X-Git-Url: http://dolda2000.com/gitweb/?a=blobdiff_plain;f=daemon%2Fauth-krb5.c;h=069413dbfcde353a9cc7a99c85e050057655cfc3;hb=989e31f21328944fed3f46d25ecae329df87bc21;hp=ca52e63a8bd2f728185ef2e95a8e8514cc5effbb;hpb=1b4e77a0e9ebdb8d701d704e6b5697279a3b0739;p=doldaconnect.git

diff --git a/daemon/auth-krb5.c b/daemon/auth-krb5.c
index ca52e63..069413d 100644
--- a/daemon/auth-krb5.c
+++ b/daemon/auth-krb5.c
@@ -1,6 +1,6 @@
 /*
  *  Dolda Connect - Modular multiuser Direct Connect-style client
- *  Copyright (C) 2004 Fredrik Tolf (fredrik@dolda2000.com)
+ *  Copyright (C) 2004 Fredrik Tolf <fredrik@dolda2000.com>
  *  
  *  This program is free software; you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -266,7 +266,7 @@ static void setrenew(struct krb5data *data)
     data->renewtimer = timercallback(good, (void (*)(int, void *))renewcreds, data);
 }
 
-static int krbauth(struct authhandle *auth, char *passdata)
+static int krbauth(struct authhandle *auth, struct socket *sk, char *passdata)
 {
     int ret;
     struct krb5data *data;
@@ -594,9 +594,19 @@ static void terminate(void)
 
 static struct configvar myvars[] =
 {
+    /** The name of the service principal to use for Kerberos V
+     * authentication. */
     {CONF_VAR_STRING, "service", {.str = L"doldacond"}},
+    /** The path to an alternative keytab file. If unspecified, the
+     * system default keytab will be used. */
     {CONF_VAR_STRING, "keytab", {.str = L""}},
+    /** Whether to renew renewable credentials automatically before
+     * they expire. */
     {CONF_VAR_BOOL, "renewcreds", {.num = 1}},
+    /** If true, the default credentials cache will be used, which is
+     * useful for e.g. Linux kernel key handling. If false, a file
+     * credentials cache will be created using mkstemp(3), using the
+     * pattern /tmp/krb5cc_dc_$UID_XXXXXX. */
     {CONF_VAR_BOOL, "usedefcc", {.num = 0}},
     {CONF_VAR_END}
 };