From 1571207bc4098e321b9e6ef06ec065225b2d8410 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Thu, 4 Jan 2007 11:13:51 +0000 Subject: [PATCH] More comments add a client_access hook. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19676 ec53bebd-3082-4978-b11e-865c3cabbd6b --- kdc/windc_plugin.h | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/kdc/windc_plugin.h b/kdc/windc_plugin.h index 22b969d82..f75388eb3 100644 --- a/kdc/windc_plugin.h +++ b/kdc/windc_plugin.h @@ -39,12 +39,14 @@ #include /* - * The generate function should allocate a krb5_pac using krb5_pac_init - * and fill in the PAC structure for the principal using + * The PAC generate function should allocate a krb5_pac using + * krb5_pac_init and fill in the PAC structure for the principal using * krb5_pac_add_buffer. * - * The verify function should verify all components in the PAC using - * krb5_pac_get_types and krb5_pac_get_buffer for all types. + * The PAC verify function should verify all components in the PAC + * using krb5_pac_get_types and krb5_pac_get_buffer for all types. + * + * Check client access function check if the client is authorized. */ struct hdb_entry_ex; @@ -57,6 +59,11 @@ typedef krb5_error_code (*krb5plugin_windc_pac_verify)(void *, krb5_context, struct hdb_entry_ex *, krb5_pac); +typedef krb5_error_code +(*krb5plugin_windc_client_access)( + void *, krb5_context, struct hdb_entry_ex *, KDC_REQ *); + + #define KRB5_WINDC_PLUGING_MINOR 1 typedef struct krb5plugin_windc_ftable { @@ -65,6 +72,7 @@ typedef struct krb5plugin_windc_ftable { void (*fini)(void *); krb5plugin_windc_pac_generate pac_generate; krb5plugin_windc_pac_verify pac_verify; + krb5plugin_windc_client_access client_access; } krb5plugin_windc_ftable; #endif /* HEIMDAL_KRB5_PAC_PLUGIN_H */