diff options
Diffstat (limited to 'crypto/krb5/doc/html/appdev/refs/api/krb5_rd_req.html')
| -rw-r--r-- | crypto/krb5/doc/html/appdev/refs/api/krb5_rd_req.html | 176 |
1 files changed, 0 insertions, 176 deletions
diff --git a/crypto/krb5/doc/html/appdev/refs/api/krb5_rd_req.html b/crypto/krb5/doc/html/appdev/refs/api/krb5_rd_req.html deleted file mode 100644 index eea243187dbc..000000000000 --- a/crypto/krb5/doc/html/appdev/refs/api/krb5_rd_req.html +++ /dev/null @@ -1,176 +0,0 @@ -<!DOCTYPE html> - -<html lang="en" data-content_root="../../../"> - <head> - <meta charset="utf-8" /> - <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="viewport" content="width=device-width, initial-scale=1" /> - - <title>krb5_rd_req - Parse and decrypt a KRB_AP_REQ message. — MIT Kerberos Documentation</title> - <link rel="stylesheet" type="text/css" href="../../../_static/pygments.css?v=fa44fd50" /> - <link rel="stylesheet" type="text/css" href="../../../_static/agogo.css?v=879f3c71" /> - <link rel="stylesheet" type="text/css" href="../../../_static/kerb.css?v=6a0b3979" /> - <script src="../../../_static/documentation_options.js?v=236fef3b"></script> - <script src="../../../_static/doctools.js?v=888ff710"></script> - <script src="../../../_static/sphinx_highlight.js?v=dc90522c"></script> - <link rel="author" title="About these documents" href="../../../about.html" /> - <link rel="index" title="Index" href="../../../genindex.html" /> - <link rel="search" title="Search" href="../../../search.html" /> - <link rel="copyright" title="Copyright" href="../../../copyright.html" /> - <link rel="next" title="krb5_rd_safe - Process KRB-SAFE message." href="krb5_rd_safe.html" /> - <link rel="prev" title="krb5_rd_rep_dce - Parse and decrypt a KRB_AP_REP message for DCE RPC." href="krb5_rd_rep_dce.html" /> - </head><body> - <div class="header-wrapper"> - <div class="header"> - - - <h1><a href="../../../index.html">MIT Kerberos Documentation</a></h1> - - <div class="rel"> - - <a href="../../../index.html" title="Full Table of Contents" - accesskey="C">Contents</a> | - <a href="krb5_rd_rep_dce.html" title="krb5_rd_rep_dce - Parse and decrypt a KRB_AP_REP message for DCE RPC." - accesskey="P">previous</a> | - <a href="krb5_rd_safe.html" title="krb5_rd_safe - Process KRB-SAFE message." - accesskey="N">next</a> | - <a href="../../../genindex.html" title="General Index" - accesskey="I">index</a> | - <a href="../../../search.html" title="Enter search criteria" - accesskey="S">Search</a> | - <a href="mailto:krb5-bugs@mit.edu?subject=Documentation__krb5_rd_req - Parse and decrypt a KRB_AP_REQ message.">feedback</a> - </div> - </div> - </div> - - <div class="content-wrapper"> - <div class="content"> - <div class="document"> - - <div class="documentwrapper"> - <div class="bodywrapper"> - <div class="body" role="main"> - - <section id="krb5-rd-req-parse-and-decrypt-a-krb-ap-req-message"> -<h1>krb5_rd_req - Parse and decrypt a KRB_AP_REQ message.<a class="headerlink" href="#krb5-rd-req-parse-and-decrypt-a-krb-ap-req-message" title="Link to this heading">¶</a></h1> -<dl class="c function"> -<dt class="sig sig-object c" id="c.krb5_rd_req"> -<a class="reference internal" href="../types/krb5_error_code.html#c.krb5_error_code" title="krb5_error_code"><span class="n"><span class="pre">krb5_error_code</span></span></a><span class="w"> </span><span class="sig-name descname"><span class="n"><span class="pre">krb5_rd_req</span></span></span><span class="sig-paren">(</span><a class="reference internal" href="../types/krb5_context.html#c.krb5_context" title="krb5_context"><span class="n"><span class="pre">krb5_context</span></span></a><span class="w"> </span><span class="n"><span class="pre">context</span></span>, <a class="reference internal" href="../types/krb5_auth_context.html#c.krb5_auth_context" title="krb5_auth_context"><span class="n"><span class="pre">krb5_auth_context</span></span></a><span class="w"> </span><span class="p"><span class="pre">*</span></span><span class="n"><span class="pre">auth_context</span></span>, <span class="k"><span class="pre">const</span></span><span class="w"> </span><a class="reference internal" href="../types/krb5_data.html#c.krb5_data" title="krb5_data"><span class="n"><span class="pre">krb5_data</span></span></a><span class="w"> </span><span class="p"><span class="pre">*</span></span><span class="n"><span class="pre">inbuf</span></span>, <a class="reference internal" href="../types/krb5_const_principal.html#c.krb5_const_principal" title="krb5_const_principal"><span class="n"><span class="pre">krb5_const_principal</span></span></a><span class="w"> </span><span class="n"><span class="pre">server</span></span>, <a class="reference internal" href="../types/krb5_keytab.html#c.krb5_keytab" title="krb5_keytab"><span class="n"><span class="pre">krb5_keytab</span></span></a><span class="w"> </span><span class="n"><span class="pre">keytab</span></span>, <a class="reference internal" href="../types/krb5_flags.html#c.krb5_flags" title="krb5_flags"><span class="n"><span class="pre">krb5_flags</span></span></a><span class="w"> </span><span class="p"><span class="pre">*</span></span><span class="n"><span class="pre">ap_req_options</span></span>, <a class="reference internal" href="../types/krb5_ticket.html#c.krb5_ticket" title="krb5_ticket"><span class="n"><span class="pre">krb5_ticket</span></span></a><span class="w"> </span><span class="p"><span class="pre">*</span></span><span class="p"><span class="pre">*</span></span><span class="n"><span class="pre">ticket</span></span><span class="sig-paren">)</span><a class="headerlink" href="#c.krb5_rd_req" title="Link to this definition">¶</a><br /></dt> -<dd></dd></dl> - -<dl class="field-list"> -<dt class="field-odd">param<span class="colon">:</span></dt> -<dd class="field-odd"><p><strong>[in]</strong> <strong>context</strong> - Library context</p> -<p><strong>[inout]</strong> <strong>auth_context</strong> - Pre-existing or newly created auth context</p> -<p><strong>[in]</strong> <strong>inbuf</strong> - AP-REQ message to be parsed</p> -<p><strong>[in]</strong> <strong>server</strong> - Matching principal for server, or NULL to allow any principal in keytab</p> -<p><strong>[in]</strong> <strong>keytab</strong> - Key table, or NULL to use the default</p> -<p><strong>[out]</strong> <strong>ap_req_options</strong> - If non-null, the AP-REQ flags on output</p> -<p><strong>[out]</strong> <strong>ticket</strong> - If non-null, ticket from the AP-REQ message</p> -</dd> -</dl> -<dl class="field-list simple"> -<dt class="field-odd">retval<span class="colon">:</span></dt> -<dd class="field-odd"><ul class="simple"> -<li><p>0 Success; otherwise - Kerberos error codes</p></li> -</ul> -</dd> -</dl> -<p>This function parses, decrypts and verifies a AP-REQ message from <em>inbuf</em> and stores the authenticator in <em>auth_context</em> .</p> -<p>If a keyblock was specified in <em>auth_context</em> using krb5_auth_con_setuseruserkey(), that key is used to decrypt the ticket in AP-REQ message and <em>keytab</em> is ignored. In this case, <em>server</em> should be specified as a complete principal name to allow for proper transited-path checking and replay cache selection.</p> -<p>Otherwise, the decryption key is obtained from <em>keytab</em> , or from the default keytab if it is NULL. In this case, <em>server</em> may be a complete principal name, a matching principal (see krb5_sname_match()), or NULL to match any principal name. The keys tried against the encrypted part of the ticket are determined as follows:</p> -<blockquote> -<div><ul class="simple"> -<li><p>If <em>server</em> is a complete principal name, then its entry in <em>keytab</em> is tried.</p></li> -<li><p>Otherwise, if <em>keytab</em> is iterable, then all entries in <em>keytab</em> which match <em>server</em> are tried.</p></li> -<li><p>Otherwise, the server principal in the ticket must match <em>server</em> , and its entry in <em>keytab</em> is tried.</p></li> -</ul> -</div></blockquote> -<p>The client specified in the decrypted authenticator must match the client specified in the decrypted ticket.</p> -<p>If the <em>remote_addr</em> field of <em>auth_context</em> is set, the request must come from that address.</p> -<p>If a replay cache handle is provided in the <em>auth_context</em> , the authenticator and ticket are verified against it. If no conflict is found, the new authenticator is then stored in the replay cache of <em>auth_context</em> .</p> -<p>Various other checks are performed on the decoded data, including cross-realm policy, clockskew, and ticket validation times.</p> -<p>On success the authenticator, subkey, and remote sequence number of the request are stored in <em>auth_context</em> . If the AP_OPTS_MUTUAL_REQUIRED bit is set, the local sequence number is XORed with the remote sequence number in the request.</p> -<p>Use krb5_free_ticket() to free <em>ticket</em> when it is no longer needed.</p> -</section> - - - <div class="clearer"></div> - </div> - </div> - </div> - </div> - <div class="sidebar"> - - <h2>On this page</h2> - <ul> -<li><a class="reference internal" href="#">krb5_rd_req - Parse and decrypt a KRB_AP_REQ message.</a></li> -</ul> - - <br/> - <h2>Table of contents</h2> - <ul class="current"> -<li class="toctree-l1"><a class="reference internal" href="../../../user/index.html">For users</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../admin/index.html">For administrators</a></li> -<li class="toctree-l1 current"><a class="reference internal" href="../../index.html">For application developers</a><ul class="current"> -<li class="toctree-l2"><a class="reference internal" href="../../gssapi.html">Developing with GSSAPI</a></li> -<li class="toctree-l2"><a class="reference internal" href="../../y2038.html">Year 2038 considerations for uses of krb5_timestamp</a></li> -<li class="toctree-l2"><a class="reference internal" href="../../h5l_mit_apidiff.html">Differences between Heimdal and MIT Kerberos API</a></li> -<li class="toctree-l2"><a class="reference internal" href="../../init_creds.html">Initial credentials</a></li> -<li class="toctree-l2"><a class="reference internal" href="../../princ_handle.html">Principal manipulation and parsing</a></li> -<li class="toctree-l2 current"><a class="reference internal" href="../index.html">Complete reference - API and datatypes</a><ul class="current"> -<li class="toctree-l3 current"><a class="reference internal" href="index.html">krb5 API</a></li> -<li class="toctree-l3"><a class="reference internal" href="../types/index.html">krb5 types and structures</a></li> -<li class="toctree-l3"><a class="reference internal" href="../macros/index.html">krb5 simple macros</a></li> -</ul> -</li> -</ul> -</li> -<li class="toctree-l1"><a class="reference internal" href="../../../plugindev/index.html">For plugin module developers</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../build/index.html">Building Kerberos V5</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../basic/index.html">Kerberos V5 concepts</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../formats/index.html">Protocols and file formats</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../mitK5features.html">MIT Kerberos features</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../build_this.html">How to build this documentation from the source</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../about.html">Contributing to the MIT Kerberos Documentation</a></li> -<li class="toctree-l1"><a class="reference internal" href="../../../resources.html">Resources</a></li> -</ul> - - <br/> - <h4><a href="../../../index.html">Full Table of Contents</a></h4> - <h4>Search</h4> - <form class="search" action="../../../search.html" method="get"> - <input type="text" name="q" size="18" /> - <input type="submit" value="Go" /> - <input type="hidden" name="check_keywords" value="yes" /> - <input type="hidden" name="area" value="default" /> - </form> - - </div> - <div class="clearer"></div> - </div> - </div> - - <div class="footer-wrapper"> - <div class="footer" > - <div class="right" ><i>Release: 1.22-final</i><br /> - © <a href="../../../copyright.html">Copyright</a> 1985-2025, MIT. - </div> - <div class="left"> - - <a href="../../../index.html" title="Full Table of Contents" - >Contents</a> | - <a href="krb5_rd_rep_dce.html" title="krb5_rd_rep_dce - Parse and decrypt a KRB_AP_REP message for DCE RPC." - >previous</a> | - <a href="krb5_rd_safe.html" title="krb5_rd_safe - Process KRB-SAFE message." - >next</a> | - <a href="../../../genindex.html" title="General Index" - >index</a> | - <a href="../../../search.html" title="Enter search criteria" - >Search</a> | - <a href="mailto:krb5-bugs@mit.edu?subject=Documentation__krb5_rd_req - Parse and decrypt a KRB_AP_REQ message.">feedback</a> - </div> - </div> - </div> - - </body> -</html>
\ No newline at end of file |