oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Add option to disallow getting krbtgt out from from KCM. KCM will do

Browse Source 
the fetching part itself.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15296 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-05-30 10:17:43 +00:00
parent 6889cb4fac
commit 90645a3e39
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
kcm/config.c
View File

@@ -58,6 +58,7 @@ static const char *system_group = NULL;
static const char *renew_life = NULL;
static const char *ticket_life = NULL;
int disallow_getting_krbtgt = -1;
int name_constraints = -1;
static int help_flag;
@@ -108,6 +109,10 @@ static struct getargs args[] = {
"name-constraints", 'n', arg_negative_flag, &name_constraints,
"disable credentials cache name constraints"
},
{
"disallow-getting-krbtgt", 0, arg_flag, &disallow_getting_krbtgt,
"disable fetching krbtgt from the cache"
},
{
"renewable-life", 'r', arg_string, &renew_life,
"renewable lifetime of system tickets", "time"
@@ -296,6 +301,12 @@ ccache_init_system(void)
ccache->mode = mode;
}
if (disallow_getting_krbtgt == -1) {
disallow_getting_krbtgt =
krb5_config_get_bool_default(kcm_context, NULL, FALSE, "kcm",
"disallow-getting-krbtgt", NULL);
}
/* enqueue default actions for credentials cache */
ret = kcm_ccache_enqueue_default(kcm_context, ccache, NULL);