Ühel kenal päeval (kolmapäev, 12. veebruar 2003 00:16) kirjutas Andrew Bartlett: > I think we need to do a few things here: > - We should record the principal name we joined with, and only ever > send that to our clients.
That's a good idea. I'll look into it hopefully sometime during this week. > should add a typedef from krb5_error to somthing harmless, or better > still look into our ADS_ERROR stuff (partly created for exactly this > kind of thing). Returning an ADS_ERROR would probably be the best > solution here. Nope, that's not possible. The function is passed to krb5_get_init_creds_password as a pointer to function and the prototype is therefore dictated by kerberos libs. This could be overriden by some clever use of typecasts but this would be an ugly hack in my opinion. > Well, I don't think this is sufficient reason not to do this properly. > Duplicated code *will* break as two slightly different versions emerge. Well I do agree. Now that I have an official permission to hack the build system I'll happily do it ;) However a thought came to me last night that maybe this function is not needed after all. It's there as a workaround to a bug/feature (go figure ;) in kerberos libs but I think I know an easier way to solve it. I just have to test if it works. -- Antti Andreimann Using Linux since 1993 Member of ELUG since 29.01.2000