oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

document KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15161 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-05-17 14:18:47 +00:00
parent 6c3ab75789
commit e238fb8fde
1 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/krb5/krb5_auth_context.3
View File

@@ -217,7 +217,22 @@ Generate and check sequence-number on each packet.
.It Dv KRB5_AUTH_CONTEXT_DO_TIME
Check timestamp on incoming packets.
.It Dv KRB5_AUTH_CONTEXT_RET_SEQUENCE , Dv KRB5_AUTH_CONTEXT_RET_TIME
Return sequence numbers and time stamps in the outdata parameter of
Return sequence numbers and time stamps in the outdata parameters.
.It Dv KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED
will force
.Fn krb5_get_forwarded_creds
and
.Fn krb5_fwd_tgt_creds
to create unencrypted )
.Dv ENCTYPE_NULL )
credentials.
This is for use with old MIT server and JAVA based servers as
they can't handle encrypted
.Dv KRB-CRED .
Note that sending such
.Dv KRB-CRED
is clear exposes crypto keys and tickets and is insecure,
make sure the packet is encrypted in the protocol.
.Xr krb5_rd_cred 3 ,
.Xr krb5_rd_priv 3 ,
.Xr krb5_rd_safe 3 ,