_V5_Development

Re: Preauth plugin adding PA-FX-COOKIE

daemon@ATHENA.MIT.EDU (Sam Hartman)Fri May 20 10:55:21 2011

daemon@ATHENA.MIT.EDU (Sam Hartman)
Fri May 20 10:55:21 2011