[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Serialize krb5_creds
Hello,
> I have a need to share krb5_creds among multiple processes. File
> cache is not an option. So I'm thinking about serialize/deserialize
> krb5_creds data structure. Something like this:
If you can't use KCM as Michael proposes, you can use the
krb5_storage functions (untested code below).
> In one process:
>
> char* blob = krb5_serialize_creds(&creds, int* size);
krb5_store_creds(_tag)
> int r = write(socket_fd, blob, size);
>
> In another process:
> int len = read(socket_fd, buf, maxsz);
> r = krb5_deserialize_creds(&creds, buf, len);
krb5_ret_creds(_tag)
> I wonder if something similar has already been implemented in
> Kerberos API. I looked around and could not find any readily
> usable, although similar code exists for read/write ops on a file
> cache.
krb5_storage *sp;
krb5_data data;
krb5_creds cred;
sp = krb5_storage_emem();
krb5_store_creds(sp, &cred);
krb5_store_to_data(sp, &data);
krb5_storage_free(sp)
/* transport data */
sp = krb5_storage_from_data(&data);
krb5_ret_creds(sp, &cred);
krb5_storage_free(sp);