From 3ac48a8dfde336e334b3d844a866d5801dbc0208 Mon Sep 17 00:00:00 2001 From: Luke Howard Date: Tue, 10 Aug 2021 19:18:36 +1000 Subject: [PATCH] krb5: KRB5_KRBHST_TKTBRIDGEAP Add a new krbhst type, KRB5_KRBHST_TKTBRIDGEAP to krb5_krbhst_init_flags(), that looks for the DNS SRV record kerberos-tkt-bridge. This is to support a new PADL project. --- lib/krb5/krb5.h | 1 + lib/krb5/krbhst.c | 7 +++++++ 2 files changed, 8 insertions(+) diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index d22fc8cbf..3950bd30a 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -844,6 +844,7 @@ typedef struct krb5_krbhst_data *krb5_krbhst_handle; #define KRB5_KRBHST_KRB524 4 #define KRB5_KRBHST_KCA 5 #define KRB5_KRBHST_READONLY_ADMIN 6 +#define KRB5_KRBHST_TKTBRIDGEAP 7 typedef struct krb5_krbhst_info { enum { KRB5_KRBHST_UDP, diff --git a/lib/krb5/krbhst.c b/lib/krb5/krbhst.c index a704ab6fd..e5823d086 100644 --- a/lib/krb5/krbhst.c +++ b/lib/krb5/krbhst.c @@ -1017,6 +1017,13 @@ krb5_krbhst_init_flags(krb5_context context, srv_label = "kpasswd"; service = "change_password"; break; + case KRB5_KRBHST_TKTBRIDGEAP: + next = kdc_get_next; + def_port = ntohs(krb5_getportbyname(context, "kerberos", "tcp", 88)); + config_param = "tktbridgeap"; + srv_label = "kerberos-tkt-bridge"; + service = "kdc"; + break; default: krb5_set_error_message(context, ENOTTY, N_("unknown krbhst type (%u)", ""), type);