Lines Matching refs:context
90 free_paid(krb5_context context, struct pa_info_data *ppaid)
92 krb5_free_salt(context, ppaid->salt);
94 krb5_free_data(context, ppaid->s2kparams);
98 default_s2k_func(krb5_context context, krb5_enctype type,
107 _krb5_debug(context, 5, "krb5_get_init_creds: using default_s2k_func");
119 ret = krb5_string_to_key_data_salt_opaque(context, type, password,
129 free_init_creds_ctx(krb5_context context, krb5_init_creds_context ctx)
144 krb5_free_cred_contents(context, &ctx->cred);
151 free_paid(context, ctx->ppaid);
158 get_config_time (krb5_context context,
165 ret = krb5_config_get_time (context, NULL,
172 ret = krb5_config_get_time (context, NULL,
182 init_cred (krb5_context context,
192 krb5_timeofday (context, &now);
197 krb5_copy_principal(context, client, &cred->client);
199 ret = krb5_get_default_principal (context,
222 krb5_free_cred_contents (context, cred);
231 report_expiration (krb5_context context,
241 (*prompter)(context, data, NULL, p, 0, NULL);
246 * Check the context, and in the case there is a expiration warning,
249 * @param context A Kerberos 5 context.
255 process_last_request(krb5_context context,
270 realm = krb5_principal_get_realm (context, ctx->cred.client);
278 krb5_set_error_message(context, ENOMEM,
290 (*options->opt_private->lr.func)(context, lre,
305 krb5_timeofday (context, &sec);
307 t = sec + get_config_time (context,
316 report_expiration(context, ctx->prompter,
323 report_expiration(context, ctx->prompter,
336 report_expiration(context, ctx->prompter,
347 get_init_creds_common(krb5_context context,
361 const char *realm = krb5_principal_get_realm(context, client);
363 krb5_get_init_creds_opt_alloc (context, &default_opt);
365 krb5_get_init_creds_opt_set_default_flags(context, NULL, realm, options);
370 ret = krb5_init_creds_set_password(context, ctx,
388 krb5_principal_get_type(context, client) == KRB5_NT_ENTERPRISE_PRINCIPAL)
396 ret = init_cred(context, &ctx->cred, client, start_time, options);
399 krb5_get_init_creds_opt_free(context, default_opt);
403 ret = krb5_init_creds_set_service(context, ctx, NULL);
444 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
457 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
468 krb5_get_init_creds_opt_free(context, default_opt);
472 krb5_get_init_creds_opt_free(context, default_opt);
477 change_password (krb5_context context,
499 ret = krb5_get_init_creds_opt_alloc(context, &options);
513 ret = krb5_get_init_creds_password (context,
522 krb5_get_init_creds_opt_free(context, options);
543 ret = (*prompter) (context, data, NULL, "Changing password",
557 ret = krb5_set_password (context,
576 (*prompter) (context, data, NULL, p, 0, NULL);
584 krb5_set_error_message(context, ret,
593 krb5_free_cred_contents (context, &cpw_cred);
599 krb5_keyblock_key_proc (krb5_context context,
605 return krb5_copy_keyblock (context, keyseed, key);
613 init_as_req (krb5_context context,
630 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
636 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
655 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
668 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
674 ret = _krb5_init_etype(context,
692 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
697 ret = krb5_copy_addresses(context, addrs, a->req_body.addresses);
699 ret = krb5_get_all_client_addrs (context, a->req_body.addresses);
723 set_paid(struct pa_info_data *paid, krb5_context context,
732 krb5_clear_error_message(context);
741 ret = krb5_copy_data(context, s2kparams, &paid->s2kparams);
743 krb5_clear_error_message(context);
744 krb5_free_salt(context, paid->salt);
754 pa_etype_info2(krb5_context context,
776 ret = krb5_get_pw_salt(context, client, &salt);
783 ret = set_paid(paid, context, e.val[i].etype,
789 krb5_free_salt(context, salt);
803 pa_etype_info(krb5_context context,
826 ret = krb5_get_pw_salt(context, client, &salt);
834 ret = set_paid(paid, context, e.val[i].etype,
840 krb5_free_salt(context, salt);
855 pa_pw_or_afs3_salt(krb5_context context,
864 ret = set_paid(paid, context,
905 process_pa_info(krb5_context context,
919 p = (*pa_prefs[i].salt_info)(context, client, asreq,
926 make_pa_enc_timestamp(krb5_context context, METHOD_DATA *md,
939 krb5_us_timeofday (context, &p.patimestamp, &usec);
947 krb5_abortx(context, "internal error in ASN.1 encoder");
949 ret = krb5_crypto_init(context, key, 0, &crypto);
954 ret = krb5_encrypt_EncryptedData(context,
962 krb5_crypto_destroy(context, crypto);
971 krb5_abortx(context, "internal error in ASN.1 encoder");
973 ret = krb5_padata_add(context, md, KRB5_PADATA_ENC_TIMESTAMP, buf, len);
980 add_enc_ts_padata(krb5_context context,
997 ret = krb5_get_pw_salt (context, client, &salt2);
1003 enctypes = context->etypes;
1012 _krb5_debug(context, 5, "krb5_get_init_creds: using ENC-TS with enctype %d", enctypes[i]);
1014 ret = (*keyproc)(context, enctypes[i], keyseed,
1018 ret = make_pa_enc_timestamp (context, md, enctypes[i], key);
1019 krb5_free_keyblock (context, key);
1024 krb5_free_salt(context, salt2);
1029 pa_data_to_md_ts_enc(krb5_context context,
1040 add_enc_ts_padata(context, md, client,
1047 _krb5_debug(context, 5, "krb5_get_init_creds: pa-info not found, guessing salt");
1050 add_enc_ts_padata(context, md, client,
1058 add_enc_ts_padata(context, md, client,
1067 pa_data_to_key_plain(krb5_context context,
1077 ret = (*ctx->keyproc)(context, etype, ctx->keyseed,
1084 pa_data_to_md_pkinit(krb5_context context,
1094 return _krb5_pk_mk_padata(context,
1102 krb5_set_error_message(context, EINVAL,
1109 pa_data_add_pac_request(krb5_context context,
1133 krb5_abortx(context, "internal error in ASN.1 encoder");
1135 ret = krb5_padata_add(context, md, KRB5_PADATA_PA_PAC_REQUEST, buf, len);
1147 process_pa_data_to_md(krb5_context context,
1160 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
1166 if (_krb5_have_debug(context, 5)) {
1168 _krb5_debug(context, 5, "KDC send %d patypes", in_md->len);
1170 _krb5_debug(context, 5, "KDC send PA-DATA type: %d", in_md->val[i].padata_type);
1180 _krb5_debug(context, 5, "krb5_get_init_creds: "
1185 krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP,
1190 ret = pa_data_to_md_pkinit(context, a, creds->client,
1208 ppaid = process_pa_info(context, creds->client, a, paid, in_md);
1217 free_paid(context, ppaid);
1218 krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP,
1224 pa_data_to_md_ts_enc(context, a, creds->client, ctx, ppaid, *out_md);
1230 free_paid(context, ctx->ppaid);
1238 pa_data_add_pac_request(context, ctx, *out_md);
1249 process_pa_data_to_key(krb5_context context,
1268 ppaid = process_pa_info(context, creds->client, a, &paid,
1274 ret = krb5_get_pw_salt (context, creds->client, &paid.salt);
1299 _krb5_debug(context, 5, "krb5_get_init_creds: using PKINIT");
1301 ret = _krb5_pk_rd_pa_reply(context,
1312 krb5_set_error_message(context, ret, N_("no support for PKINIT compiled in", ""));
1315 _krb5_debug(context, 5, "krb5_get_init_creds: using keyproc");
1316 ret = pa_data_to_key_plain(context, creds->client, ctx,
1320 krb5_set_error_message(context, ret, N_("No usable pa data type", ""));
1323 free_paid(context, &paid);
1328 * Start a new context to get a new initial credential.
1330 * @param context A Kerberos 5 context.
1346 krb5_init_creds_init(krb5_context context,
1361 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
1365 ret = get_init_creds_common(context, client, start_time, options, ctx);
1389 * @param context a Kerberos 5 context.
1390 * @param ctx a krb5_init_creds_context context.
1400 krb5_init_creds_set_service(krb5_context context,
1408 client_realm = krb5_principal_get_realm (context, ctx->cred.client);
1411 ret = krb5_parse_name (context, service, &principal);
1414 krb5_principal_set_realm (context, principal, client_realm);
1416 ret = krb5_make_principal(context, &principal,
1430 if (krb5_principal_is_krbtgt(context, principal))
1431 krb5_principal_set_type(context, principal, KRB5_NT_SRV_INST);
1433 krb5_free_principal(context, ctx->cred.server);
1442 * @param context a Kerberos 5 context.
1443 * @param ctx ctx krb5_init_creds_context context.
1451 krb5_init_creds_set_password(krb5_context context,
1462 krb5_set_error_message(context, ENOMEM, N_("malloc: out of memory", ""));
1475 keytab_key_proc(krb5_context context, krb5_enctype enctype,
1488 krb5_kt_default(context, &real_keytab);
1492 ret = krb5_kt_get_entry (context, real_keytab, principal,
1496 krb5_kt_close (context, real_keytab);
1501 ret = krb5_copy_keyblock (context, &entry.keyblock, key);
1502 krb5_kt_free_entry(context, &entry);
1510 * @param context a Kerberos 5 context.
1511 * @param ctx ctx krb5_init_creds_context context.
1519 krb5_init_creds_set_keytab(krb5_context context,
1533 krb5_set_error_message(context, ENOMEM,
1552 ret = krb5_kt_start_seq_get(context, keytab, &cursor);
1556 while(krb5_kt_next_entry(context, keytab, &entry, &cursor) == 0){
1559 if (!krb5_principal_compare(context, entry.principal, ctx->cred.client))
1574 if (krb5_enctype_valid(context, entry.keyblock.keytype) != 0)
1587 krb5_kt_free_entry(context, &entry);
1589 krb5_kt_end_seq_get(context, keytab, &cursor);
1602 keyblock_key_proc(krb5_context context, krb5_enctype enctype,
1607 return krb5_copy_keyblock (context, keyseed, key);
1611 krb5_init_creds_set_keyblock(krb5_context context,
1628 * @param context a Kerberos 5 context.
1629 * @param ctx ctx krb5_init_creds_context context.
1643 krb5_init_creds_step(krb5_context context,
1657 ret = init_as_req(context, ctx->flags, &ctx->cred,
1660 free_init_creds_ctx(context, ctx);
1667 krb5_set_error_message(context, KRB5_GET_IN_TKT_LOOP,
1675 _krb5_debug(context, 5, "krb5_get_init_creds: loop %d", ctx->pa_counter);
1683 _krb5_debug(context, 5, "krb5_get_init_creds: processing input");
1697 ret = process_pa_data_to_key(context, ctx, &ctx->cred,
1704 _krb5_debug(context, 5, "krb5_get_init_creds: extracting ticket");
1706 ret = _krb5_extract_ticket(context,
1717 krb5_free_keyblock(context, key);
1732 _krb5_debug(context, 5, "krb5_get_init_creds: got an error");
1736 ret = krb5_rd_error(context, in, &ctx->error);
1740 _krb5_debug(context, 5, "krb5_get_init_creds: failed to read error");
1744 ret = krb5_error_from_rd_error(context, &ctx->error, &ctx->cred);
1746 _krb5_debug(context, 5, "krb5_get_init_creds: KRB-ERROR %d", ret);
1764 krb5_set_error_message(context, ret,
1767 krb5_set_error_message(context, ret,
1771 } else if (ret == KRB5KRB_AP_ERR_SKEW && context->kdc_sec_offset == 0) {
1776 krb5_set_real_time(context, ctx->error.stime, -1);
1777 if (context->kdc_sec_offset)
1780 _krb5_debug(context, 10, "init_creds: err skew updateing kdc offset to %d",
1781 context->kdc_sec_offset);
1789 krb5_set_error_message(context, ret,
1793 _krb5_debug(context, 5,
1797 ret = krb5_principal_set_realm(context,
1818 ret = process_pa_data_to_md(context, &ctx->cred, &ctx->as_req, ctx,
1832 krb5_abortx(context, "internal error in ASN.1 encoder");
1846 * context.
1848 * @param context A Kerberos 5 context.
1856 krb5_init_creds_get_creds(krb5_context context,
1860 return krb5_copy_creds_contents(context, &ctx->cred, cred);
1872 krb5_init_creds_get_error(krb5_context context,
1880 krb5_set_error_message(context, ret, N_("malloc: out of memory", ""));
1888 * @param context A Kerberos 5 context.
1895 krb5_init_creds_free(krb5_context context,
1898 free_init_creds_ctx(context, ctx);
1905 * @param context A Kerberos 5 context.
1912 krb5_init_creds_get(krb5_context context, krb5_init_creds_context ctx)
1923 ret = krb5_sendto_ctx_alloc(context, &stctx);
1930 ret = krb5_init_creds_step(context, ctx, &in, &out, hostinfo, &flags);
1938 ret = krb5_sendto_context (context, stctx, &out,
1947 krb5_sendto_ctx_free(context, stctx);
1960 krb5_get_init_creds_password(krb5_context context,
1976 ret = krb5_init_creds_init(context, client, prompter, data, start_time, options, &ctx);
1980 ret = krb5_init_creds_set_service(context, ctx, in_tkt_service);
1989 krb5_unparse_name (context, client, &p);
1999 ret = (*prompter) (context, data, NULL, NULL, 1, &prompt);
2004 krb5_clear_error_message (context);
2011 ret = krb5_init_creds_set_password(context, ctx, password);
2016 ret = krb5_init_creds_get(context, ctx);
2019 process_last_request(context, options, ctx);
2033 ret = change_password (context,
2044 krb5_init_creds_free(context, ctx);
2050 krb5_init_creds_get_creds(context, ctx, creds);
2053 krb5_init_creds_free(context, ctx);
2066 krb5_get_init_creds_keyblock(krb5_context context,
2079 ret = krb5_init_creds_init(context, client, NULL, NULL, start_time, options, &ctx);
2083 ret = krb5_init_creds_set_service(context, ctx, in_tkt_service);
2087 ret = krb5_init_creds_set_keyblock(context, ctx, keyblock);
2091 ret = krb5_init_creds_get(context, ctx);
2094 process_last_request(context, options, ctx);
2098 krb5_init_creds_get_creds(context, ctx, creds);
2101 krb5_init_creds_free(context, ctx);
2113 krb5_get_init_creds_keytab(krb5_context context,
2126 ret = krb5_init_creds_init(context, client, NULL, NULL, start_time, options, &ctx);
2130 ret = krb5_init_creds_set_service(context, ctx, in_tkt_service);
2134 ret = krb5_init_creds_set_keytab(context, ctx, keytab);
2138 ret = krb5_init_creds_get(context, ctx);
2140 process_last_request(context, options, ctx);
2144 krb5_init_creds_get_creds(context, ctx, creds);
2147 krb5_init_creds_free(context, ctx);