[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hi folks,

i have looked at tgs_rep2 function and saw the following:

	if (!get_krbtgt_realm(&ap_req.ticket.sname)) {
		/* blah .. blah */

		goto out2;

I got curious, because RFC 1510 states that the PA-DATA may contain a
non TGT, i.e., if that would be the case a client would request a TGS to
be proxied. Apparently, heimdal enforces that only TGT be present into
the ap_req field, right? Would not this be a conformance violation with
RFC 1510 ?

Thanks in advance.