diff options
| author | Greg Hudson <ghudson@mit.edu> | 2010-07-19 04:30:47 +0000 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2010-07-19 04:30:47 +0000 |
| commit | e6e9e8f094c2d4bca17a4b130785dccf871054cc (patch) | |
| tree | afe47ee029d34c99d6ea0e136e8b754fc59943fa /src/include/kdb.h | |
| parent | 0bc31d0cba884ff4103f254dd9daf678e2a9a6c5 (diff) | |
| download | krb5-e6e9e8f094c2d4bca17a4b130785dccf871054cc.tar.gz krb5-e6e9e8f094c2d4bca17a4b130785dccf871054cc.tar.xz krb5-e6e9e8f094c2d4bca17a4b130785dccf871054cc.zip | |
In the DAL documentation, describe how a module can supply referral
encrypted padata.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24190 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/include/kdb.h')
| -rw-r--r-- | src/include/kdb.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/include/kdb.h b/src/include/kdb.h index c572f8b564..e4970e72ac 100644 --- a/src/include/kdb.h +++ b/src/include/kdb.h @@ -908,7 +908,10 @@ typedef struct _kdb_vftabl { * also set), the module should do so by simply filling in an out-of-realm * name in entries->princ and setting all other fields to NULL. Otherwise, * the module should return the entry for the cross-realm TGS of the - * referred-to realm. + * referred-to realm. For TGS referals, the module can also include + * tl-data of type KRB5_TL_SERVER_REFERRAL containing ASN.1-encoded Windows + * referral data as documented in draft-ietf-krb-wg-kerberos-referrals-11 + * appendix A; this will be returned to the client as encrypted padata. */ krb5_error_code (*get_principal)(krb5_context kcontext, krb5_const_principal search_for, |