krb5 commit: Add the client_name() kdcpreauth callback

Greg Hudson ghudson at mit.edu
Thu Apr 6 12:12:03 EDT 2017


https://github.com/krb5/krb5/commit/a84f39ec30f3deeda7836da6e8b3d8dcf7a045b1
commit a84f39ec30f3deeda7836da6e8b3d8dcf7a045b1
Author: Matt Rogers <mrogers at redhat.com>
Date:   Tue Apr 4 16:54:56 2017 -0400

    Add the client_name() kdcpreauth callback
    
    Add a kdcpreauth callback to returns the canonicalized client principal.
    
    ticket: 8570 (new)

 src/include/krb5/kdcpreauth_plugin.h |    6 ++++++
 src/kdc/kdc_preauth.c                |    9 ++++++++-
 2 files changed, 14 insertions(+), 1 deletions(-)

diff --git a/src/include/krb5/kdcpreauth_plugin.h b/src/include/krb5/kdcpreauth_plugin.h
index fac9d80..f388200 100644
--- a/src/include/krb5/kdcpreauth_plugin.h
+++ b/src/include/krb5/kdcpreauth_plugin.h
@@ -232,6 +232,12 @@ typedef struct krb5_kdcpreauth_callbacks_st {
                                  krb5_kdcpreauth_rock rock,
                                  krb5_principal princ);
 
+    /*
+     * Get an alias to the client DB entry principal (possibly canonicalized).
+     */
+    krb5_principal (*client_name)(krb5_context context,
+                                  krb5_kdcpreauth_rock rock);
+
     /* End of version 4 kdcpreauth callbacks. */
 
 } *krb5_kdcpreauth_callbacks;
diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c
index 0ce79c6..81d0b8c 100644
--- a/src/kdc/kdc_preauth.c
+++ b/src/kdc/kdc_preauth.c
@@ -591,6 +591,12 @@ match_client(krb5_context context, krb5_kdcpreauth_rock rock,
     return match;
 }
 
+static krb5_principal
+client_name(krb5_context context, krb5_kdcpreauth_rock rock)
+{
+    return rock->client->princ;
+}
+
 static struct krb5_kdcpreauth_callbacks_st callbacks = {
     4,
     max_time_skew,
@@ -607,7 +613,8 @@ static struct krb5_kdcpreauth_callbacks_st callbacks = {
     add_auth_indicator,
     get_cookie,
     set_cookie,
-    match_client
+    match_client,
+    client_name
 };
 
 static krb5_error_code


More information about the cvs-krb5 mailing list