How to extend kadmin

Nicolas Williams Nicolas.Williams at
Tue Oct 27 12:19:00 EDT 2009

On Tue, Oct 27, 2009 at 12:20:38PM -0400, Jeffrey Hutzelman wrote:
> --On Tuesday, October 27, 2009 10:59:06 AM -0500 Nicolas Williams 
> <Nicolas.Williams at> wrote:
> >>* However, Nico notes that the way we marshal krb5_principal is
> >>problematic for using rpcgen.  I looked into this myself: we call
> >>krb5_unparse_name on encode and krb5_parse_name on decode.  Does rpcgen
> >>support app-defined encoding functions for particular fields?  If not, I
> >>am doubtful that we will ever be in the position of being able to use
> >>a .x file to define the kadmin protocol without starting over.
> >
> >No, you can't, but what you could do is declare the kadm5 krb5 princ
> >data type to be "opaque" and then do the parsing/unparsing at the
> >application layer.
> >
> >Ah, so, yes, you can handle krb5 princ names the Right Way (tm).
> You could make it opaque, but given that it's the output of 
> krb5_unparse_name(), IMHO it would be better to call a string<> a string<>.

Oh, true.

<drink beverage_type="caffeine delivery vehicle" beverage="coffe" options="black>more</drink>

More information about the krbdev mailing list