add krb5ccache_dir and krb5ccname_template option

The configuration options krb5ccache_dir and krb5ccname_template
are added to the Kerberos provider to create the user's credential
caches the same way as pam_krb5 does. Due to the design of the sssd
and the supported ccache types of MIT Kerberos only files are
allowed.

1 files changed, 22 insertions, 0 deletions

diff --git a/server/providers/krb5/krb5_auth.h b/server/providers/krb5/krb5_auth.h
index 123a1895..d238cb63 100644
--- a/server/providers/krb5/krb5_auth.h
+++ b/server/providers/krb5/krb5_auth.h
@@ -26,12 +26,32 @@
 #ifndef __KRB5_AUTH_H__
 #define __KRB5_AUTH_H__
 
+#include <stdbool.h>
+#include <krb5/krb5.h>
+
 #define MAX_CHILD_MSG_SIZE 255
 #define CCACHE_ENV_NAME "KRB5CCNAME"
+
 #define SSSD_KRB5_CHANGEPW_PRINCIPLE "SSSD_KRB5_CHANGEPW_PRINCIPLE"
+#define SSSD_KRB5_KDC "SSSD_KRB5_KDC"
+#define SSSD_KRB5_REALM "SSSD_KRB5_REALM"
+
 
 typedef enum { INIT_PW, INIT_KT, RENEW, VALIDATE } action_type;
 
+struct krb5child_req {
+    pid_t child_pid;
+    int read_from_child_fd;
+    int write_to_child_fd;
+
+    struct be_req *req;
+    struct pam_data *pd;
+    struct krb5_ctx *krb5_ctx;
+
+    char *ccname;
+    const char *homedir;
+};
+
 struct krb5_ctx {
     /* opts taken from kinit */
     /* in seconds */
@@ -64,6 +84,8 @@ struct krb5_ctx {
     char *realm;
     bool try_simple_upn;
     char *changepw_principle;
+    char *ccache_dir;
+    char *ccname_template;
 };
 
 #endif /* __KRB5_AUTH_H__ */