From ca1a379a415b2102941842bb8c28aa053db344dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Tue, 29 Nov 2005 14:14:26 +0000
Subject: [PATCH] (check_transited): explain the TR-type 0 better and why it
 matters.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16308 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/krb5/rd_req.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/krb5/rd_req.c b/lib/krb5/rd_req.c
index 8f9e1339c..089e88dd0 100644
--- a/lib/krb5/rd_req.c
+++ b/lib/krb5/rd_req.c
@@ -136,7 +136,11 @@ check_transited(krb5_context context, Ticket *ticket, EncTicketPart *enc)
     int num_realms;
     krb5_error_code ret;
 	    
-    /* Windows w2k and w2k3 uses this */
+    /* 
+     * Windows 2000 and 2003 uses this inside their TGT so its normaly
+     * not seen by others, however, samba4 joined with a Windows AD as
+     * a Domain Controller gets exposed to this.
+     */
     if(enc->transited.tr_type == 0 && enc->transited.contents.length == 0)
 	return 0;