1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
.TH "krb5_auth" 3 "Fri Jun 7 2019" "Version 7.7.0" "HeimdalKerberos5library" \" -*- nroff -*-
.ad l
.nh
.SH NAME
krb5_auth
.SH SYNOPSIS
.br
.PP
.SS "Functions"
.in +1c
.ti -1c
.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_in_ctx_alloc\fP (krb5_context context, krb5_rd_req_in_ctx *ctx)"
.br
.ti -1c
.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_in_set_keytab\fP (krb5_context context, krb5_rd_req_in_ctx in, krb5_keytab keytab)"
.br
.ti -1c
.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_in_set_pac_check\fP (krb5_context context, krb5_rd_req_in_ctx in, krb5_boolean flag)"
.br
.ti -1c
.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_out_get_server\fP (krb5_context context, krb5_rd_req_out_ctx out, krb5_principal *principal)"
.br
.ti -1c
.RI "KRB5_LIB_FUNCTION void KRB5_LIB_CALL \fBkrb5_rd_req_out_ctx_free\fP (krb5_context context, krb5_rd_req_out_ctx ctx)"
.br
.ti -1c
.RI "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL \fBkrb5_rd_req_ctx\fP (krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, krb5_const_principal server, krb5_rd_req_in_ctx inctx, krb5_rd_req_out_ctx *outctx)"
.br
.in -1c
.SH "Detailed Description"
.PP
.SH "Function Documentation"
.PP
.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_ctx (krb5_context context, krb5_auth_context * auth_context, const krb5_data * inbuf, krb5_const_principal server, krb5_rd_req_in_ctx inctx, krb5_rd_req_out_ctx * outctx)"
The core server function that verify application authentication requests from clients\&.
.PP
\fBParameters:\fP
.RS 4
\fIcontext\fP Keberos 5 context\&.
.br
\fIauth_context\fP the authentication context, can be NULL, then default values for the authentication context will used\&.
.br
\fIinbuf\fP the (AP-REQ) authentication buffer
.br
\fIserver\fP the server to authenticate to\&. If NULL the function will try to find any available credential in the keytab that will verify the reply\&. The function will prefer the server specified in the AP-REQ, but if there is no mach, it will try all keytab entries for a match\&. This has serious performance issues for large keytabs\&.
.br
\fIinctx\fP control the behavior of the function, if NULL, the default behavior is used\&.
.br
\fIoutctx\fP the return outctx, free with \fBkrb5_rd_req_out_ctx_free()\fP\&.
.RE
.PP
\fBReturns:\fP
.RS 4
Kerberos 5 error code, see \fBkrb5_get_error_message()\fP\&.
.RE
.PP
.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_ctx_alloc (krb5_context context, krb5_rd_req_in_ctx * ctx)"
Allocate a krb5_rd_req_in_ctx as an input parameter to \fBkrb5_rd_req_ctx()\fP\&. The caller should free the context with krb5_rd_req_in_ctx_free() when done with the context\&.
.PP
\fBParameters:\fP
.RS 4
\fIcontext\fP Keberos 5 context\&.
.br
\fIctx\fP in ctx to \fBkrb5_rd_req_ctx()\fP\&.
.RE
.PP
\fBReturns:\fP
.RS 4
Kerberos 5 error code, see \fBkrb5_get_error_message()\fP\&.
.RE
.PP
.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_keytab (krb5_context context, krb5_rd_req_in_ctx in, krb5_keytab keytab)"
Set the keytab that \fBkrb5_rd_req_ctx()\fP will use\&.
.PP
\fBParameters:\fP
.RS 4
\fIcontext\fP Keberos 5 context\&.
.br
\fIin\fP in ctx to \fBkrb5_rd_req_ctx()\fP\&.
.br
\fIkeytab\fP keytab that \fBkrb5_rd_req_ctx()\fP will use, only copy the pointer, so the caller must free they keytab after krb5_rd_req_in_ctx_free() is called\&.
.RE
.PP
\fBReturns:\fP
.RS 4
Kerberos 5 error code, see \fBkrb5_get_error_message()\fP\&.
.RE
.PP
.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_in_set_pac_check (krb5_context context, krb5_rd_req_in_ctx in, krb5_boolean flag)"
Set if krb5_rq_red() is going to check the Windows PAC or not
.PP
\fBParameters:\fP
.RS 4
\fIcontext\fP Keberos 5 context\&.
.br
\fIin\fP krb5_rd_req_in_ctx to check the option on\&.
.br
\fIflag\fP flag to select if to check the pac (TRUE) or not (FALSE)\&.
.RE
.PP
\fBReturns:\fP
.RS 4
Kerberos 5 error code, see \fBkrb5_get_error_message()\fP\&.
.RE
.PP
.SS "KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_rd_req_out_ctx_free (krb5_context context, krb5_rd_req_out_ctx ctx)"
Free the krb5_rd_req_out_ctx\&.
.PP
\fBParameters:\fP
.RS 4
\fIcontext\fP Keberos 5 context\&.
.br
\fIctx\fP krb5_rd_req_out_ctx context to free\&.
.RE
.PP
.SS "KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_out_get_server (krb5_context context, krb5_rd_req_out_ctx out, krb5_principal * principal)"
Get the principal that was used in the request from the client\&. Might not match whats in the ticket if \fBkrb5_rd_req_ctx()\fP searched in the keytab for a matching key\&.
.PP
\fBParameters:\fP
.RS 4
\fIcontext\fP a Kerberos 5 context\&.
.br
\fIout\fP a krb5_rd_req_out_ctx from \fBkrb5_rd_req_ctx()\fP\&.
.br
\fIprincipal\fP return principal, free with \fBkrb5_free_principal()\fP\&.
.RE
.PP
.SH "Author"
.PP
Generated automatically by Doxygen for HeimdalKerberos5library from the source code\&.
|
