From 43f507711689a71d3aaec8696721b8c981f8428e Mon Sep 17 00:00:00 2001
From: Nathaniel McCallum <npmccallum@redhat.com>
Date: Mon, 10 Sep 2012 17:38:23 -0400
Subject: Add responder feature for initial cred exchanges

Add new APIs:
* krb5_get_init_creds_opt_set_responder
* krb5_responder_get_challenge
* krb5_responder_list_questions
* krb5_responder_set_answer

If a caller sets a responder, it will be invoked after preauth modules
have had a chance to review their incoming padata but before they produce
outgoing padata.  The responder will be presented a set of questions with
optional challenges.  The responder should then answer all questions it knows
how to handle.  Both the answers and the challenges are printable UTF-8 and
may contain encoded, structured data specific to the question asked.

Add two new callbacks and one optional method to the clpreauth
interface.  The new method (prep_questions) allows modules to ask questions
by setting them in the responder context using one of the new callbacks
(ask_responder_question).  The other new callback (get_responder_answer) is
used by the process method to read the answers to the questions asked.

ticket: 7355 (new)
---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

(limited to '.gitignore')

diff --git a/.gitignore b/.gitignore
index 840bc65482..9c14c221e8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -194,6 +194,7 @@ testlog
 /src/lib/krb5/krb/t_ser
 /src/lib/krb5/krb/t_vfy_increds
 /src/lib/krb5/krb/t_walk_rtree
+/src/lib/krb5/krb/t_response_items
 
 /src/lib/krb5/os/t_an_to_ln
 /src/lib/krb5/os/t_kuserok
-- 
cgit