Main index | Section 3 | Options |
#include <krb5.h>
The krb5_verify_user_lrealm() function does the same, except that it ignores the realm in principal and tries all the local realms (see krb5.conf(5)). After a successful return, the principal is set to the authenticated realm. If the call fails, the principal will not be meaningful, and should only be freed with krb5_free_principal(3).
krb5_verify_opt_alloc() and krb5_verify_opt_free() allocates and frees a krb5_verify_opt. You should use the the alloc and free function instead of allocation the structure yourself, this is because in a future release the structure wont be exported.
krb5_verify_opt_init() resets all opt to default values.
None of the krb5_verify_opt_set function makes a copy of the data structure that they are called with. It's up the caller to free them after the krb5_verify_user_opt() is called.
krb5_verify_opt_set_ccache() sets the ccache that user of opt will use. If not set, the default credential cache will be used.
krb5_verify_opt_set_keytab() sets the keytab that user of opt will use. If not set, the default keytab will be used.
krb5_verify_opt_set_secure() if secure if true, the password verification will require that the ticket will be verified against the locally stored service key. If not set, default value is true.
krb5_verify_opt_set_service() sets the service principal that user of opt will use. If not set, the ‘host’ service will be used.
krb5_verify_opt_set_flags() sets flags that user of opt will use. If the flag KRB5_VERIFY_LREALMS is used, the principal will be modified like krb5_verify_user_lrealm() modifies it.
krb5_verify_user_opt() function verifies the password supplied by a user. The principal whose password will be verified is specified in principal. Options the to the verification process is pass in in opt.
#include <krb5.h>int main(int argc, char **argv) { char *user; krb5_error_code error; krb5_principal princ; krb5_context context;
if (argc != 2) errx(1, "usage: verify_passwd <principal-name>");
user = argv[1];
if (krb5_init_context(&context) < 0) errx(1, "krb5_init_context");
if ((error = krb5_parse_name(context, user, &princ)) != 0) krb5_err(context, 1, error, "krb5_parse_name");
error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL); if (error) krb5_err(context, 1, error, "krb5_verify_user");
return 0; }
HEIMDAL | KRB5_VERIFY_USER (3) | May 1, 2006 |
Main index | Section 3 | Options |
Please direct any comments about this manual page service to Ben Bullock. Privacy policy.
“ | There are 10 types of people in the world: those who understand binary, and those who don't. | ” |