NAME

krb5_check_transited, krb5_check_transited_realms, krb5_domain_x500_decode, krb5_domain_x500_encode - realm transit verification and encoding/decoding functions

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS



krb5_error_code krb5_check_transited( krb5_context context krb5_const_realm client_realm krb5_const_realm server_realm krb5_realm *realms int num_realms int *bad_realm )

krb5_error_code krb5_check_transited_realms( krb5_context context const char *const *realms int num_realms int *bad_realm )

krb5_error_code krb5_domain_x500_decode( krb5_context context krb5_data tr char ***realms int *num_realms const char *client_realm const char *server_realm )

krb5_error_code krb5_domain_x500_encode( char **realms int num_realms krb5_data *encoding )

DESCRIPTION

krb5_check_transited() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the function returns an error value, bad_realm will be set to the realm in the list causing the error. krb5_check_transited() is used internally by the KDC and libkrb5 and should not be called by client applications.

krb5_check_transited_realms() is deprecated.

krb5_domain_x500_encode() and krb5_domain_x500_decode() encodes and decodes the realm names in the X500 format that Kerberos uses to describe the transited realms in krbtgts.

SEE ALSO

krb5(3), krb5.conf(5)