[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: compiling of ssh

>It look like it's
>krb5_fwd_tgt_creds(krb5_context context,
>		   krb5_auth_context auth_context,
>		   int foo,
>		   krb5_principal client,
>		   krb5_principal server,
>		   krb5_ccache ccache,
>		   int bar,
>		   krb5_data *outbuf);
>where it's unclear to me what `foo' and `bar' are.

It's actually:

krb5_error_code krb5_fwd_tgt_creds
                        char *foo,
                        int forwardable,
                        krb5_data *));  

char *foo is the machine you want these tickets to be forwarded to.

>In Heimdal (and MIT Kerberos I believe) there's a function

No, this doesn't exist in MIT Kerberos (at least, not 1.0.5).

>I'm not sure as to what's the difference between these two.  If you
>can tell me that I can implement krb5_fwd_tgt_creds in Heimdal.

I think the only difference is the "forwardable" argument.  In MIT
Kerberos, if this is set to true then the credentials themselves will
be forwardable again on the remote machine.

(Geez, I sure hope I haven't violated any export restrictions :-/).