Scroll to navigation

KRB5_CHECK_TRANSITED(3) Library Functions Manual KRB5_CHECK_TRANSITED(3)

NAME

krb5_check_transited, krb5_check_transited_realms, krb5_domain_x500_decode, krb5_domain_x500_encoderealm transit verification and encoding/decoding functions

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

#include <krb5.h>

krb5_error_code
krb5_check_transited(krb5_context context, krb5_const_realm client_realm, krb5_const_realm server_realm, krb5_realm *realms, int num_realms, int *bad_realm);

krb5_error_code
krb5_check_transited_realms(krb5_context context, const char *const *realms, int num_realms, int *bad_realm);

krb5_error_code
krb5_domain_x500_decode(krb5_context context, krb5_data tr, char ***realms, int *num_realms, const char *client_realm, const char *server_realm);

krb5_error_code
krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding);

DESCRIPTION

() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the function returns an error value, bad_realm will be set to the realm in the list causing the error. krb5_check_transited() is used internally by the KDC and libkrb5 and should not be called by client applications.

() is deprecated.

() and () encodes and decodes the realm names in the X500 format that Kerberos uses to describe the transited realms in krbtgts.

SEE ALSO

krb5(3), krb5.conf(5)

May 1, 2006 HEIMDAL