git.ipfire.org Git - thirdparty/krb5.git/commit

author	Greg Hudson <ghudson@mit.edu>
	Mon, 9 Feb 2015 20:23:05 +0000 (15:23 -0500)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 15 Jun 2015 20:33:32 +0000 (16:33 -0400)
commit	7cad84e1df664f9a1513a2899661bf2b62908dd7
tree	2f10f5d270a8a7cee285001430a46db3e68f9e91	tree
parent	1c3c40454f18f2165b959e6ecd856d5ddbbcb4c2	commit \| diff

Rename krbtgt variable in KDC code

In a TGS request, the header ticket server is usually a local or
cross-realm TGS principal, but for ticket modification requests it
doesn't have to be.  Similarly, the server for an AS request is
usually a krbtgt principal, but in some cases it is not.  Since the
KDC code must consider all possibilities, avoid using the name
"krbtgt" for entries which aren't necessarily TGTs.

In process_tgs_req(), rename krbtgt to header_server and tgskey to
header_key.  In handle_authdata(), rename the parameters similarly and
pass NULL from process_as_req() for the header_server and header_key
parameters; the code which uses those parameters is adjusted to match.
In validate_transit_path(), rename krbtgt to header_srv.

Do not change the semantics of the sign_authdata DAL method at this
time, but more accurately document the krbtgt and krbtgt_key
parameters.

src/include/kdb.h		diff \| blob \| blame \| history
src/include/krb5/kdcauthdata_plugin.h		diff \| blob \| blame \| history
src/kdc/do_as_req.c		diff \| blob \| blame \| history
src/kdc/do_tgs_req.c		diff \| blob \| blame \| history
src/kdc/kdc_authdata.c		diff \| blob \| blame \| history
src/kdc/kdc_util.c		diff \| blob \| blame \| history
src/kdc/kdc_util.h		diff \| blob \| blame \| history