On Wed, 4 May 2005, Russ Allbery wrote:
Under heimdal, the mechanism is:Chaskiel M Grundman <[EMAIL PROTECTED]> writes:
It doesn't seem to be inheriting any appdefaults or libdefaults (It acquires 10 hour, non-forwardable, non-addressless tickets, despite my configuration settings), but I know how to fix that if I get motivated to do so.
How? I was assuming that the Kerberos libraries would take care of that for me, but apparently not. (Do they even on MIT, or does one always have to do that manually?)
void
krb5_get_init_creds_opt_set_default_flags (
krb5_context /*context*/,
const char */*appname*/,
krb5_const_realm /*realm*/,
krb5_get_init_creds_opt */*opt*/);
It will acquire defaults from the appname's section of [appdefaults], the realm's section in [realms] (I think), and the [libdefaults] section, in that order. The several-year-old mit sources I have laying around do not have this function. Instead, krb5_get_init_creds calls krb5_libdefault_* to get the values of the forwardable, proxiable, renew_lifetime, and noaddresses libdefaults (but not ticket_lifetime???) if they are not set in the krb5_get_init_creds_opt structure.
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
