diff options
author | Simo Sorce <simo@redhat.com> | 2013-09-19 12:50:35 -0400 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2014-06-26 10:30:53 +0200 |
commit | f352702d6785fc5f59698dba73d415f994b4ce7d (patch) | |
tree | a6e51d2f5f2cabbfe1d77414f3239413e56ace96 /util/ipa_krb5.h | |
parent | 153a009a07e94935261d188b9d1a0f2638b22a80 (diff) | |
download | freeipa-f352702d6785fc5f59698dba73d415f994b4ce7d.tar.gz freeipa-f352702d6785fc5f59698dba73d415f994b4ce7d.tar.xz freeipa-f352702d6785fc5f59698dba73d415f994b4ce7d.zip |
ipa-getkeytab: Add support for get_keytab extop
This new extended operation is tried by default and then the code falls
back to the old method if it fails. The new method allows for server
side password generation as well as retrieval of existing credentials
w/o causing regeneration of keys on the server.
Resolves:
https://fedorahosted.org/freeipa/ticket/3859
Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
Diffstat (limited to 'util/ipa_krb5.h')
-rw-r--r-- | util/ipa_krb5.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/util/ipa_krb5.h b/util/ipa_krb5.h index 2431fd70b..1e036e4f8 100644 --- a/util/ipa_krb5.h +++ b/util/ipa_krb5.h @@ -69,6 +69,9 @@ void free_keys_contents(krb5_context krbctx, struct keys_container *keys); struct berval *create_key_control(struct keys_container *keys, const char *principalName); +int ipa_string_to_enctypes(const char *str, struct krb_key_salt **encsalts, + int *num_encsalts, char **err_msg); + int create_keys(krb5_context krbctx, krb5_principal princ, char *password, |