summaryrefslogtreecommitdiff
path: root/src/providers/krb5/krb5_utils.h
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2012-10-24 10:01:09 +0200
committerSumit Bose <sbose@redhat.com>2012-10-26 10:32:06 +0200
commit7c4845bd0efb1dcb44b5be52923c539316725693 (patch)
tree4adf6be8d9da3792a4907b012dfd678939b96e62 /src/providers/krb5/krb5_utils.h
parent964628ab89229e9266adc5f4f8a26222734788b7 (diff)
downloadsssd-7c4845bd0efb1dcb44b5be52923c539316725693.tar.gz
sssd-7c4845bd0efb1dcb44b5be52923c539316725693.tar.bz2
sssd-7c4845bd0efb1dcb44b5be52923c539316725693.zip
krb5_auth: update with correct UPN if needed
The Active Directory KDC handles request case in-sensitive and it might not always to possible to guess the UPN with the correct case. We check if the returned principal has a different case then the one used in the request and updates the principal if needed. This will help using calls from the Kerberos client libraries later on which would otherwise fail because the principal is handled case sensitive by those libraries.
Diffstat (limited to 'src/providers/krb5/krb5_utils.h')
-rw-r--r--src/providers/krb5/krb5_utils.h4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/providers/krb5/krb5_utils.h b/src/providers/krb5/krb5_utils.h
index 28485458..25d8c6cf 100644
--- a/src/providers/krb5/krb5_utils.h
+++ b/src/providers/krb5/krb5_utils.h
@@ -37,6 +37,10 @@ errno_t find_or_guess_upn(TALLOC_CTX *mem_ctx, struct ldb_message *msg,
const char *domain_name, const char *user,
const char *user_dom, char **_upn);
+errno_t check_if_cached_upn_needs_update(struct sysdb_ctx *sysdb,
+ const char *user,
+ const char *upn);
+
/* Operations on a credential cache */
typedef errno_t (*cc_be_create_fn)(const char *location, pcre *illegal_re,
uid_t uid, gid_t gid, bool private_path);