[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Serialize krb5_creds


> I have a need to share krb5_creds among multiple processes. File  
> cache is not an option. So I'm thinking about serialize/deserialize  
> krb5_creds data structure. Something like this:

If you can't use KCM as Michael proposes, you can use the  
krb5_storage functions (untested code below).

> In one process:
>     char* blob = krb5_serialize_creds(&creds, int* size);


>     int r = write(socket_fd, blob, size);
> In another process:
>     int len = read(socket_fd, buf, maxsz);
>     r = krb5_deserialize_creds(&creds, buf, len);


> I wonder if something similar has already been implemented in  
> Kerberos API. I looked around and could not find any readily  
> usable, although similar code exists for read/write ops on a file  
> cache.

krb5_storage *sp;
krb5_data data;
krb5_creds cred;

sp = krb5_storage_emem();
krb5_store_creds(sp, &cred);
krb5_store_to_data(sp, &data);

/* transport data */

sp = krb5_storage_from_data(&data);
krb5_ret_creds(sp, &cred);