summaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/krb5/asn.1/KRB5-asn.py8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py
index c0fc1a4f9..e6a6e2a24 100644
--- a/src/lib/krb5/asn.1/KRB5-asn.py
+++ b/src/lib/krb5/asn.1/KRB5-asn.py
@@ -126,6 +126,14 @@ TGS-REQ ::= [APPLICATION 12] SEQUENCE {
-- the preceding two sequences MUST be the same except for the
-- APPLICATION identifier
+-- Note that the RFC specifies that PA-DATA is just a SEQUENCE, and when
+-- it appears in the messages, it's a SEQUENCE OF PA-DATA.
+-- However, this has an identical encoding to the data defined here,
+-- which has PA-DATA as SEQUENCE OF SEQUENCE, and the messages use a
+-- straight PA-DATA. This has the advantage (at least under ISODE) of
+-- giving a "known" name to the PA-DATA array, making it more easily
+-- manipulated by "glue code".
+
PA-DATA ::= SEQUENCE OF SEQUENCE {
padata-type[1] INTEGER,
pa-data[2] OCTET STRING -- might be encoded AP-REQ
generated by cgit (git 2.34.1) at 2026-04-30 03:26:04 +0000