Scroll to navigation

KRB5_CHECK_TRANSITED(3) Library Functions Manual KRB5_CHECK_TRANSITED(3)

NAME

krb5_check_transited, krb5_check_transited_realms, krb5_domain_x500_decode, krb5_domain_x500_encode
realm transit verification and encoding/decoding functions

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

#include <krb5.h>

krb5_error_code
krb5_check_transited(krb5_context context, krb5_const_realm client_realm, krb5_const_realm server_realm, krb5_realm *realms, int num_realms, int *bad_realm);

krb5_error_code
krb5_check_transited_realms(krb5_context context, const char *const *realms, int num_realms, int *bad_realm);

krb5_error_code
krb5_domain_x500_decode(krb5_context context, krb5_data tr, char ***realms, int *num_realms, const char *client_realm, const char *server_realm);

krb5_error_code
krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding);

DESCRIPTION

krb5_check_transited() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the function returns an error value, bad_realm will be set to the realm in the list causing the error. krb5_check_transited() is used internally by the KDC and libkrb5 and should not be called by client applications.

krb5_check_transited_realms() is deprecated.

krb5_domain_x500_encode() and krb5_domain_x500_decode() encodes and decodes the realm names in the X500 format that Kerberos uses to describe the transited realms in krbtgts.

SEE ALSO

krb5(3), krb5.conf(5)
May 1, 2006 HEIMDAL