diff options
author | Greg Hudson <ghudson@mit.edu> | 2015-02-09 15:23:05 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2015-06-15 16:33:32 -0400 |
commit | 7cad84e1df664f9a1513a2899661bf2b62908dd7 (patch) | |
tree | 2f10f5d270a8a7cee285001430a46db3e68f9e91 /src/include/krb5 | |
parent | 1c3c40454f18f2165b959e6ecd856d5ddbbcb4c2 (diff) | |
download | krb5-7cad84e1df664f9a1513a2899661bf2b62908dd7.zip krb5-7cad84e1df664f9a1513a2899661bf2b62908dd7.tar.gz krb5-7cad84e1df664f9a1513a2899661bf2b62908dd7.tar.bz2 |
Rename krbtgt variable in KDC code
In a TGS request, the header ticket server is usually a local or
cross-realm TGS principal, but for ticket modification requests it
doesn't have to be. Similarly, the server for an AS request is
usually a krbtgt principal, but in some cases it is not. Since the
KDC code must consider all possibilities, avoid using the name
"krbtgt" for entries which aren't necessarily TGTs.
In process_tgs_req(), rename krbtgt to header_server and tgskey to
header_key. In handle_authdata(), rename the parameters similarly and
pass NULL from process_as_req() for the header_server and header_key
parameters; the code which uses those parameters is adjusted to match.
In validate_transit_path(), rename krbtgt to header_srv.
Do not change the semantics of the sign_authdata DAL method at this
time, but more accurately document the krbtgt and krbtgt_key
parameters.
Diffstat (limited to 'src/include/krb5')
-rw-r--r-- | src/include/krb5/kdcauthdata_plugin.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/include/krb5/kdcauthdata_plugin.h b/src/include/krb5/kdcauthdata_plugin.h index 9698566..53fe69c 100644 --- a/src/include/krb5/kdcauthdata_plugin.h +++ b/src/include/krb5/kdcauthdata_plugin.h @@ -107,9 +107,10 @@ typedef krb5_error_code krb5_kdcauthdata_moddata moddata, unsigned int flags, krb5_db_entry *client, krb5_db_entry *server, - krb5_db_entry *tgs, krb5_keyblock *client_key, + krb5_db_entry *header_server, + krb5_keyblock *client_key, krb5_keyblock *server_key, - krb5_keyblock *tgs_key, + krb5_keyblock *header_key, krb5_data *req_pkt, krb5_kdc_req *req, krb5_const_principal for_user_princ, krb5_enc_tkt_part *enc_tkt_req, |