HP Open Source Security for OpenVMS Volume 3: Kerberos > Chapter 6 KRB5 (Kerberos V5) Application Programming Interface

krb5_sname_to_principal — Generate a full principal name from a service name

  Table of Contents



C Prototype

krb5_error_code krb5_sname_to_principal(
krb5_context context,
const char *hostname,
const char *sname,
krb5_int32 type,
krb5_principal *ret_princ );


context (input) 

The context structure.

hostname (input)  

The host name, or NULL to use the local host.

sname (input) 

The service name.

type (input)  

A principal type. The type argument controls how krb5_sname_to_principal generates the principal name, ret_princ, for the named service, sname. Valid values are:

KRB5_NT_SRV_HST — The hostname will be canonicalized (a fully qualified lowercase hostname using the primary name and the domain name), before ret_princ is generated in the form sname/hostname@LOCAL.REALM. Most applications should use KRB5_NT_SRV_HST.

KRB5_NT_UNKNOWN — While the generated principal name will have the form sname/hostname@LOCAL.REALM, the hostname will not be canonicalized first. It will appear exactly as it was passed in hostname.

ret_princ (output)  

The returned full principal name.


This routine generates a full principal name to be used when authenticating with the named service on the host., given a hostname hostname and a generic service name sname. The full principal name is returned in ret_princ.

The realm of the principal is determined internally by calling krb5_get_host_realm.

The caller should release the storage in ret_princ by calling krb5_free_principal when it is finished with the principal.

Return Values

This routine returns the following KRB5 status code:

0Successful completion.


Insufficient memory.