Lines Matching refs:request
109 * This function sends a request to the KDC, and gets back a response;
116 krb5_kdc_req *request,
134 if (request->nonce == 0) {
137 request->nonce = (krb5_int32) time_now;
141 if ((retval = encode_krb5_as_req(request, &packet)) != 0)
147 krb5_princ_realm(context, request->client),
229 krb5_kdc_req *request,
235 request,
244 krb5_kdc_req *request,
262 else if (request != NULL) {
263 if ((retval = krb5_principal2salt(context, request->client, &salt)))
273 "error key == NULL and request == NULL");
283 * the enctypes originally requested. Note, if request is NULL then the
287 if (request != NULL) {
288 if (is_in_keytype(request->ktype, request->nktypes,
316 krb5_kdc_req *request,
326 if (!krb5_principal_compare(context, as_reply->client, request->client)
327 || !krb5_principal_compare(context, as_reply->enc_part2->server, request->server)
328 || !krb5_principal_compare(context, as_reply->ticket->server, request->server)
329 || (request->nonce != as_reply->enc_part2->nonce)
332 || ((request->kdc_options & KDC_OPT_POSTDATED) &&
333 (request->from != 0) &&
334 (request->from != as_reply->enc_part2->times.starttime))
335 || ((request->till != 0) &&
336 (as_reply->enc_part2->times.endtime > request->till))
337 || ((request->kdc_options & KDC_OPT_RENEWABLE) &&
341 !(request->kdc_options & KDC_OPT_RENEWABLE_OK) &&
343 (request->rtime != 0) &&
344 (as_reply->enc_part2->times.renew_till > request->rtime))
345 || ((request->kdc_options & KDC_OPT_RENEWABLE_OK) &&
346 !(request->kdc_options & KDC_OPT_RENEWABLE) &&
348 (request->till != 0) &&
349 (as_reply->enc_part2->times.renew_till > request->till))
354 || ((request->kdc_options & KDC_OPT_RENEWABLE_OK) &&
356 (request->till != 0) &&
357 (request->rtime != 0) &&
358 (as_reply->enc_part2->times.renew_till > max(request->till,
359 request->rtime)))
369 if ((request->from == 0) &&
381 krb5_kdc_req *request,
532 krb5_kdc_req request;
551 "Client/server realm mismatch in initial ticket request: '%s' requesting ticket '%s'"),
565 * Set up the basic request structure
567 request.magic = KV5M_KDC_REQ;
568 request.msg_type = KRB5_AS_REQ;
569 request.addresses = 0;
570 request.ktype = 0;
571 request.padata = 0;
573 request.addresses = (krb5_address **) addrs;
575 if ((retval = krb5_os_localaddr(context, &request.addresses)))
577 request.kdc_options = options;
578 request.client = creds->client;
579 request.server = creds->server;
580 request.nonce = 0;
581 request.from = creds->times.starttime;
582 request.till = creds->times.endtime;
583 request.rtime = creds->times.renew_till;
585 request.ktype = malloc (sizeof(get_in_tkt_enctypes));
586 if (request.ktype == NULL) {
590 memcpy(request.ktype, get_in_tkt_enctypes, sizeof(get_in_tkt_enctypes));
591 for (request.nktypes = 0;request.ktype[request.nktypes];request.nktypes++);
595 if (ktypes[req] == request.ktype[next]) {
599 for (i = next + 1; i < request.nktypes; i++)
600 if (ktypes[req] == request.ktype[i]) {
606 t = request.ktype[next];
607 request.ktype[next] = request.ktype[i];
608 request.ktype[i] = t;
615 request.ktype[next] = 0;
616 request.nktypes = next;
618 request.authorization_data.ciphertext.length = 0;
619 request.authorization_data.ciphertext.data = 0;
620 request.unenc_authdata = 0;
621 request.second_ticket = 0;
658 keyseed, creds, &request)) != 0)
674 request.nonce = (krb5_int32) time_now;
676 if ((retval = send_as_request2(context, &request, &err_reply,
691 &request.server->realm,
707 if ((retval = krb5_process_padata(context, &request, as_reply,
717 if ((retval = decrypt_as_reply(context, &request, as_reply, key_proc,
722 if ((retval = verify_as_reply(context, time_now, &request, as_reply)))
725 if ((retval = stash_as_reply(context, time_now, &request, as_reply,
730 if (request.ktype)
731 free(request.ktype);
732 if (!addrs && request.addresses)
733 krb5_free_addresses(context, request.addresses);
734 if (request.padata)
735 krb5_free_pa_data(context, request.padata);
988 krb5_kdc_req request;
1010 request.server = NULL;
1011 request.ktype = NULL;
1012 request.addresses = NULL;
1013 request.padata = NULL;
1027 * Set up the basic request structure
1029 request.magic = KV5M_KDC_REQ;
1030 request.msg_type = KRB5_AS_REQ;
1032 /* request.nonce is filled in when we send a request to the kdc */
1033 request.nonce = 0;
1035 /* request.padata is filled in later */
1037 request.kdc_options = context->kdc_default_options;
1050 request.kdc_options |= KDC_OPT_FORWARDABLE;
1063 request.kdc_options |= KDC_OPT_PROXIABLE;
1068 request.kdc_options |= (KDC_OPT_ALLOW_POSTDATE|KDC_OPT_POSTDATED);
1072 if ((ret = krb5_timeofday(context, &request.from)))
1074 request.from = krb5int_addint32(request.from, start_time);
1090 request.till = krb5int_addint32(request.from, tkt_life);
1108 request.kdc_options |= KDC_OPT_RENEWABLE;
1111 request.rtime = krb5int_addint32(request.from, renew_life);
1112 if (request.rtime < request.till) {
1114 request.rtime = request.till;
1117 request.kdc_options &= ~(KDC_OPT_RENEWABLE_OK);
1119 request.rtime = 0;
1124 request.client = client;
1133 if ((ret = krb5_parse_name(context, in_tkt_service, &request.server)))
1138 if (request.server->realm.length < request.client->realm.length)
1139 if ((request.server->realm.data =
1140 (char *) realloc(request.server->realm.data,
1141 request.client->realm.length)) == NULL) {
1146 request.server->realm.length = request.client->realm.length;
1147 memcpy(request.server->realm.data, request.client->realm.data,
1148 request.client->realm.length);
1150 if ((ret = krb5_build_principal_ext(context, &request.server,
1151 request.client->realm.length,
1152 request.client->realm.data,
1155 request.client->realm.length,
1156 request.client->realm.data,
1166 request.ktype = options->etype_list;
1167 request.nktypes = options->etype_list_length;
1169 &request.ktype)) == 0) {
1170 for (request.nktypes = 0;
1171 request.ktype[request.nktypes];
1172 request.nktypes++)
1180 request.addresses = options->address_list;
1195 if ((ret = krb5_os_localaddr(context, &request.addresses)))
1199 request.authorization_data.ciphertext.length = 0;
1200 request.authorization_data.ciphertext.data = 0;
1201 request.unenc_authdata = 0;
1202 request.second_ticket = 0;
1224 /* set the request nonce */
1231 request.nonce = (krb5_int32) time_now;
1233 /* give the preauth plugins a chance to prep the request body */
1234 krb5_preauth_prepare_request(context, options, &request);
1235 ret = encode_krb5_kdc_req_body(&request, &encoded_request_body);
1244 if (request.padata) {
1245 krb5_free_pa_data(context, request.padata);
1246 request.padata = NULL;
1251 &request,
1254 preauth_to_use, &request.padata,
1267 &request,
1270 preauth_to_use, &request.padata,
1295 ret = encode_krb5_as_req(&request, &encoded_previous_request);
1301 if ((ret = send_as_request2(context, &request, &err_reply,
1321 &request.server->realm,
1369 if ((ret = sort_krb5_padata_sequence(context, &request.server->realm,
1374 &request,
1405 if ((ret = ((*gak_fct)(context, request.client,
1417 if ((ret = verify_as_reply(context, time_now, &request, local_as_reply)))
1427 if ((ret = stash_as_reply(context, time_now, &request, local_as_reply,
1534 if (request.server)
1535 krb5_free_principal(context, request.server);
1536 if (request.ktype &&
1538 free(request.ktype);
1539 if (request.addresses &&
1542 krb5_free_addresses(context, request.addresses);
1547 if (request.padata)
1548 krb5_free_pa_data(context, request.padata);