OpenAFS CVS Commit: openafs/src/WINNT/netidmgr_plugin by jaltman
cvs@GRAND.CENTRAL.ORG
cvs@GRAND.CENTRAL.ORG
Mon, 10 Nov 2008 22:34:28 EST
Update of /cvs/openafs/src/WINNT/netidmgr_plugin
In directory GRAND.CENTRAL.ORG:/home/jaltman/openafs/cvs-kdfs/src/WINNT/netidmgr_plugin
Modified Files:
Tag: openafs-windows-kdfs-ifs-branch
afsfuncs.c
Log Message:
DELTA KDFS-windows-netidmgr-vs-referrals-20081111
AUTHOR jaltman@secure-endpoints.com
LICENSE MIT
kfw referrals logic broke the logic for automated configuration of
the workstation cell with a new identity. Now if a referrals
response is returned, assume the cell belongs with the new identity.
In the long term, we need to change the logic as follows:
1. if realm indicates referrals, try to obtain the krb5 service ticket
but do not generate a token
2. if the service ticket can be obtained and
a. if the cell is not bound to any other identities,
then bind it to this one
b. if the cell is bound to another identity, prompt the user to ask
which identity (or both) should this cell be bound to and follow
the user's instruction
--- DELTA config for openafs-windows-kdfs-ifs-branch follows ---
KDFS-windows-netidmgr-vs-referrals-20081111 openafs/src/WINNT/netidmgr_plugin/afsfuncs.c 1.16.2.1 1.16.2.2