diff options
author | Sumit Bose <sbose@redhat.com> | 2014-11-17 17:40:26 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-12-03 14:27:50 +0100 |
commit | c3dd5cd9ba4020d0db0dd4ae1d9003ba852780c8 (patch) | |
tree | 42d708b7d6e6eb22a456616ae80a6e547834856d /src/providers/krb5/krb5_common.h | |
parent | 3e53a8cd98b9410cd378ad68d8528e2a8d6d4f6a (diff) | |
download | sssd-c3dd5cd9ba4020d0db0dd4ae1d9003ba852780c8.tar.gz sssd-c3dd5cd9ba4020d0db0dd4ae1d9003ba852780c8.tar.xz sssd-c3dd5cd9ba4020d0db0dd4ae1d9003ba852780c8.zip |
krb5: add copy_keytab_into_memory()
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/providers/krb5/krb5_common.h')
-rw-r--r-- | src/providers/krb5/krb5_common.h | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_common.h b/src/providers/krb5/krb5_common.h index a5cee6497..81e64688a 100644 --- a/src/providers/krb5/krb5_common.h +++ b/src/providers/krb5/krb5_common.h @@ -189,4 +189,35 @@ int sssm_krb5_auth_init(struct be_ctx *bectx, struct bet_ops **ops, void **pvt_auth_data); +/* from krb5_keytab.c */ + +/** + * @brief Copy given keytab into a MEMORY keytab + * + * @param[in] mem_ctx Talloc memory context the new keytab name should be + * allocated on + * @param[in] kctx Kerberos context + * @param[in] inp_keytab_file Existing keytab, if set to NULL the default + * keytab will be used + * @param[out] _mem_name Name of the new MEMORY keytab + * @param[out] _mem_keytab Krb5 keytab handle for the new MEMORY keytab, NULL + * may be passed here if the caller has no use for the + * handle + * + * The memory for the MEMORY keytab is handled by libkrb5 internally and + * a reference counter is used. If the reference counter of the specific + * MEMORY keytab reaches 0, i.e. no open ones are left, the memory is free. + * This means we cannot call krb5_kt_close() for the new MEMORY keytab in + * copy_keytab_into_memory() because this would destroy it immediately. Hence + * we have to return the handle so that the caller can safely remove the + * MEMORY keytab if the is not needed anymore. Since libkrb5 frees the + * internal memory when the library is unloaded short running processes can + * safely pass NULL as the 5th argument because on exit all memory is freed. + * Long running processes which need more control over the memory consumption + * should close the handle for free the memory at runtime. + */ +krb5_error_code copy_keytab_into_memory(TALLOC_CTX *mem_ctx, krb5_context kctx, + const char *inp_keytab_file, + char **_mem_name, + krb5_keytab *_mem_keytab); #endif /* __KRB5_COMMON_H__ */ |