From: Greg Hudson Date: Mon, 19 Jul 2010 04:30:47 +0000 (+0000) Subject: In the DAL documentation, describe how a module can supply referral X-Git-Tag: krb5-1.9-beta1~142 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e6e9e8f094c2d4bca17a4b130785dccf871054cc;p=krb5.git In the DAL documentation, describe how a module can supply referral encrypted padata. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24190 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/include/kdb.h b/src/include/kdb.h index c572f8b56..e4970e72a 100644 --- a/src/include/kdb.h +++ b/src/include/kdb.h @@ -908,7 +908,10 @@ typedef struct _kdb_vftabl { * also set), the module should do so by simply filling in an out-of-realm * name in entries->princ and setting all other fields to NULL. Otherwise, * the module should return the entry for the cross-realm TGS of the - * referred-to realm. + * referred-to realm. For TGS referals, the module can also include + * tl-data of type KRB5_TL_SERVER_REFERRAL containing ASN.1-encoded Windows + * referral data as documented in draft-ietf-krb-wg-kerberos-referrals-11 + * appendix A; this will be returned to the client as encrypted padata. */ krb5_error_code (*get_principal)(krb5_context kcontext, krb5_const_principal search_for,