krb5_check_transited man page

krb5_check_transited, krb5_check_transited_realms, krb5_domain_x500_decode, krb5_domain_x500_encode — realm transit verification and encoding/decoding functions


Kerberos 5 Library (libkrb5, -lkrb5)


#include <krb5.h>

krb5_check_transited(krb5_context context, krb5_const_realm client_realm, krb5_const_realm server_realm, krb5_realm *realms, int num_realms, int *bad_realm);

krb5_check_transited_realms(krb5_context context, const char *const *realms, int num_realms, int *bad_realm);

krb5_domain_x500_decode(krb5_context context, krb5_data tr, char ***realms, int *num_realms, const char *client_realm, const char *server_realm);

krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding);


krb5_check_transited() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the function returns an error value, bad_realm will be set to the realm in the list causing the error. krb5_check_transited() is used internally by the KDC and libkrb5 and should not be called by client applications.

krb5_check_transited_realms() is deprecated.

krb5_domain_x500_encode() and krb5_domain_x500_decode() encodes and decodes the realm names in the X500 format that Kerberos uses to describe the transited realms in krbtgts.

See Also

krb5(3), krb5.conf(5)

Referenced By

Explore man page connections for krb5_check_transited(3).

krb5_check_transited_realms(3), krb5_domain_x500_decode(3) and krb5_domain_x500_encode(3) are aliases of krb5_check_transited(3).

May 1, 2006