From d1fe0728c830fe52bdcb5d53c517a9462391069d Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Fri, 15 Jun 2012 11:14:39 -0400
Subject: Add krb5_kt_client_default API

The default client keytab is intended to be used to automatically
acquire initial credentials for client applications.  The current
hardcoded default is a placeholder, and will likely change before
1.11.

Add test framework settings to ensure that a system default client
keytab doesn't interfere with tests, and to allow tests to be written
to deliberately use the default client keytab.

Add documentation about keytabs to the concepts section of the RST
docs, and describe the default client keytab there.

ticket: 7188 (new)
---
 src/include/krb5/krb5.hin | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'src/include/krb5')

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 470835a2d..51ebbb2e6 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -4208,6 +4208,22 @@ krb5_kt_default_name(krb5_context context, char *name, int name_size);
 krb5_error_code KRB5_CALLCONV
 krb5_kt_default(krb5_context context, krb5_keytab *id);
 
+/**
+ * Resolve the default client key table.
+ *
+ * @param [in]     context      Library context
+ * @param [out]    keytab_out   Key table handle
+ *
+ * Fill @a keytab_out with a handle to the default client key table.
+ *
+ * @retval
+ * 0  Success
+ * @return
+ * Kerberos error codes
+ */
+krb5_error_code KRB5_CALLCONV
+krb5_kt_client_default(krb5_context context, krb5_keytab *keytab_out);
+
 /**
  * Free the contents of a key table entry.
  *
-- 
cgit