[3701] in Kerberos-V5-bugs
[krbdev.mit.edu #1278] No prompter interface for krb5_get_init_creds_keytab
daemon@ATHENA.MIT.EDU (Ken Hornstein via RT)
Tue Dec 17 11:56:45 2002
Message-Id: <rt-1278-3778.8.32280385954562@krbdev.mit.edu>
In-Reply-To: <rt-1278@krbdev.mit.edu>
From: "Ken Hornstein via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
To: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Tue, 17 Dec 2002 11:55:43 -0500 (EST)
I discovered recently that the API krb5_get_init_creds_keytab doesn't
take a prompter argument. This makes it difficult to do things like
hardware preauthentication using a key stored in a keytab.
I propose the following API to solve the problem:
krb5_get_init_creds_keytab_prompter
KRB5_PROTOTYPE((krb5_context context,
krb5_creds *creds,
krb5_principal client,
krb5_keytab arg_keytab,
krb5_prompter_fct prompter,
void *data,
krb5_deltat start_time,
char *in_tkt_service,
krb5_get_init_creds_opt *options));
(Obviously, it looks a whole lot like the krb5_get_init_creds_keytab
API). I'm not so convinced the name is particularly great, though.
Any comments?
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
