NAME
krb5_check_transited,
krb5_check_transited_realms,
krb5_domain_x500_decode,
krb5_domain_x500_encode —
realm
transit verification and encoding/decoding functions
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
#include <krb5/krb5.h>
krb5_error_code
krb5_check_transited(
krb5_context
context,
krb5_const_realm client_realm,
krb5_const_realm server_realm,
krb5_realm *realms,
int
num_realms,
int *bad_realm);
krb5_error_code
krb5_check_transited_realms(
krb5_context
context,
const char *const *realms,
int num_realms,
int *bad_realm);
krb5_error_code
krb5_domain_x500_decode(
krb5_context
context,
krb5_data tr,
char
***realms,
int *num_realms,
const
char *client_realm,
const char *server_realm);
krb5_error_code
krb5_domain_x500_encode(
char **realms,
int num_realms,
krb5_data
*encoding);
DESCRIPTION
krb5_check_transited() checks the path from
client_realm to
server_realm where
realms and
num_realms is the
realms between them. If the function returns an error value,
bad_realm will be set to the realm in the list causing
the error.
krb5_check_transited() is used internally by the
KDC and libkrb5 and should not be called by client applications.
krb5_check_transited_realms() is deprecated.
krb5_domain_x500_encode() and
krb5_domain_x500_decode() encodes and decodes the realm
names in the X500 format that Kerberos uses to describe the transited realms
in krbtgts.
SEE ALSO
krb5(3),
krb5.conf(5)