next up previous contents
Next: Per-type functions to be Up: Key table functions Previous: The krb5_kt_ops structure   Contents

Per-type functions that are always present

The following entry points must be implemented for each type of key table. However, resolve, remove and add are only called by the key table glue code. They are not called directly by the application.

however, application programs are not expected to call resolve, remove, or add directly.


\begin{funcdecl}{resolve}{krb5_error_code}{\funcin}
\funcarg{char *}{residual}
\funcout
\funcarg{krb5_keytab *}{id}
\end{funcdecl}

Fills in *id with a handle identifying the keytab with name ``residual''. The interpretation of ``residual'' is dependent on the type of keytab.


\begin{funcdecl}{get_name}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcout
\funcarg{char *}{name}
\funcin
\funcarg{int}{namesize}
\end{funcdecl}

name is filled in with the first namesize bytes of the name of the keytab identified by id. If the name is shorter than namesize, then name will be null-terminated.


\begin{funcdecl}{close}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\end{funcdecl}

Closes the keytab identified by id and invalidates id, and releases any other resources acquired during use of the key table.

Requires that id identifies a valid credentials cache.


\begin{funcdecl}{get}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funca...
...arg{krb5_kvno}{vno}
\funcout
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Searches the keytab identified by id for an entry whose principal matches principal and whose key version number matches vno. If vno is zero, the first entry whose principal matches is returned.

This routine should return an error code if no suitable entry is found. If an entry is found, the entry is returned in *entry; its contents should be deallocated by calling close when no longer needed.


\begin{funcdecl}{close}{krb5_error_code}{\funcinout}
\funcarg{krb5_keytab_entry *}{entry}
\end{funcdecl}

Releases all storage allocated for entry, which must point to a structure previously filled in by get or get_next.


\begin{funcdecl}{start_seq_get}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcout
\funcarg{krb5_kt_cursor *}{cursor}
\end{funcdecl}

Prepares to read sequentially every key in the keytab identified by id. cursor is filled in with a cursor to be used in calls to get_next.


\begin{funcdecl}{get_next}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\...
...eytab_entry *}{entry}
\funcinout
\funcarg{krb5_kt_cursor}{cursor}
\end{funcdecl}

Fetches the ``next'' entry in the keytab, returning it in *entry, and updates *cursor for the next request. If the keytab changes during the sequential get, an error must be guaranteed. *entry should be freed after use by calling close.

Requires that id identifies a valid credentials cache. and *cursor be a cursor returned by start_seq_get or a subsequent call to get_next.


\begin{funcdecl}{end_get}{krb5_error_code}{\funcin}
\funcarg{krb5_keytab}{id}
\funcarg{krb5_kt_cursor *}{cursor}
\end{funcdecl}

Finishes sequential processing mode and invalidates cursor, which must never be re-used after this call.

Requires that id identifies a valid credentials cache. and *cursor be a cursor returned by start_seq_get or a subsequent call to get_next.


next up previous contents
Next: Per-type functions to be Up: Key table functions Previous: The krb5_kt_ops structure   Contents
Autobuild 2006-06-16