diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2016-09-20 22:03:30 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-27 09:56:11 +0200 |
| commit | 1dbf09404e20b6e30a24afe72b6d349734aee62f (patch) | |
| tree | 690112ab391a03c2e7845e8f04d6f0f857d0a095 /src/util/sss_krb5.h | |
| parent | 5f7f45a64bdb9353f15b945db4ad2564b4b28ab2 (diff) | |
| download | sssd-1dbf09404e20b6e30a24afe72b6d349734aee62f.tar.gz sssd-1dbf09404e20b6e30a24afe72b6d349734aee62f.tar.xz sssd-1dbf09404e20b6e30a24afe72b6d349734aee62f.zip | |
UTIL: krb5 principal (un)marshalling
The KCM responder needs to read the contents of the principal blob that
the Kerberos library sends. Since libkrb5 doesn't export any API to do
so, we need to implement marshalling and unmarshalling of the principal
ourselves.
In future, when the KCM server also supports renewals, we will also need
to unmarshall the credentials, but until that is not really needed, the
credentials will be stored as a blob.
Reviewed-by: Michal Židek <mzidek@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/util/sss_krb5.h')
| -rw-r--r-- | src/util/sss_krb5.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/util/sss_krb5.h b/src/util/sss_krb5.h index ac0f6082c..0d9043be9 100644 --- a/src/util/sss_krb5.h +++ b/src/util/sss_krb5.h @@ -32,6 +32,7 @@ #include <krb5.h> #endif +#include "util/sss_iobuf.h" #include "util/util.h" #define KRB5_CHILD_LOG_FILE "krb5_child" @@ -186,4 +187,12 @@ krb5_error_code sss_krb5_kt_have_content(krb5_context context, krb5_keytab keytab); bool sss_krb5_realm_has_proxy(const char *realm); + +krb5_error_code sss_krb5_marshal_princ(krb5_principal princ, + struct sss_iobuf *iobuf); + +krb5_error_code sss_krb5_unmarshal_princ(TALLOC_CTX *mem_ctx, + struct sss_iobuf *iobuf, + krb5_principal *_princ); + #endif /* __SSS_KRB5_H__ */ |