Proposal: krb5_get_init_creds_opt_set_change_password_prompt
Kevin Coffman
kwc at citi.umich.edu
Thu Dec 7 13:17:01 EST 2006
On 12/7/06, Sam Hartman <hartmans at mit.edu> wrote:
> Wait, why does krb5_get_init_creds_opt_set_pa take things like a
> password and principal and etc. I don't understand why it takes more
> than a patype, attribute and value?
Because they were needed to emulate
krb5_get_init_creds_opt_set_pkinit() which looks like:
krb5_error_code KRB5_LIB_FUNCTION
krb5_get_init_creds_opt_set_pkinit(krb5_context context,
krb5_get_init_creds_opt *opt,
krb5_principal principal,
const char *user_id,
const char *x509_anchors,
char * const * pool,
char * const * pki_revoke,
int flags,
krb5_prompter_fct prompter,
void *prompter_data,
char *password);
I assumed that the plugin may have to prompt for the PIN. I think
Heimdal allows getting a password from a file.
More information about the krbdev
mailing list