[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pam_krb5 with PKINIT from Heimdal and MIT

To: "Douglas E. Engert" <deengert@anl.gov>
Subject: Re: pam_krb5 with PKINIT from Heimdal and MIT
From: Love Hörnquist Åstrand <lha@kth.se>
Date: Tue, 10 Oct 2006 18:27:13 +0200
Cc: Sam Hartman <hartmans@mit.edu>, Björn Torkelsson <torkel@hpc2n.umu.se>, Russ Allbery <rra@stanford.edu>, heimdal-discuss@sics.se, Kevin Coffman <kwc@citi.umich.edu>, Matthijs Mohlmann <matthijs@cacholong.nl>, Jim Rees <rees@citi.umich.edu>, "'krbdev@mit.edu'" <krbdev@mit.edu>
In-Reply-To: <452BB722.9030305@anl.gov>
References: <20061003.173359.94351658.haba@habarber.pdc.kth.se> <20061003133404.223b2985.mba2000@ioplex.com> <4523D4FB.6010000@anl.gov> <1160033063.22711.6.camel@monsun.hpc2n.umu.se> <452551E7.7010009@anl.gov> <873ba2siou.fsf@windlord.stanford.edu> <45255B9A.7060106@anl.gov> <877izefgjx.fsf@windlord.stanford.edu> <452687DF.20004@anl.gov> <tslejth80ix.fsf@cz.mit.edu> <452BB722.9030305@anl.gov>
Sender: owner-heimdal-discuss@sics.se

10 okt 2006 kl. 17.07 skrev Douglas E. Engert:

>
>> I think that also means that we need to have a way to provide
>> preauth-specific parameters to a plugin without defining
>> pkinit-specific things in krb5.h.
>
> OK, then generalize by having a krb5_get_init_creds_opt_set_plugin,
> instead, and pass it character string parameters, that could have been
> passed as options to pam_krb5 or found in krb5.conf.

Are things structure or just the name ? Heimdal PK-INIT api  just  
const char *(*) and int
int PK-INIT specific apis, nothing of the underlaying implementation  
is exposed.

Love

krb5_error_code KRB5_LIB_FUNCTION
krb5_get_init_creds_opt_set_pkinit (
	krb5_context /*context*/,
	krb5_get_init_creds_opt */*opt*/,
	krb5_principal /*principal*/,
	const char */*user_id*/,
	const char */*x509_anchors*/,
	char * const * /*pool*/,
	char * const * /*pki_revoke*/,
	int /*flags*/,
	krb5_prompter_fct /*prompter*/,
	void */*prompter_data*/,
	char */*password*/);

References:
- The state of the heimdal project
  - From: Harald Barth <haba@pdc.kth.se>
- Re: The state of the heimdal project
  - From: Michael B Allen <mba2000@ioplex.com>
- Re: The state of the heimdal project
  - From: "Douglas E. Engert" <deengert@anl.gov>
- Re: The state of the heimdal project
  - From: Björn Torkelsson <torkel@hpc2n.umu.se>
- Re: The state of the heimdal project
  - From: "Douglas E. Engert" <deengert@anl.gov>
- Re: The state of the heimdal project
  - From: Russ Allbery <rra@stanford.edu>
- pam_krb5 with PKINIT from Heimdal and MIT
  - From: "Douglas E. Engert" <deengert@anl.gov>
- Re: pam_krb5 with PKINIT from Heimdal and MIT
  - From: Sam Hartman <hartmans@mit.edu>
- Re: pam_krb5 with PKINIT from Heimdal and MIT
  - From: "Douglas E. Engert" <deengert@anl.gov>

Prev by Date: Re: pam_krb5 with PKINIT from Heimdal and MIT
Next by Date: Re: pam_krb5 with PKINIT from Heimdal and MIT
Prev by thread: Re: pam_krb5 with PKINIT from Heimdal and MIT
Next by thread: Re: pam_krb5 with PKINIT from Heimdal and MIT
Index(es):
- Date
- Thread