krb5_check_transited_realms (3) - Linux Manuals

NAME

krb5_check_transited krb5_check_transited_realms krb5_domain_x500_decode krb5_domain_x500_encode - realm transit verification and encoding/decoding functions

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

In krb5.h Ft krb5_error_code Fo krb5_check_transited Fa krb5_context context Fa krb5_const_realm client_realm Fa krb5_const_realm server_realm Fa krb5_realm *realms Fa int num_realms Fa int *bad_realm Fc Ft krb5_error_code Fo krb5_check_transited_realms Fa krb5_context context Fa const char *const *realms Fa int num_realms Fa int *bad_realm Fc Ft krb5_error_code Fo krb5_domain_x500_decode Fa krb5_context context Fa krb5_data tr Fa char ***realms Fa int *num_realms Fa const char *client_realm Fa const char *server_realm Fc Ft krb5_error_code Fo krb5_domain_x500_encode Fa char **realms Fa int num_realms Fa krb5_data *encoding Fc

DESCRIPTION

Fn krb5_check_transited checks the path from Fa client_realm to Fa server_realm where Fa realms and Fa num_realms is the realms between them. If the function returns an error value, Fa bad_realm will be set to the realm in the list causing the error. Fn krb5_check_transited is used internally by the KDC and libkrb5 and should not be called by client applications.

Fn krb5_check_transited_realms is deprecated.

Fn krb5_domain_x500_encode and Fn krb5_domain_x500_decode encodes and decodes the realm names in the X500 format that Kerberos uses to describe the transited realms in krbtgts.

SEE ALSO

krb5(3), krb5.conf5