From 0d34b37b7abcdd2eba13d45df5feadf135e4602a Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Mon, 12 Jul 2010 18:53:54 +0000
Subject: Add check_transited_realms to the DAL table with a corresponding
 libkdb5 API, replacing the CHECK_TRANSITED_REALMS method of db_invoke.

ticket: 6749
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24183 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/kdb/kdb5.c          | 18 ++++++++++++++++++
 src/lib/kdb/libkdb5.exports |  1 +
 2 files changed, 19 insertions(+)

(limited to 'src/lib')

diff --git a/src/lib/kdb/kdb5.c b/src/lib/kdb/kdb5.c
index 882e98cfc..0e12eb183 100644
--- a/src/lib/kdb/kdb5.c
+++ b/src/lib/kdb/kdb5.c
@@ -2246,6 +2246,24 @@ krb5_db_sign_authdata(krb5_context kcontext, unsigned int flags,
                             signed_auth_data);
 }
 
+krb5_error_code
+krb5_db_check_transited_realms(krb5_context kcontext,
+                               const krb5_data *tr_contents,
+                               const krb5_data *client_realm,
+                               const krb5_data *server_realm)
+{
+    krb5_error_code status;
+    kdb_vftabl *v;
+
+    status = get_vftabl(kcontext, &v);
+    if (status)
+        return status;
+    if (v->check_transited_realms == NULL)
+        return KRB5_PLUGIN_OP_NOTSUPP;
+    return v->check_transited_realms(kcontext, tr_contents, client_realm,
+                                     server_realm);
+}
+
 krb5_error_code
 krb5_db_invoke(krb5_context kcontext,
                unsigned int method,
diff --git a/src/lib/kdb/libkdb5.exports b/src/lib/kdb/libkdb5.exports
index 4f0eca753..dcba09e93 100644
--- a/src/lib/kdb/libkdb5.exports
+++ b/src/lib/kdb/libkdb5.exports
@@ -3,6 +3,7 @@ krb5_db_open
 krb5_db_inited
 krb5_db_alloc
 krb5_db_free
+krb5_db_check_transited_realms
 krb5_db_create
 krb5_db_delete_principal
 krb5_db_destroy
-- 
cgit