struct krb5_verify_init_creds_opt;
void
krb5_verify_init_creds_opt_init(
krb5_verify_init_creds_opt *options
)
void
krb5_verify_init_creds_opt_set_ap_req_nofail(
krb5_verify_init_creds_opt *options
int ap_req_nofail
)
krb5_error_code
krb5_verify_init_creds(
krb5_context context
krb5_creds *creds
krb5_principal ap_req_server
krb5_ccache *ccache
krb5_verify_init_creds_opt *options
)
krb5_verify_init_creds
will use principal
ap_req_server
from the local keytab, if
NULL
is passed in, the code will guess the local hostname and use that to
form host/hostname/GUESSED-REALM-FOR-HOSTNAME.
creds
is the credential that
krb5_verify_init_creds
should verify.
If
ccache
is given
krb5_verify_init_creds()
stores all credentials it fetched from the KDC there, otherwise it
will use a memory credential cache that is destroyed when done.
krb5_verify_init_creds_opt_init()
cleans the the structure, must be used before trying to pass it in to
krb5_verify_init_creds(
).
krb5_verify_init_creds_opt_set_ap_req_nofail()
controls controls the behavior if
ap_req_server
doesn't exists in the local keytab or in the KDC's database, if it's
true, the error will be ignored. Note that this use is possible
insecure.