diff options
| author | Cy Schubert <cy@FreeBSD.org> | 2018-04-03 19:36:00 +0000 |
|---|---|---|
| committer | Cy Schubert <cy@FreeBSD.org> | 2018-04-03 19:36:00 +0000 |
| commit | b0e4d68d5124581ae353493d69bea352de4cff8a (patch) | |
| tree | 43300ec43e83eccd367fd76fdfdefba2dcd7d8f4 /doc/html/_sources/appdev/refs/api | |
| parent | 33a9b234e7087f573ef08cd7318c6497ba08b439 (diff) | |
| download | src-b0e4d68d5124581ae353493d69bea352de4cff8a.tar.gz src-b0e4d68d5124581ae353493d69bea352de4cff8a.zip | |
Import MIT KRB5 1.16.vendor/krb5/1.16
Notes
Notes:
svn path=/vendor-crypto/krb5/dist/; revision=331939
svn path=/vendor-crypto/krb5/1.16/; revision=331941; tag=vendor/krb5/1.16
Diffstat (limited to 'doc/html/_sources/appdev/refs/api')
9 files changed, 25 insertions, 12 deletions
diff --git a/doc/html/_sources/appdev/refs/api/krb5_auth_con_initivector.txt b/doc/html/_sources/appdev/refs/api/krb5_auth_con_initivector.txt index 7d5bf4cf03ee..4dc9e0afb9a0 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_auth_con_initivector.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_auth_con_initivector.txt @@ -1,5 +1,5 @@ -krb5_auth_con_initivector -========================= +krb5_auth_con_initivector - Cause an auth context to use cipher state. +======================================================================== .. @@ -10,30 +10,31 @@ krb5_auth_con_initivector :param: - **context** + **[in]** **context** - Library context - **auth_context** + **[in]** **auth_context** - Authentication context .. +:retval: + - 0 Success; otherwise - Kerberos error codes -.. +.. -DEPRECATED Not replaced. +Prepare *auth_context* to use cipher state when :c:func:`krb5_mk_priv()` or :c:func:`krb5_rd_priv()` encrypt or decrypt data. -RFC 4120 doesn't have anything like the initvector concept; only really old protocols may need this API. diff --git a/doc/html/_sources/appdev/refs/api/krb5_fwd_tgt_creds.txt b/doc/html/_sources/appdev/refs/api/krb5_fwd_tgt_creds.txt index a6273bbb2c75..fab6d70594f3 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_fwd_tgt_creds.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_fwd_tgt_creds.txt @@ -3,7 +3,7 @@ krb5_fwd_tgt_creds - Get a forwarded TGT and format a KRB-CRED message. .. -.. c:function:: krb5_error_code krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, char * rhost, krb5_principal client, krb5_principal server, krb5_ccache cc, int forwardable, krb5_data * outbuf) +.. c:function:: krb5_error_code krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, const char * rhost, krb5_principal client, krb5_principal server, krb5_ccache cc, int forwardable, krb5_data * outbuf) .. diff --git a/doc/html/_sources/appdev/refs/api/krb5_init_creds_free.txt b/doc/html/_sources/appdev/refs/api/krb5_init_creds_free.txt index 85efec065a5e..011fe47837fd 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_init_creds_free.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_init_creds_free.txt @@ -27,7 +27,7 @@ krb5_init_creds_free - Free an initial credentials context. - + *context* must be the same as the one passed to :c:func:`krb5_init_creds_init()` for this initial credentials context. diff --git a/doc/html/_sources/appdev/refs/api/krb5_init_creds_get.txt b/doc/html/_sources/appdev/refs/api/krb5_init_creds_get.txt index 05c26f3759b4..291fa509269d 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_init_creds_get.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_init_creds_get.txt @@ -34,6 +34,10 @@ This function synchronously obtains credentials using a context created by :c:fu + *context* must be the same as the one passed to :c:func:`krb5_init_creds_init()` for this initial credentials context. + + + diff --git a/doc/html/_sources/appdev/refs/api/krb5_init_creds_init.txt b/doc/html/_sources/appdev/refs/api/krb5_init_creds_init.txt index 6bbbeed869e4..c703124106db 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_init_creds_init.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_init_creds_init.txt @@ -44,6 +44,10 @@ This function creates a new context for acquiring initial credentials. Use :c:fu +Any subsequent calls to :c:func:`krb5_init_creds_step()` , :c:func:`krb5_init_creds_get()` , or :c:func:`krb5_init_creds_free()` for this initial credentials context must use the same *context* argument as the one passed to this function. + + + diff --git a/doc/html/_sources/appdev/refs/api/krb5_init_creds_set_service.txt b/doc/html/_sources/appdev/refs/api/krb5_init_creds_set_service.txt index d08ffc7d629d..67b9b5d6de0b 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_init_creds_set_service.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_init_creds_set_service.txt @@ -32,7 +32,7 @@ krb5_init_creds_set_service - Specify a service principal for acquiring initial -This function supplies a service principal string to acquire initial credentials for instead of the default krbtgt service. *service* is parsed as a principal name; any realm part is ignored. +Thisfunction supplies a service principal string to acquire initial credentials for instead of the default krbtgt service. *service* is parsed as a principal name; any realm part is ignored. diff --git a/doc/html/_sources/appdev/refs/api/krb5_init_creds_step.txt b/doc/html/_sources/appdev/refs/api/krb5_init_creds_step.txt index c4e8a202aa53..8008e6724f1a 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_init_creds_step.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_init_creds_step.txt @@ -50,6 +50,10 @@ If this function returns **KRB5KRB_ERR_RESPONSE_TOO_BIG** , the caller should tr + *context* must be the same as the one passed to :c:func:`krb5_init_creds_init()` for this initial credentials context. + + + diff --git a/doc/html/_sources/appdev/refs/api/krb5_mk_req.txt b/doc/html/_sources/appdev/refs/api/krb5_mk_req.txt index e3a5da424a8d..695eb79399cb 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_mk_req.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_mk_req.txt @@ -3,7 +3,7 @@ krb5_mk_req - Create a KRB_AP_REQ message. .. -.. c:function:: krb5_error_code krb5_mk_req(krb5_context context, krb5_auth_context * auth_context, krb5_flags ap_req_options, char * service, char * hostname, krb5_data * in_data, krb5_ccache ccache, krb5_data * outbuf) +.. c:function:: krb5_error_code krb5_mk_req(krb5_context context, krb5_auth_context * auth_context, krb5_flags ap_req_options, const char * service, const char * hostname, krb5_data * in_data, krb5_ccache ccache, krb5_data * outbuf) .. diff --git a/doc/html/_sources/appdev/refs/api/krb5_pac_verify.txt b/doc/html/_sources/appdev/refs/api/krb5_pac_verify.txt index d9af52f770ab..338b43a1453e 100644 --- a/doc/html/_sources/appdev/refs/api/krb5_pac_verify.txt +++ b/doc/html/_sources/appdev/refs/api/krb5_pac_verify.txt @@ -62,7 +62,7 @@ If successful, *pac* is marked as verified. .. note:: - A checksum mismatch can occur if the PAC was copied from a cross-realm TGT by an ignorant KDC; also Apple Mac OS X Server Open Directory (as of 10.6) generates PACs with no server checksum at all. One should consider not failing the whole authentication because of this reason, but, instead, treating the ticket as if it did not contain a PAC or marking the PAC information as non-verified. + A checksum mismatch can occur if the PAC was copied from a cross-realm TGT by an ignorant KDC; also macOS Server Open Directory (as of 10.6) generates PACs with no server checksum at all. One should consider not failing the whole authentication because of this reason, but, instead, treating the ticket as if it did not contain a PAC or marking the PAC information as non-verified. |