From ebb41dbb797d7a922aaca9b3c09a3e05c45b5a72 Mon Sep 17 00:00:00 2001
From: Nalin Dahyabhai <nalin@dahyabhai.net>
Date: Mon, 23 Jul 2012 15:02:37 -0400
Subject: Add an input ccache get_init_creds option

Add a krb5_get_init_creds_opt_set_in_ccache() function.  An input
ccache may hold configuration data which the client libraries can
use to influence their decisions.

ticket: 7413 (new)
---
 src/include/k5-int.h      |  1 +
 src/include/krb5/krb5.hin | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)

(limited to 'src/include')

diff --git a/src/include/k5-int.h b/src/include/k5-int.h
index 57a6277a83..169d6d3958 100644
--- a/src/include/k5-int.h
+++ b/src/include/k5-int.h
@@ -1029,6 +1029,7 @@ typedef struct _krb5_gic_opt_private {
     int num_preauth_data;
     krb5_gic_opt_pa_data *preauth_data;
     char * fast_ccache_name;
+    krb5_ccache in_ccache;
     krb5_ccache out_ccache;
     krb5_flags fast_flags;
     krb5_expire_callback_func expire_cb;
diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 3deb7a7800..e515e8a01d 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -6819,6 +6819,25 @@ krb5_get_init_creds_opt_set_fast_ccache(krb5_context context,
                                         krb5_get_init_creds_opt *opt,
                                         krb5_ccache ccache);
 
+/**
+ * Set an input credential cache in initial credential options.
+ *
+ * @param [in] context          Library context
+ * @param [in] opt              Options
+ * @param [in] ccache           Credential cache handle
+ *
+ * If an input credential cache is set, then the krb5_get_init_creds family of
+ * APIs will read settings from it.  Setting an input ccache is desirable when
+ * the application wishes to perform authentication in the same way (using the
+ * same preauthentication mechanisms, and making the same non-security-
+ * sensitive choices) as the previous authentication attempt, which stored
+ * information in the passed-in ccache.
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_get_init_creds_opt_set_in_ccache(krb5_context context,
+                                      krb5_get_init_creds_opt *opt,
+                                      krb5_ccache ccache);
+
 /**
  * Set an output credential cache in initial credential options.
  *
-- 
cgit