shishi_kdcreq_disable_transited_check_p(3) API function

SYNOPSIS

#include <shishi.h>

int shishi_kdcreq_disable_transited_check_p(Shishi * handle, Shishi_asn1 kdcreq);

ARGUMENTS

Shishi * handle
shishi handle as allocated by shishi_init().
Shishi_asn1 kdcreq
KDC-REQ variable to get kdc-options field from.

DESCRIPTION

Determine if KDC-Option disable-transited-check flag is set.

By default the KDC will check the transited field of a ticket-granting-ticket against the policy of the local realm before it will issue derivative tickets based on the ticket-granting ticket. If this flag is set in the request, checking of the transited field is disabled. Tickets issued without the performance of this check will be noted by the reset (0) value of the TRANSITED-POLICY-CHECKED flag, indicating to the application server that the tranisted field must be checked locally. KDCs are encouraged but not required to honor the DISABLE-TRANSITED-CHECK option.

This flag is new since RFC 1510

RETURN VALUE

Returns non-0 iff disable-transited-check flag is set in KDC-REQ.

REPORTING BUGS

Report bugs to <[email protected]>.

COPYRIGHT

Copyright © 2002-2010 Simon Josefsson.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.