Support krb5 authentication

pkg/login-validator/cmd/main.go

@@ -24,10 +24,12 @@ func main() {
 	flag.StringVar(&tftpDir, "tftpdir", "/var/tftp/", "Path to TFTPd directory")
 	flag.StringVar(&loginSalt, "loginsalt", "adelina", "secret used in login HMAC")
 
-	var auth = flag.String("auth", "none", "Auth method: none, ldap, fwd")
+	var auth = flag.String("auth", "none", "Auth method: none, fwd, ldap, krb5")
 
 	var fwdURI = flag.String("fwduri", "https://srs.epita.fr:443/", "URI to forward auth requests")
 
+	var krb5Realm = flag.String("krb5realm", "CRI.EPITA.FR", "Kerberos Realm")
+
 	var ldapAddr = flag.String("ldaphost", "auth.cri.epita.fr", "LDAP host")
 	var ldapPort = flag.Int("ldapport", 636, "LDAP port")
 	var ldaptls = flag.Bool("ldaptls", false, "Is LDAP connection LDAPS?")
@@ -56,6 +58,11 @@ func main() {
 			BindUsername: *ldapbindusername,
 			BindPassword: *ldapbindpassword,
 		}
+	} else if auth != nil && *auth == "krb5" && krb5Realm != nil {
+		log.Printf("Auth method: KRB5(%s)", *krb5Realm)
+		lc.authMethod = &Krb5Auth{
+			Realm: *krb5Realm,
+		}
 	} else if auth != nil && *auth == "fwd" && fwdURI != nil {
 		if uri, err := url.Parse(*fwdURI); err != nil {
 			log.Fatal("Unable to parse FWD URL:", err)