From cfd79b92d3813ed53ef51ae2cf93be6287e73a27 Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzeleny@redhat.com>
Date: Tue, 29 Mar 2011 02:50:28 -0400
Subject: Extend and move function for finding principal in keytab

The function now supports finding principal in keytab not only based on
realm, but based on both realm and primary/instance parts. The function
also supports * wildcard at the beginning or at the end of primary
principal part. The function for finding principal has been moved to
util/sss_krb5.c, so it can be used in other parts of the code.
---
 src/util/sss_krb5.h | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/util/sss_krb5.h')

diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h
index 0a82315cc..f25f3285b 100644
--- a/src/util/sss_krb5.h
+++ b/src/util/sss_krb5.h
@@ -58,6 +58,12 @@ int sss_krb5_verify_keytab(const char *principal,
 int sss_krb5_verify_keytab_ex(const char *principal, const char *keytab_name,
                               krb5_context context, krb5_keytab keytab);
 
+krb5_error_code find_principal_in_keytab(krb5_context ctx,
+                                         krb5_keytab keytab,
+                                         const char *pattern_primary,
+                                         const char *pattern_realm,
+                                         krb5_principal *princ);
+
 #ifndef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_EXPIRE_CALLBACK
 typedef void krb5_expire_callback_func(krb5_context context, void *data,
                                              krb5_timestamp password_expiration,
-- 
cgit