krb5_check_transited - Man Page

realm transit verification and encoding/decoding functions


Kerberos 5 Library (libkrb5, -lkrb5)


#include <krb5.h>

krb5_check_transited(krb5_context context, krb5_const_realm client_realm, krb5_const_realm server_realm, krb5_realm *realms, int num_realms, int *bad_realm);

krb5_check_transited_realms(krb5_context context, const char *const *realms, int num_realms, int *bad_realm);

krb5_domain_x500_decode(krb5_context context, krb5_data tr, char ***realms, int *num_realms, const char *client_realm, const char *server_realm);

krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding);


krb5_check_transited() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the function returns an error value, bad_realm will be set to the realm in the list causing the error. krb5_check_transited() is used internally by the KDC and libkrb5 and should not be called by client applications.

krb5_check_transited_realms() is deprecated.

krb5_domain_x500_encode() and krb5_domain_x500_decode() encodes and decodes the realm names in the X500 format that Kerberos uses to describe the transited realms in krbtgts.

See Also

krb5(3), krb5.conf(5)

Referenced By

The man pages krb5_check_transited_realms(3), krb5_domain_x500_decode(3) and krb5_domain_x500_encode(3) are aliases of krb5_check_transited(3).

May 1, 2006