• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /macosx-10.10/Heimdal-398.1.2/kdc/

Lines Matching defs:ticket

39  * return the realm of a krbtgt-ticket or NULL
53  * The KDC might add a signed path to the ticket authorization data
385 		    "Bad request to validate ticket");
390 		    "Early request to validate ticket");
397 		"Ticket-granting ticket has INVALID flag set");
404 		    "Bad request for forwardable ticket");
412 		    "Request to forward non-forwardable ticket");
424 		    "Bad request for proxiable ticket");
432 		    "Request to proxy non-proxiable ticket");
444 		    "Bad request for post-datable ticket");
452 		    "Bad request for postdated ticket");
467 		    "Bad request for renewable ticket");
479 		    "Request to renew non-renewable ticket");
496 		"Request for anonymous ticket");
803     copy_Realm(&server_principal->realm, &rep.ticket.realm);
804     _krb5_principal2principalname(&rep.ticket.sname, server_principal);
808     rep.ticket.tkt_vno = 5;
931     ek.srealm = rep.ticket.realm;
932     ek.sname = rep.ticket.sname;
977        *for the new ticket*. Should we pick the best possible
980        session key is DES3 and we want a ticket with a (say)
1134 		  krb5_ticket **ticket,
1164     if (!get_krbtgt_realm(&ap_req.ticket.sname)){
1165 	/* XXX check for ticket.sname == req.sname */
1166 	kdc_log(r->context, r->config, 0, "PA-DATA is not a ticket-granting ticket");
1173 					     ap_req.ticket.sname,
1174 					     ap_req.ticket.realm);
1183     ret = _kdc_db_fetch(r->context, r->config, r->server_princ, HDB_F_GET_KRBTGT, ap_req.ticket.enc_part.kvno, NULL, &r->server);
1186 	kdc_log(r->context, r->config, 5, "Ticket-granting ticket account %s does not have secrets at this KDC, need to proxy", r->server_name);
1192 		"Ticket-granting ticket user %s not found in database: %s", r->server_name, msg);
1198     if (ap_req.ticket.enc_part.kvno &&
1199 	*ap_req.ticket.enc_part.kvno != r->server->entry.kvno){
1203 		*ap_req.ticket.enc_part.kvno,
1210     r->server_enctype = ap_req.ticket.enc_part.etype;
1213 			  ap_req.ticket.enc_part.etype, &tkey);
1217 	krb5_enctype_to_string(r->context, ap_req.ticket.enc_part.etype, &str);
1239 			      ticket,
1249     heim_assert(ticket != NULL, "verify ap_req2 w/o ticket ?");
1285 				  ac, b, &r->e_text, &(*ticket)->ticket.key);
1385     ret = _kdc_fast_unwrap_request(r, *ticket, ac);
1480 		krb5_ticket *ticket,
1495     EncTicketPart *tgt = &ticket->ticket;
1547 		    "No second ticket present in request");
1553 		    "Additional ticket is not a ticket-granting ticket");
1702 			"Addition ticket have not matching etypes");
1959 	    /* If we were about to put a PAC into the ticket, we better fix it to be the right PAC */
1990 		    ret = _krb5_pac_sign(context, p, ticket->ticket.authtime,
2005 	     * requesting a ticket to it-self.
2047 	 * self-issued ticket with kimpersonate(1).
2052 		    "Constrained delegation done on service ticket %s/%s",
2069 		    "failed to decrypt ticket for "
2096 	/* check that ticket is valid */
2099 		    "Missing forwardable flag on ticket for "
2144 	 * Check that the KDC issued the user's ticket.
2316     krb5_ticket *ticket = NULL;
2352 			    &ticket,
2382 			  ticket,
2420     if (ticket)
2421 	krb5_free_ticket(r->context, ticket);