in src/kerberospw.c [37:79]
static krb5_error_code verify_krb5_user(
krb5_context context,
krb5_principal principal,
const char *password,
const char *service,
krb5_creds* creds
) {
krb5_get_init_creds_opt gic_options;
krb5_error_code code;
int ret = 0;
#ifdef PRINTFS
{
char *name = NULL;
code = krb5_unparse_name(context, principal, &name);
if (!code) {
printf("Trying to get TGT for user %s\n", name);
}
free(name);
}
#endif
krb5_get_init_creds_opt_init(&gic_options);
krb5_get_init_creds_opt_set_forwardable(&gic_options, 0);
krb5_get_init_creds_opt_set_proxiable(&gic_options, 0);
krb5_get_init_creds_opt_set_renew_life(&gic_options, 0);
memset(creds, 0, sizeof(krb5_creds));
code = krb5_get_init_creds_password(
context, creds, principal,
(char *)password, NULL, NULL, 0,
(char *)service, &gic_options
);
if (code) {
set_pwchange_error(context, code);
goto end;
}
ret = 1; /* success */
end:
return ret;
}