diff options
| author | Greg Hudson <ghudson@mit.edu> | 2012-10-27 11:55:36 -0400 |
|---|---|---|
| committer | Greg Hudson <ghudson@mit.edu> | 2012-12-19 14:24:22 -0500 |
| commit | 5fa526b9db4940a221606f36e25e36ca525a47ab (patch) | |
| tree | 8d3f5151e82f45f3a285e8d82257d22bf67887f4 /src/include | |
| parent | 5c23bce0e8d3328bb36bc85ee10cfac486b8ae9b (diff) | |
| download | krb5-5fa526b9db4940a221606f36e25e36ca525a47ab.tar.gz krb5-5fa526b9db4940a221606f36e25e36ca525a47ab.tar.xz krb5-5fa526b9db4940a221606f36e25e36ca525a47ab.zip | |
Make clpreauth flags function optional
With one exception (KRB5_PADATA_PKINIT_KX), every padata type
processed by a clpreauth module is now a real preauthentication type.
Reduce the amount of boilerplate required for a clpreauth module by
making the flags method optional if all of the preauth types
advertised by the module are real.
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/krb5/clpreauth_plugin.h | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/include/krb5/clpreauth_plugin.h b/src/include/krb5/clpreauth_plugin.h index efe006b9a..0106734ad 100644 --- a/src/include/krb5/clpreauth_plugin.h +++ b/src/include/krb5/clpreauth_plugin.h @@ -178,9 +178,11 @@ typedef void krb5_clpreauth_moddata moddata); /* - * Mandatory: Return flags indicating if the module is a "real" or an "info" - * mechanism, and so on. This function is called for each entry in the - * client_pa_type_list. + * Optional (mandatory before MIT krb5 1.12): pa_type will be a member of the + * vtable's pa_type_list. Return PA_REAL if pa_type is a real + * preauthentication type or PA_INFO if it is an informational type. If this + * function is not defined in 1.12 or later, all pa_type values advertised by + * the module will be assumed to be real. */ typedef int (*krb5_clpreauth_get_flags_fn)(krb5_context context, krb5_preauthtype pa_type); |