Calls to internal functions from client plugins

Jeffrey Altman jaltman at
Mon Oct 2 20:57:25 EDT 2006

Sam Hartman wrote:
>>>>>> "Kevin" == Kevin Coffman <kwc at> writes:
>     Kevin> I've successfully used Nalin's plugin code (w/o use of
>     Kevin> k5-int.h in our plugin) for both client and KDC.  (not all
>     Kevin> functionality there yet)
>     Kevin> My next step is to try pulling our pkinit-specific asn.1
>     Kevin> stuff out of libkrb5 and putting it in the plug-in code,
>     Kevin> using only the exported asn1 functionality from libkrb5.
>     Kevin> Does this sound reasonable?  Necessary?
> It's certainly not necessary.  Provided that it does not call into
> openssl you can leave it there and define your symbols in k5-int.h.  I
> doubt it is actually possible without huge code duplication.

The OpenSSL developers would be willing to accept Kerberos 5 ASN.1 into
their ASN.1 library.

Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the krbdev mailing list