1/* This is a generated file */ 2#ifndef __krb5_protos_h__ 3#define __krb5_protos_h__ 4 5#include <stdarg.h> 6 7#ifndef HEIMDAL_NORETURN_ATTRIBUTE 8#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 9#define HEIMDAL_NORETURN_ATTRIBUTE __attribute__((noreturn)) 10#else 11#define HEIMDAL_NORETURN_ATTRIBUTE 12#endif 13#endif 14 15#ifndef HEIMDAL_PRINTF_ATTRIBUTE 16#if defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 17#define HEIMDAL_PRINTF_ATTRIBUTE(x) __attribute__((format x)) 18#else 19#define HEIMDAL_PRINTF_ATTRIBUTE(x) 20#endif 21#endif 22 23#ifndef KRB5_DEPRECATED_FUNCTION 24#ifndef __has_extension 25#define __has_extension(x) 0 26#define KRB5_DEPRECATED_FUNCTIONhas_extension 1 27#endif 28#if __has_extension(attribute_deprecated_with_message) 29#define KRB5_DEPRECATED_FUNCTION(x) __attribute__((__deprecated__(x))) 30#elif defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 31#define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__)) 32#else 33#define KRB5_DEPRECATED_FUNCTION(X) 34#endif 35#ifdef KRB5_DEPRECATED_FUNCTIONhas_extension 36#undef __has_extension 37#undef KRB5_DEPRECATED_FUNCTIONhas_extension 38#endif 39#endif /* KRB5_DEPRECATED_FUNCTION */ 40 41 42#ifdef __cplusplus 43extern "C" { 44#endif 45 46#ifndef KRB5_LIB 47#ifndef KRB5_LIB_FUNCTION 48#if defined(_WIN32) 49#define KRB5_LIB_FUNCTION __declspec(dllimport) 50#define KRB5_LIB_CALL __stdcall 51#define KRB5_LIB_VARIABLE __declspec(dllimport) 52#else 53#define KRB5_LIB_FUNCTION 54#define KRB5_LIB_CALL 55#define KRB5_LIB_VARIABLE 56#endif 57#endif 58#endif 59 60/** 61 * Convert the v5 credentials in in_cred to v4-dito in v4creds. This 62 * is done by sending them to the 524 function in the KDC. If 63 * `in_cred' doesn't contain a DES session key, then a new one is 64 * gotten from the KDC and stored in the cred cache `ccache'. 65 * 66 * @param context Kerberos 5 context. 67 * @param in_cred the credential to convert 68 * @param v4creds the converted credential 69 * 70 * @return Returns 0 to indicate success. Otherwise an kerberos et 71 * error code is returned, see krb5_get_error_message(). 72 * 73 * @ingroup krb5_v4compat 74 */ 75 76KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 77krb524_convert_creds_kdc ( 78 krb5_context context, 79 krb5_creds *in_cred, 80 struct credentials *v4creds) 81 KRB5_DEPRECATED_FUNCTION("Use X instead"); 82 83/** 84 * Convert the v5 credentials in in_cred to v4-dito in v4creds, 85 * check the credential cache ccache before checking with the KDC. 86 * 87 * @param context Kerberos 5 context. 88 * @param ccache credential cache used to check for des-ticket. 89 * @param in_cred the credential to convert 90 * @param v4creds the converted credential 91 * 92 * @return Returns 0 to indicate success. Otherwise an kerberos et 93 * error code is returned, see krb5_get_error_message(). 94 * 95 * @ingroup krb5_v4compat 96 */ 97 98KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 99krb524_convert_creds_kdc_ccache ( 100 krb5_context context, 101 krb5_ccache ccache, 102 krb5_creds *in_cred, 103 struct credentials *v4creds) 104 KRB5_DEPRECATED_FUNCTION("Use X instead"); 105 106/** 107 * Log a warning to the log, default stderr, include the error from 108 * the last failure and then abort. 109 * 110 * @param context A Kerberos 5 context 111 * @param code error code of the last error 112 * @param fmt message to print 113 * 114 * @ingroup krb5_error 115 */ 116 117KRB5_LIB_FUNCTION void KRB5_LIB_CALL 118krb5_abort ( 119 krb5_context context, 120 krb5_error_code code, 121 const char *fmt, 122 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)) 123 HEIMDAL_NORETURN_ATTRIBUTE; 124 125/** 126 * Log a warning to the log, default stderr, and then abort. 127 * 128 * @param context A Kerberos 5 context 129 * @param fmt message to print 130 * 131 * @ingroup krb5_error 132 */ 133 134KRB5_LIB_FUNCTION void KRB5_LIB_CALL 135krb5_abortx ( 136 krb5_context context, 137 const char *fmt, 138 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)) 139 HEIMDAL_NORETURN_ATTRIBUTE; 140 141/** 142 * krb5_acl_match_file matches ACL format against each line in a file 143 * using krb5_acl_match_string(). Lines starting with # are treated 144 * like comments and ignored. 145 * 146 * @param context Kerberos 5 context. 147 * @param file file with acl listed in the file. 148 * @param format format to match. 149 * @param ... parameter to format string. 150 * 151 * @return Return an error code or 0. 152 * 153 * @sa krb5_acl_match_string 154 * @ingroup krb5_support 155 */ 156 157KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 158krb5_acl_match_file ( 159 krb5_context context, 160 const char *file, 161 const char *format, 162 ...); 163 164/** 165 * krb5_acl_match_string matches ACL format against a string. 166 * 167 * The ACL format has three format specifiers: s, f, and r. Each 168 * specifier will retrieve one argument from the variable arguments 169 * for either matching or storing data. The input string is split up 170 * using " " (space) and "\t" (tab) as a delimiter; multiple and "\t" 171 * in a row are considered to be the same. 172 * 173 * List of format specifiers: 174 * - s Matches a string using strcmp(3) (case sensitive). 175 * - f Matches the string with fnmatch(3). Theflags 176 * argument (the last argument) passed to the fnmatch function is 0. 177 * - r Returns a copy of the string in the char ** passed in; the copy 178 * must be freed with free(3). There is no need to free(3) the 179 * string on error: the function will clean up and set the pointer 180 * to NULL. 181 * 182 * @param context Kerberos 5 context 183 * @param string string to match with 184 * @param format format to match 185 * @param ... parameter to format string 186 * 187 * @return Return an error code or 0. 188 * 189 * 190 * @code 191 * char *s; 192 * 193 * ret = krb5_acl_match_string(context, "foo", "s", "foo"); 194 * if (ret) 195 * krb5_errx(context, 1, "acl didn't match"); 196 * ret = krb5_acl_match_string(context, "foo foo baz/kaka", 197 * "ss", "foo", &s, "foo/\\*"); 198 * if (ret) { 199 * // no need to free(s) on error 200 * assert(s == NULL); 201 * krb5_errx(context, 1, "acl didn't match"); 202 * } 203 * free(s); 204 * @endcode 205 * 206 * @sa krb5_acl_match_file 207 * @ingroup krb5_support 208 */ 209 210KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 211krb5_acl_match_string ( 212 krb5_context context, 213 const char *string, 214 const char *format, 215 ...); 216 217/** 218 * Add a specified list of error messages to the et list in context. 219 * Call func (probably a comerr-generated function) with a pointer to 220 * the current et_list. 221 * 222 * @param context A kerberos context. 223 * @param func The generated com_err et function. 224 * 225 * @return Returns 0 to indicate success. Otherwise an kerberos et 226 * error code is returned, see krb5_get_error_message(). 227 * 228 * @ingroup krb5 229 */ 230 231KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 232krb5_add_et_list ( 233 krb5_context context, 234 void (*func)(struct et_list **)); 235 236/** 237 * Add extra address to the address list that the library will add to 238 * the client's address list when communicating with the KDC. 239 * 240 * @param context Kerberos 5 context. 241 * @param addresses addreses to add 242 * 243 * @return Returns 0 to indicate success. Otherwise an kerberos et 244 * error code is returned, see krb5_get_error_message(). 245 * 246 * @ingroup krb5 247 */ 248 249KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 250krb5_add_extra_addresses ( 251 krb5_context context, 252 krb5_addresses *addresses); 253 254/** 255 * Add extra addresses to ignore when fetching addresses from the 256 * underlaying operating system. 257 * 258 * @param context Kerberos 5 context. 259 * @param addresses addreses to ignore 260 * 261 * @return Returns 0 to indicate success. Otherwise an kerberos et 262 * error code is returned, see krb5_get_error_message(). 263 * 264 * @ingroup krb5 265 */ 266 267KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 268krb5_add_ignore_addresses ( 269 krb5_context context, 270 krb5_addresses *addresses); 271 272KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 273krb5_addlog_dest ( 274 krb5_context context, 275 krb5_log_facility *f, 276 const char *orig); 277 278KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 279krb5_addlog_func ( 280 krb5_context context, 281 krb5_log_facility *fac, 282 int min, 283 int max, 284 krb5_log_log_func_t log_func, 285 krb5_log_close_func_t close_func, 286 void *data); 287 288/** 289 * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr 290 * and port. The argument sa_size should initially contain the size of 291 * the sa and after the call, it will contain the actual length of the 292 * address. In case of the sa is too small to fit the whole address, 293 * the up to *sa_size will be stored, and then *sa_size will be set to 294 * the required length. 295 * 296 * @param context a Keberos context 297 * @param addr the address to copy the from 298 * @param sa the struct sockaddr that will be filled in 299 * @param sa_size pointer to length of sa, and after the call, it will 300 * contain the actual length of the address. 301 * @param port set port in sa. 302 * 303 * @return Return an error code or 0. Will return 304 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 305 * 306 * @ingroup krb5_address 307 */ 308 309KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 310krb5_addr2sockaddr ( 311 krb5_context context, 312 const krb5_address *addr, 313 struct sockaddr *sa, 314 krb5_socklen_t *sa_size, 315 int port); 316 317/** 318 * krb5_address_compare compares the addresses addr1 and addr2. 319 * Returns TRUE if the two addresses are the same. 320 * 321 * @param context a Keberos context 322 * @param addr1 address to compare 323 * @param addr2 address to compare 324 * 325 * @return Return an TRUE is the address are the same FALSE if not 326 * 327 * @ingroup krb5_address 328 */ 329 330KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 331krb5_address_compare ( 332 krb5_context context, 333 const krb5_address *addr1, 334 const krb5_address *addr2); 335 336/** 337 * krb5_address_order compares the addresses addr1 and addr2 so that 338 * it can be used for sorting addresses. If the addresses are the same 339 * address krb5_address_order will return 0. Behavies like memcmp(2). 340 * 341 * @param context a Keberos context 342 * @param addr1 krb5_address to compare 343 * @param addr2 krb5_address to compare 344 * 345 * @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and 346 * addr2 is the same address, > 0 if addr2 is "less" then addr1. 347 * 348 * @ingroup krb5_address 349 */ 350 351KRB5_LIB_FUNCTION int KRB5_LIB_CALL 352krb5_address_order ( 353 krb5_context context, 354 const krb5_address *addr1, 355 const krb5_address *addr2); 356 357/** 358 * Calculate the boundary addresses of `inaddr'/`prefixlen' and store 359 * them in `low' and `high'. 360 * 361 * @param context a Keberos context 362 * @param inaddr address in prefixlen that the bondery searched 363 * @param prefixlen width of boundery 364 * @param low lowest address 365 * @param high highest address 366 * 367 * @return Return an error code or 0. 368 * 369 * @ingroup krb5_address 370 */ 371 372KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 373krb5_address_prefixlen_boundary ( 374 krb5_context context, 375 const krb5_address *inaddr, 376 unsigned long prefixlen, 377 krb5_address *low, 378 krb5_address *high); 379 380/** 381 * krb5_address_search checks if the address addr is a member of the 382 * address set list addrlist . 383 * 384 * @param context a Keberos context. 385 * @param addr address to search for. 386 * @param addrlist list of addresses to look in for addr. 387 * 388 * @return Return an error code or 0. 389 * 390 * @ingroup krb5_address 391 */ 392 393KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 394krb5_address_search ( 395 krb5_context context, 396 const krb5_address *addr, 397 const krb5_addresses *addrlist); 398 399/** 400 * Enable or disable all weak encryption types 401 * 402 * @param context Kerberos 5 context 403 * @param enable true to enable, false to disable 404 * 405 * @return Return an error code or 0. 406 * 407 * @ingroup krb5_crypto 408 */ 409 410KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 411krb5_allow_weak_crypto ( 412 krb5_context context, 413 krb5_boolean enable); 414 415KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 416krb5_aname_to_localname ( 417 krb5_context context, 418 krb5_const_principal aname, 419 size_t lnsize, 420 char *lname); 421 422/** 423 * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to 424 * bind(2) to. The argument sa_size should initially contain the size 425 * of the sa, and after the call, it will contain the actual length 426 * of the address. 427 * 428 * @param context a Keberos context 429 * @param af address family 430 * @param sa sockaddr 431 * @param sa_size lenght of sa. 432 * @param port for to fill into sa. 433 * 434 * @return Return an error code or 0. 435 * 436 * @ingroup krb5_address 437 */ 438 439KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 440krb5_anyaddr ( 441 krb5_context context, 442 int af, 443 struct sockaddr *sa, 444 krb5_socklen_t *sa_size, 445 int port); 446 447KRB5_LIB_FUNCTION void KRB5_LIB_CALL 448krb5_appdefault_boolean ( 449 krb5_context context, 450 const char *appname, 451 krb5_const_realm realm, 452 const char *option, 453 krb5_boolean def_val, 454 krb5_boolean *ret_val); 455 456KRB5_LIB_FUNCTION void KRB5_LIB_CALL 457krb5_appdefault_string ( 458 krb5_context context, 459 const char *appname, 460 krb5_const_realm realm, 461 const char *option, 462 const char *def_val, 463 char **ret_val); 464 465KRB5_LIB_FUNCTION void KRB5_LIB_CALL 466krb5_appdefault_time ( 467 krb5_context context, 468 const char *appname, 469 krb5_const_realm realm, 470 const char *option, 471 time_t def_val, 472 time_t *ret_val); 473 474/** 475 * krb5_append_addresses adds the set of addresses in source to 476 * dest. While copying the addresses, duplicates are also sorted out. 477 * 478 * @param context a Keberos context 479 * @param dest destination of copy operation 480 * @param source adresses that are going to be added to dest 481 * 482 * @return Return an error code or 0. 483 * 484 * @ingroup krb5_address 485 */ 486 487KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 488krb5_append_addresses ( 489 krb5_context context, 490 krb5_addresses *dest, 491 const krb5_addresses *source); 492 493KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 494krb5_auth_con_add_AuthorizationData ( 495 krb5_context context, 496 krb5_auth_context auth_context, 497 int type, 498 krb5_data *data); 499 500KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 501krb5_auth_con_addflags ( 502 krb5_context context, 503 krb5_auth_context auth_context, 504 int32_t addflags, 505 int32_t *flags); 506 507KRB5_LIB_FUNCTION void KRB5_LIB_CALL 508krb5_auth_con_clear ( 509 krb5_context context, 510 krb5_auth_context auth_context, 511 unsigned int flags); 512 513KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 514krb5_auth_con_free ( 515 krb5_context context, 516 krb5_auth_context auth_context); 517 518KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 519krb5_auth_con_genaddrs ( 520 krb5_context context, 521 krb5_auth_context auth_context, 522 krb5_socket_t fd, 523 int flags); 524 525KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 526krb5_auth_con_generatelocalsubkey ( 527 krb5_context context, 528 krb5_auth_context auth_context, 529 krb5_keyblock *key); 530 531KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 532krb5_auth_con_getaddrs ( 533 krb5_context context, 534 krb5_auth_context auth_context, 535 krb5_address **local_addr, 536 krb5_address **remote_addr); 537 538KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 539krb5_auth_con_getauthenticator ( 540 krb5_context context, 541 krb5_auth_context auth_context, 542 krb5_authenticator *authenticator); 543 544KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 545krb5_auth_con_getcksumtype ( 546 krb5_context context, 547 krb5_auth_context auth_context, 548 krb5_cksumtype *cksumtype); 549 550KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 551krb5_auth_con_getflags ( 552 krb5_context context, 553 krb5_auth_context auth_context, 554 int32_t *flags); 555 556KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 557krb5_auth_con_getkey ( 558 krb5_context context, 559 krb5_auth_context auth_context, 560 krb5_keyblock **keyblock); 561 562KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 563krb5_auth_con_getkeytype ( 564 krb5_context context, 565 krb5_auth_context auth_context, 566 krb5_keytype *keytype); 567 568KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 569krb5_auth_con_getlocalseqnumber ( 570 krb5_context context, 571 krb5_auth_context auth_context, 572 int32_t *seqnumber); 573 574KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 575krb5_auth_con_getlocalsubkey ( 576 krb5_context context, 577 krb5_auth_context auth_context, 578 krb5_keyblock **keyblock); 579 580KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 581krb5_auth_con_getrcache ( 582 krb5_context context, 583 krb5_auth_context auth_context, 584 krb5_rcache *rcache); 585 586KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 587krb5_auth_con_getrecvsubkey ( 588 krb5_context context, 589 krb5_auth_context auth_context, 590 krb5_keyblock **keyblock); 591 592KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 593krb5_auth_con_getremoteseqnumber ( 594 krb5_context context, 595 krb5_auth_context auth_context, 596 int32_t *seqnumber); 597 598KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 599krb5_auth_con_getremotesubkey ( 600 krb5_context context, 601 krb5_auth_context auth_context, 602 krb5_keyblock **keyblock); 603 604KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 605krb5_auth_con_getsendsubkey ( 606 krb5_context context, 607 krb5_auth_context auth_context, 608 krb5_keyblock **keyblock); 609 610KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 611krb5_auth_con_init ( 612 krb5_context context, 613 krb5_auth_context *auth_context); 614 615KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 616krb5_auth_con_removeflags ( 617 krb5_context context, 618 krb5_auth_context auth_context, 619 int32_t removeflags, 620 int32_t *flags); 621 622KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 623krb5_auth_con_setaddrs ( 624 krb5_context context, 625 krb5_auth_context auth_context, 626 krb5_address *local_addr, 627 krb5_address *remote_addr); 628 629KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 630krb5_auth_con_setaddrs_from_fd ( 631 krb5_context context, 632 krb5_auth_context auth_context, 633 void *p_fd); 634 635KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 636krb5_auth_con_setcksumtype ( 637 krb5_context context, 638 krb5_auth_context auth_context, 639 krb5_cksumtype cksumtype); 640 641KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 642krb5_auth_con_setflags ( 643 krb5_context context, 644 krb5_auth_context auth_context, 645 int32_t flags); 646 647KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 648krb5_auth_con_setkey ( 649 krb5_context context, 650 krb5_auth_context auth_context, 651 krb5_keyblock *keyblock); 652 653KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 654krb5_auth_con_setkeytype ( 655 krb5_context context, 656 krb5_auth_context auth_context, 657 krb5_keytype keytype); 658 659KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 660krb5_auth_con_setlocalseqnumber ( 661 krb5_context context, 662 krb5_auth_context auth_context, 663 int32_t seqnumber); 664 665KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 666krb5_auth_con_setlocalsubkey ( 667 krb5_context context, 668 krb5_auth_context auth_context, 669 krb5_keyblock *keyblock); 670 671KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 672krb5_auth_con_setrcache ( 673 krb5_context context, 674 krb5_auth_context auth_context, 675 krb5_rcache rcache); 676 677KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 678krb5_auth_con_setrecvsubkey ( 679 krb5_context context, 680 krb5_auth_context auth_context, 681 krb5_keyblock *keyblock); 682 683KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 684krb5_auth_con_setremoteseqnumber ( 685 krb5_context context, 686 krb5_auth_context auth_context, 687 int32_t seqnumber); 688 689KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 690krb5_auth_con_setremotesubkey ( 691 krb5_context context, 692 krb5_auth_context auth_context, 693 krb5_keyblock *keyblock); 694 695KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 696krb5_auth_con_setsendsubkey ( 697 krb5_context context, 698 krb5_auth_context auth_context, 699 krb5_keyblock *keyblock); 700 701KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 702krb5_auth_con_setuserkey ( 703 krb5_context context, 704 krb5_auth_context auth_context, 705 krb5_keyblock *keyblock); 706 707/** 708 * Deprecated: use krb5_auth_con_getremoteseqnumber() 709 * 710 * @ingroup krb5_deprecated 711 */ 712 713KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 714krb5_auth_getremoteseqnumber ( 715 krb5_context context, 716 krb5_auth_context auth_context, 717 int32_t *seqnumber) 718 KRB5_DEPRECATED_FUNCTION("Use X instead"); 719 720KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 721krb5_build_ap_req ( 722 krb5_context context, 723 krb5_enctype enctype, 724 krb5_creds *cred, 725 krb5_flags ap_options, 726 krb5_data authenticator, 727 krb5_data *retdata); 728 729/** 730 * Build a principal using vararg style building 731 * 732 * @param context A Kerberos context. 733 * @param principal returned principal 734 * @param rlen length of realm 735 * @param realm realm name 736 * @param ... a list of components ended with NULL. 737 * 738 * @return An krb5 error code, see krb5_get_error_message(). 739 * 740 * @ingroup krb5_principal 741 */ 742 743KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 744krb5_build_principal ( 745 krb5_context context, 746 krb5_principal *principal, 747 int rlen, 748 krb5_const_realm realm, 749 ...); 750 751KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 752krb5_build_principal_ext ( 753 krb5_context context, 754 krb5_principal *principal, 755 int rlen, 756 krb5_const_realm realm, 757 ...); 758 759KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 760krb5_build_principal_va ( 761 krb5_context context, 762 krb5_principal *principal, 763 int rlen, 764 krb5_const_realm realm, 765 va_list ap); 766 767KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 768krb5_build_principal_va_ext ( 769 krb5_context context, 770 krb5_principal *principal, 771 int rlen, 772 krb5_const_realm realm, 773 va_list ap); 774 775KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 776krb5_c_block_size ( 777 krb5_context context, 778 krb5_enctype enctype, 779 size_t *blocksize); 780 781KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 782krb5_c_checksum_length ( 783 krb5_context context, 784 krb5_cksumtype cksumtype, 785 size_t *length); 786 787KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 788krb5_c_decrypt ( 789 krb5_context context, 790 const krb5_keyblock key, 791 krb5_keyusage usage, 792 const krb5_data *ivec, 793 krb5_enc_data *input, 794 krb5_data *output); 795 796KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 797krb5_c_encrypt ( 798 krb5_context context, 799 const krb5_keyblock *key, 800 krb5_keyusage usage, 801 const krb5_data *ivec, 802 const krb5_data *input, 803 krb5_enc_data *output); 804 805KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 806krb5_c_encrypt_length ( 807 krb5_context context, 808 krb5_enctype enctype, 809 size_t inputlen, 810 size_t *length); 811 812/** 813 * Deprecated: keytypes doesn't exists, they are really enctypes. 814 * 815 * @ingroup krb5_deprecated 816 */ 817 818KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 819krb5_c_enctype_compare ( 820 krb5_context context, 821 krb5_enctype e1, 822 krb5_enctype e2, 823 krb5_boolean *similar) 824 KRB5_DEPRECATED_FUNCTION("Use X instead"); 825 826KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 827krb5_c_get_checksum ( 828 krb5_context context, 829 const krb5_checksum *cksum, 830 krb5_cksumtype *type, 831 krb5_data **data); 832 833KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 834krb5_c_is_coll_proof_cksum (krb5_cksumtype ctype); 835 836KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 837krb5_c_is_keyed_cksum (krb5_cksumtype ctype); 838 839KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 840krb5_c_keylengths ( 841 krb5_context context, 842 krb5_enctype enctype, 843 size_t *ilen, 844 size_t *keylen); 845 846KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 847krb5_c_make_checksum ( 848 krb5_context context, 849 krb5_cksumtype cksumtype, 850 const krb5_keyblock *key, 851 krb5_keyusage usage, 852 const krb5_data *input, 853 krb5_checksum *cksum); 854 855KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 856krb5_c_make_random_key ( 857 krb5_context context, 858 krb5_enctype enctype, 859 krb5_keyblock *random_key); 860 861KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 862krb5_c_prf ( 863 krb5_context context, 864 const krb5_keyblock *key, 865 const krb5_data *input, 866 krb5_data *output); 867 868KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 869krb5_c_prf_length ( 870 krb5_context context, 871 krb5_enctype type, 872 size_t *length); 873 874KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 875krb5_c_random_make_octets ( 876 krb5_context context, 877 krb5_data * data); 878 879KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 880krb5_c_set_checksum ( 881 krb5_context context, 882 krb5_checksum *cksum, 883 krb5_cksumtype type, 884 const krb5_data *data); 885 886KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 887krb5_c_valid_cksumtype (krb5_cksumtype ctype); 888 889KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 890krb5_c_valid_enctype (krb5_enctype etype); 891 892KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 893krb5_c_verify_checksum ( 894 krb5_context context, 895 const krb5_keyblock *key, 896 krb5_keyusage usage, 897 const krb5_data *data, 898 const krb5_checksum *cksum, 899 krb5_boolean *valid); 900 901/** 902 * Destroy the cursor `cursor'. 903 * 904 * @return Return an error code or 0, see krb5_get_error_message(). 905 * 906 * @ingroup krb5_ccache 907 */ 908 909KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 910krb5_cc_cache_end_seq_get ( 911 krb5_context context, 912 krb5_cc_cache_cursor cursor); 913 914/** 915 * Start iterating over all caches of specified type. See also 916 * krb5_cccol_cursor_new(). 917 918 * @param context A Kerberos 5 context 919 * @param type optional type to iterate over, if NULL, the default cache is used. 920 * @param cursor cursor should be freed with krb5_cc_cache_end_seq_get(). 921 * 922 * @return Return an error code or 0, see krb5_get_error_message(). 923 * 924 * @ingroup krb5_ccache 925 */ 926 927KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 928krb5_cc_cache_get_first ( 929 krb5_context context, 930 const char *type, 931 krb5_cc_cache_cursor *cursor); 932 933/** 934 * Search for a matching credential cache that have the 935 * `principal' as the default principal. On success, `id' needs to be 936 * freed with krb5_cc_close() or krb5_cc_destroy(). 937 * 938 * If the input principal have 0 name_string, the code will only 939 * compare the realm (and ignore the name_strings of the pricipal in 940 * the cache). 941 * 942 * @param context A Kerberos 5 context 943 * @param client The principal to search for 944 * @param id the returned credential cache 945 * 946 * @return On failure, error code is returned and `id' is set to NULL. 947 * 948 * @ingroup krb5_ccache 949 */ 950 951KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 952krb5_cc_cache_match ( 953 krb5_context context, 954 krb5_principal client, 955 krb5_ccache *id); 956 957/** 958 * Retrieve the next cache pointed to by (`cursor') in `id' 959 * and advance `cursor'. 960 * 961 * @param context A Kerberos 5 context 962 * @param cursor the iterator cursor, returned by krb5_cc_cache_get_first() 963 * @param id next ccache 964 * 965 * @return Return 0 or an error code. Returns KRB5_CC_END when the end 966 * of caches is reached, see krb5_get_error_message(). 967 * 968 * @ingroup krb5_ccache 969 */ 970 971KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 972krb5_cc_cache_next ( 973 krb5_context context, 974 krb5_cc_cache_cursor cursor, 975 krb5_ccache *id); 976 977/** 978 * Clear `mcreds' so it can be used with krb5_cc_retrieve_cred 979 * 980 * @ingroup krb5_ccache 981 */ 982 983KRB5_LIB_FUNCTION void KRB5_LIB_CALL 984krb5_cc_clear_mcred (krb5_creds *mcred); 985 986/** 987 * Stop using the ccache `id' and free the related resources. 988 * 989 * @return Return an error code or 0, see krb5_get_error_message(). 990 * 991 * @ingroup krb5_ccache 992 */ 993 994KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 995krb5_cc_close ( 996 krb5_context context, 997 krb5_ccache id); 998 999/** 1000 * Just like krb5_cc_copy_match_f(), but copy everything. 1001 * 1002 * @ingroup @krb5_ccache 1003 */ 1004 1005KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1006krb5_cc_copy_cache ( 1007 krb5_context context, 1008 const krb5_ccache from, 1009 krb5_ccache to); 1010 1011/** 1012 * MIT compat glue 1013 * 1014 * @ingroup krb5_ccache 1015 */ 1016 1017KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1018krb5_cc_copy_creds ( 1019 krb5_context context, 1020 const krb5_ccache from, 1021 krb5_ccache to); 1022 1023krb5_error_code 1024krb5_cc_copy_data ( 1025 krb5_context context, 1026 krb5_ccache id, 1027 void *keys, 1028 void **data); 1029 1030/** 1031 * Copy the contents of `from' to `to' if the given match function 1032 * return true. 1033 * 1034 * @param context A Kerberos 5 context. 1035 * @param from the cache to copy data from. 1036 * @param to the cache to copy data to. 1037 * @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied. 1038 * @param matchctx context passed to match function. 1039 * @param matched set to true if there was a credential that matched, may be NULL. 1040 * 1041 * @return Return an error code or 0, see krb5_get_error_message(). 1042 * 1043 * @ingroup krb5_ccache 1044 */ 1045 1046KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1047krb5_cc_copy_match_f ( 1048 krb5_context context, 1049 const krb5_ccache from, 1050 krb5_ccache to, 1051 krb5_boolean (*match)(krb5_context, void *, const krb5_creds *), 1052 void *matchctx, 1053 unsigned int *matched); 1054 1055/** 1056 * Open the default ccache in `id'. 1057 * 1058 * @return Return an error code or 0, see krb5_get_error_message(). 1059 * 1060 * @ingroup krb5_ccache 1061 */ 1062 1063KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1064krb5_cc_default ( 1065 krb5_context context, 1066 krb5_ccache *id); 1067 1068/** 1069 * Return a pointer to a context static string containing the default 1070 * ccache name. 1071 * 1072 * @return String to the default credential cache name. 1073 * 1074 * @ingroup krb5_ccache 1075 */ 1076 1077KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1078krb5_cc_default_name (krb5_context context); 1079 1080/** 1081 * Remove the ccache `id'. 1082 * 1083 * @return Return an error code or 0, see krb5_get_error_message(). 1084 * 1085 * @ingroup krb5_ccache 1086 */ 1087 1088KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1089krb5_cc_destroy ( 1090 krb5_context context, 1091 krb5_ccache id); 1092 1093/** 1094 * Destroy the cursor `cursor'. 1095 * 1096 * @ingroup krb5_ccache 1097 */ 1098 1099KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1100krb5_cc_end_seq_get ( 1101 krb5_context context, 1102 const krb5_ccache id, 1103 krb5_cc_cursor *cursor); 1104 1105/** 1106 * Generate a new ccache of type `ops' in `id'. 1107 * 1108 * Deprecated: use krb5_cc_new_unique() instead. 1109 * 1110 * @return Return an error code or 0, see krb5_get_error_message(). 1111 * 1112 * @ingroup krb5_ccache 1113 */ 1114 1115KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1116krb5_cc_gen_new ( 1117 krb5_context context, 1118 const krb5_cc_ops *ops, 1119 krb5_ccache *id) 1120 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1121 1122/** 1123 * Get some configuration for the credential cache in the cache. 1124 * 1125 * @param context a Keberos context 1126 * @param id the credential cache to store the data for 1127 * @param principal configuration for a specific principal, if 1128 * NULL, global for the whole cache. 1129 * @param name name under which the configuraion is stored. 1130 * @param data data to fetched, free with krb5_data_free() 1131 * 1132 * @ingroup krb5_ccache 1133 */ 1134 1135KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1136krb5_cc_get_config ( 1137 krb5_context context, 1138 krb5_ccache id, 1139 krb5_const_principal principal, 1140 const char *name, 1141 krb5_data *data); 1142 1143/** 1144 * Get the flags of `id', store them in `flags'. 1145 * 1146 * @ingroup krb5_ccache 1147 */ 1148 1149KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1150krb5_cc_get_flags ( 1151 krb5_context context, 1152 krb5_ccache id, 1153 krb5_flags *flags); 1154 1155/** 1156 * Return a friendly name on credential cache. Free the result with krb5_xfree(). 1157 * 1158 * @return Return an error code or 0, see krb5_get_error_message(). 1159 * 1160 * @ingroup krb5_ccache 1161 */ 1162 1163KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1164krb5_cc_get_friendly_name ( 1165 krb5_context context, 1166 krb5_ccache id, 1167 char **name); 1168 1169/** 1170 * Return the complete resolvable name the cache 1171 1172 * @param context a Keberos context 1173 * @param id return pointer to a found credential cache 1174 * @param str the returned name of a credential cache, free with krb5_xfree() 1175 * 1176 * @return Returns 0 or an error (and then *str is set to NULL). 1177 * 1178 * @ingroup krb5_ccache 1179 */ 1180 1181KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1182krb5_cc_get_full_name ( 1183 krb5_context context, 1184 krb5_ccache id, 1185 char **str); 1186 1187/** 1188 * Get the time offset betwen the client and the KDC 1189 * 1190 * If the backend doesn't support KDC offset, use the context global setting. 1191 * 1192 * @param context A Kerberos 5 context. 1193 * @param id a credential cache 1194 * @param offset the offset in seconds 1195 * 1196 * @return Return an error code or 0, see krb5_get_error_message(). 1197 * 1198 * @ingroup krb5_ccache 1199 */ 1200 1201KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1202krb5_cc_get_kdc_offset ( 1203 krb5_context context, 1204 krb5_ccache id, 1205 krb5_deltat *offset); 1206 1207/** 1208 * Get the aproximate lifetime of credential cache 1209 * 1210 * Time t is always set to a known value, in case of an error, its set to 0. 1211 * 1212 * @param context A Kerberos 5 context. 1213 * @param id a credential cache. 1214 * @param t the relative lifetime of cache. 1215 * 1216 * @return Return an error code or 0, see krb5_get_error_message(). 1217 * 1218 * @ingroup krb5_ccache 1219 */ 1220 1221KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1222krb5_cc_get_lifetime ( 1223 krb5_context context, 1224 krb5_ccache id, 1225 time_t *t); 1226 1227/** 1228 * Return the name of the ccache `id' 1229 * 1230 * @ingroup krb5_ccache 1231 */ 1232 1233KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1234krb5_cc_get_name ( 1235 krb5_context context, 1236 krb5_ccache id); 1237 1238/** 1239 * Return krb5_cc_ops of a the ccache `id'. 1240 * 1241 * @ingroup krb5_ccache 1242 */ 1243 1244KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1245krb5_cc_get_ops ( 1246 krb5_context context, 1247 krb5_ccache id); 1248 1249/** 1250 * Get the cc ops that is registered in `context' to handle the 1251 * prefix. prefix can be a complete credential cache name or a 1252 * prefix, the function will only use part up to the first colon (:) 1253 * if there is one. If prefix the argument is NULL, the default ccache 1254 * implemtation is returned. 1255 * 1256 * @return Returns NULL if ops not found. 1257 * 1258 * @ingroup krb5_ccache 1259 */ 1260 1261KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1262krb5_cc_get_prefix_ops ( 1263 krb5_context context, 1264 const char *prefix); 1265 1266/** 1267 * Return the principal of `id' in `principal'. 1268 * 1269 * @return Return an error code or 0, see krb5_get_error_message(). 1270 * 1271 * @ingroup krb5_ccache 1272 */ 1273 1274KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1275krb5_cc_get_principal ( 1276 krb5_context context, 1277 krb5_ccache id, 1278 krb5_principal *principal); 1279 1280/** 1281 * Return the type of the ccache `id'. 1282 * 1283 * @ingroup krb5_ccache 1284 */ 1285 1286KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1287krb5_cc_get_type ( 1288 krb5_context context, 1289 krb5_ccache id); 1290 1291krb5_error_code 1292krb5_cc_get_uuid ( 1293 krb5_context context, 1294 krb5_ccache id, 1295 krb5_uuid uuid); 1296 1297/** 1298 * Return the version of `id'. 1299 * 1300 * @ingroup krb5_ccache 1301 */ 1302 1303KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1304krb5_cc_get_version ( 1305 krb5_context context, 1306 const krb5_ccache id); 1307 1308krb5_error_code 1309krb5_cc_hold ( 1310 krb5_context context, 1311 krb5_ccache id); 1312 1313/** 1314 * Create a new ccache in `id' for `primary_principal'. 1315 * 1316 * @return Return an error code or 0, see krb5_get_error_message(). 1317 * 1318 * @ingroup krb5_ccache 1319 */ 1320 1321KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1322krb5_cc_initialize ( 1323 krb5_context context, 1324 krb5_ccache id, 1325 krb5_principal primary_principal); 1326 1327/** 1328 * Return the last time the credential cache was modified. 1329 * 1330 * @param context A Kerberos 5 context 1331 * @param id The credential cache to probe 1332 * @param mtime the last modification time, set to 0 on error. 1333 1334 * @return Return 0 or and error. See krb5_get_error_message(). 1335 * 1336 * @ingroup krb5_ccache 1337 */ 1338 1339KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1340krb5_cc_last_change_time ( 1341 krb5_context context, 1342 krb5_ccache id, 1343 krb5_timestamp *mtime); 1344 1345/** 1346 * Move the content from one credential cache to another. The 1347 * operation is an atomic switch. 1348 * 1349 * @param context a Keberos context 1350 * @param from the credential cache to move the content from 1351 * @param to the credential cache to move the content to 1352 1353 * @return On sucess, from is freed. On failure, error code is 1354 * returned and from and to are both still allocated, see krb5_get_error_message(). 1355 * 1356 * @ingroup krb5_ccache 1357 */ 1358 1359KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1360krb5_cc_move ( 1361 krb5_context context, 1362 krb5_ccache from, 1363 krb5_ccache to); 1364 1365/** 1366 * Generates a new unique ccache of `type` in `id'. If `type' is NULL, 1367 * the library chooses the default credential cache type. The supplied 1368 * `hint' (that can be NULL) is a string that the credential cache 1369 * type can use to base the name of the credential on, this is to make 1370 * it easier for the user to differentiate the credentials. 1371 * 1372 * @return Return an error code or 0, see krb5_get_error_message(). 1373 * 1374 * @ingroup krb5_ccache 1375 */ 1376 1377KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1378krb5_cc_new_unique ( 1379 krb5_context context, 1380 const char *type, 1381 const char *hint, 1382 krb5_ccache *id); 1383 1384/** 1385 * Retrieve the next cred pointed to by (`id', `cursor') in `creds' 1386 * and advance `cursor'. 1387 * 1388 * @return Return an error code or 0, see krb5_get_error_message(). 1389 * 1390 * @ingroup krb5_ccache 1391 */ 1392 1393KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1394krb5_cc_next_cred ( 1395 krb5_context context, 1396 const krb5_ccache id, 1397 krb5_cc_cursor *cursor, 1398 krb5_creds *creds); 1399 1400/** 1401 * Add a new ccache type with operations `ops', overwriting any 1402 * existing one if `override'. 1403 * 1404 * @param context a Keberos context 1405 * @param ops type of plugin symbol 1406 * @param override flag to select if the registration is to overide 1407 * an existing ops with the same name. 1408 * 1409 * @return Return an error code or 0, see krb5_get_error_message(). 1410 * 1411 * @ingroup krb5_ccache 1412 */ 1413 1414KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1415krb5_cc_register ( 1416 krb5_context context, 1417 const krb5_cc_ops *ops, 1418 krb5_boolean override); 1419 1420/** 1421 * Remove the credential identified by `cred', `which' from `id'. 1422 * 1423 * @ingroup krb5_ccache 1424 */ 1425 1426KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1427krb5_cc_remove_cred ( 1428 krb5_context context, 1429 krb5_ccache id, 1430 krb5_flags which, 1431 krb5_creds *cred); 1432 1433/** 1434 * Find and allocate a ccache in `id' from the specification in `residual'. 1435 * If the ccache name doesn't contain any colon, interpret it as a file name. 1436 * 1437 * @param context a Keberos context. 1438 * @param name string name of a credential cache. 1439 * @param id return pointer to a found credential cache. 1440 * 1441 * @return Return 0 or an error code. In case of an error, id is set 1442 * to NULL, see krb5_get_error_message(). 1443 * 1444 * @ingroup krb5_ccache 1445 */ 1446 1447KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1448krb5_cc_resolve ( 1449 krb5_context context, 1450 const char *name, 1451 krb5_ccache *id); 1452 1453krb5_error_code 1454krb5_cc_resolve_by_uuid ( 1455 krb5_context context, 1456 const char *type, 1457 krb5_ccache *id, 1458 krb5_uuid uuid); 1459 1460/** 1461 * Retrieve the credential identified by `mcreds' (and `whichfields') 1462 * from `id' in `creds'. 'creds' must be free by the caller using 1463 * krb5_free_cred_contents. 1464 * 1465 * @param context A Kerberos 5 context 1466 * @param id a Kerberos 5 credential cache 1467 * @param whichfields what fields to use for matching credentials, same 1468 * flags as whichfields in krb5_compare_creds() 1469 * @param mcreds template credential to use for comparing 1470 * @param creds returned credential, free with krb5_free_cred_contents() 1471 * 1472 * @return Return an error code or 0, see krb5_get_error_message(). 1473 * 1474 * @ingroup krb5_ccache 1475 */ 1476 1477KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1478krb5_cc_retrieve_cred ( 1479 krb5_context context, 1480 krb5_ccache id, 1481 krb5_flags whichfields, 1482 const krb5_creds *mcreds, 1483 krb5_creds *creds); 1484 1485krb5_error_code 1486krb5_cc_set_acl ( 1487 krb5_context context, 1488 krb5_ccache id, 1489 const char *type, 1490 void *ptr); 1491 1492/** 1493 * Store some configuration for the credential cache in the cache. 1494 * Existing configuration under the same name is over-written. 1495 * 1496 * @param context a Keberos context 1497 * @param id the credential cache to store the data for 1498 * @param principal configuration for a specific principal, if 1499 * NULL, global for the whole cache. 1500 * @param name name under which the configuraion is stored. 1501 * @param data data to store, if NULL, configure is removed. 1502 * 1503 * @ingroup krb5_ccache 1504 */ 1505 1506KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1507krb5_cc_set_config ( 1508 krb5_context context, 1509 krb5_ccache id, 1510 krb5_const_principal principal, 1511 const char *name, 1512 krb5_data *data); 1513 1514/** 1515 * Set the default cc name for `context' to `name'. 1516 * 1517 * @param context a krb5 context 1518 * @param name if set, will use this as the default name, if NULL, default name will be set 1519 * 1520 * @return Return an error code or 0, see krb5_get_error_message(). 1521 * 1522 * @ingroup krb5_ccache 1523 */ 1524 1525KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1526krb5_cc_set_default_name ( 1527 krb5_context context, 1528 const char *name); 1529 1530/** 1531 * Set the flags of `id' to `flags'. 1532 * 1533 * @ingroup krb5_ccache 1534 */ 1535 1536KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1537krb5_cc_set_flags ( 1538 krb5_context context, 1539 krb5_ccache id, 1540 krb5_flags flags); 1541 1542/** 1543 * Set the friendly name on credential cache. 1544 * 1545 * @return Return an error code or 0, see krb5_get_error_message(). 1546 * 1547 * @ingroup krb5_ccache 1548 */ 1549 1550KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1551krb5_cc_set_friendly_name ( 1552 krb5_context context, 1553 krb5_ccache id, 1554 const char *name); 1555 1556/** 1557 * Set the time offset betwen the client and the KDC 1558 * 1559 * If the backend doesn't support KDC offset, use the context global setting. 1560 * 1561 * @param context A Kerberos 5 context. 1562 * @param id a credential cache 1563 * @param offset the offset in seconds 1564 * 1565 * @return Return an error code or 0, see krb5_get_error_message(). 1566 * 1567 * @ingroup krb5_ccache 1568 */ 1569 1570KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1571krb5_cc_set_kdc_offset ( 1572 krb5_context context, 1573 krb5_ccache id, 1574 krb5_deltat offset); 1575 1576/** 1577 * Start iterating over `id', `cursor' is initialized to the 1578 * beginning. Caller must free the cursor with krb5_cc_end_seq_get(). 1579 * 1580 * @return Return an error code or 0, see krb5_get_error_message(). 1581 * 1582 * @ingroup krb5_ccache 1583 */ 1584 1585KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1586krb5_cc_start_seq_get ( 1587 krb5_context context, 1588 const krb5_ccache id, 1589 krb5_cc_cursor *cursor); 1590 1591/** 1592 * Store `creds' in the ccache `id'. 1593 * 1594 * @return Return an error code or 0, see krb5_get_error_message(). 1595 * 1596 * @ingroup krb5_ccache 1597 */ 1598 1599KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1600krb5_cc_store_cred ( 1601 krb5_context context, 1602 krb5_ccache id, 1603 krb5_creds *creds); 1604 1605/** 1606 * Return true if the default credential cache support switch 1607 * 1608 * @ingroup krb5_ccache 1609 */ 1610 1611KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1612krb5_cc_support_switch ( 1613 krb5_context context, 1614 const char *type); 1615 1616/** 1617 * Switch the default default credential cache for a specific 1618 * credcache type (and name for some implementations). 1619 * 1620 * @return Return an error code or 0, see krb5_get_error_message(). 1621 * 1622 * @ingroup krb5_ccache 1623 */ 1624 1625KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1626krb5_cc_switch ( 1627 krb5_context context, 1628 krb5_ccache id); 1629 1630krb5_error_code 1631krb5_cc_unhold ( 1632 krb5_context context, 1633 krb5_ccache id); 1634 1635/** 1636 * End an iteration and free all resources, can be done before end is reached. 1637 * 1638 * @param context A Kerberos 5 context 1639 * @param cursor the iteration cursor to be freed. 1640 * 1641 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1642 * of iteration. See krb5_get_error_message(). 1643 * 1644 * @ingroup krb5_ccache 1645 */ 1646 1647KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1648krb5_cccol_cursor_free ( 1649 krb5_context context, 1650 krb5_cccol_cursor *cursor); 1651 1652/** 1653 * Get a new cache interation cursor that will interate over all 1654 * credentials caches independent of type. 1655 * 1656 * @param context a Keberos context 1657 * @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free(). 1658 * 1659 * @return Returns 0 or and error code, see krb5_get_error_message(). 1660 * 1661 * @ingroup krb5_ccache 1662 */ 1663 1664KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1665krb5_cccol_cursor_new ( 1666 krb5_context context, 1667 krb5_cccol_cursor *cursor); 1668 1669/** 1670 * Get next credential cache from the iteration. 1671 * 1672 * @param context A Kerberos 5 context 1673 * @param cursor the iteration cursor 1674 * @param cache the returned cursor, pointer is set to NULL on failure 1675 * and a cache on success. The returned cache needs to be freed 1676 * with krb5_cc_close() or destroyed with krb5_cc_destroy(). 1677 * MIT Kerberos behavies slightly diffrent and sets cache to NULL 1678 * when all caches are iterated over and return 0. 1679 * 1680 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1681 * of iteration. See krb5_get_error_message(). 1682 * 1683 * @ingroup krb5_ccache 1684 */ 1685 1686KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1687krb5_cccol_cursor_next ( 1688 krb5_context context, 1689 krb5_cccol_cursor cursor, 1690 krb5_ccache *cache); 1691 1692/** 1693 * Return the last modfication time for a cache collection. The query 1694 * can be limited to a specific cache type. If the function return 0 1695 * and mtime is 0, there was no credentials in the caches. 1696 * 1697 * @param context A Kerberos 5 context 1698 * @param type The credential cache to probe, if NULL, all type are traversed. 1699 * @param mtime the last modification time, set to 0 on error. 1700 1701 * @return Return 0 or and error. See krb5_get_error_message(). 1702 * 1703 * @ingroup krb5_ccache 1704 */ 1705 1706KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1707krb5_cccol_last_change_time ( 1708 krb5_context context, 1709 const char *type, 1710 krb5_timestamp *mtime); 1711 1712/** 1713 * Deprecated: krb5_change_password() is deprecated, use krb5_set_password(). 1714 * 1715 * @ingroup @krb5_deprecated 1716 */ 1717 1718KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1719krb5_change_password ( 1720 krb5_context context, 1721 krb5_creds *creds, 1722 const char *newpw, 1723 int *result_code, 1724 krb5_data *result_code_string, 1725 krb5_data *result_string) 1726 KRB5_DEPRECATED_FUNCTION("Use krb5_set_password instead"); 1727 1728KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1729krb5_check_transited ( 1730 krb5_context context, 1731 krb5_const_realm client_realm, 1732 krb5_const_realm server_realm, 1733 krb5_realm *realms, 1734 unsigned int num_realms, 1735 int *bad_realm); 1736 1737KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1738krb5_check_transited_realms ( 1739 krb5_context context, 1740 const char *const *realms, 1741 unsigned int num_realms, 1742 int *bad_realm); 1743 1744KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1745krb5_checksum_disable ( 1746 krb5_context context, 1747 krb5_cksumtype type); 1748 1749KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1750krb5_checksum_free ( 1751 krb5_context context, 1752 krb5_checksum *cksum); 1753 1754KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1755krb5_checksum_is_collision_proof ( 1756 krb5_context context, 1757 krb5_cksumtype type); 1758 1759KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1760krb5_checksum_is_keyed ( 1761 krb5_context context, 1762 krb5_cksumtype type); 1763 1764KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1765krb5_checksumsize ( 1766 krb5_context context, 1767 krb5_cksumtype type, 1768 size_t *size); 1769 1770/** 1771 * Return the coresponding encryption type for a checksum type. 1772 * 1773 * @param context Kerberos context 1774 * @param ctype The checksum type to get the result enctype for 1775 * @param etype The returned encryption, when the matching etype is 1776 * not found, etype is set to ETYPE_NULL. 1777 * 1778 * @return Return an error code for an failure or 0 on success. 1779 * @ingroup krb5_crypto 1780 */ 1781 1782KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1783krb5_cksumtype_to_enctype ( 1784 krb5_context context, 1785 krb5_cksumtype ctype, 1786 krb5_enctype *etype) 1787 KRB5_DEPRECATED; 1788 1789KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1790krb5_cksumtype_valid ( 1791 krb5_context context, 1792 krb5_cksumtype ctype); 1793 1794/** 1795 * Clears the error message from the Kerberos 5 context. 1796 * 1797 * @param context The Kerberos 5 context to clear 1798 * 1799 * @ingroup krb5_error 1800 */ 1801 1802KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1803krb5_clear_error_message (krb5_context context); 1804 1805/** 1806 * Clear the error message returned by krb5_get_error_string(). 1807 * 1808 * Deprecated: use krb5_clear_error_message() 1809 * 1810 * @param context Kerberos context 1811 * 1812 * @ingroup krb5_deprecated 1813 */ 1814 1815KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1816krb5_clear_error_string (krb5_context context) 1817 KRB5_DEPRECATED_FUNCTION("Use krb5_clear_error_message instead"); 1818 1819KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1820krb5_closelog ( 1821 krb5_context context, 1822 krb5_log_facility *fac); 1823 1824/** 1825 * Return TRUE if `mcreds' and `creds' are equal (`whichfields' 1826 * determines what equal means). 1827 * 1828 * 1829 * The following flags, set in whichfields affects the comparison: 1830 * - KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal. 1831 * - KRB5_TC_MATCH_KEYTYPE Compare enctypes. 1832 * - KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical. 1833 * - KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds . 1834 * - KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly. 1835 * - KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds. 1836 * - KRB5_TC_MATCH_AUTHDATA Compares the authdata fields. 1837 * - KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication). 1838 * - KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket. 1839 * 1840 * @param context Kerberos 5 context. 1841 * @param whichfields which fields to compare. 1842 * @param mcreds cred to compare with. 1843 * @param creds cred to compare with. 1844 * 1845 * @return return TRUE if mcred and creds are equal, FALSE if not. 1846 * 1847 * @ingroup krb5 1848 */ 1849 1850KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1851krb5_compare_creds ( 1852 krb5_context context, 1853 krb5_flags whichfields, 1854 const krb5_creds * mcreds, 1855 const krb5_creds * creds); 1856 1857/** 1858 * Free configuration file section, the result of 1859 * krb5_config_parse_file() and krb5_config_parse_file_multi(). 1860 * 1861 * @param context A Kerberos 5 context 1862 * @param s the configuration section to free 1863 * 1864 * @return returns 0 on successes, otherwise an error code, see 1865 * krb5_get_error_message() 1866 * 1867 * @ingroup krb5_support 1868 */ 1869 1870KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1871krb5_config_file_free ( 1872 krb5_context context, 1873 krb5_config_section *s); 1874 1875/** 1876 * Free the resulting strings from krb5_config-get_strings() and 1877 * krb5_config_vget_strings(). 1878 * 1879 * @param strings strings to free 1880 * 1881 * @ingroup krb5_support 1882 */ 1883 1884KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1885krb5_config_free_strings (char **strings); 1886 1887/** 1888 * Like krb5_config_get_bool() but with a va_list list of 1889 * configuration selection. 1890 * 1891 * Configuration value to a boolean value, where yes/true and any 1892 * non-zero number means TRUE and other value is FALSE. 1893 * 1894 * @param context A Kerberos 5 context. 1895 * @param c a configuration section, or NULL to use the section from context 1896 * @param ... a list of names, terminated with NULL. 1897 * 1898 * @return TRUE or FALSE 1899 * 1900 * @ingroup krb5_support 1901 */ 1902 1903KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1904krb5_config_get_bool ( 1905 krb5_context context, 1906 const krb5_config_section *c, 1907 ...); 1908 1909/** 1910 * krb5_config_get_bool_default() will convert the configuration 1911 * option value to a boolean value, where yes/true and any non-zero 1912 * number means TRUE and other value is FALSE. 1913 * 1914 * @param context A Kerberos 5 context. 1915 * @param c a configuration section, or NULL to use the section from context 1916 * @param def_value the default value to return if no configuration 1917 * found in the database. 1918 * @param ... a list of names, terminated with NULL. 1919 * 1920 * @return TRUE or FALSE 1921 * 1922 * @ingroup krb5_support 1923 */ 1924 1925KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1926krb5_config_get_bool_default ( 1927 krb5_context context, 1928 const krb5_config_section *c, 1929 krb5_boolean def_value, 1930 ...); 1931 1932KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1933krb5_config_get_int ( 1934 krb5_context context, 1935 const krb5_config_section *c, 1936 ...); 1937 1938KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1939krb5_config_get_int_default ( 1940 krb5_context context, 1941 const krb5_config_section *c, 1942 int def_value, 1943 ...); 1944 1945/** 1946 * Get a list of configuration binding list for more processing 1947 * 1948 * @param context A Kerberos 5 context. 1949 * @param c a configuration section, or NULL to use the section from context 1950 * @param ... a list of names, terminated with NULL. 1951 * 1952 * @return NULL if configuration list is not found, a list otherwise 1953 * 1954 * @ingroup krb5_support 1955 */ 1956 1957KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 1958krb5_config_get_list ( 1959 krb5_context context, 1960 const krb5_config_section *c, 1961 ...); 1962 1963/** 1964 * Returns a "const char *" to a string in the configuration database. 1965 * The string may not be valid after a reload of the configuration 1966 * database so a caller should make a local copy if it needs to keep 1967 * the string. 1968 * 1969 * @param context A Kerberos 5 context. 1970 * @param c a configuration section, or NULL to use the section from context 1971 * @param ... a list of names, terminated with NULL. 1972 * 1973 * @return NULL if configuration string not found, a string otherwise 1974 * 1975 * @ingroup krb5_support 1976 */ 1977 1978KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1979krb5_config_get_string ( 1980 krb5_context context, 1981 const krb5_config_section *c, 1982 ...); 1983 1984/** 1985 * Like krb5_config_get_string(), but instead of returning NULL, 1986 * instead return a default value. 1987 * 1988 * @param context A Kerberos 5 context. 1989 * @param c a configuration section, or NULL to use the section from context 1990 * @param def_value the default value to return if no configuration 1991 * found in the database. 1992 * @param ... a list of names, terminated with NULL. 1993 * 1994 * @return a configuration string 1995 * 1996 * @ingroup krb5_support 1997 */ 1998 1999KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2000krb5_config_get_string_default ( 2001 krb5_context context, 2002 const krb5_config_section *c, 2003 const char *def_value, 2004 ...); 2005 2006/** 2007 * Get a list of configuration strings, free the result with 2008 * krb5_config_free_strings(). 2009 * 2010 * @param context A Kerberos 5 context. 2011 * @param c a configuration section, or NULL to use the section from context 2012 * @param ... a list of names, terminated with NULL. 2013 * 2014 * @return TRUE or FALSE 2015 * 2016 * @ingroup krb5_support 2017 */ 2018 2019KRB5_LIB_FUNCTION char** KRB5_LIB_CALL 2020krb5_config_get_strings ( 2021 krb5_context context, 2022 const krb5_config_section *c, 2023 ...); 2024 2025/** 2026 * Get the time from the configuration file using a relative time, for example: 1h30s 2027 * 2028 * @param context A Kerberos 5 context. 2029 * @param c a configuration section, or NULL to use the section from context 2030 * @param ... a list of names, terminated with NULL. 2031 * 2032 * @return parsed the time or -1 on error 2033 * 2034 * @ingroup krb5_support 2035 */ 2036 2037KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 2038krb5_config_get_time ( 2039 krb5_context context, 2040 const krb5_config_section *c, 2041 ...); 2042 2043/** 2044 * Get the time from the configuration file using a relative time, for example: 1h30s 2045 * 2046 * @param context A Kerberos 5 context. 2047 * @param c a configuration section, or NULL to use the section from context 2048 * @param def_value the default value to return if no configuration 2049 * found in the database. 2050 * @param ... a list of names, terminated with NULL. 2051 * 2052 * @return parsed the time (or def_value on parse error) 2053 * 2054 * @ingroup krb5_support 2055 */ 2056 2057KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 2058krb5_config_get_time_default ( 2059 krb5_context context, 2060 const krb5_config_section *c, 2061 krb5_deltat def_value, 2062 ...); 2063 2064/** 2065 * If the fname starts with "~/" parse configuration file in the 2066 * current users home directory. The behavior can be disabled and 2067 * enabled by calling krb5_set_home_dir_access(). 2068 */ 2069 2070KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2071krb5_config_parse_file ( 2072 krb5_context context, 2073 const char *fname, 2074 krb5_config_section **res); 2075 2076/** 2077 * Parse a configuration file and add the result into res. This 2078 * interface can be used to parse several configuration files into one 2079 * resulting krb5_config_section by calling it repeatably. 2080 * 2081 * @param context a Kerberos 5 context. 2082 * @param fname a file name to a Kerberos configuration file 2083 * @param res the returned result, must be free with krb5_free_config_files(). 2084 * @return Return an error code or 0, see krb5_get_error_message(). 2085 * 2086 * @ingroup krb5_support 2087 */ 2088 2089KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2090krb5_config_parse_file_multi ( 2091 krb5_context context, 2092 const char *fname, 2093 krb5_config_section **res); 2094 2095/** 2096 * Deprecated: configuration files are not strings 2097 * 2098 * @ingroup krb5_deprecated 2099 */ 2100 2101KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2102krb5_config_parse_string_multi ( 2103 krb5_context context, 2104 const char *string, 2105 krb5_config_section **res) 2106 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2107 2108/** 2109 * krb5_config_get_bool() will convert the configuration 2110 * option value to a boolean value, where yes/true and any non-zero 2111 * number means TRUE and other value is FALSE. 2112 * 2113 * @param context A Kerberos 5 context. 2114 * @param c a configuration section, or NULL to use the section from context 2115 * @param args a va_list of arguments 2116 * 2117 * @return TRUE or FALSE 2118 * 2119 * @ingroup krb5_support 2120 */ 2121 2122KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2123krb5_config_vget_bool ( 2124 krb5_context context, 2125 const krb5_config_section *c, 2126 va_list args); 2127 2128/** 2129 * Like krb5_config_get_bool_default() but with a va_list list of 2130 * configuration selection. 2131 * 2132 * Configuration value to a boolean value, where yes/true and any 2133 * non-zero number means TRUE and other value is FALSE. 2134 * 2135 * @param context A Kerberos 5 context. 2136 * @param c a configuration section, or NULL to use the section from context 2137 * @param def_value the default value to return if no configuration 2138 * found in the database. 2139 * @param args a va_list of arguments 2140 * 2141 * @return TRUE or FALSE 2142 * 2143 * @ingroup krb5_support 2144 */ 2145 2146KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2147krb5_config_vget_bool_default ( 2148 krb5_context context, 2149 const krb5_config_section *c, 2150 krb5_boolean def_value, 2151 va_list args); 2152 2153KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2154krb5_config_vget_int ( 2155 krb5_context context, 2156 const krb5_config_section *c, 2157 va_list args); 2158 2159KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2160krb5_config_vget_int_default ( 2161 krb5_context context, 2162 const krb5_config_section *c, 2163 int def_value, 2164 va_list args); 2165 2166/** 2167 * Get a list of configuration binding list for more processing 2168 * 2169 * @param context A Kerberos 5 context. 2170 * @param c a configuration section, or NULL to use the section from context 2171 * @param args a va_list of arguments 2172 * 2173 * @return NULL if configuration list is not found, a list otherwise 2174 * 2175 * @ingroup krb5_support 2176 */ 2177 2178KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 2179krb5_config_vget_list ( 2180 krb5_context context, 2181 const krb5_config_section *c, 2182 va_list args); 2183 2184/** 2185 * Like krb5_config_get_string(), but uses a va_list instead of ... 2186 * 2187 * @param context A Kerberos 5 context. 2188 * @param c a configuration section, or NULL to use the section from context 2189 * @param args a va_list of arguments 2190 * 2191 * @return NULL if configuration string not found, a string otherwise 2192 * 2193 * @ingroup krb5_support 2194 */ 2195 2196KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2197krb5_config_vget_string ( 2198 krb5_context context, 2199 const krb5_config_section *c, 2200 va_list args); 2201 2202/** 2203 * Like krb5_config_vget_string(), but instead of returning NULL, 2204 * instead return a default value. 2205 * 2206 * @param context A Kerberos 5 context. 2207 * @param c a configuration section, or NULL to use the section from context 2208 * @param def_value the default value to return if no configuration 2209 * found in the database. 2210 * @param args a va_list of arguments 2211 * 2212 * @return a configuration string 2213 * 2214 * @ingroup krb5_support 2215 */ 2216 2217KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2218krb5_config_vget_string_default ( 2219 krb5_context context, 2220 const krb5_config_section *c, 2221 const char *def_value, 2222 va_list args); 2223 2224/** 2225 * Get a list of configuration strings, free the result with 2226 * krb5_config_free_strings(). 2227 * 2228 * @param context A Kerberos 5 context. 2229 * @param c a configuration section, or NULL to use the section from context 2230 * @param args a va_list of arguments 2231 * 2232 * @return TRUE or FALSE 2233 * 2234 * @ingroup krb5_support 2235 */ 2236 2237KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL 2238krb5_config_vget_strings ( 2239 krb5_context context, 2240 const krb5_config_section *c, 2241 va_list args); 2242 2243/** 2244 * Get the time from the configuration file using a relative time, for example: 1h30s 2245 * 2246 * @param context A Kerberos 5 context. 2247 * @param c a configuration section, or NULL to use the section from context 2248 * @param args a va_list of arguments 2249 * 2250 * @return parsed the time or -1 on error 2251 * 2252 * @ingroup krb5_support 2253 */ 2254 2255KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 2256krb5_config_vget_time ( 2257 krb5_context context, 2258 const krb5_config_section *c, 2259 va_list args); 2260 2261/** 2262 * Get the time from the configuration file using a relative time. 2263 * 2264 * Like krb5_config_get_time_default() but with a va_list list of 2265 * configuration selection. 2266 * 2267 * @param context A Kerberos 5 context. 2268 * @param c a configuration section, or NULL to use the section from context 2269 * @param def_value the default value to return if no configuration 2270 * found in the database. 2271 * @param args a va_list of arguments 2272 * 2273 * @return parsed the time (or def_value on parse error) 2274 * 2275 * @ingroup krb5_support 2276 */ 2277 2278KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 2279krb5_config_vget_time_default ( 2280 krb5_context context, 2281 const krb5_config_section *c, 2282 krb5_deltat def_value, 2283 va_list args); 2284 2285/** 2286 * krb5_copy_address copies the content of address 2287 * inaddr to outaddr. 2288 * 2289 * @param context a Keberos context 2290 * @param inaddr pointer to source address 2291 * @param outaddr pointer to destination address 2292 * 2293 * @return Return an error code or 0. 2294 * 2295 * @ingroup krb5_address 2296 */ 2297 2298KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2299krb5_copy_address ( 2300 krb5_context context, 2301 const krb5_address *inaddr, 2302 krb5_address *outaddr); 2303 2304/** 2305 * krb5_copy_addresses copies the content of addresses 2306 * inaddr to outaddr. 2307 * 2308 * @param context a Keberos context 2309 * @param inaddr pointer to source addresses 2310 * @param outaddr pointer to destination addresses 2311 * 2312 * @return Return an error code or 0. 2313 * 2314 * @ingroup krb5_address 2315 */ 2316 2317KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2318krb5_copy_addresses ( 2319 krb5_context context, 2320 const krb5_addresses *inaddr, 2321 krb5_addresses *outaddr); 2322 2323KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2324krb5_copy_checksum ( 2325 krb5_context context, 2326 const krb5_checksum *old, 2327 krb5_checksum **output); 2328 2329/** 2330 * Make a copy for the Kerberos 5 context, the new krb5_context shoud 2331 * be freed with krb5_free_context(). 2332 * 2333 * @param context the Kerberos context to copy 2334 * @param out the copy of the Kerberos, set to NULL error. 2335 * 2336 * @return Returns 0 to indicate success. Otherwise an kerberos et 2337 * error code is returned, see krb5_get_error_message(). 2338 * 2339 * @ingroup krb5 2340 */ 2341 2342KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2343krb5_copy_context ( 2344 krb5_context context, 2345 krb5_context *out); 2346 2347/** 2348 * Copy krb5_creds. 2349 * 2350 * @param context Kerberos 5 context. 2351 * @param incred source credential 2352 * @param outcred destination credential, free with krb5_free_creds(). 2353 * 2354 * @return Returns 0 to indicate success. Otherwise an kerberos et 2355 * error code is returned, see krb5_get_error_message(). 2356 * 2357 * @ingroup krb5 2358 */ 2359 2360KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2361krb5_copy_creds ( 2362 krb5_context context, 2363 const krb5_creds *incred, 2364 krb5_creds **outcred); 2365 2366/** 2367 * Copy content of krb5_creds. 2368 * 2369 * @param context Kerberos 5 context. 2370 * @param incred source credential 2371 * @param c destination credential, free with krb5_free_cred_contents(). 2372 * 2373 * @return Returns 0 to indicate success. Otherwise an kerberos et 2374 * error code is returned, see krb5_get_error_message(). 2375 * 2376 * @ingroup krb5 2377 */ 2378 2379KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2380krb5_copy_creds_contents ( 2381 krb5_context context, 2382 const krb5_creds *incred, 2383 krb5_creds *c); 2384 2385/** 2386 * Copy the data into a newly allocated krb5_data. 2387 * 2388 * @param context Kerberos 5 context. 2389 * @param indata the krb5_data data to copy 2390 * @param outdata new krb5_date to copy too. Free with krb5_free_data(). 2391 * 2392 * @return Returns 0 to indicate success. Otherwise an kerberos et 2393 * error code is returned. 2394 * 2395 * @ingroup krb5 2396 */ 2397 2398KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2399krb5_copy_data ( 2400 krb5_context context, 2401 const krb5_data *indata, 2402 krb5_data **outdata); 2403 2404/** 2405 * Copy the list of realms from `from' to `to'. 2406 * 2407 * @param context Kerberos 5 context. 2408 * @param from list of realms to copy from. 2409 * @param to list of realms to copy to, free list of krb5_free_host_realm(). 2410 * 2411 * @return Returns 0 to indicate success. Otherwise an kerberos et 2412 * error code is returned, see krb5_get_error_message(). 2413 * 2414 * @ingroup krb5 2415 */ 2416 2417KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2418krb5_copy_host_realm ( 2419 krb5_context context, 2420 const krb5_realm *from, 2421 krb5_realm **to); 2422 2423/** 2424 * Copy a keyblock, free the output keyblock with 2425 * krb5_free_keyblock(). 2426 * 2427 * @param context a Kerberos 5 context 2428 * @param inblock the key to copy 2429 * @param to the output key. 2430 * 2431 * @return 0 on success or a Kerberos 5 error code 2432 * 2433 * @ingroup krb5_crypto 2434 */ 2435 2436KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2437krb5_copy_keyblock ( 2438 krb5_context context, 2439 const krb5_keyblock *inblock, 2440 krb5_keyblock **to); 2441 2442/** 2443 * Copy a keyblock, free the output keyblock with 2444 * krb5_free_keyblock_contents(). 2445 * 2446 * @param context a Kerberos 5 context 2447 * @param inblock the key to copy 2448 * @param to the output key. 2449 * 2450 * @return 0 on success or a Kerberos 5 error code 2451 * 2452 * @ingroup krb5_crypto 2453 */ 2454 2455KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2456krb5_copy_keyblock_contents ( 2457 krb5_context context, 2458 const krb5_keyblock *inblock, 2459 krb5_keyblock *to); 2460 2461/** 2462 * Copy a principal 2463 * 2464 * @param context A Kerberos context. 2465 * @param inprinc principal to copy 2466 * @param outprinc copied principal, free with krb5_free_principal() 2467 * 2468 * @return An krb5 error code, see krb5_get_error_message(). 2469 * 2470 * @ingroup krb5_principal 2471 */ 2472 2473KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2474krb5_copy_principal ( 2475 krb5_context context, 2476 krb5_const_principal inprinc, 2477 krb5_principal *outprinc); 2478 2479/** 2480 * Copy ticket and content 2481 * 2482 * @param context a Kerberos 5 context 2483 * @param from ticket to copy 2484 * @param to new copy of ticket, free with krb5_free_ticket() 2485 * 2486 * @return Returns 0 to indicate success. Otherwise an kerberos et 2487 * error code is returned, see krb5_get_error_message(). 2488 * 2489 * @ingroup krb5 2490 */ 2491 2492KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2493krb5_copy_ticket ( 2494 krb5_context context, 2495 const krb5_ticket *from, 2496 krb5_ticket **to); 2497 2498KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2499krb5_create_checksum ( 2500 krb5_context context, 2501 krb5_crypto crypto, 2502 krb5_key_usage usage, 2503 int type, 2504 void *data, 2505 size_t len, 2506 Checksum *result); 2507 2508/** 2509 * Create a Kerberos message checksum. 2510 * 2511 * @param context Kerberos context 2512 * @param crypto Kerberos crypto context 2513 * @param usage Key usage for this buffer 2514 * @param data array of buffers to process 2515 * @param num_data length of array 2516 * @param type output data 2517 * 2518 * @return Return an error code or 0. 2519 * @ingroup krb5_crypto 2520 */ 2521 2522KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2523krb5_create_checksum_iov ( 2524 krb5_context context, 2525 krb5_crypto crypto, 2526 unsigned usage, 2527 krb5_crypto_iov *data, 2528 unsigned int num_data, 2529 krb5_cksumtype *type); 2530 2531/** 2532 * Returns the ticket flags for the credentials in creds. 2533 * See also krb5_ticket_get_flags(). 2534 * 2535 * @param creds credential to get ticket flags from 2536 * 2537 * @return ticket flags 2538 * 2539 * @ingroup krb5 2540 */ 2541 2542KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 2543krb5_creds_get_ticket_flags (krb5_creds *creds); 2544 2545/** 2546 * Free a crypto context created by krb5_crypto_init(). 2547 * 2548 * @param context Kerberos context 2549 * @param crypto crypto context to free 2550 * 2551 * @return Return an error code or 0. 2552 * 2553 * @ingroup krb5_crypto 2554 */ 2555 2556KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2557krb5_crypto_destroy ( 2558 krb5_context context, 2559 krb5_crypto crypto); 2560 2561/** 2562 * The FX-CF2 key derivation function, used in FAST and preauth framework. 2563 * 2564 * @param context Kerberos 5 context 2565 * @param crypto1 first key to combine 2566 * @param crypto2 second key to combine 2567 * @param pepper1 factor to combine with first key to garante uniqueness 2568 * @param pepper2 factor to combine with second key to garante uniqueness 2569 * @param enctype the encryption type of the resulting key 2570 * @param res allocated key, free with krb5_free_keyblock_contents() 2571 * 2572 * @return Return an error code or 0. 2573 * 2574 * @ingroup krb5_crypto 2575 */ 2576 2577KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2578krb5_crypto_fx_cf2 ( 2579 krb5_context context, 2580 const krb5_crypto crypto1, 2581 const krb5_crypto crypto2, 2582 krb5_data *pepper1, 2583 krb5_data *pepper2, 2584 krb5_enctype enctype, 2585 krb5_keyblock *res); 2586 2587KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2588krb5_crypto_get_checksum_type ( 2589 krb5_context context, 2590 krb5_crypto crypto, 2591 krb5_cksumtype *type); 2592 2593/** 2594 * Return the blocksize used algorithm referenced by the crypto context 2595 * 2596 * @param context Kerberos context 2597 * @param crypto crypto context to query 2598 * @param blocksize the resulting blocksize 2599 * 2600 * @return Return an error code or 0. 2601 * 2602 * @ingroup krb5_crypto 2603 */ 2604 2605KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2606krb5_crypto_getblocksize ( 2607 krb5_context context, 2608 krb5_crypto crypto, 2609 size_t *blocksize); 2610 2611/** 2612 * Return the confounder size used by the crypto context 2613 * 2614 * @param context Kerberos context 2615 * @param crypto crypto context to query 2616 * @param confoundersize the returned confounder size 2617 * 2618 * @return Return an error code or 0. 2619 * 2620 * @ingroup krb5_crypto 2621 */ 2622 2623KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2624krb5_crypto_getconfoundersize ( 2625 krb5_context context, 2626 krb5_crypto crypto, 2627 size_t *confoundersize); 2628 2629/** 2630 * Return the encryption type used by the crypto context 2631 * 2632 * @param context Kerberos context 2633 * @param crypto crypto context to query 2634 * @param enctype the resulting encryption type 2635 * 2636 * @return Return an error code or 0. 2637 * 2638 * @ingroup krb5_crypto 2639 */ 2640 2641KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2642krb5_crypto_getenctype ( 2643 krb5_context context, 2644 krb5_crypto crypto, 2645 krb5_enctype *enctype); 2646 2647/** 2648 * Return the padding size used by the crypto context 2649 * 2650 * @param context Kerberos context 2651 * @param crypto crypto context to query 2652 * @param padsize the return padding size 2653 * 2654 * @return Return an error code or 0. 2655 * 2656 * @ingroup krb5_crypto 2657 */ 2658 2659KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2660krb5_crypto_getpadsize ( 2661 krb5_context context, 2662 krb5_crypto crypto, 2663 size_t *padsize); 2664 2665/** 2666 * Create a crypto context used for all encryption and signature 2667 * operation. The encryption type to use is taken from the key, but 2668 * can be overridden with the enctype parameter. This can be useful 2669 * for encryptions types which is compatiable (DES for example). 2670 * 2671 * To free the crypto context, use krb5_crypto_destroy(). 2672 * 2673 * @param context Kerberos context 2674 * @param key the key block information with all key data 2675 * @param etype the encryption type 2676 * @param crypto the resulting crypto context 2677 * 2678 * @return Return an error code or 0. 2679 * 2680 * @ingroup krb5_crypto 2681 */ 2682 2683KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2684krb5_crypto_init ( 2685 krb5_context context, 2686 const krb5_keyblock *key, 2687 krb5_enctype etype, 2688 krb5_crypto *crypto); 2689 2690KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2691krb5_crypto_length ( 2692 krb5_context context, 2693 krb5_crypto crypto, 2694 int type, 2695 size_t *len); 2696 2697KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2698krb5_crypto_length_iov ( 2699 krb5_context context, 2700 krb5_crypto crypto, 2701 krb5_crypto_iov *data, 2702 unsigned int num_data); 2703 2704size_t 2705krb5_crypto_overhead ( 2706 krb5_context context, 2707 krb5_crypto crypto); 2708 2709KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2710krb5_crypto_prf ( 2711 krb5_context context, 2712 const krb5_crypto crypto, 2713 const krb5_data *input, 2714 krb5_data *output); 2715 2716KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2717krb5_crypto_prf_length ( 2718 krb5_context context, 2719 krb5_enctype type, 2720 size_t *length); 2721 2722/** 2723 * Allocate data of and krb5_data. 2724 * 2725 * @param p krb5_data to allocate. 2726 * @param len size to allocate. 2727 * 2728 * @return Returns 0 to indicate success. Otherwise an kerberos et 2729 * error code is returned. 2730 * 2731 * @ingroup krb5 2732 */ 2733 2734KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2735krb5_data_alloc ( 2736 krb5_data *p, 2737 size_t len); 2738 2739/** 2740 * Compare to data. 2741 * 2742 * @param data1 krb5_data to compare 2743 * @param data2 krb5_data to compare 2744 * 2745 * @return return the same way as memcmp(), useful when sorting. 2746 * 2747 * @ingroup krb5 2748 */ 2749 2750KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2751krb5_data_cmp ( 2752 const krb5_data *data1, 2753 const krb5_data *data2); 2754 2755/** 2756 * Copy the data of len into the krb5_data. 2757 * 2758 * @param p krb5_data to copy into. 2759 * @param data data to copy.. 2760 * @param len new size. 2761 * 2762 * @return Returns 0 to indicate success. Otherwise an kerberos et 2763 * error code is returned. 2764 * 2765 * @ingroup krb5 2766 */ 2767 2768KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2769krb5_data_copy ( 2770 krb5_data *p, 2771 const void *data, 2772 size_t len); 2773 2774/** 2775 * Compare to data not exposing timing information from the checksum data 2776 * 2777 * @param data1 krb5_data to compare 2778 * @param data2 krb5_data to compare 2779 * 2780 * @return returns zero for same data, otherwise non zero. 2781 * 2782 * @ingroup krb5 2783 */ 2784 2785KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2786krb5_data_ct_cmp ( 2787 const krb5_data *data1, 2788 const krb5_data *data2); 2789 2790/** 2791 * Print using a printf formater into a krb5_data. 2792 * 2793 * NUL is not included in the length, but the string is allocated with 2794 * one so its safe to print the string using "%s" if there is no 2795 * embedded NULs. 2796 * 2797 */ 2798 2799KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2800krb5_data_format ( 2801 krb5_data *data, 2802 const char *fmt, 2803 ...) 2804 HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)); 2805 2806/** 2807 * Free the content of krb5_data structure, its ok to free a zeroed 2808 * structure (with memset() or krb5_data_zero()). When done, the 2809 * structure will be zeroed. The same function is called 2810 * krb5_free_data_contents() in MIT Kerberos. 2811 * 2812 * @param p krb5_data to free. 2813 * 2814 * @ingroup krb5 2815 */ 2816 2817KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2818krb5_data_free (krb5_data *p); 2819 2820/** 2821 * Grow (or shrink) the content of krb5_data to a new size. 2822 * 2823 * @param p krb5_data to free. 2824 * @param len new size. 2825 * 2826 * @return Returns 0 to indicate success. Otherwise an kerberos et 2827 * error code is returned. 2828 * 2829 * @ingroup krb5 2830 */ 2831 2832KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2833krb5_data_realloc ( 2834 krb5_data *p, 2835 size_t len); 2836 2837/** 2838 * Reset the (potentially uninitalized) krb5_data structure. 2839 * 2840 * @param p krb5_data to reset. 2841 * 2842 * @ingroup krb5 2843 */ 2844 2845KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2846krb5_data_zero (krb5_data *p); 2847 2848KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2849krb5_decode_Authenticator ( 2850 krb5_context context, 2851 const void *data, 2852 size_t length, 2853 Authenticator *t, 2854 size_t *len) 2855 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2856 2857KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2858krb5_decode_ETYPE_INFO ( 2859 krb5_context context, 2860 const void *data, 2861 size_t length, 2862 ETYPE_INFO *t, 2863 size_t *len) 2864 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2865 2866KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2867krb5_decode_ETYPE_INFO2 ( 2868 krb5_context context, 2869 const void *data, 2870 size_t length, 2871 ETYPE_INFO2 *t, 2872 size_t *len) 2873 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2874 2875KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2876krb5_decode_EncAPRepPart ( 2877 krb5_context context, 2878 const void *data, 2879 size_t length, 2880 EncAPRepPart *t, 2881 size_t *len) 2882 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2883 2884KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2885krb5_decode_EncASRepPart ( 2886 krb5_context context, 2887 const void *data, 2888 size_t length, 2889 EncASRepPart *t, 2890 size_t *len) 2891 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2892 2893KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2894krb5_decode_EncKrbCredPart ( 2895 krb5_context context, 2896 const void *data, 2897 size_t length, 2898 EncKrbCredPart *t, 2899 size_t *len) 2900 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2901 2902KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2903krb5_decode_EncTGSRepPart ( 2904 krb5_context context, 2905 const void *data, 2906 size_t length, 2907 EncTGSRepPart *t, 2908 size_t *len) 2909 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2910 2911KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2912krb5_decode_EncTicketPart ( 2913 krb5_context context, 2914 const void *data, 2915 size_t length, 2916 EncTicketPart *t, 2917 size_t *len) 2918 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2919 2920KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2921krb5_decode_ap_req ( 2922 krb5_context context, 2923 const krb5_data *inbuf, 2924 krb5_ap_req *ap_req); 2925 2926KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2927krb5_decrypt ( 2928 krb5_context context, 2929 krb5_crypto crypto, 2930 unsigned usage, 2931 void *data, 2932 size_t len, 2933 krb5_data *result); 2934 2935KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2936krb5_decrypt_EncryptedData ( 2937 krb5_context context, 2938 krb5_crypto crypto, 2939 unsigned usage, 2940 const EncryptedData *e, 2941 krb5_data *result); 2942 2943/** 2944 * Inline decrypt a Kerberos message. 2945 * 2946 * @param context Kerberos context 2947 * @param crypto Kerberos crypto context 2948 * @param usage Key usage for this buffer 2949 * @param data array of buffers to process 2950 * @param num_data length of array 2951 * @param ivec initial cbc/cts vector 2952 * 2953 * @return Return an error code or 0. 2954 * @ingroup krb5_crypto 2955 * 2956 * 1. KRB5_CRYPTO_TYPE_HEADER 2957 * 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in 2958 * any order, however the receiver have to aware of the 2959 * order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted 2960 * protocol headers and trailers. The output data will be of same 2961 * size as the input data or shorter. 2962 */ 2963 2964KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2965krb5_decrypt_iov_ivec ( 2966 krb5_context context, 2967 krb5_crypto crypto, 2968 unsigned usage, 2969 krb5_crypto_iov *data, 2970 unsigned int num_data, 2971 void *ivec); 2972 2973KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2974krb5_decrypt_ivec ( 2975 krb5_context context, 2976 krb5_crypto crypto, 2977 unsigned usage, 2978 void *data, 2979 size_t len, 2980 krb5_data *result, 2981 void *ivec); 2982 2983KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2984krb5_decrypt_ticket ( 2985 krb5_context context, 2986 Ticket *ticket, 2987 krb5_keyblock *key, 2988 EncTicketPart *out, 2989 krb5_flags flags); 2990 2991KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2992krb5_derive_key ( 2993 krb5_context context, 2994 const krb5_keyblock *key, 2995 krb5_enctype etype, 2996 const void *constant, 2997 size_t constant_len, 2998 krb5_keyblock **derived_key); 2999 3000KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3001krb5_digest_alloc ( 3002 krb5_context context, 3003 krb5_digest *digest); 3004 3005KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3006krb5_digest_free (krb5_digest digest); 3007 3008KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3009krb5_digest_get_client_binding ( 3010 krb5_context context, 3011 krb5_digest digest, 3012 char **type, 3013 char **binding); 3014 3015KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3016krb5_digest_get_identifier ( 3017 krb5_context context, 3018 krb5_digest digest); 3019 3020KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3021krb5_digest_get_opaque ( 3022 krb5_context context, 3023 krb5_digest digest); 3024 3025KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3026krb5_digest_get_rsp ( 3027 krb5_context context, 3028 krb5_digest digest); 3029 3030KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3031krb5_digest_get_server_nonce ( 3032 krb5_context context, 3033 krb5_digest digest); 3034 3035KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3036krb5_digest_get_session_key ( 3037 krb5_context context, 3038 krb5_digest digest, 3039 krb5_data *data); 3040 3041KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3042krb5_digest_get_tickets ( 3043 krb5_context context, 3044 krb5_digest digest, 3045 Ticket **tickets); 3046 3047KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3048krb5_digest_init_request ( 3049 krb5_context context, 3050 krb5_digest digest, 3051 krb5_realm realm, 3052 krb5_ccache ccache); 3053 3054/** 3055 * Get the supported/allowed mechanism for this principal. 3056 * 3057 * @param context A Keberos context. 3058 * @param realm The realm of the KDC. 3059 * @param ccache The credential cache to use when talking to the KDC. 3060 * @param flags The supported mechanism. 3061 * 3062 * @return Return an error code or 0. 3063 * 3064 * @ingroup krb5_digest 3065 */ 3066 3067KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3068krb5_digest_probe ( 3069 krb5_context context, 3070 krb5_realm realm, 3071 krb5_ccache ccache, 3072 unsigned *flags); 3073 3074KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3075krb5_digest_rep_get_status ( 3076 krb5_context context, 3077 krb5_digest digest); 3078 3079KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3080krb5_digest_request ( 3081 krb5_context context, 3082 krb5_digest digest, 3083 krb5_realm realm, 3084 krb5_ccache ccache); 3085 3086KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3087krb5_digest_set_authentication_user ( 3088 krb5_context context, 3089 krb5_digest digest, 3090 krb5_principal authentication_user); 3091 3092KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3093krb5_digest_set_authid ( 3094 krb5_context context, 3095 krb5_digest digest, 3096 const char *authid); 3097 3098KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3099krb5_digest_set_client_nonce ( 3100 krb5_context context, 3101 krb5_digest digest, 3102 const char *nonce); 3103 3104KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3105krb5_digest_set_digest ( 3106 krb5_context context, 3107 krb5_digest digest, 3108 const char *dgst); 3109 3110KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3111krb5_digest_set_hostname ( 3112 krb5_context context, 3113 krb5_digest digest, 3114 const char *hostname); 3115 3116KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3117krb5_digest_set_identifier ( 3118 krb5_context context, 3119 krb5_digest digest, 3120 const char *id); 3121 3122KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3123krb5_digest_set_method ( 3124 krb5_context context, 3125 krb5_digest digest, 3126 const char *method); 3127 3128KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3129krb5_digest_set_nonceCount ( 3130 krb5_context context, 3131 krb5_digest digest, 3132 const char *nonce_count); 3133 3134KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3135krb5_digest_set_opaque ( 3136 krb5_context context, 3137 krb5_digest digest, 3138 const char *opaque); 3139 3140KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3141krb5_digest_set_qop ( 3142 krb5_context context, 3143 krb5_digest digest, 3144 const char *qop); 3145 3146KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3147krb5_digest_set_realm ( 3148 krb5_context context, 3149 krb5_digest digest, 3150 const char *realm); 3151 3152KRB5_LIB_FUNCTION int KRB5_LIB_CALL 3153krb5_digest_set_responseData ( 3154 krb5_context context, 3155 krb5_digest digest, 3156 const char *response); 3157 3158KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3159krb5_digest_set_server_cb ( 3160 krb5_context context, 3161 krb5_digest digest, 3162 const char *type, 3163 const char *binding); 3164 3165KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3166krb5_digest_set_server_nonce ( 3167 krb5_context context, 3168 krb5_digest digest, 3169 const char *nonce); 3170 3171KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3172krb5_digest_set_type ( 3173 krb5_context context, 3174 krb5_digest digest, 3175 const char *type); 3176 3177KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3178krb5_digest_set_uri ( 3179 krb5_context context, 3180 krb5_digest digest, 3181 const char *uri); 3182 3183KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3184krb5_digest_set_username ( 3185 krb5_context context, 3186 krb5_digest digest, 3187 const char *username); 3188 3189KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3190krb5_domain_x500_decode ( 3191 krb5_context context, 3192 krb5_data tr, 3193 char ***realms, 3194 unsigned int *num_realms, 3195 const char *client_realm, 3196 const char *server_realm); 3197 3198KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3199krb5_domain_x500_encode ( 3200 char **realms, 3201 unsigned int num_realms, 3202 krb5_data *encoding); 3203 3204/** 3205 * Convert the getaddrinfo() error code to a Kerberos et error code. 3206 * 3207 * @param eai_errno contains the error code from getaddrinfo(). 3208 * @param system_error should have the value of errno after the failed getaddrinfo(). 3209 * 3210 * @return Kerberos error code representing the EAI errors. 3211 * 3212 * @ingroup krb5_error 3213 */ 3214 3215KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3216krb5_eai_to_heim_errno ( 3217 int eai_errno, 3218 int system_error); 3219 3220KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3221krb5_encode_Authenticator ( 3222 krb5_context context, 3223 void *data, 3224 size_t length, 3225 Authenticator *t, 3226 size_t *len) 3227 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3228 3229KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3230krb5_encode_ETYPE_INFO ( 3231 krb5_context context, 3232 void *data, 3233 size_t length, 3234 ETYPE_INFO *t, 3235 size_t *len) 3236 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3237 3238KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3239krb5_encode_ETYPE_INFO2 ( 3240 krb5_context context, 3241 void *data, 3242 size_t length, 3243 ETYPE_INFO2 *t, 3244 size_t *len) 3245 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3246 3247KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3248krb5_encode_EncAPRepPart ( 3249 krb5_context context, 3250 void *data, 3251 size_t length, 3252 EncAPRepPart *t, 3253 size_t *len) 3254 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3255 3256KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3257krb5_encode_EncASRepPart ( 3258 krb5_context context, 3259 void *data, 3260 size_t length, 3261 EncASRepPart *t, 3262 size_t *len) 3263 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3264 3265KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3266krb5_encode_EncKrbCredPart ( 3267 krb5_context context, 3268 void *data, 3269 size_t length, 3270 EncKrbCredPart *t, 3271 size_t *len) 3272 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3273 3274KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3275krb5_encode_EncTGSRepPart ( 3276 krb5_context context, 3277 void *data, 3278 size_t length, 3279 EncTGSRepPart *t, 3280 size_t *len) 3281 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3282 3283KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3284krb5_encode_EncTicketPart ( 3285 krb5_context context, 3286 void *data, 3287 size_t length, 3288 EncTicketPart *t, 3289 size_t *len) 3290 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3291 3292KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3293krb5_encrypt ( 3294 krb5_context context, 3295 krb5_crypto crypto, 3296 unsigned usage, 3297 const void *data, 3298 size_t len, 3299 krb5_data *result); 3300 3301KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3302krb5_encrypt_EncryptedData ( 3303 krb5_context context, 3304 krb5_crypto crypto, 3305 unsigned usage, 3306 void *data, 3307 size_t len, 3308 int kvno, 3309 EncryptedData *result); 3310 3311/** 3312 * Inline encrypt a kerberos message 3313 * 3314 * @param context Kerberos context 3315 * @param crypto Kerberos crypto context 3316 * @param usage Key usage for this buffer 3317 * @param data array of buffers to process 3318 * @param num_data length of array 3319 * @param ivec initial cbc/cts vector 3320 * 3321 * @return Return an error code or 0. 3322 * @ingroup krb5_crypto 3323 * 3324 * Kerberos encrypted data look like this: 3325 * 3326 * 1. KRB5_CRYPTO_TYPE_HEADER 3327 * 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] 3328 * KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver 3329 * have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is 3330 * commonly used headers and trailers. 3331 * 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 3332 * 4. KRB5_CRYPTO_TYPE_TRAILER 3333 */ 3334 3335KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3336krb5_encrypt_iov_ivec ( 3337 krb5_context context, 3338 krb5_crypto crypto, 3339 unsigned usage, 3340 krb5_crypto_iov *data, 3341 int num_data, 3342 void *ivec); 3343 3344KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3345krb5_encrypt_ivec ( 3346 krb5_context context, 3347 krb5_crypto crypto, 3348 unsigned usage, 3349 const void *data, 3350 size_t len, 3351 krb5_data *result, 3352 void *ivec); 3353 3354/** 3355 * Disable encryption type 3356 * 3357 * @param context Kerberos 5 context 3358 * @param enctype encryption type to disable 3359 * 3360 * @return Return an error code or 0. 3361 * 3362 * @ingroup krb5_crypto 3363 */ 3364 3365KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3366krb5_enctype_disable ( 3367 krb5_context context, 3368 krb5_enctype enctype); 3369 3370/** 3371 * Enable encryption type 3372 * 3373 * @param context Kerberos 5 context 3374 * @param enctype encryption type to enable 3375 * 3376 * @return Return an error code or 0. 3377 * 3378 * @ingroup krb5_crypto 3379 */ 3380 3381KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3382krb5_enctype_enable ( 3383 krb5_context context, 3384 krb5_enctype enctype); 3385 3386KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3387krb5_enctype_keybits ( 3388 krb5_context context, 3389 krb5_enctype type, 3390 size_t *keybits); 3391 3392KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3393krb5_enctype_keysize ( 3394 krb5_context context, 3395 krb5_enctype type, 3396 size_t *keysize); 3397 3398KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3399krb5_enctype_to_keytype ( 3400 krb5_context context, 3401 krb5_enctype etype, 3402 krb5_keytype *keytype); 3403 3404KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3405krb5_enctype_to_string ( 3406 krb5_context context, 3407 krb5_enctype etype, 3408 char **string); 3409 3410/** 3411 * Check if a enctype is valid, return 0 if it is. 3412 * 3413 * @param context Kerberos context 3414 * @param etype enctype to check if its valid or not 3415 * 3416 * @return Return an error code for an failure or 0 on success (enctype valid). 3417 * @ingroup krb5_crypto 3418 */ 3419 3420KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3421krb5_enctype_valid ( 3422 krb5_context context, 3423 krb5_enctype etype); 3424 3425/** 3426 * Deprecated: keytypes doesn't exists, they are really enctypes. 3427 * 3428 * @ingroup krb5_deprecated 3429 */ 3430 3431KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3432krb5_enctypes_compatible_keys ( 3433 krb5_context context, 3434 krb5_enctype etype1, 3435 krb5_enctype etype2) 3436 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3437 3438krb5_error_code 3439krb5_enomem (krb5_context context); 3440 3441/** 3442 * Log a warning to the log, default stderr, include bthe error from 3443 * the last failure and then exit. 3444 * 3445 * @param context A Kerberos 5 context 3446 * @param eval the exit code to exit with 3447 * @param code error code of the last error 3448 * @param fmt message to print 3449 * 3450 * @ingroup krb5_error 3451 */ 3452 3453KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3454krb5_err ( 3455 krb5_context context, 3456 int eval, 3457 krb5_error_code code, 3458 const char *fmt, 3459 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 5)) 3460 HEIMDAL_NORETURN_ATTRIBUTE; 3461 3462KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3463krb5_error_from_rd_error ( 3464 krb5_context context, 3465 const krb5_error *error, 3466 const krb5_creds *creds); 3467 3468/** 3469 * Log a warning to the log, default stderr, and then exit. 3470 * 3471 * @param context A Kerberos 5 context 3472 * @param eval the exit code to exit with 3473 * @param fmt message to print 3474 * 3475 * @ingroup krb5_error 3476 */ 3477 3478KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3479krb5_errx ( 3480 krb5_context context, 3481 int eval, 3482 const char *fmt, 3483 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)) 3484 HEIMDAL_NORETURN_ATTRIBUTE; 3485 3486/** 3487 * krb5_expand_hostname() tries to make orig_hostname into a more 3488 * canonical one in the newly allocated space returned in 3489 * new_hostname. 3490 3491 * @param context a Keberos context 3492 * @param orig_hostname hostname to canonicalise. 3493 * @param new_hostname output hostname, caller must free hostname with 3494 * krb5_xfree(). 3495 * 3496 * @return Return an error code or 0, see krb5_get_error_message(). 3497 * 3498 * @ingroup krb5_support 3499 */ 3500 3501KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3502krb5_expand_hostname ( 3503 krb5_context context, 3504 const char *orig_hostname, 3505 char **new_hostname); 3506 3507/** 3508 * krb5_expand_hostname_realms() expands orig_hostname to a name we 3509 * believe to be a hostname in newly allocated space in new_hostname 3510 * and return the realms new_hostname is believed to belong to in 3511 * realms. 3512 * 3513 * @param context a Keberos context 3514 * @param orig_hostname hostname to canonicalise. 3515 * @param new_hostname output hostname, caller must free hostname with 3516 * krb5_xfree(). 3517 * @param realms output possible realms, is an array that is terminated 3518 * with NULL. Caller must free with krb5_free_host_realm(). 3519 * 3520 * @return Return an error code or 0, see krb5_get_error_message(). 3521 * 3522 * @ingroup krb5_support 3523 */ 3524 3525KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3526krb5_expand_hostname_realms ( 3527 krb5_context context, 3528 const char *orig_hostname, 3529 char **new_hostname, 3530 char ***realms); 3531 3532KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL 3533krb5_find_padata ( 3534 PA_DATA *val, 3535 unsigned len, 3536 int type, 3537 int *idx); 3538 3539KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3540krb5_format_time ( 3541 krb5_context context, 3542 time_t t, 3543 char *s, 3544 size_t len, 3545 krb5_boolean include_time); 3546 3547/** 3548 * krb5_free_address frees the data stored in the address that is 3549 * alloced with any of the krb5_address functions. 3550 * 3551 * @param context a Keberos context 3552 * @param address addresss to be freed. 3553 * 3554 * @return Return an error code or 0. 3555 * 3556 * @ingroup krb5_address 3557 */ 3558 3559KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3560krb5_free_address ( 3561 krb5_context context, 3562 krb5_address *address); 3563 3564/** 3565 * krb5_free_addresses frees the data stored in the address that is 3566 * alloced with any of the krb5_address functions. 3567 * 3568 * @param context a Keberos context 3569 * @param addresses addressses to be freed. 3570 * 3571 * @return Return an error code or 0. 3572 * 3573 * @ingroup krb5_address 3574 */ 3575 3576KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3577krb5_free_addresses ( 3578 krb5_context context, 3579 krb5_addresses *addresses); 3580 3581KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3582krb5_free_ap_rep_enc_part ( 3583 krb5_context context, 3584 krb5_ap_rep_enc_part *val); 3585 3586KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3587krb5_free_authenticator ( 3588 krb5_context context, 3589 krb5_authenticator *authenticator); 3590 3591KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3592krb5_free_checksum ( 3593 krb5_context context, 3594 krb5_checksum *cksum); 3595 3596KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3597krb5_free_checksum_contents ( 3598 krb5_context context, 3599 krb5_checksum *cksum); 3600 3601/** 3602 * Free a list of configuration files. 3603 * 3604 * @param filenames list, terminated with a NULL pointer, to be 3605 * freed. NULL is an valid argument. 3606 * 3607 * @ingroup krb5 3608 */ 3609 3610KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3611krb5_free_config_files (char **filenames); 3612 3613/** 3614 * Frees the krb5_context allocated by krb5_init_context(). 3615 * 3616 * @param context context to be freed. 3617 * 3618 * @ingroup krb5 3619 */ 3620 3621KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3622krb5_free_context (krb5_context context); 3623 3624/** 3625 * Free content of krb5_creds. 3626 * 3627 * @param context Kerberos 5 context. 3628 * @param c krb5_creds to free. 3629 * 3630 * @return Returns 0 to indicate success. Otherwise an kerberos et 3631 * error code is returned, see krb5_get_error_message(). 3632 * 3633 * @ingroup krb5 3634 */ 3635 3636KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3637krb5_free_cred_contents ( 3638 krb5_context context, 3639 krb5_creds *c); 3640 3641/** 3642 * Free krb5_creds. 3643 * 3644 * @param context Kerberos 5 context. 3645 * @param c krb5_creds to free. 3646 * 3647 * @return Returns 0 to indicate success. Otherwise an kerberos et 3648 * error code is returned, see krb5_get_error_message(). 3649 * 3650 * @ingroup krb5 3651 */ 3652 3653KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3654krb5_free_creds ( 3655 krb5_context context, 3656 krb5_creds *c); 3657 3658/** 3659 * Deprecated: use krb5_free_cred_contents() 3660 * 3661 * @ingroup krb5_deprecated 3662 */ 3663 3664KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3665krb5_free_creds_contents ( 3666 krb5_context context, 3667 krb5_creds *c) 3668 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3669 3670/** 3671 * Free krb5_data (and its content). 3672 * 3673 * @param context Kerberos 5 context. 3674 * @param p krb5_data to free. 3675 * 3676 * @ingroup krb5 3677 */ 3678 3679KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3680krb5_free_data ( 3681 krb5_context context, 3682 krb5_data *p); 3683 3684/** 3685 * Same as krb5_data_free(). MIT compat. 3686 * 3687 * Deprecated: use krb5_data_free(). 3688 * 3689 * @param context Kerberos 5 context. 3690 * @param data krb5_data to free. 3691 * 3692 * @ingroup krb5_deprecated 3693 */ 3694 3695KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3696krb5_free_data_contents ( 3697 krb5_context context, 3698 krb5_data *data) 3699 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3700 3701KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3702krb5_free_default_realm ( 3703 krb5_context context, 3704 krb5_realm realm); 3705 3706KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3707krb5_free_error ( 3708 krb5_context context, 3709 krb5_error *error); 3710 3711KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3712krb5_free_error_contents ( 3713 krb5_context context, 3714 krb5_error *error); 3715 3716/** 3717 * Free the error message returned by krb5_get_error_message(). 3718 * 3719 * @param context Kerberos context 3720 * @param msg error message to free, returned by 3721 * krb5_get_error_message(). NULL is ok (nothing freed). 3722 * 3723 * @ingroup krb5_error 3724 */ 3725 3726KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3727krb5_free_error_message ( 3728 krb5_context context, 3729 const char *msg); 3730 3731/** 3732 * Free the error message returned by krb5_get_error_string(). 3733 * 3734 * Deprecated: use krb5_free_error_message() 3735 * 3736 * @param context Kerberos context 3737 * @param str error message to free 3738 * 3739 * @ingroup krb5_deprecated 3740 */ 3741 3742KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3743krb5_free_error_string ( 3744 krb5_context context, 3745 char *str) 3746 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3747 3748/** 3749 * Free all memory allocated by `realmlist' 3750 * 3751 * @param context A Kerberos 5 context. 3752 * @param realmlist realmlist to free, NULL is ok 3753 * 3754 * @return a Kerberos error code, always 0. 3755 * 3756 * @ingroup krb5_support 3757 */ 3758 3759KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3760krb5_free_host_realm ( 3761 krb5_context context, 3762 krb5_realm *realmlist); 3763 3764/** 3765 * Variable containing the FILE based credential cache implemention. 3766 * 3767 * @ingroup krb5_ccache 3768 */ 3769 3770KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3771krb5_free_kdc_rep ( 3772 krb5_context context, 3773 krb5_kdc_rep *rep); 3774 3775/** 3776 * Free a keyblock, also zero out the content of the keyblock, uses 3777 * krb5_free_keyblock_contents() to free the content. 3778 * 3779 * @param context a Kerberos 5 context 3780 * @param keyblock keyblock to free, NULL is valid argument 3781 * 3782 * @ingroup krb5_crypto 3783 */ 3784 3785KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3786krb5_free_keyblock ( 3787 krb5_context context, 3788 krb5_keyblock *keyblock); 3789 3790/** 3791 * Free a keyblock's content, also zero out the content of the keyblock. 3792 * 3793 * @param context a Kerberos 5 context 3794 * @param keyblock keyblock content to free, NULL is valid argument 3795 * 3796 * @ingroup krb5_crypto 3797 */ 3798 3799KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3800krb5_free_keyblock_contents ( 3801 krb5_context context, 3802 krb5_keyblock *keyblock); 3803 3804KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3805krb5_free_krbhst ( 3806 krb5_context context, 3807 char **hostlist); 3808 3809/** 3810 * Frees a Kerberos principal allocated by the library with 3811 * krb5_parse_name(), krb5_make_principal() or any other related 3812 * principal functions. 3813 * 3814 * @param context A Kerberos context. 3815 * @param p a principal to free. 3816 * 3817 * @ingroup krb5_principal 3818 */ 3819 3820KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3821krb5_free_principal ( 3822 krb5_context context, 3823 krb5_principal p); 3824 3825KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3826krb5_free_salt ( 3827 krb5_context context, 3828 krb5_salt salt); 3829 3830/** 3831 * Free ticket and content 3832 * 3833 * @param context a Kerberos 5 context 3834 * @param ticket ticket to free 3835 * 3836 * @return Returns 0 to indicate success. Otherwise an kerberos et 3837 * error code is returned, see krb5_get_error_message(). 3838 * 3839 * @ingroup krb5 3840 */ 3841 3842KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3843krb5_free_ticket ( 3844 krb5_context context, 3845 krb5_ticket *ticket); 3846 3847/** 3848 * Deprecated: use krb5_xfree(). 3849 * 3850 * @ingroup krb5_deprecated 3851 */ 3852 3853KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3854krb5_free_unparsed_name ( 3855 krb5_context context, 3856 char *str) 3857 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3858 3859/** 3860 * Forward credentials for client to host hostname , making them 3861 * forwardable if forwardable, and returning the blob of data to sent 3862 * in out_data. If hostname == NULL, pick it from server. 3863 * 3864 * @param context A kerberos 5 context. 3865 * @param auth_context the auth context with the key to encrypt the out_data. 3866 * @param hostname the host to forward the tickets too. 3867 * @param client the client to delegate from. 3868 * @param server the server to delegate the credential too. 3869 * @param ccache credential cache to use. 3870 * @param forwardable make the forwarded ticket forwabledable. 3871 * @param out_data the resulting credential. 3872 * 3873 * @return Return an error code or 0. 3874 * 3875 * @ingroup krb5_credential 3876 */ 3877 3878KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3879krb5_fwd_tgt_creds ( 3880 krb5_context context, 3881 krb5_auth_context auth_context, 3882 const char *hostname, 3883 krb5_principal client, 3884 krb5_principal server, 3885 krb5_ccache ccache, 3886 int forwardable, 3887 krb5_data *out_data); 3888 3889KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3890krb5_generate_random_block ( 3891 void *buf, 3892 size_t len); 3893 3894KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3895krb5_generate_random_keyblock ( 3896 krb5_context context, 3897 krb5_enctype type, 3898 krb5_keyblock *key); 3899 3900KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3901krb5_generate_seq_number ( 3902 krb5_context context, 3903 const krb5_keyblock *key, 3904 uint32_t *seqno); 3905 3906/** 3907 * Deprecated: use krb5_generate_subkey_extended() 3908 * 3909 * @ingroup krb5_deprecated 3910 */ 3911 3912KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3913krb5_generate_subkey ( 3914 krb5_context context, 3915 const krb5_keyblock *key, 3916 krb5_keyblock **subkey) 3917 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3918 3919/** 3920 * Generate subkey, from keyblock 3921 * 3922 * @param context kerberos context 3923 * @param key session key 3924 * @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype 3925 * @param subkey returned new, free with krb5_free_keyblock(). 3926 * 3927 * @return 0 on success or a Kerberos 5 error code 3928 * 3929* @ingroup krb5_crypto 3930 */ 3931 3932KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3933krb5_generate_subkey_extended ( 3934 krb5_context context, 3935 const krb5_keyblock *key, 3936 krb5_enctype etype, 3937 krb5_keyblock **subkey); 3938 3939KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3940krb5_get_all_any_addrs ( 3941 krb5_context context, 3942 krb5_addresses *res); 3943 3944KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3945krb5_get_all_client_addrs ( 3946 krb5_context context, 3947 krb5_addresses *res); 3948 3949KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3950krb5_get_all_server_addrs ( 3951 krb5_context context, 3952 krb5_addresses *res); 3953 3954/** 3955 * Deprecated: use krb5_get_credentials_with_flags(). 3956 * 3957 * @ingroup krb5_deprecated 3958 */ 3959 3960KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3961krb5_get_cred_from_kdc ( 3962 krb5_context context, 3963 krb5_ccache ccache, 3964 krb5_creds *in_creds, 3965 krb5_creds **out_creds, 3966 krb5_creds ***ret_tgts) 3967 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3968 3969/** 3970 * Deprecated: use krb5_get_credentials_with_flags(). 3971 * 3972 * @ingroup krb5_deprecated 3973 */ 3974 3975KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3976krb5_get_cred_from_kdc_opt ( 3977 krb5_context context, 3978 krb5_ccache ccache, 3979 krb5_creds *in_creds, 3980 krb5_creds **out_creds, 3981 krb5_creds ***ret_tgts, 3982 krb5_flags flags) 3983 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3984 3985KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3986krb5_get_credentials ( 3987 krb5_context context, 3988 krb5_flags options, 3989 krb5_ccache ccache, 3990 krb5_creds *in_creds, 3991 krb5_creds **out_creds); 3992 3993/** 3994 * Get credentials specified by in_cred->server and flags 3995 * 3996 * @param context A kerberos 5 context. 3997 * @param options KRB5_TC_* options 3998 * @param flags KDC option flags 3999 * @param ccache credential cache to use. 4000 * @param in_creds input matching credential. 4001 * @param out_creds the resulting credential. 4002 * 4003 * @return Return an error code or 0. 4004 * 4005 * @ingroup krb5_credential 4006 */ 4007 4008KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4009krb5_get_credentials_with_flags ( 4010 krb5_context context, 4011 krb5_flags options, 4012 krb5_kdc_flags flags, 4013 krb5_ccache ccache, 4014 krb5_creds *in_creds, 4015 krb5_creds **out_creds); 4016 4017KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4018krb5_get_creds ( 4019 krb5_context context, 4020 krb5_get_creds_opt opt, 4021 krb5_ccache ccache, 4022 krb5_const_principal inprinc, 4023 krb5_creds **out_creds); 4024 4025KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4026krb5_get_creds_opt_add_options ( 4027 krb5_context context, 4028 krb5_get_creds_opt opt, 4029 krb5_flags options); 4030 4031KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4032krb5_get_creds_opt_alloc ( 4033 krb5_context context, 4034 krb5_get_creds_opt *opt); 4035 4036KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4037krb5_get_creds_opt_free ( 4038 krb5_context context, 4039 krb5_get_creds_opt opt); 4040 4041KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4042krb5_get_creds_opt_set_enctype ( 4043 krb5_context context, 4044 krb5_get_creds_opt opt, 4045 krb5_enctype enctype); 4046 4047KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4048krb5_get_creds_opt_set_impersonate ( 4049 krb5_context context, 4050 krb5_get_creds_opt opt, 4051 krb5_const_principal self); 4052 4053KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4054krb5_get_creds_opt_set_options ( 4055 krb5_context context, 4056 krb5_get_creds_opt opt, 4057 krb5_flags options); 4058 4059KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4060krb5_get_creds_opt_set_ticket ( 4061 krb5_context context, 4062 krb5_get_creds_opt opt, 4063 const Ticket *ticket); 4064 4065/** 4066 * Get the default debug logging facility. 4067 * 4068 * @param context A Kerberos 5 context 4069 * 4070 * @ingroup krb5_error 4071 */ 4072 4073KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL 4074krb5_get_debug_dest (krb5_context context); 4075 4076/** 4077 * Get the global configuration list. 4078 * 4079 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 4080 * 4081 * @return Returns 0 to indicate success. Otherwise an kerberos et 4082 * error code is returned, see krb5_get_error_message(). 4083 * 4084 * @ingroup krb5 4085 */ 4086 4087KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4088krb5_get_default_config_files (char ***pfilenames); 4089 4090/** 4091 * Get the default encryption types that will be use in communcation 4092 * with the KDC, clients and servers. 4093 * 4094 * @param context Kerberos 5 context. 4095 * @param etypes Encryption types, array terminated with 4096 * ETYPE_NULL(0), caller should free array with krb5_xfree(): 4097 * 4098 * @return Returns 0 to indicate success. Otherwise an kerberos et 4099 * error code is returned, see krb5_get_error_message(). 4100 * 4101 * @ingroup krb5 4102 */ 4103 4104KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4105krb5_get_default_in_tkt_etypes ( 4106 krb5_context context, 4107 krb5_pdu pdu_type, 4108 krb5_enctype **etypes); 4109 4110KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4111krb5_get_default_principal ( 4112 krb5_context context, 4113 krb5_principal *princ); 4114 4115KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4116krb5_get_default_realm ( 4117 krb5_context context, 4118 krb5_realm *realm); 4119 4120KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4121krb5_get_default_realms ( 4122 krb5_context context, 4123 krb5_realm **realms); 4124 4125/** 4126 * Get if the library uses DNS to canonicalize hostnames. 4127 * 4128 * @param context Kerberos 5 context. 4129 * 4130 * @return return non zero if the library uses DNS to canonicalize hostnames. 4131 * 4132 * @ingroup krb5 4133 */ 4134 4135KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4136krb5_get_dns_canonicalize_hostname (krb5_context context); 4137 4138/** 4139 * Return the error string for the error code. The caller must not 4140 * free the string. 4141 * 4142 * This function is deprecated since its not threadsafe. 4143 * 4144 * @param context Kerberos 5 context. 4145 * @param code Kerberos error code. 4146 * 4147 * @return the error message matching code 4148 * 4149 * @ingroup krb5 4150 */ 4151 4152KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 4153krb5_get_err_text ( 4154 krb5_context context, 4155 krb5_error_code code) 4156 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4157 4158/** 4159 * Return the error message for `code' in context. On memory 4160 * allocation error the function returns NULL. 4161 * 4162 * @param context Kerberos 5 context 4163 * @param code Error code related to the error 4164 * 4165 * @return an error string, needs to be freed with 4166 * krb5_free_error_message(). The functions return NULL on error. 4167 * 4168 * @ingroup krb5_error 4169 */ 4170 4171KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 4172krb5_get_error_message ( 4173 krb5_context context, 4174 krb5_error_code code); 4175 4176/** 4177 * Return the error message in context. On error or no error string, 4178 * the function returns NULL. 4179 * 4180 * @param context Kerberos 5 context 4181 * 4182 * @return an error string, needs to be freed with 4183 * krb5_free_error_message(). The functions return NULL on error. 4184 * 4185 * @ingroup krb5_error 4186 */ 4187 4188KRB5_LIB_FUNCTION char * KRB5_LIB_CALL 4189krb5_get_error_string (krb5_context context) 4190 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4191 4192/** 4193 * Get extra address to the address list that the library will add to 4194 * the client's address list when communicating with the KDC. 4195 * 4196 * @param context Kerberos 5 context. 4197 * @param addresses addreses to set 4198 * 4199 * @return Returns 0 to indicate success. Otherwise an kerberos et 4200 * error code is returned, see krb5_get_error_message(). 4201 * 4202 * @ingroup krb5 4203 */ 4204 4205KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4206krb5_get_extra_addresses ( 4207 krb5_context context, 4208 krb5_addresses *addresses); 4209 4210/** 4211 * Get version of fcache that the library should use. 4212 * 4213 * @param context Kerberos 5 context. 4214 * @param version version number. 4215 * 4216 * @return Returns 0 to indicate success. Otherwise an kerberos et 4217 * error code is returned, see krb5_get_error_message(). 4218 * 4219 * @ingroup krb5 4220 */ 4221 4222KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4223krb5_get_fcache_version ( 4224 krb5_context context, 4225 int *version); 4226 4227/** 4228 * Gets tickets forwarded to hostname. If the tickets that are 4229 * forwarded are address-less, the forwarded tickets will also be 4230 * address-less. 4231 * 4232 * If the ticket have any address, hostname will be used for figure 4233 * out the address to forward the ticket too. This since this might 4234 * use DNS, its insecure and also doesn't represent configured all 4235 * addresses of the host. For example, the host might have two 4236 * adresses, one IPv4 and one IPv6 address where the later is not 4237 * published in DNS. This IPv6 address might be used communications 4238 * and thus the resulting ticket useless. 4239 * 4240 * @param context A kerberos 5 context. 4241 * @param auth_context the auth context with the key to encrypt the out_data. 4242 * @param ccache credential cache to use 4243 * @param flags the flags to control the resulting ticket flags 4244 * @param hostname the host to forward the tickets too. 4245 * @param in_creds the in client and server ticket names. The client 4246 * and server components forwarded to the remote host. 4247 * @param out_data the resulting credential. 4248 * 4249 * @return Return an error code or 0. 4250 * 4251 * @ingroup krb5_credential 4252 */ 4253 4254KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4255krb5_get_forwarded_creds ( 4256 krb5_context context, 4257 krb5_auth_context auth_context, 4258 krb5_ccache ccache, 4259 krb5_flags flags, 4260 const char *hostname, 4261 krb5_creds *in_creds, 4262 krb5_data *out_data); 4263 4264KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4265krb5_get_host_realm ( 4266 krb5_context context, 4267 const char *host, 4268 krb5_realm **realms); 4269 4270/** 4271 * Get extra addresses to ignore when fetching addresses from the 4272 * underlaying operating system. 4273 * 4274 * @param context Kerberos 5 context. 4275 * @param addresses list addreses ignored 4276 * 4277 * @return Returns 0 to indicate success. Otherwise an kerberos et 4278 * error code is returned, see krb5_get_error_message(). 4279 * 4280 * @ingroup krb5 4281 */ 4282 4283KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4284krb5_get_ignore_addresses ( 4285 krb5_context context, 4286 krb5_addresses *addresses); 4287 4288KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4289krb5_get_in_cred ( 4290 krb5_context context, 4291 krb5_flags options, 4292 const krb5_addresses *addrs, 4293 const krb5_enctype *etypes, 4294 const krb5_preauthtype *ptypes, 4295 const krb5_preauthdata *preauth, 4296 krb5_key_proc key_proc, 4297 krb5_const_pointer keyseed, 4298 krb5_decrypt_proc decrypt_proc, 4299 krb5_const_pointer decryptarg, 4300 krb5_creds *creds, 4301 krb5_kdc_rep *ret_as_reply) 4302 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4303 4304KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4305krb5_get_in_tkt ( 4306 krb5_context context, 4307 krb5_flags options, 4308 const krb5_addresses *addrs, 4309 const krb5_enctype *etypes, 4310 const krb5_preauthtype *ptypes, 4311 krb5_key_proc key_proc, 4312 krb5_const_pointer keyseed, 4313 krb5_decrypt_proc decrypt_proc, 4314 krb5_const_pointer decryptarg, 4315 krb5_creds *creds, 4316 krb5_ccache ccache, 4317 krb5_kdc_rep *ret_as_reply) 4318 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4319 4320/** 4321 * Deprecated: use krb5_get_init_creds() and friends. 4322 * 4323 * @ingroup krb5_deprecated 4324 */ 4325 4326KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4327krb5_get_in_tkt_with_keytab ( 4328 krb5_context context, 4329 krb5_flags options, 4330 krb5_addresses *addrs, 4331 const krb5_enctype *etypes, 4332 const krb5_preauthtype *pre_auth_types, 4333 krb5_keytab keytab, 4334 krb5_ccache ccache, 4335 krb5_creds *creds, 4336 krb5_kdc_rep *ret_as_reply) 4337 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4338 4339/** 4340 * Deprecated: use krb5_get_init_creds() and friends. 4341 * 4342 * @ingroup krb5_deprecated 4343 */ 4344 4345KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4346krb5_get_in_tkt_with_password ( 4347 krb5_context context, 4348 krb5_flags options, 4349 krb5_addresses *addrs, 4350 const krb5_enctype *etypes, 4351 const krb5_preauthtype *pre_auth_types, 4352 const char *password, 4353 krb5_ccache ccache, 4354 krb5_creds *creds, 4355 krb5_kdc_rep *ret_as_reply) 4356 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4357 4358/** 4359 * Deprecated: use krb5_get_init_creds() and friends. 4360 * 4361 * @ingroup krb5_deprecated 4362 */ 4363 4364KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4365krb5_get_in_tkt_with_skey ( 4366 krb5_context context, 4367 krb5_flags options, 4368 krb5_addresses *addrs, 4369 const krb5_enctype *etypes, 4370 const krb5_preauthtype *pre_auth_types, 4371 const krb5_keyblock *key, 4372 krb5_ccache ccache, 4373 krb5_creds *creds, 4374 krb5_kdc_rep *ret_as_reply) 4375 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4376 4377/** 4378 * Get new credentials using keyblock. 4379 * 4380 * @ingroup krb5_credential 4381 */ 4382 4383KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4384krb5_get_init_creds_keyblock ( 4385 krb5_context context, 4386 krb5_creds *creds, 4387 krb5_principal client, 4388 krb5_keyblock *keyblock, 4389 krb5_deltat start_time, 4390 const char *in_tkt_service, 4391 krb5_get_init_creds_opt *options); 4392 4393/** 4394 * Get new credentials using keytab. 4395 * 4396 * @ingroup krb5_credential 4397 */ 4398 4399KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4400krb5_get_init_creds_keytab ( 4401 krb5_context context, 4402 krb5_creds *creds, 4403 krb5_principal client, 4404 krb5_keytab keytab, 4405 krb5_deltat start_time, 4406 const char *in_tkt_service, 4407 krb5_get_init_creds_opt *options); 4408 4409/** 4410 * Allocate a new krb5_get_init_creds_opt structure, free with 4411 * krb5_get_init_creds_opt_free(). 4412 * 4413 * @ingroup krb5_credential 4414 */ 4415 4416KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4417krb5_get_init_creds_opt_alloc ( 4418 krb5_context context, 4419 krb5_get_init_creds_opt **opt); 4420 4421/** 4422 * Free krb5_get_init_creds_opt structure. 4423 * 4424 * @ingroup krb5_credential 4425 */ 4426 4427KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4428krb5_get_init_creds_opt_free ( 4429 krb5_context context, 4430 krb5_get_init_creds_opt *opt); 4431 4432/** 4433 * Deprecated: use the new krb5_init_creds_init() and 4434 * krb5_init_creds_get_error(). 4435 * 4436 * @ingroup krb5_deprecated 4437 */ 4438 4439KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4440krb5_get_init_creds_opt_get_error ( 4441 krb5_context context, 4442 krb5_get_init_creds_opt *opt, 4443 KRB_ERROR **error) 4444 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4445 4446/** 4447 * Deprecated: use krb5_get_init_creds_opt_alloc(). 4448 * 4449 * The reason krb5_get_init_creds_opt_init() is deprecated is that 4450 * krb5_get_init_creds_opt is a static structure and for ABI reason it 4451 * can't grow, ie can't add new functionality. 4452 * 4453 * @ingroup krb5_deprecated 4454 */ 4455 4456KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4457krb5_get_init_creds_opt_init (krb5_get_init_creds_opt *opt) 4458 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4459 4460KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4461krb5_get_init_creds_opt_set_address_list ( 4462 krb5_get_init_creds_opt *opt, 4463 krb5_addresses *addresses); 4464 4465KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4466krb5_get_init_creds_opt_set_addressless ( 4467 krb5_context context, 4468 krb5_get_init_creds_opt *opt, 4469 krb5_boolean addressless); 4470 4471KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4472krb5_get_init_creds_opt_set_anonymous ( 4473 krb5_get_init_creds_opt *opt, 4474 int anonymous); 4475 4476KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4477krb5_get_init_creds_opt_set_canonicalize ( 4478 krb5_context context, 4479 krb5_get_init_creds_opt *opt, 4480 krb5_boolean req); 4481 4482KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4483krb5_get_init_creds_opt_set_default_flags ( 4484 krb5_context context, 4485 const char *appname, 4486 krb5_const_realm realm, 4487 krb5_get_init_creds_opt *opt); 4488 4489KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4490krb5_get_init_creds_opt_set_etype_list ( 4491 krb5_get_init_creds_opt *opt, 4492 krb5_enctype *etype_list, 4493 int etype_list_length); 4494 4495KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4496krb5_get_init_creds_opt_set_forwardable ( 4497 krb5_get_init_creds_opt *opt, 4498 int forwardable); 4499 4500KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4501krb5_get_init_creds_opt_set_pa_password ( 4502 krb5_context context, 4503 krb5_get_init_creds_opt *opt, 4504 const char *password, 4505 krb5_s2k_proc key_proc); 4506 4507KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4508krb5_get_init_creds_opt_set_pac_request ( 4509 krb5_context context, 4510 krb5_get_init_creds_opt *opt, 4511 krb5_boolean req_pac); 4512 4513KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4514krb5_get_init_creds_opt_set_pkinit ( 4515 krb5_context context, 4516 krb5_get_init_creds_opt *opt, 4517 krb5_principal principal, 4518 const char *user_id, 4519 const char *x509_anchors, 4520 char * const * pool, 4521 char * const * pki_revoke, 4522 int flags, 4523 krb5_prompter_fct prompter, 4524 void *prompter_data, 4525 char *password); 4526 4527krb5_error_code KRB5_LIB_FUNCTION 4528krb5_get_init_creds_opt_set_pkinit_user_cert ( 4529 krb5_context context, 4530 krb5_get_init_creds_opt *opt, 4531 struct hx509_cert_data *cert); 4532 4533KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4534krb5_get_init_creds_opt_set_preauth_list ( 4535 krb5_get_init_creds_opt *opt, 4536 krb5_preauthtype *preauth_list, 4537 int preauth_list_length); 4538 4539KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4540krb5_get_init_creds_opt_set_process_last_req ( 4541 krb5_context context, 4542 krb5_get_init_creds_opt *opt, 4543 krb5_gic_process_last_req func, 4544 void *ctx); 4545 4546KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4547krb5_get_init_creds_opt_set_proxiable ( 4548 krb5_get_init_creds_opt *opt, 4549 int proxiable); 4550 4551KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4552krb5_get_init_creds_opt_set_renew_life ( 4553 krb5_get_init_creds_opt *opt, 4554 krb5_deltat renew_life); 4555 4556KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4557krb5_get_init_creds_opt_set_salt ( 4558 krb5_get_init_creds_opt *opt, 4559 krb5_data *salt); 4560 4561KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4562krb5_get_init_creds_opt_set_tkt_life ( 4563 krb5_get_init_creds_opt *opt, 4564 krb5_deltat tkt_life); 4565 4566KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4567krb5_get_init_creds_opt_set_win2k ( 4568 krb5_context context, 4569 krb5_get_init_creds_opt *opt, 4570 krb5_boolean req); 4571 4572/** 4573 * Get new credentials using password. 4574 * 4575 * @ingroup krb5_credential 4576 */ 4577 4578KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4579krb5_get_init_creds_password ( 4580 krb5_context context, 4581 krb5_creds *creds, 4582 krb5_principal client, 4583 const char *password, 4584 krb5_prompter_fct prompter, 4585 void *data, 4586 krb5_deltat start_time, 4587 const char *in_tkt_service, 4588 krb5_get_init_creds_opt *options); 4589 4590KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4591krb5_get_kdc_cred ( 4592 krb5_context context, 4593 krb5_ccache id, 4594 krb5_kdc_flags flags, 4595 krb5_addresses *addresses, 4596 Ticket *second_ticket, 4597 krb5_creds *in_creds, 4598 krb5_creds **out_creds ); 4599 4600/** 4601 * Get current offset in time to the KDC. 4602 * 4603 * @param context Kerberos 5 context. 4604 * @param sec seconds part of offset. 4605 * @param usec micro seconds part of offset. 4606 * 4607 * @return returns zero 4608 * 4609 * @ingroup krb5 4610 */ 4611 4612KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4613krb5_get_kdc_sec_offset ( 4614 krb5_context context, 4615 int32_t *sec, 4616 int32_t *usec); 4617 4618KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4619krb5_get_krb524hst ( 4620 krb5_context context, 4621 const krb5_realm *realm, 4622 char ***hostlist); 4623 4624KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4625krb5_get_krb_admin_hst ( 4626 krb5_context context, 4627 const krb5_realm *realm, 4628 char ***hostlist); 4629 4630KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4631krb5_get_krb_changepw_hst ( 4632 krb5_context context, 4633 const krb5_realm *realm, 4634 char ***hostlist); 4635 4636KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4637krb5_get_krbhst ( 4638 krb5_context context, 4639 const krb5_realm *realm, 4640 char ***hostlist); 4641 4642/** 4643 * Get max time skew allowed. 4644 * 4645 * @param context Kerberos 5 context. 4646 * 4647 * @return timeskew in seconds. 4648 * 4649 * @ingroup krb5 4650 */ 4651 4652KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 4653krb5_get_max_time_skew (krb5_context context); 4654 4655KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4656krb5_get_pw_salt ( 4657 krb5_context context, 4658 krb5_const_principal principal, 4659 krb5_salt *salt); 4660 4661KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4662krb5_get_renewed_creds ( 4663 krb5_context context, 4664 krb5_creds *creds, 4665 krb5_const_principal client, 4666 krb5_ccache ccache, 4667 const char *in_tkt_service); 4668 4669KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4670krb5_get_server_rcache ( 4671 krb5_context context, 4672 const krb5_data *piece, 4673 krb5_rcache *id); 4674 4675/** 4676 * Make the kerberos library default to the admin KDC. 4677 * 4678 * @param context Kerberos 5 context. 4679 * 4680 * @return boolean flag to telling the context will use admin KDC as the default KDC. 4681 * 4682 * @ingroup krb5 4683 */ 4684 4685KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4686krb5_get_use_admin_kdc (krb5_context context); 4687 4688/** 4689 * Validate the newly fetch credential, see also krb5_verify_init_creds(). 4690 * 4691 * @param context a Kerberos 5 context 4692 * @param creds the credentials to verify 4693 * @param client the client name to match up 4694 * @param ccache the credential cache to use 4695 * @param service a service name to use, used with 4696 * krb5_sname_to_principal() to build a hostname to use to 4697 * verify. 4698 * 4699 * @ingroup krb5_ccache 4700 */ 4701 4702KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4703krb5_get_validated_creds ( 4704 krb5_context context, 4705 krb5_creds *creds, 4706 krb5_principal client, 4707 krb5_ccache ccache, 4708 char *service); 4709 4710/** 4711 * Get the default logging facility. 4712 * 4713 * @param context A Kerberos 5 context 4714 * 4715 * @ingroup krb5_error 4716 */ 4717 4718KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL 4719krb5_get_warn_dest (krb5_context context); 4720 4721KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 4722krb5_get_wrapped_length ( 4723 krb5_context context, 4724 krb5_crypto crypto, 4725 size_t data_len); 4726 4727KRB5_LIB_FUNCTION int KRB5_LIB_CALL 4728krb5_getportbyname ( 4729 krb5_context context, 4730 const char *service, 4731 const char *proto, 4732 int default_port); 4733 4734/** 4735 * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception 4736 * that it operates on a krb5_address instead of a struct sockaddr. 4737 * 4738 * @param context a Keberos context 4739 * @param af address family 4740 * @param haddr host address from struct hostent. 4741 * @param addr returned krb5_address. 4742 * 4743 * @return Return an error code or 0. 4744 * 4745 * @ingroup krb5_address 4746 */ 4747 4748KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4749krb5_h_addr2addr ( 4750 krb5_context context, 4751 int af, 4752 const char *haddr, 4753 krb5_address *addr); 4754 4755/** 4756 * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and 4757 * the "struct hostent" (see gethostbyname(3) ) h_addr_list 4758 * component. The argument sa_size should initially contain the size 4759 * of the sa, and after the call, it will contain the actual length of 4760 * the address. 4761 * 4762 * @param context a Keberos context 4763 * @param af addresses 4764 * @param addr address 4765 * @param sa returned struct sockaddr 4766 * @param sa_size size of sa 4767 * @param port port to set in sa. 4768 * 4769 * @return Return an error code or 0. 4770 * 4771 * @ingroup krb5_address 4772 */ 4773 4774KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4775krb5_h_addr2sockaddr ( 4776 krb5_context context, 4777 int af, 4778 const char *addr, 4779 struct sockaddr *sa, 4780 krb5_socklen_t *sa_size, 4781 int port); 4782 4783/** 4784 * Convert the gethostname() error code (h_error) to a Kerberos et 4785 * error code. 4786 * 4787 * @param eai_errno contains the error code from gethostname(). 4788 * 4789 * @return Kerberos error code representing the gethostname errors. 4790 * 4791 * @ingroup krb5_error 4792 */ 4793 4794KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4795krb5_h_errno_to_heim_errno (int eai_errno); 4796 4797KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4798krb5_have_error_string (krb5_context context) 4799 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4800 4801KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4802krb5_hmac ( 4803 krb5_context context, 4804 krb5_cksumtype cktype, 4805 const void *data, 4806 size_t len, 4807 unsigned usage, 4808 krb5_keyblock *key, 4809 Checksum *result); 4810 4811krb5_boolean 4812krb5_homedir_access (krb5_context context); 4813 4814/** 4815 * Initializes the context structure and reads the configuration files. 4816 4817 * The structure should be freed by calling krb5_free_context() when 4818 * it is no longer being used. 4819 * 4820 * @param context pointer to returned context 4821 * 4822 * @return Returns 0 to indicate success. 4823 * 4824 * @ingroup krb5 4825 */ 4826 4827KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4828krb5_init_context (krb5_context *context); 4829 4830/** 4831 * Initializes the context structure and reads the configuration files. 4832 * 4833 * The structure should be freed by calling 4834 * krb5_free_context() when it is no longer being used. 4835 * 4836 * @param context pointer to returned context 4837 * @param flags controls context creation failure. 4838 * 4839 * Possible flags are: 4840 * - KRB5_CONTEXT_FLAG_NO_CONFIG - don't read the any configuration files 4841 * 4842 * @return Returns 0 to indicate success. Otherwise an errno code is 4843 * returned. Failure means either that something bad happened during 4844 * initialization (typically ENOMEM) or that Kerberos should not be 4845 * used ENXIO. 4846 * 4847 * @see krb5_init_context 4848 * @ingroup krb5 4849 */ 4850 4851KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4852krb5_init_context_flags ( 4853 unsigned int flags, 4854 krb5_context *context); 4855 4856/** 4857 * Free the krb5_init_creds_context allocated by krb5_init_creds_init(). 4858 * 4859 * @param context A Kerberos 5 context. 4860 * @param ctx The krb5_init_creds_context to free. 4861 * 4862 * @ingroup krb5_credential 4863 */ 4864 4865KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4866krb5_init_creds_free ( 4867 krb5_context context, 4868 krb5_init_creds_context ctx); 4869 4870/** 4871 * Get new credentials as setup by the krb5_init_creds_context. 4872 * 4873 * @param context A Kerberos 5 context. 4874 * @param ctx The krb5_init_creds_context to process. 4875 * 4876 * @ingroup krb5_credential 4877 */ 4878 4879KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4880krb5_init_creds_get ( 4881 krb5_context context, 4882 krb5_init_creds_context ctx); 4883 4884/** 4885 * Extract the newly acquired credentials from krb5_init_creds_context 4886 * context. 4887 * 4888 * @param context A Kerberos 5 context. 4889 * @param ctx ctx krb5_init_creds_context context. 4890 * @param cred credentials, free with krb5_free_cred_contents(). 4891 * 4892 * @return 0 for sucess or An Kerberos error code, see krb5_get_error_message(). 4893 */ 4894 4895KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4896krb5_init_creds_get_creds ( 4897 krb5_context context, 4898 krb5_init_creds_context ctx, 4899 krb5_creds *cred); 4900 4901/** 4902 * Get the last error from the transaction. 4903 * 4904 * @return Returns 0 or an error code 4905 * 4906 * @ingroup krb5_credential 4907 */ 4908 4909KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4910krb5_init_creds_get_error ( 4911 krb5_context context, 4912 krb5_init_creds_context ctx, 4913 KRB_ERROR *error); 4914 4915/** 4916 * Start a new context to get a new initial credential. 4917 * 4918 * @param context A Kerberos 5 context. 4919 * @param client The Kerberos principal to get the credential for, if 4920 * NULL is given, the default principal is used as determined by 4921 * krb5_get_default_principal(). 4922 * @param prompter prompter to use if needed 4923 * @param prompter_data data passed to prompter function 4924 * @param start_time the time the ticket should start to be valid or 0 for now. 4925 * @param options a options structure, can be NULL for default options. 4926 * @param rctx A new allocated free with krb5_init_creds_free(). 4927 * 4928 * @return 0 for success or an Kerberos 5 error code, see krb5_get_error_message(). 4929 * 4930 * @ingroup krb5_credential 4931 */ 4932 4933KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4934krb5_init_creds_init ( 4935 krb5_context context, 4936 krb5_principal client, 4937 krb5_prompter_fct prompter, 4938 void *prompter_data, 4939 krb5_deltat start_time, 4940 krb5_get_init_creds_opt *options, 4941 krb5_init_creds_context *rctx); 4942 4943KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4944krb5_init_creds_set_fast_ap_armor_service ( 4945 krb5_context context, 4946 krb5_init_creds_context ctx, 4947 krb5_const_principal armor_service); 4948 4949KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4950krb5_init_creds_set_fast_ccache ( 4951 krb5_context context, 4952 krb5_init_creds_context ctx, 4953 krb5_ccache fast_ccache); 4954 4955/** 4956 * The set KDC hostname for the initial request, it will not be 4957 * considered in referrals to another KDC. 4958 * 4959 * @param context a Kerberos 5 context. 4960 * @param ctx a krb5_init_creds_context context. 4961 * @param hostname the hostname for the KDC of realm 4962 * 4963 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4964 * @ingroup krb5_credential 4965 */ 4966 4967krb5_error_code KRB5_LIB_FUNCTION 4968krb5_init_creds_set_kdc_hostname ( 4969 krb5_context context, 4970 krb5_init_creds_context ctx, 4971 const char *hostname); 4972 4973KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4974krb5_init_creds_set_keyblock ( 4975 krb5_context context, 4976 krb5_init_creds_context ctx, 4977 krb5_keyblock *keyblock); 4978 4979/** 4980 * Set the keytab to use for authentication. 4981 * 4982 * @param context a Kerberos 5 context. 4983 * @param ctx ctx krb5_init_creds_context context. 4984 * @param keytab the keytab to read the key from. 4985 * 4986 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4987 * @ingroup krb5_credential 4988 */ 4989 4990KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4991krb5_init_creds_set_keytab ( 4992 krb5_context context, 4993 krb5_init_creds_context ctx, 4994 krb5_keytab keytab); 4995 4996/** 4997 * Sets the password that will use for the request. 4998 * 4999 * @param context a Kerberos 5 context. 5000 * @param ctx krb5_init_creds_context context. 5001 * @param password the password to use. 5002 * 5003 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 5004 * @ingroup krb5_credential 5005 */ 5006 5007KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5008krb5_init_creds_set_password ( 5009 krb5_context context, 5010 krb5_init_creds_context ctx, 5011 const char *password); 5012 5013/** 5014 * Sets the password that will use for the request. 5015 * 5016 * @param context a Kerberos 5 context. 5017 * @param ctx a krb5_init_creds_context context. 5018 * @param cert client cert 5019 * 5020 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 5021 * @ingroup krb5_credential 5022 */ 5023 5024krb5_error_code KRB5_LIB_FUNCTION 5025krb5_init_creds_set_pkinit_client_cert ( 5026 krb5_context context, 5027 krb5_init_creds_context ctx, 5028 struct hx509_cert_data *cert); 5029 5030/** 5031 * Sets the service that the is requested. This call is only neede for 5032 * special initial tickets, by default the a krbtgt is fetched in the default realm. 5033 * 5034 * @param context a Kerberos 5 context. 5035 * @param ctx a krb5_init_creds_context context. 5036 * @param service the service given as a string, for example 5037 * "kadmind/admin". If NULL, the default krbtgt in the clients 5038 * realm is set. 5039 * 5040 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 5041 * @ingroup krb5_credential 5042 */ 5043 5044KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5045krb5_init_creds_set_service ( 5046 krb5_context context, 5047 krb5_init_creds_context ctx, 5048 const char *service); 5049 5050/** 5051 * The core loop if krb5_get_init_creds() function family. Create the 5052 * packets and have the caller send them off to the KDC. 5053 * 5054 * If the caller want all work been done for them, use 5055 * krb5_init_creds_get() instead. 5056 * 5057 * @param context a Kerberos 5 context. 5058 * @param ctx ctx krb5_init_creds_context context. 5059 * @param in input data from KDC, first round it should be reset by krb5_data_zer(). 5060 * @param out reply to KDC. 5061 * @param hostinfo KDC address info, first round it can be NULL. 5062 * @param realm realm is a pointer the realm to send the packet, it have the 5063 * lifetime the next call to krb5_init_creds_step() or krb5_init_creds_free(). 5064 * @param flags status of the round, if 5065 * KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round. 5066 * 5067 * @return 0 for success, or an Kerberos 5 error code, see 5068 * krb5_get_error_message(). 5069 * 5070 * @ingroup krb5_credential 5071 */ 5072 5073KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5074krb5_init_creds_step ( 5075 krb5_context context, 5076 krb5_init_creds_context ctx, 5077 krb5_data *in, 5078 krb5_data *out, 5079 krb5_krbhst_info *hostinfo, 5080 krb5_realm *realm, 5081 unsigned int *flags); 5082 5083krb5_error_code 5084krb5_init_creds_store ( 5085 krb5_context context, 5086 krb5_init_creds_context ctx, 5087 krb5_ccache id); 5088 5089/** 5090 * Store config 5091 * 5092 * @param context A Kerberos 5 context. 5093 * @param ctx The krb5_init_creds_context to free. 5094 * @param id store 5095 * 5096 * @return Returns 0 or an error code 5097 * 5098 * @ingroup krb5_credential 5099 */ 5100 5101krb5_error_code KRB5_LIB_FUNCTION 5102krb5_init_creds_store_config ( 5103 krb5_context context, 5104 krb5_init_creds_context ctx, 5105 krb5_ccache id); 5106 5107/** 5108 * Warn the user using prompter in the krb5_init_creds_context about 5109 * possible password and account expiration. 5110 * 5111 * @param context a Kerberos 5 context. 5112 * @param ctx a krb5_init_creds_context context. 5113 * 5114 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 5115 * @ingroup krb5_credential 5116 */ 5117 5118KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5119krb5_init_creds_warn_user ( 5120 krb5_context context, 5121 krb5_init_creds_context ctx); 5122 5123/** 5124 * Init the built-in ets in the Kerberos library. 5125 * 5126 * @param context kerberos context to add the ets too 5127 * 5128 * @ingroup krb5 5129 */ 5130 5131KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5132krb5_init_ets (krb5_context context); 5133 5134KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5135krb5_initlog ( 5136 krb5_context context, 5137 const char *program, 5138 krb5_log_facility **fac); 5139 5140/** 5141 * Return TRUE (non zero) if the principal is a configuration 5142 * principal (generated part of krb5_cc_set_config()). Returns FALSE 5143 * (zero) if not a configuration principal. 5144 * 5145 * @param context a Keberos context 5146 * @param principal principal to check if it a configuration principal 5147 * 5148 * @ingroup krb5_ccache 5149 */ 5150 5151KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5152krb5_is_config_principal ( 5153 krb5_context context, 5154 krb5_const_principal principal); 5155 5156/** 5157 * Returns is the encryption is strong or weak 5158 * 5159 * @param context Kerberos 5 context 5160 * @param enctype encryption type to probe 5161 * 5162 * @return Returns true if encryption type is weak or is not supported. 5163 * 5164 * @ingroup krb5_crypto 5165 */ 5166 5167KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5168krb5_is_enctype_weak ( 5169 krb5_context context, 5170 krb5_enctype enctype); 5171 5172/** 5173 * Runtime check if the Kerberos library was complied with thread support. 5174 * 5175 * @return TRUE if the library was compiled with thread support, FALSE if not. 5176 * 5177 * @ingroup krb5 5178 */ 5179 5180KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5181krb5_is_thread_safe (void); 5182 5183KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5184krb5_kcm_call ( 5185 krb5_context context, 5186 krb5_storage *request, 5187 krb5_storage **response_p, 5188 krb5_data *response_data_p); 5189 5190/** 5191 * Variable containing the KEYCHAIN based credential cache implemention. 5192 * 5193 * @ingroup krb5_ccache 5194 */ 5195 5196KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5197krb5_kcm_storage_request ( 5198 krb5_context context, 5199 uint16_t opcode, 5200 krb5_storage **storage_p); 5201 5202/** 5203 * Returns the list of Kerberos encryption types sorted in order of 5204 * most preferred to least preferred encryption type. Note that some 5205 * encryption types might be disabled, so you need to check with 5206 * krb5_enctype_valid() before using the encryption type. 5207 * 5208 * @return list of enctypes, terminated with ETYPE_NULL. Its a static 5209 * array completed into the Kerberos library so the content doesn't 5210 * need to be freed. 5211 * 5212 * @ingroup krb5 5213 */ 5214 5215KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL 5216krb5_kerberos_enctypes (krb5_context context); 5217 5218/** 5219 * Get encryption type of a keyblock. 5220 * 5221 * @ingroup krb5_crypto 5222 */ 5223 5224KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 5225krb5_keyblock_get_enctype (const krb5_keyblock *block); 5226 5227/** 5228 * Fill in `key' with key data of type `enctype' from `data' of length 5229 * `size'. Key should be freed using krb5_free_keyblock_contents(). 5230 * 5231 * @return 0 on success or a Kerberos 5 error code 5232 * 5233 * @ingroup krb5_crypto 5234 */ 5235 5236KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5237krb5_keyblock_init ( 5238 krb5_context context, 5239 krb5_enctype type, 5240 const void *data, 5241 size_t size, 5242 krb5_keyblock *key); 5243 5244KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5245krb5_keyblock_key_proc ( 5246 krb5_context context, 5247 krb5_keytype type, 5248 krb5_data *salt, 5249 krb5_const_pointer keyseed, 5250 krb5_keyblock **key); 5251 5252/** 5253 * Zero out a keyblock 5254 * 5255 * @param keyblock keyblock to zero out 5256 * 5257 * @ingroup krb5_crypto 5258 */ 5259 5260KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5261krb5_keyblock_zero (krb5_keyblock *keyblock); 5262 5263/** 5264 * Deprecated: use krb5_get_init_creds() and friends. 5265 * 5266 * @ingroup krb5_deprecated 5267 */ 5268 5269KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 5270krb5_keytab_key_proc ( 5271 krb5_context context, 5272 krb5_enctype enctype, 5273 krb5_salt salt, 5274 krb5_const_pointer keyseed, 5275 krb5_keyblock **key) 5276 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5277 5278/** 5279 * Deprecated: keytypes doesn't exists, they are really enctypes. 5280 * 5281 * @ingroup krb5_deprecated 5282 */ 5283 5284KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5285krb5_keytype_to_enctypes ( 5286 krb5_context context, 5287 krb5_keytype keytype, 5288 unsigned *len, 5289 krb5_enctype **val) 5290 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5291 5292/** 5293 * Deprecated: keytypes doesn't exists, they are really enctypes. 5294 * 5295 * @ingroup krb5_deprecated 5296 */ 5297 5298KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5299krb5_keytype_to_enctypes_default ( 5300 krb5_context context, 5301 krb5_keytype keytype, 5302 unsigned *len, 5303 krb5_enctype **val) 5304 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5305 5306/** 5307 * Deprecated: keytypes doesn't exists, they are really enctypes in 5308 * most cases, use krb5_enctype_to_string(). 5309 * 5310 * @ingroup krb5_deprecated 5311 */ 5312 5313KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5314krb5_keytype_to_string ( 5315 krb5_context context, 5316 krb5_keytype keytype, 5317 char **string) 5318 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5319 5320KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5321krb5_krbhst_format_string ( 5322 krb5_context context, 5323 const krb5_krbhst_info *host, 5324 char *hostname, 5325 size_t hostlen); 5326 5327KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5328krb5_krbhst_free ( 5329 krb5_context context, 5330 krb5_krbhst_handle handle); 5331 5332/** 5333 * Return an `struct addrinfo *' for a KDC host. 5334 * 5335 * Returns an the struct addrinfo in in that corresponds to the 5336 * information in `host'. free:ing is handled by krb5_krbhst_free, so 5337 * the returned ai must not be released. 5338 * 5339 * @ingroup krb5 5340 */ 5341 5342KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5343krb5_krbhst_get_addrinfo ( 5344 krb5_context context, 5345 krb5_krbhst_info *host, 5346 struct addrinfo **ai); 5347 5348/** 5349 * If the hostname contains a dot, assumes it's a FQDN and 5350 * don't use search domains since that might be painfully slow 5351 * when machine is disconnected from that network. 5352 */ 5353 5354KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5355krb5_krbhst_init ( 5356 krb5_context context, 5357 const char *realm, 5358 unsigned int type, 5359 krb5_krbhst_handle *handle); 5360 5361KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5362krb5_krbhst_init_flags ( 5363 krb5_context context, 5364 const char *realm, 5365 unsigned int type, 5366 int flags, 5367 krb5_krbhst_handle *handle); 5368 5369KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5370krb5_krbhst_next ( 5371 krb5_context context, 5372 krb5_krbhst_handle handle, 5373 krb5_krbhst_info **host); 5374 5375KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5376krb5_krbhst_next_as_string ( 5377 krb5_context context, 5378 krb5_krbhst_handle handle, 5379 char *hostname, 5380 size_t hostlen); 5381 5382KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5383krb5_krbhst_reset ( 5384 krb5_context context, 5385 krb5_krbhst_handle handle); 5386 5387krb5_error_code KRB5_LIB_FUNCTION 5388krb5_krbhst_set_hostname ( 5389 krb5_context context, 5390 krb5_krbhst_handle handle, 5391 const char *hostname); 5392 5393/** 5394 * Add the entry in `entry' to the keytab `id'. 5395 * 5396 * @param context a Keberos context. 5397 * @param id a keytab. 5398 * @param entry the entry to add 5399 * 5400 * @return Return an error code or 0, see krb5_get_error_message(). 5401 * 5402 * @ingroup krb5_keytab 5403 */ 5404 5405KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5406krb5_kt_add_entry ( 5407 krb5_context context, 5408 krb5_keytab id, 5409 krb5_keytab_entry *entry); 5410 5411/** 5412 * Finish using the keytab in `id'. All resources will be released, 5413 * even on errors. 5414 * 5415 * @param context a Keberos context. 5416 * @param id keytab to close. 5417 * 5418 * @return Return an error code or 0, see krb5_get_error_message(). 5419 * 5420 * @ingroup krb5_keytab 5421 */ 5422 5423KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5424krb5_kt_close ( 5425 krb5_context context, 5426 krb5_keytab id); 5427 5428/** 5429 * Compare `entry' against `principal, vno, enctype'. 5430 * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. 5431 * Return TRUE if they compare the same, FALSE otherwise. 5432 * 5433 * @param context a Keberos context. 5434 * @param entry an entry to match with. 5435 * @param principal principal to match, NULL matches all principals. 5436 * @param vno key version to match, 0 matches all key version numbers. 5437 * @param enctype encryption type to match, 0 matches all encryption types. 5438 * 5439 * @return Return TRUE or match, FALSE if not matched. 5440 * 5441 * @ingroup krb5_keytab 5442 */ 5443 5444KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5445krb5_kt_compare ( 5446 krb5_context context, 5447 krb5_keytab_entry *entry, 5448 krb5_const_principal principal, 5449 krb5_kvno vno, 5450 krb5_enctype enctype); 5451 5452/** 5453 * Copy the contents of `in' into `out'. 5454 * 5455 * @param context a Keberos context. 5456 * @param in the keytab entry to copy. 5457 * @param out the copy of the keytab entry, free with krb5_kt_free_entry(). 5458 * 5459 * @return Return an error code or 0, see krb5_get_error_message(). 5460 * 5461 * @ingroup krb5_keytab 5462 */ 5463 5464KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5465krb5_kt_copy_entry_contents ( 5466 krb5_context context, 5467 const krb5_keytab_entry *in, 5468 krb5_keytab_entry *out); 5469 5470/** 5471 * Set `id' to the default keytab. 5472 * 5473 * @param context a Keberos context. 5474 * @param id the new default keytab. 5475 * 5476 * @return Return an error code or 0, see krb5_get_error_message(). 5477 * 5478 * @ingroup krb5_keytab 5479 */ 5480 5481KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5482krb5_kt_default ( 5483 krb5_context context, 5484 krb5_keytab *id); 5485 5486/** 5487 * Copy the name of the default modify keytab into `name'. 5488 * 5489 * @param context a Keberos context. 5490 * @param name buffer where the name will be written 5491 * @param namesize length of name 5492 * 5493 * @return Return an error code or 0, see krb5_get_error_message(). 5494 * 5495 * @ingroup krb5_keytab 5496 */ 5497 5498KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5499krb5_kt_default_modify_name ( 5500 krb5_context context, 5501 char *name, 5502 size_t namesize); 5503 5504/** 5505 * copy the name of the default keytab into `name'. 5506 * 5507 * @param context a Keberos context. 5508 * @param name buffer where the name will be written 5509 * @param namesize length of name 5510 * 5511 * @return Return an error code or 0, see krb5_get_error_message(). 5512 * 5513 * @ingroup krb5_keytab 5514 */ 5515 5516KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5517krb5_kt_default_name ( 5518 krb5_context context, 5519 char *name, 5520 size_t namesize); 5521 5522/** 5523 * Destroy (remove) the keytab in `id'. All resources will be released, 5524 * even on errors, does the equvalment of krb5_kt_close() on the resources. 5525 * 5526 * @param context a Keberos context. 5527 * @param id keytab to destroy. 5528 * 5529 * @return Return an error code or 0, see krb5_get_error_message(). 5530 * 5531 * @ingroup krb5_keytab 5532 */ 5533 5534KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5535krb5_kt_destroy ( 5536 krb5_context context, 5537 krb5_keytab id); 5538 5539/** 5540 * Release all resources associated with `cursor'. 5541 * 5542 * @param context a Keberos context. 5543 * @param id a keytab. 5544 * @param cursor the cursor to free. 5545 * 5546 * @return Return an error code or 0, see krb5_get_error_message(). 5547 * 5548 * @ingroup krb5_keytab 5549 */ 5550 5551KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5552krb5_kt_end_seq_get ( 5553 krb5_context context, 5554 krb5_keytab id, 5555 krb5_kt_cursor *cursor); 5556 5557/** 5558 * Free the contents of `entry'. 5559 * 5560 * @param context a Keberos context. 5561 * @param entry the entry to free 5562 * 5563 * @return Return an error code or 0, see krb5_get_error_message(). 5564 * 5565 * @ingroup krb5_keytab 5566 */ 5567 5568KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5569krb5_kt_free_entry ( 5570 krb5_context context, 5571 krb5_keytab_entry *entry); 5572 5573/** 5574 * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' 5575 * from the keytab `id'. Matching is done like krb5_kt_compare(). 5576 * 5577 * @param context a Keberos context. 5578 * @param id a keytab. 5579 * @param principal principal to match, NULL matches all principals. 5580 * @param kvno key version to match, 0 matches all key version numbers. 5581 * @param enctype encryption type to match, 0 matches all encryption types. 5582 * @param entry the returned entry, free with krb5_kt_free_entry(). 5583 * 5584 * @return Return an error code or 0, see krb5_get_error_message(). 5585 * 5586 * @ingroup krb5_keytab 5587 */ 5588 5589KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5590krb5_kt_get_entry ( 5591 krb5_context context, 5592 krb5_keytab id, 5593 krb5_const_principal principal, 5594 krb5_kvno kvno, 5595 krb5_enctype enctype, 5596 krb5_keytab_entry *entry); 5597 5598/** 5599 * Retrieve the full name of the keytab `keytab' and store the name in 5600 * `str'. 5601 * 5602 * @param context a Keberos context. 5603 * @param keytab keytab to get name for. 5604 * @param str the name of the keytab name, usee krb5_xfree() to free 5605 * the string. On error, *str is set to NULL. 5606 * 5607 * @return Return an error code or 0, see krb5_get_error_message(). 5608 * 5609 * @ingroup krb5_keytab 5610 */ 5611 5612KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5613krb5_kt_get_full_name ( 5614 krb5_context context, 5615 krb5_keytab keytab, 5616 char **str); 5617 5618/** 5619 * Retrieve the name of the keytab `keytab' into `name', `namesize' 5620 * 5621 * @param context a Keberos context. 5622 * @param keytab the keytab to get the name for. 5623 * @param name name buffer. 5624 * @param namesize size of name buffer. 5625 * 5626 * @return Return an error code or 0, see krb5_get_error_message(). 5627 * 5628 * @ingroup krb5_keytab 5629 */ 5630 5631KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5632krb5_kt_get_name ( 5633 krb5_context context, 5634 krb5_keytab keytab, 5635 char *name, 5636 size_t namesize); 5637 5638/** 5639 * Return the type of the `keytab' in the string `prefix of length 5640 * `prefixsize'. 5641 * 5642 * @param context a Keberos context. 5643 * @param keytab the keytab to get the prefix for 5644 * @param prefix prefix buffer 5645 * @param prefixsize length of prefix buffer 5646 * 5647 * @return Return an error code or 0, see krb5_get_error_message(). 5648 * 5649 * @ingroup krb5_keytab 5650 */ 5651 5652KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5653krb5_kt_get_type ( 5654 krb5_context context, 5655 krb5_keytab keytab, 5656 char *prefix, 5657 size_t prefixsize); 5658 5659/** 5660 * Return true if the keytab exists and have entries 5661 * 5662 * @param context a Keberos context. 5663 * @param id a keytab. 5664 * 5665 * @return Return an error code or 0, see krb5_get_error_message(). 5666 * 5667 * @ingroup krb5_keytab 5668 */ 5669 5670KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5671krb5_kt_have_content ( 5672 krb5_context context, 5673 krb5_keytab id); 5674 5675/** 5676 * Get the next entry from keytab, advance the cursor. On last entry 5677 * the function will return KRB5_KT_END. 5678 * 5679 * @param context a Keberos context. 5680 * @param id a keytab. 5681 * @param entry the returned entry, free with krb5_kt_free_entry(). 5682 * @param cursor the cursor of the iteration. 5683 * 5684 * @return Return an error code or 0, see krb5_get_error_message(). 5685 * 5686 * @ingroup krb5_keytab 5687 */ 5688 5689KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5690krb5_kt_next_entry ( 5691 krb5_context context, 5692 krb5_keytab id, 5693 krb5_keytab_entry *entry, 5694 krb5_kt_cursor *cursor); 5695 5696/** 5697 * Read the key identified by `(principal, vno, enctype)' from the 5698 * keytab in `keyprocarg' (the default if == NULL) into `*key'. 5699 * 5700 * @param context a Keberos context. 5701 * @param keyprocarg key proc argument 5702 * @param principal principal to find 5703 * @param vno its kvno to search for 5704 * @param enctype the encrypt to search for 5705 * @param key return key, free with krb5_free_keyblock() 5706 * 5707 * @return Return an error code or 0, see krb5_get_error_message(). 5708 * 5709 * @ingroup krb5_keytab 5710 */ 5711 5712KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5713krb5_kt_read_service_key ( 5714 krb5_context context, 5715 krb5_pointer keyprocarg, 5716 krb5_principal principal, 5717 krb5_kvno vno, 5718 krb5_enctype enctype, 5719 krb5_keyblock **key); 5720 5721/** 5722 * Register a new keytab backend. 5723 * 5724 * @param context a Keberos context. 5725 * @param ops a backend to register. 5726 * 5727 * @return Return an error code or 0, see krb5_get_error_message(). 5728 * 5729 * @ingroup krb5_keytab 5730 */ 5731 5732KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5733krb5_kt_register ( 5734 krb5_context context, 5735 const krb5_kt_ops *ops); 5736 5737/** 5738 * Remove an entry from the keytab, matching is done using 5739 * krb5_kt_compare(). 5740 5741 * @param context a Keberos context. 5742 * @param id a keytab. 5743 * @param entry the entry to remove 5744 * 5745 * @return Return an error code or 0, see krb5_get_error_message(). 5746 * 5747 * @ingroup krb5_keytab 5748 */ 5749 5750KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5751krb5_kt_remove_entry ( 5752 krb5_context context, 5753 krb5_keytab id, 5754 krb5_keytab_entry *entry); 5755 5756/** 5757 * Resolve the keytab name (of the form `type:residual') in `name' 5758 * into a keytab in `id'. 5759 * 5760 * @param context a Keberos context. 5761 * @param name name to resolve 5762 * @param id resulting keytab, free with krb5_kt_close(). 5763 * 5764 * @return Return an error code or 0, see krb5_get_error_message(). 5765 * 5766 * @ingroup krb5_keytab 5767 */ 5768 5769KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5770krb5_kt_resolve ( 5771 krb5_context context, 5772 const char *name, 5773 krb5_keytab *id); 5774 5775/** 5776 * Set `cursor' to point at the beginning of `id'. 5777 * 5778 * @param context a Keberos context. 5779 * @param id a keytab. 5780 * @param cursor a newly allocated cursor, free with krb5_kt_end_seq_get(). 5781 * 5782 * @return Return an error code or 0, see krb5_get_error_message(). 5783 * 5784 * @ingroup krb5_keytab 5785 */ 5786 5787KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5788krb5_kt_start_seq_get ( 5789 krb5_context context, 5790 krb5_keytab id, 5791 krb5_kt_cursor *cursor); 5792 5793/** 5794 * This function takes the name of a local user and checks if 5795 * principal is allowed to log in as that user. 5796 * 5797 * The user may have a ~/.k5login file listing principals that are 5798 * allowed to login as that user. If that file does not exist, all 5799 * principals with a first component identical to the username, and a 5800 * realm considered local, are allowed access. 5801 * 5802 * The .k5login file must contain one principal per line, be owned by 5803 * user and not be writable by group or other (but must be readable by 5804 * anyone). 5805 * 5806 * Note that if the file exists, no implicit access rights are given 5807 * to user@@LOCALREALM. 5808 * 5809 * Optionally, a set of files may be put in ~/.k5login.d (a 5810 * directory), in which case they will all be checked in the same 5811 * manner as .k5login. The files may be called anything, but files 5812 * starting with a hash (#) , or ending with a tilde (~) are 5813 * ignored. Subdirectories are not traversed. Note that this directory 5814 * may not be checked by other Kerberos implementations. 5815 * 5816 * If no configuration file exists, match user against local domains, 5817 * ie luser@@LOCAL-REALMS-IN-CONFIGURATION-FILES. 5818 * 5819 * @param context Kerberos 5 context. 5820 * @param principal principal to check if allowed to login 5821 * @param luser local user id 5822 * 5823 * @return returns TRUE if access should be granted, FALSE otherwise. 5824 * 5825 * @ingroup krb5_support 5826 */ 5827 5828KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5829krb5_kuserok ( 5830 krb5_context context, 5831 krb5_principal principal, 5832 const char *luser); 5833 5834void 5835krb5_load_plugins ( 5836 krb5_context context, 5837 const char *name, 5838 const char **paths); 5839 5840KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5841krb5_log ( 5842 krb5_context context, 5843 krb5_log_facility *fac, 5844 int level, 5845 const char *fmt, 5846 ...) 5847 HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 5)); 5848 5849KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5850krb5_log_msg ( 5851 krb5_context context, 5852 krb5_log_facility *fac, 5853 int level, 5854 char **reply, 5855 const char *fmt, 5856 ...) 5857 HEIMDAL_PRINTF_ATTRIBUTE((printf, 5, 6)); 5858 5859/** 5860 * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) 5861 * 5862 * @param context a Keberos context 5863 * @param res built address from addr/port 5864 * @param addr address to use 5865 * @param port port to use 5866 * 5867 * @return Return an error code or 0. 5868 * 5869 * @ingroup krb5_address 5870 */ 5871 5872KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5873krb5_make_addrport ( 5874 krb5_context context, 5875 krb5_address **res, 5876 const krb5_address *addr, 5877 int16_t port); 5878 5879/** 5880 * Build a principal using vararg style building 5881 * 5882 * @param context A Kerberos context. 5883 * @param principal returned principal 5884 * @param realm realm name 5885 * @param ... a list of components ended with NULL. 5886 * 5887 * @return An krb5 error code, see krb5_get_error_message(). 5888 * 5889 * @ingroup krb5_principal 5890 */ 5891 5892KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5893krb5_make_principal ( 5894 krb5_context context, 5895 krb5_principal *principal, 5896 krb5_const_realm realm, 5897 ...); 5898 5899/** 5900 * krb5_max_sockaddr_size returns the max size of the .Li struct 5901 * sockaddr that the Kerberos library will return. 5902 * 5903 * @return Return an size_t of the maximum struct sockaddr. 5904 * 5905 * @ingroup krb5_address 5906 */ 5907 5908KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 5909krb5_max_sockaddr_size (void); 5910 5911KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5912krb5_mk_error ( 5913 krb5_context context, 5914 krb5_error_code error_code, 5915 const char *e_text, 5916 const krb5_data *e_data, 5917 const krb5_principal client, 5918 const krb5_principal server, 5919 time_t *client_time, 5920 int *client_usec, 5921 krb5_data *reply); 5922 5923KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5924krb5_mk_priv ( 5925 krb5_context context, 5926 krb5_auth_context auth_context, 5927 const krb5_data *userdata, 5928 krb5_data *outbuf, 5929 krb5_replay_data *outdata); 5930 5931KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5932krb5_mk_rep ( 5933 krb5_context context, 5934 krb5_auth_context auth_context, 5935 krb5_data *outbuf); 5936 5937KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5938krb5_mk_req ( 5939 krb5_context context, 5940 krb5_auth_context *auth_context, 5941 const krb5_flags ap_req_options, 5942 const char *service, 5943 const char *hostname, 5944 krb5_data *in_data, 5945 krb5_ccache ccache, 5946 krb5_data *outbuf); 5947 5948KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5949krb5_mk_req_exact ( 5950 krb5_context context, 5951 krb5_auth_context *auth_context, 5952 const krb5_flags ap_req_options, 5953 const krb5_principal server, 5954 krb5_data *in_data, 5955 krb5_ccache ccache, 5956 krb5_data *outbuf); 5957 5958KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5959krb5_mk_req_extended ( 5960 krb5_context context, 5961 krb5_auth_context *auth_context, 5962 const krb5_flags ap_req_options, 5963 krb5_data *in_data, 5964 krb5_creds *in_creds, 5965 krb5_data *outbuf); 5966 5967KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5968krb5_mk_safe ( 5969 krb5_context context, 5970 krb5_auth_context auth_context, 5971 const krb5_data *userdata, 5972 krb5_data *outbuf, 5973 krb5_replay_data *outdata); 5974 5975KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5976krb5_net_read ( 5977 krb5_context context, 5978 void *p_fd, 5979 void *buf, 5980 size_t len); 5981 5982KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5983krb5_net_write ( 5984 krb5_context context, 5985 void *p_fd, 5986 const void *buf, 5987 size_t len); 5988 5989KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5990krb5_net_write_block ( 5991 krb5_context context, 5992 void *p_fd, 5993 const void *buf, 5994 size_t len, 5995 time_t timeout); 5996 5997KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5998krb5_ntlm_alloc ( 5999 krb5_context context, 6000 krb5_ntlm *ntlm); 6001 6002KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6003krb5_ntlm_free ( 6004 krb5_context context, 6005 krb5_ntlm ntlm); 6006 6007KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6008krb5_ntlm_init_get_challange ( 6009 krb5_context context, 6010 krb5_ntlm ntlm, 6011 krb5_data *challenge); 6012 6013KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6014krb5_ntlm_init_get_flags ( 6015 krb5_context context, 6016 krb5_ntlm ntlm, 6017 uint32_t *flags); 6018 6019KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6020krb5_ntlm_init_get_opaque ( 6021 krb5_context context, 6022 krb5_ntlm ntlm, 6023 krb5_data *opaque); 6024 6025KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6026krb5_ntlm_init_get_targetinfo ( 6027 krb5_context context, 6028 krb5_ntlm ntlm, 6029 krb5_data *data); 6030 6031KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6032krb5_ntlm_init_get_targetname ( 6033 krb5_context context, 6034 krb5_ntlm ntlm, 6035 char **name); 6036 6037KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6038krb5_ntlm_init_request ( 6039 krb5_context context, 6040 krb5_ntlm ntlm, 6041 krb5_realm realm, 6042 krb5_ccache ccache, 6043 uint32_t flags, 6044 const char *hostname, 6045 const char *domainname); 6046 6047KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6048krb5_ntlm_rep_get_sessionkey ( 6049 krb5_context context, 6050 krb5_ntlm ntlm, 6051 krb5_data *data); 6052 6053KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6054krb5_ntlm_rep_get_status ( 6055 krb5_context context, 6056 krb5_ntlm ntlm); 6057 6058KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6059krb5_ntlm_req_set_flags ( 6060 krb5_context context, 6061 krb5_ntlm ntlm, 6062 uint32_t flags); 6063 6064KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6065krb5_ntlm_req_set_lm ( 6066 krb5_context context, 6067 krb5_ntlm ntlm, 6068 void *hash, 6069 size_t len); 6070 6071KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6072krb5_ntlm_req_set_ntlm ( 6073 krb5_context context, 6074 krb5_ntlm ntlm, 6075 void *hash, 6076 size_t len); 6077 6078KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6079krb5_ntlm_req_set_opaque ( 6080 krb5_context context, 6081 krb5_ntlm ntlm, 6082 krb5_data *opaque); 6083 6084KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6085krb5_ntlm_req_set_session ( 6086 krb5_context context, 6087 krb5_ntlm ntlm, 6088 void *sessionkey, 6089 size_t length); 6090 6091KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6092krb5_ntlm_req_set_targetname ( 6093 krb5_context context, 6094 krb5_ntlm ntlm, 6095 const char *targetname); 6096 6097KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6098krb5_ntlm_req_set_username ( 6099 krb5_context context, 6100 krb5_ntlm ntlm, 6101 const char *username); 6102 6103KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6104krb5_ntlm_request ( 6105 krb5_context context, 6106 krb5_ntlm ntlm, 6107 krb5_realm realm, 6108 krb5_ccache ccache); 6109 6110KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6111krb5_openlog ( 6112 krb5_context context, 6113 const char *program, 6114 krb5_log_facility **fac); 6115 6116KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6117krb5_pac_add_buffer ( 6118 krb5_context context, 6119 krb5_pac p, 6120 uint32_t type, 6121 const krb5_data *data); 6122 6123/** 6124 * Free the windows PAC 6125 * 6126 * @param context Kerberos 5 context. 6127 * @param pac the pac structure returned by krb5_pac_parse() and others 6128 * 6129 * @ingroup krb5_pac 6130 */ 6131 6132KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6133krb5_pac_free ( 6134 krb5_context context, 6135 krb5_pac pac); 6136 6137/** 6138 * Get the PAC buffer of specific type from the pac. 6139 * 6140 * @param context Kerberos 5 context. 6141 * @param p the pac structure returned by krb5_pac_parse(). 6142 * @param type type of buffer to get 6143 * @param data return data, free with krb5_data_free(). 6144 * 6145 * @return Returns 0 to indicate success. Otherwise an kerberos et 6146 * error code is returned, see krb5_get_error_message(). 6147 * 6148 * @ingroup krb5_pac 6149 */ 6150 6151KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6152krb5_pac_get_buffer ( 6153 krb5_context context, 6154 krb5_pac p, 6155 uint32_t type, 6156 krb5_data *data); 6157 6158KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6159krb5_pac_get_types ( 6160 krb5_context context, 6161 krb5_pac p, 6162 size_t *len, 6163 uint32_t **types); 6164 6165KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6166krb5_pac_init ( 6167 krb5_context context, 6168 krb5_pac *pac); 6169 6170KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6171krb5_pac_parse ( 6172 krb5_context context, 6173 const void *ptr, 6174 size_t len, 6175 krb5_pac *pac); 6176 6177/** 6178 * Verify the PAC. 6179 * 6180 * @param context Kerberos 5 context. 6181 * @param pac the pac structure returned by krb5_pac_parse(). 6182 * @param authtime The time of the ticket the PAC belongs to. 6183 * @param principal the principal to verify. 6184 * @param server The service key, most always be given. 6185 * @param privsvr The KDC key, may be given. 6186 6187 * @return Returns 0 to indicate success. Otherwise an kerberos et 6188 * error code is returned, see krb5_get_error_message(). 6189 * 6190 * @ingroup krb5_pac 6191 */ 6192 6193KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6194krb5_pac_verify ( 6195 krb5_context context, 6196 const krb5_pac pac, 6197 time_t authtime, 6198 krb5_const_principal principal, 6199 const krb5_keyblock *server, 6200 const krb5_keyblock *privsvr); 6201 6202KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6203krb5_padata_add ( 6204 krb5_context context, 6205 METHOD_DATA *md, 6206 int type, 6207 void *buf, 6208 size_t len); 6209 6210/** 6211 * krb5_parse_address returns the resolved hostname in string to the 6212 * krb5_addresses addresses . 6213 * 6214 * @param context a Keberos context 6215 * @param string string to parse as an address 6216 * @param addresses return address, free with krb5_free_addresses() 6217 * 6218 * @return Return an error code or 0. 6219 * 6220 * @ingroup krb5_address 6221 */ 6222 6223KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6224krb5_parse_address ( 6225 krb5_context context, 6226 const char *string, 6227 krb5_addresses *addresses); 6228 6229/** 6230 * Parse a name into a krb5_principal structure 6231 * 6232 * @param context Kerberos 5 context 6233 * @param name name to parse into a Kerberos principal 6234 * @param principal returned principal, free with krb5_free_principal(). 6235 * 6236 * @return An krb5 error code, see krb5_get_error_message(). 6237 * 6238 * @ingroup krb5_principal 6239 */ 6240 6241KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6242krb5_parse_name ( 6243 krb5_context context, 6244 const char *name, 6245 krb5_principal *principal); 6246 6247/** 6248 * Parse a name into a krb5_principal structure, flags controls the behavior. 6249 * 6250 * @param context Kerberos 5 context 6251 * @param name name to parse into a Kerberos principal 6252 * @param flags flags to control the behavior 6253 * @param principal returned principal, free with krb5_free_principal(). 6254 * 6255 * @return An krb5 error code, see krb5_get_error_message(). 6256 * 6257 * @ingroup krb5_principal 6258 */ 6259 6260KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6261krb5_parse_name_flags ( 6262 krb5_context context, 6263 const char *name, 6264 int flags, 6265 krb5_principal *principal); 6266 6267/** 6268 * Parse nametype string and return a nametype integer 6269 * 6270 * @ingroup krb5_principal 6271 */ 6272 6273KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6274krb5_parse_nametype ( 6275 krb5_context context, 6276 const char *str, 6277 int32_t *nametype); 6278 6279KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6280krb5_passwd_result_to_string ( 6281 krb5_context context, 6282 int result); 6283 6284/** 6285 * Deprecated: use krb5_get_init_creds() and friends. 6286 * 6287 * @ingroup krb5_deprecated 6288 */ 6289 6290KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 6291krb5_password_key_proc ( 6292 krb5_context context, 6293 krb5_enctype type, 6294 krb5_salt salt, 6295 krb5_const_pointer keyseed, 6296 krb5_keyblock **key) 6297 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6298 6299KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6300krb5_pk_enterprise_cert ( 6301 krb5_context context, 6302 const char *user_id, 6303 krb5_const_realm realm, 6304 krb5_principal *principal, 6305 struct hx509_cert_data **res); 6306 6307/** 6308 * Register a plugin symbol name of specific type. 6309 * @param context a Keberos context 6310 * @param type type of plugin symbol 6311 * @param name name of plugin symbol 6312 * @param symbol a pointer to the named symbol 6313 * @return In case of error a non zero error com_err error is returned 6314 * and the Kerberos error string is set. 6315 * 6316 * @ingroup krb5_support 6317 */ 6318 6319KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6320krb5_plugin_register ( 6321 krb5_context context, 6322 enum krb5_plugin_type type, 6323 const char *name, 6324 void *symbol); 6325 6326krb5_error_code 6327krb5_plugin_run_f ( 6328 krb5_context context, 6329 const char *module, 6330 const char *name, 6331 int min_version, 6332 int flags, 6333 void *userctx, 6334 krb5_error_code (*func)(krb5_context, const void *, void *, void *)); 6335 6336KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6337krb5_prepend_config_files ( 6338 const char *filelist, 6339 char **pq, 6340 char ***ret_pp); 6341 6342/** 6343 * Prepend the filename to the global configuration list. 6344 * 6345 * @param filelist a filename to add to the default list of filename 6346 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 6347 * 6348 * @return Returns 0 to indicate success. Otherwise an kerberos et 6349 * error code is returned, see krb5_get_error_message(). 6350 * 6351 * @ingroup krb5 6352 */ 6353 6354KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6355krb5_prepend_config_files_default ( 6356 const char *filelist, 6357 char ***pfilenames); 6358 6359/** 6360 * Prepend the context full error string for a specific error code. 6361 * The error that is stored should be internationalized. 6362 * 6363 * The if context is NULL, no error string is stored. 6364 * 6365 * @param context Kerberos 5 context 6366 * @param ret The error code 6367 * @param fmt Error string for the error code 6368 * @param ... printf(3) style parameters. 6369 * 6370 * @ingroup krb5_error 6371 */ 6372 6373KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6374krb5_prepend_error_message ( 6375 krb5_context context, 6376 krb5_error_code ret, 6377 const char *fmt, 6378 ...) 6379 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)); 6380 6381/** 6382 * Deprecated: use krb5_principal_get_realm() 6383 * 6384 * @ingroup krb5_deprecated 6385 */ 6386 6387KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL 6388krb5_princ_realm ( 6389 krb5_context context, 6390 krb5_principal principal) 6391 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6392 6393/** 6394 * Deprecated: use krb5_principal_set_realm() 6395 * 6396 * @ingroup krb5_deprecated 6397 */ 6398 6399KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6400krb5_princ_set_realm ( 6401 krb5_context context, 6402 krb5_principal principal, 6403 krb5_realm *realm) 6404 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6405 6406/** 6407 * Compares the two principals, including realm of the principals and returns 6408 * TRUE if they are the same and FALSE if not. 6409 * 6410 * @param context Kerberos 5 context 6411 * @param princ1 first principal to compare 6412 * @param princ2 second principal to compare 6413 * 6414 * @ingroup krb5_principal 6415 * @see krb5_principal_compare_any_realm() 6416 * @see krb5_realm_compare() 6417 */ 6418 6419KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6420krb5_principal_compare ( 6421 krb5_context context, 6422 krb5_const_principal princ1, 6423 krb5_const_principal princ2); 6424 6425/** 6426 * Return TRUE iff princ1 == princ2 (without considering the realm) 6427 * 6428 * @param context Kerberos 5 context 6429 * @param princ1 first principal to compare 6430 * @param princ2 second principal to compare 6431 * 6432 * @return non zero if equal, 0 if not 6433 * 6434 * @ingroup krb5_principal 6435 * @see krb5_principal_compare() 6436 * @see krb5_realm_compare() 6437 */ 6438 6439KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6440krb5_principal_compare_any_realm ( 6441 krb5_context context, 6442 krb5_const_principal princ1, 6443 krb5_const_principal princ2); 6444 6445KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6446krb5_principal_get_comp_string ( 6447 krb5_context context, 6448 krb5_const_principal principal, 6449 unsigned int component); 6450 6451/** 6452 * Get number of component is principal. 6453 * 6454 * @param context Kerberos 5 context 6455 * @param principal principal to query 6456 * 6457 * @return number of components in string 6458 * 6459 * @ingroup krb5_principal 6460 */ 6461 6462KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL 6463krb5_principal_get_num_comp ( 6464 krb5_context context, 6465 krb5_const_principal principal); 6466 6467/** 6468 * Get the realm of the principal 6469 * 6470 * @param context A Kerberos context. 6471 * @param principal principal to get the realm for 6472 * 6473 * @return realm of the principal, don't free or use after krb5_principal is freed 6474 * 6475 * @ingroup krb5_principal 6476 */ 6477 6478KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6479krb5_principal_get_realm ( 6480 krb5_context context, 6481 krb5_const_principal principal); 6482 6483/** 6484 * Get the type of the principal 6485 * 6486 * @param context A Kerberos context. 6487 * @param principal principal to get the type for 6488 * 6489 * @return the type of principal 6490 * 6491 * @ingroup krb5_principal 6492 */ 6493 6494KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6495krb5_principal_get_type ( 6496 krb5_context context, 6497 krb5_const_principal principal); 6498 6499/** 6500 * Returns true iff name is an WELLKNOWN:ORG.H5L.HOSTBASED-SERVICE 6501 * 6502 * @ingroup krb5_principal 6503 */ 6504 6505krb5_boolean KRB5_LIB_FUNCTION 6506krb5_principal_is_gss_hostbased_service ( 6507 krb5_context context, 6508 krb5_const_principal principal); 6509 6510/** 6511 * Check if the cname part of the principal is a krbtgt principal 6512 * 6513 * @ingroup krb5_principal 6514 */ 6515 6516KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6517krb5_principal_is_krbtgt ( 6518 krb5_context context, 6519 krb5_const_principal p); 6520 6521/** 6522 * Returns true if name is Kerberos an LKDC realm 6523 * 6524 * @ingroup krb5_principal 6525 */ 6526 6527krb5_boolean KRB5_LIB_FUNCTION 6528krb5_principal_is_lkdc ( 6529 krb5_context context, 6530 krb5_const_principal principal); 6531 6532/** 6533 * Returns true if name is Kerberos NULL name 6534 * 6535 * @ingroup krb5_principal 6536 */ 6537 6538krb5_boolean KRB5_LIB_FUNCTION 6539krb5_principal_is_null ( 6540 krb5_context context, 6541 krb5_const_principal principal); 6542 6543/** 6544 * Returns true if name is Kerberos an LKDC realm 6545 * 6546 * @ingroup krb5_principal 6547 */ 6548 6549krb5_boolean KRB5_LIB_FUNCTION 6550krb5_principal_is_pku2u ( 6551 krb5_context context, 6552 krb5_const_principal principal); 6553 6554/** 6555 * Check if the cname part of the principal is a initial or renewed krbtgt principal 6556 * 6557 * @ingroup krb5_principal 6558 */ 6559 6560krb5_boolean KRB5_LIB_FUNCTION 6561krb5_principal_is_root_krbtgt ( 6562 krb5_context context, 6563 krb5_const_principal p); 6564 6565/** 6566 * return TRUE iff princ matches pattern 6567 * 6568 * @ingroup krb5_principal 6569 */ 6570 6571KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6572krb5_principal_match ( 6573 krb5_context context, 6574 krb5_const_principal princ, 6575 krb5_const_principal pattern); 6576 6577/** 6578 * Set a new realm for a principal, and as a side-effect free the 6579 * previous realm. 6580 * 6581 * @param context A Kerberos context. 6582 * @param principal principal set the realm for 6583 * @param realm the new realm to set 6584 * 6585 * @return An krb5 error code, see krb5_get_error_message(). 6586 * 6587 * @ingroup krb5_principal 6588 */ 6589 6590KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6591krb5_principal_set_realm ( 6592 krb5_context context, 6593 krb5_principal principal, 6594 krb5_const_realm realm); 6595 6596/** 6597 * Set the type of the principal 6598 * 6599 * @param context A Kerberos context. 6600 * @param principal principal to set the type for 6601 * @param type the new type 6602 * 6603 * @ingroup krb5_principal 6604 */ 6605 6606KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6607krb5_principal_set_type ( 6608 krb5_context context, 6609 krb5_principal principal, 6610 int type); 6611 6612/** 6613 * krb5_print_address prints the address in addr to the string string 6614 * that have the length len. If ret_len is not NULL, it will be filled 6615 * with the length of the string if size were unlimited (not including 6616 * the final NUL) . 6617 * 6618 * @param addr address to be printed 6619 * @param str pointer string to print the address into 6620 * @param len length that will fit into area pointed to by "str". 6621 * @param ret_len return length the str. 6622 * 6623 * @return Return an error code or 0. 6624 * 6625 * @ingroup krb5_address 6626 */ 6627 6628KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6629krb5_print_address ( 6630 const krb5_address *addr, 6631 char *str, 6632 size_t len, 6633 size_t *ret_len); 6634 6635krb5_error_code 6636krb5_process_last_request ( 6637 krb5_context context, 6638 krb5_get_init_creds_opt *options, 6639 krb5_init_creds_context ctx); 6640 6641KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6642krb5_program_setup ( 6643 krb5_context *context, 6644 int argc, 6645 char **argv, 6646 struct getargs *args, 6647 int num_args, 6648 void (KRB5_LIB_CALL *usage)(int, struct getargs*, int)); 6649 6650KRB5_LIB_FUNCTION int KRB5_CALLCONV 6651krb5_prompter_posix ( 6652 krb5_context context, 6653 void *data, 6654 const char *name, 6655 const char *banner, 6656 int num_prompts, 6657 krb5_prompt prompts[]); 6658 6659KRB5_LIB_FUNCTION int KRB5_CALLCONV 6660krb5_prompter_print_only ( 6661 krb5_context context, 6662 void *data, 6663 const char *name, 6664 const char *banner, 6665 int num_prompts, 6666 krb5_prompt prompts[]); 6667 6668/** 6669 * Converts the random bytestring to a protocol key according to 6670 * Kerberos crypto frame work. It may be assumed that all the bits of 6671 * the input string are equally random, even though the entropy 6672 * present in the random source may be limited. 6673 * 6674 * @param context Kerberos 5 context 6675 * @param type the enctype resulting key will be of 6676 * @param data input random data to convert to a key 6677 * @param size size of input random data, at least krb5_enctype_keysize() long 6678 * @param key key, output key, free with krb5_free_keyblock_contents() 6679 * 6680 * @return Return an error code or 0. 6681 * 6682 * @ingroup krb5_crypto 6683 */ 6684 6685KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6686krb5_random_to_key ( 6687 krb5_context context, 6688 krb5_enctype type, 6689 const void *data, 6690 size_t size, 6691 krb5_keyblock *key); 6692 6693KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6694krb5_rc_close ( 6695 krb5_context context, 6696 krb5_rcache id); 6697 6698KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6699krb5_rc_default ( 6700 krb5_context context, 6701 krb5_rcache *id); 6702 6703KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6704krb5_rc_default_name (krb5_context context); 6705 6706KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6707krb5_rc_default_type (krb5_context context); 6708 6709KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6710krb5_rc_destroy ( 6711 krb5_context context, 6712 krb5_rcache id); 6713 6714KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6715krb5_rc_expunge ( 6716 krb5_context context, 6717 krb5_rcache id); 6718 6719KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6720krb5_rc_get_lifespan ( 6721 krb5_context context, 6722 krb5_rcache id, 6723 krb5_deltat *auth_lifespan); 6724 6725KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6726krb5_rc_get_name ( 6727 krb5_context context, 6728 krb5_rcache id); 6729 6730KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6731krb5_rc_get_type ( 6732 krb5_context context, 6733 krb5_rcache id); 6734 6735KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6736krb5_rc_initialize ( 6737 krb5_context context, 6738 krb5_rcache id, 6739 krb5_deltat auth_lifespan); 6740 6741KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6742krb5_rc_recover ( 6743 krb5_context context, 6744 krb5_rcache id); 6745 6746KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6747krb5_rc_resolve ( 6748 krb5_context context, 6749 krb5_rcache id, 6750 const char *name); 6751 6752KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6753krb5_rc_resolve_full ( 6754 krb5_context context, 6755 krb5_rcache *id, 6756 const char *string_name); 6757 6758KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6759krb5_rc_resolve_type ( 6760 krb5_context context, 6761 krb5_rcache *id, 6762 const char *type); 6763 6764KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6765krb5_rc_store ( 6766 krb5_context context, 6767 krb5_rcache id, 6768 krb5_donot_replay *rep); 6769 6770KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6771krb5_rd_cred ( 6772 krb5_context context, 6773 krb5_auth_context auth_context, 6774 krb5_data *in_data, 6775 krb5_creds ***ret_creds, 6776 krb5_replay_data *outdata); 6777 6778KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6779krb5_rd_cred2 ( 6780 krb5_context context, 6781 krb5_auth_context auth_context, 6782 krb5_ccache ccache, 6783 krb5_data *in_data); 6784 6785KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6786krb5_rd_error ( 6787 krb5_context context, 6788 const krb5_data *msg, 6789 KRB_ERROR *result); 6790 6791KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6792krb5_rd_priv ( 6793 krb5_context context, 6794 krb5_auth_context auth_context, 6795 const krb5_data *inbuf, 6796 krb5_data *outbuf, 6797 krb5_replay_data *outdata); 6798 6799KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6800krb5_rd_rep ( 6801 krb5_context context, 6802 krb5_auth_context auth_context, 6803 const krb5_data *inbuf, 6804 krb5_ap_rep_enc_part **repl); 6805 6806KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6807krb5_rd_req ( 6808 krb5_context context, 6809 krb5_auth_context *auth_context, 6810 const krb5_data *inbuf, 6811 krb5_const_principal server, 6812 krb5_keytab keytab, 6813 krb5_flags *ap_req_options, 6814 krb5_ticket **ticket); 6815 6816/** 6817 * The core server function that verify application authentication 6818 * requests from clients. 6819 * 6820 * @param context Keberos 5 context. 6821 * @param auth_context the authentication context, can be NULL, then 6822 * default values for the authentication context will used. 6823 * @param inbuf the (AP-REQ) authentication buffer 6824 * 6825 * @param server the server with authenticate as, if NULL the function 6826 * will try to find any available credential in the keytab 6827 * that will verify the reply. The function will prefer the 6828 * server the server client specified in the AP-REQ, but if 6829 * there is no mach, it will try all keytab entries for a 6830 * match. This have serious performance issues for larger keytabs. 6831 * 6832 * @param inctx control the behavior of the function, if NULL, the 6833 * default behavior is used. 6834 * @param outctx the return outctx, free with krb5_rd_req_out_ctx_free(). 6835 * @return Kerberos 5 error code, see krb5_get_error_message(). 6836 * 6837 * @ingroup krb5_auth 6838 */ 6839 6840KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6841krb5_rd_req_ctx ( 6842 krb5_context context, 6843 krb5_auth_context *auth_context, 6844 const krb5_data *inbuf, 6845 krb5_const_principal server, 6846 krb5_rd_req_in_ctx inctx, 6847 krb5_rd_req_out_ctx *outctx); 6848 6849/** 6850 * Allocate a krb5_rd_req_in_ctx as an input parameter to 6851 * krb5_rd_req_ctx(). The caller should free the context with 6852 * krb5_rd_req_in_ctx_free() when done with the context. 6853 * 6854 * @param context Keberos 5 context. 6855 * @param ctx in ctx to krb5_rd_req_ctx(). 6856 * 6857 * @return Kerberos 5 error code, see krb5_get_error_message(). 6858 * 6859 * @ingroup krb5_auth 6860 */ 6861 6862KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6863krb5_rd_req_in_ctx_alloc ( 6864 krb5_context context, 6865 krb5_rd_req_in_ctx *ctx); 6866 6867KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6868krb5_rd_req_in_ctx_free ( 6869 krb5_context context, 6870 krb5_rd_req_in_ctx ctx); 6871 6872KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6873krb5_rd_req_in_set_keyblock ( 6874 krb5_context context, 6875 krb5_rd_req_in_ctx in, 6876 krb5_keyblock *keyblock); 6877 6878/** 6879 * Set the keytab that krb5_rd_req_ctx() will use. 6880 * 6881 * @param context Keberos 5 context. 6882 * @param in in ctx to krb5_rd_req_ctx(). 6883 * @param keytab keytab that krb5_rd_req_ctx() will use, only copy the 6884 * pointer, so the caller must free they keytab after 6885 * krb5_rd_req_in_ctx_free() is called. 6886 * 6887 * @return Kerberos 5 error code, see krb5_get_error_message(). 6888 * 6889 * @ingroup krb5_auth 6890 */ 6891 6892KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6893krb5_rd_req_in_set_keytab ( 6894 krb5_context context, 6895 krb5_rd_req_in_ctx in, 6896 krb5_keytab keytab); 6897 6898/** 6899 * Set if krb5_rq_red() is going to check the Windows PAC or not 6900 * 6901 * @param context Keberos 5 context. 6902 * @param in krb5_rd_req_in_ctx to check the option on. 6903 * @param flag flag to select if to check the pac (TRUE) or not (FALSE). 6904 * 6905 * @return Kerberos 5 error code, see krb5_get_error_message(). 6906 * 6907 * @ingroup krb5_auth 6908 */ 6909 6910KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6911krb5_rd_req_in_set_pac_check ( 6912 krb5_context context, 6913 krb5_rd_req_in_ctx in, 6914 krb5_boolean flag); 6915 6916/** 6917 * Free the krb5_rd_req_out_ctx. 6918 * 6919 * @param context Keberos 5 context. 6920 * @param ctx krb5_rd_req_out_ctx context to free. 6921 * 6922 * @ingroup krb5_auth 6923 */ 6924 6925KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6926krb5_rd_req_out_ctx_free ( 6927 krb5_context context, 6928 krb5_rd_req_out_ctx ctx); 6929 6930KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6931krb5_rd_req_out_get_ap_req_options ( 6932 krb5_context context, 6933 krb5_rd_req_out_ctx out, 6934 krb5_flags *ap_req_options); 6935 6936int KRB5_LIB_FUNCTION 6937krb5_rd_req_out_get_flags ( 6938 krb5_context context, 6939 krb5_rd_req_out_ctx ctx); 6940 6941KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6942krb5_rd_req_out_get_keyblock ( 6943 krb5_context context, 6944 krb5_rd_req_out_ctx out, 6945 krb5_keyblock **keyblock); 6946 6947/** 6948 * Get the principal that was used in the request from the 6949 * client. Might not match whats in the ticket if krb5_rd_req_ctx() 6950 * searched in the keytab for a matching key. 6951 * 6952 * @param context a Kerberos 5 context. 6953 * @param out a krb5_rd_req_out_ctx from krb5_rd_req_ctx(). 6954 * @param principal return principal, free with krb5_free_principal(). 6955 * 6956 * @ingroup krb5_auth 6957 */ 6958 6959KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6960krb5_rd_req_out_get_server ( 6961 krb5_context context, 6962 krb5_rd_req_out_ctx out, 6963 krb5_principal *principal); 6964 6965KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6966krb5_rd_req_out_get_ticket ( 6967 krb5_context context, 6968 krb5_rd_req_out_ctx out, 6969 krb5_ticket **ticket); 6970 6971KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6972krb5_rd_req_with_keyblock ( 6973 krb5_context context, 6974 krb5_auth_context *auth_context, 6975 const krb5_data *inbuf, 6976 krb5_const_principal server, 6977 krb5_keyblock *keyblock, 6978 krb5_flags *ap_req_options, 6979 krb5_ticket **ticket); 6980 6981KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6982krb5_rd_safe ( 6983 krb5_context context, 6984 krb5_auth_context auth_context, 6985 const krb5_data *inbuf, 6986 krb5_data *outbuf, 6987 krb5_replay_data *outdata); 6988 6989KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6990krb5_read_message ( 6991 krb5_context context, 6992 krb5_pointer p_fd, 6993 krb5_data *data); 6994 6995KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6996krb5_read_priv_message ( 6997 krb5_context context, 6998 krb5_auth_context ac, 6999 krb5_pointer p_fd, 7000 krb5_data *data); 7001 7002KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7003krb5_read_safe_message ( 7004 krb5_context context, 7005 krb5_auth_context ac, 7006 krb5_pointer p_fd, 7007 krb5_data *data); 7008 7009/** 7010 * return TRUE iff realm(princ1) == realm(princ2) 7011 * 7012 * @param context Kerberos 5 context 7013 * @param princ1 first principal to compare 7014 * @param princ2 second principal to compare 7015 * 7016 * @ingroup krb5_principal 7017 * @see krb5_principal_compare_any_realm() 7018 * @see krb5_principal_compare() 7019 */ 7020 7021KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7022krb5_realm_compare ( 7023 krb5_context context, 7024 krb5_const_principal princ1, 7025 krb5_const_principal princ2); 7026 7027/** 7028 * Returns true if name is Kerberos an LKDC realm 7029 * 7030 * @ingroup krb5_principal 7031 */ 7032 7033krb5_boolean KRB5_LIB_FUNCTION 7034krb5_realm_is_lkdc (const char *realm); 7035 7036KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7037krb5_recvauth ( 7038 krb5_context context, 7039 krb5_auth_context *auth_context, 7040 krb5_pointer p_fd, 7041 const char *appl_version, 7042 krb5_principal server, 7043 int32_t flags, 7044 krb5_keytab keytab, 7045 krb5_ticket **ticket); 7046 7047KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7048krb5_recvauth_match_version ( 7049 krb5_context context, 7050 krb5_auth_context *auth_context, 7051 krb5_pointer p_fd, 7052 krb5_boolean (*match_appl_version)(const void *, const char*), 7053 const void *match_data, 7054 krb5_principal server, 7055 int32_t flags, 7056 krb5_keytab keytab, 7057 krb5_ticket **ticket); 7058 7059/** 7060 * Reload the configuration files that was used last time, used when 7061 * they might have changed. Will only reload if know for sure that the 7062 * files need to be reloaded. 7063 * 7064 * @param context the krb5 context to reload 7065 * @param flags flag field, pass 0 for now 7066 * @param reread the configuration file was re-read, 7067 * NULL is valid if the caller doesn't want to 7068 * know if it was re-read or not. 7069 * 7070 * @return Returns 0 to indicate success. Otherwise an kerberos et 7071 * error code is returned, see krb5_get_error_message(). 7072 * 7073 * @ingroup krb5 7074 */ 7075 7076krb5_error_code 7077krb5_reload_config ( 7078 krb5_context context, 7079 unsigned flags, 7080 krb5_boolean *reread); 7081 7082/** 7083 * Read a address block from the storage. 7084 * 7085 * @param sp the storage buffer to write to 7086 * @param adr the address block read from storage 7087 * 7088 * @return 0 on success, a Kerberos 5 error code on failure. 7089 * 7090 * @ingroup krb5_storage 7091 */ 7092 7093KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7094krb5_ret_address ( 7095 krb5_storage *sp, 7096 krb5_address *adr); 7097 7098/** 7099 * Read a addresses block from the storage. 7100 * 7101 * @param sp the storage buffer to write to 7102 * @param adr the addresses block read from storage 7103 * 7104 * @return 0 on success, a Kerberos 5 error code on failure. 7105 * 7106 * @ingroup krb5_storage 7107 */ 7108 7109KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7110krb5_ret_addrs ( 7111 krb5_storage *sp, 7112 krb5_addresses *adr); 7113 7114/** 7115 * Read a auth data from the storage. 7116 * 7117 * @param sp the storage buffer to write to 7118 * @param auth the auth data block read from storage 7119 * 7120 * @return 0 on success, a Kerberos 5 error code on failure. 7121 * 7122 * @ingroup krb5_storage 7123 */ 7124 7125KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7126krb5_ret_authdata ( 7127 krb5_storage *sp, 7128 krb5_authdata *auth); 7129 7130/** 7131 * Read a credentials block from the storage. 7132 * 7133 * @param sp the storage buffer to write to 7134 * @param creds the credentials block read from storage 7135 * 7136 * @return 0 on success, a Kerberos 5 error code on failure. 7137 * 7138 * @ingroup krb5_storage 7139 */ 7140 7141KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7142krb5_ret_creds ( 7143 krb5_storage *sp, 7144 krb5_creds *creds); 7145 7146/** 7147 * Read a tagged credentials block from the storage. 7148 * 7149 * @param sp the storage buffer to write to 7150 * @param creds the credentials block read from storage 7151 * 7152 * @return 0 on success, a Kerberos 5 error code on failure. 7153 * 7154 * @ingroup krb5_storage 7155 */ 7156 7157KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7158krb5_ret_creds_tag ( 7159 krb5_storage *sp, 7160 krb5_creds *creds); 7161 7162/** 7163 * Parse a data from the storage. 7164 * 7165 * @param sp the storage buffer to read from 7166 * @param data the parsed data 7167 * 7168 * @return 0 on success, a Kerberos 5 error code on failure. 7169 * 7170 * @ingroup krb5_storage 7171 */ 7172 7173KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7174krb5_ret_data ( 7175 krb5_storage *sp, 7176 krb5_data *data); 7177 7178/** 7179 * Read a int16 from storage, byte order is controlled by the settings 7180 * on the storage, see krb5_storage_set_byteorder(). 7181 * 7182 * @param sp the storage to write too 7183 * @param value the value read from the buffer 7184 * 7185 * @return 0 for success, or a Kerberos 5 error code on failure. 7186 * 7187 * @ingroup krb5_storage 7188 */ 7189 7190KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7191krb5_ret_int16 ( 7192 krb5_storage *sp, 7193 int16_t *value); 7194 7195/** 7196 * Read a int32 from storage, byte order is controlled by the settings 7197 * on the storage, see krb5_storage_set_byteorder(). 7198 * 7199 * @param sp the storage to write too 7200 * @param value the value read from the buffer 7201 * 7202 * @return 0 for success, or a Kerberos 5 error code on failure. 7203 * 7204 * @ingroup krb5_storage 7205 */ 7206 7207KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7208krb5_ret_int32 ( 7209 krb5_storage *sp, 7210 int32_t *value); 7211 7212/** 7213 * Read a int8 from storage 7214 * 7215 * @param sp the storage to write too 7216 * @param value the value read from the buffer 7217 * 7218 * @return 0 for success, or a Kerberos 5 error code on failure. 7219 * 7220 * @ingroup krb5_storage 7221 */ 7222 7223KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7224krb5_ret_int8 ( 7225 krb5_storage *sp, 7226 int8_t *value); 7227 7228/** 7229 * Read a keyblock from the storage. 7230 * 7231 * @param sp the storage buffer to write to 7232 * @param p the keyblock read from storage, free using krb5_free_keyblock() 7233 * 7234 * @return 0 on success, a Kerberos 5 error code on failure. 7235 * 7236 * @ingroup krb5_storage 7237 */ 7238 7239KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7240krb5_ret_keyblock ( 7241 krb5_storage *sp, 7242 krb5_keyblock *p); 7243 7244/** 7245 * Parse principal from the storage. 7246 * 7247 * @param sp the storage buffer to read from 7248 * @param princ the parsed principal 7249 * 7250 * @return 0 on success, a Kerberos 5 error code on failure. 7251 * 7252 * @ingroup krb5_storage 7253 */ 7254 7255KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7256krb5_ret_principal ( 7257 krb5_storage *sp, 7258 krb5_principal *princ); 7259 7260/** 7261 * Parse a string from the storage. 7262 * 7263 * @param sp the storage buffer to read from 7264 * @param string the parsed string 7265 * 7266 * @return 0 on success, a Kerberos 5 error code on failure. 7267 * 7268 * @ingroup krb5_storage 7269 */ 7270 7271KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7272krb5_ret_string ( 7273 krb5_storage *sp, 7274 char **string); 7275 7276KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7277krb5_ret_stringnl ( 7278 krb5_storage *sp, 7279 char **string); 7280 7281/** 7282 * Parse zero terminated string from the storage. 7283 * 7284 * @param sp the storage buffer to read from 7285 * @param string the parsed string 7286 * 7287 * @return 0 on success, a Kerberos 5 error code on failure. 7288 * 7289 * @ingroup krb5_storage 7290 */ 7291 7292KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7293krb5_ret_stringz ( 7294 krb5_storage *sp, 7295 char **string); 7296 7297/** 7298 * Read a times block from the storage. 7299 * 7300 * @param sp the storage buffer to write to 7301 * @param times the times block read from storage 7302 * 7303 * @return 0 on success, a Kerberos 5 error code on failure. 7304 * 7305 * @ingroup krb5_storage 7306 */ 7307 7308KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7309krb5_ret_times ( 7310 krb5_storage *sp, 7311 krb5_times *times); 7312 7313/** 7314 * Read a int16 from storage, byte order is controlled by the settings 7315 * on the storage, see krb5_storage_set_byteorder(). 7316 * 7317 * @param sp the storage to write too 7318 * @param value the value read from the buffer 7319 * 7320 * @return 0 for success, or a Kerberos 5 error code on failure. 7321 * 7322 * @ingroup krb5_storage 7323 */ 7324 7325KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7326krb5_ret_uint16 ( 7327 krb5_storage *sp, 7328 uint16_t *value); 7329 7330/** 7331 * Read a uint32 from storage, byte order is controlled by the settings 7332 * on the storage, see krb5_storage_set_byteorder(). 7333 * 7334 * @param sp the storage to write too 7335 * @param value the value read from the buffer 7336 * 7337 * @return 0 for success, or a Kerberos 5 error code on failure. 7338 * 7339 * @ingroup krb5_storage 7340 */ 7341 7342KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7343krb5_ret_uint32 ( 7344 krb5_storage *sp, 7345 uint32_t *value); 7346 7347/** 7348 * Read a uint8 from storage 7349 * 7350 * @param sp the storage to write too 7351 * @param value the value read from the buffer 7352 * 7353 * @return 0 for success, or a Kerberos 5 error code on failure. 7354 * 7355 * @ingroup krb5_storage 7356 */ 7357 7358KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7359krb5_ret_uint8 ( 7360 krb5_storage *sp, 7361 uint8_t *value); 7362 7363krb5_error_code 7364krb5_ret_uuid ( 7365 krb5_storage *sp, 7366 krb5_uuid uuid); 7367 7368KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7369krb5_salttype_to_string ( 7370 krb5_context context, 7371 krb5_enctype etype, 7372 krb5_salttype stype, 7373 char **string); 7374 7375KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7376krb5_sendauth ( 7377 krb5_context context, 7378 krb5_auth_context *auth_context, 7379 krb5_pointer p_fd, 7380 const char *appl_version, 7381 krb5_principal client, 7382 krb5_principal server, 7383 krb5_flags ap_req_options, 7384 krb5_data *in_data, 7385 krb5_creds *in_creds, 7386 krb5_ccache ccache, 7387 krb5_error **ret_error, 7388 krb5_ap_rep_enc_part **rep_result, 7389 krb5_creds **out_creds); 7390 7391KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7392krb5_sendto ( 7393 krb5_context context, 7394 const krb5_data *send_data, 7395 krb5_krbhst_handle handle, 7396 krb5_data *receive); 7397 7398KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7399krb5_sendto_context ( 7400 krb5_context context, 7401 krb5_sendto_ctx ctx, 7402 const krb5_data *send_data, 7403 krb5_const_realm realm, 7404 krb5_data *receive); 7405 7406KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7407krb5_sendto_ctx_add_flags ( 7408 krb5_sendto_ctx ctx, 7409 int flags); 7410 7411/** 7412 * @section send_to_kdc Locating and sending packets to the KDC 7413 * 7414 * The send to kdc code is responsible to request the list of KDC from 7415 * the locate-kdc subsystem and then send requests to each of them. 7416 * 7417 * - Each second a new hostname is tried. 7418 * - If the hostname have several addresses, the first will be tried 7419 * directly then in turn the other will be tried every 3 seconds 7420 * (host_timeout). 7421 * - UDP requests are tried 3 times (ntries), and it tried with a individual timeout of kdc_timeout / ntries. 7422 * - TCP and HTTP requests are tried 1 time. 7423 * 7424 * Total wait time is (number of addresses * 3) + kdc_timeout seconds. 7425 * 7426 */ 7427 7428KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7429krb5_sendto_ctx_alloc ( 7430 krb5_context context, 7431 krb5_sendto_ctx *ctx); 7432 7433KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7434krb5_sendto_ctx_free ( 7435 krb5_context context, 7436 krb5_sendto_ctx ctx); 7437 7438KRB5_LIB_FUNCTION int KRB5_LIB_CALL 7439krb5_sendto_ctx_get_flags (krb5_sendto_ctx ctx); 7440 7441KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7442krb5_sendto_ctx_set_func ( 7443 krb5_sendto_ctx ctx, 7444 krb5_sendto_ctx_func func, 7445 void *data); 7446 7447KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7448krb5_sendto_ctx_set_type ( 7449 krb5_sendto_ctx ctx, 7450 int type); 7451 7452KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7453krb5_sendto_kdc ( 7454 krb5_context context, 7455 const krb5_data *send_data, 7456 const krb5_realm *realm, 7457 krb5_data *receive); 7458 7459KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7460krb5_sendto_kdc_flags ( 7461 krb5_context context, 7462 const krb5_data *send_data, 7463 const krb5_realm *realm, 7464 krb5_data *receive, 7465 int flags); 7466 7467KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7468krb5_sendto_set_hostname ( 7469 krb5_context context, 7470 krb5_sendto_ctx ctx, 7471 const char *hostname); 7472 7473/** 7474 * Reinit the context from a new set of filenames. 7475 * 7476 * @param context context to add configuration too. 7477 * @param filenames array of filenames, end of list is indicated with a NULL filename. 7478 * 7479 * @return Returns 0 to indicate success. Otherwise an kerberos et 7480 * error code is returned, see krb5_get_error_message(). 7481 * 7482 * @ingroup krb5 7483 */ 7484 7485KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7486krb5_set_config_files ( 7487 krb5_context context, 7488 char **filenames); 7489 7490/** 7491 * Set the default debug logging facility. 7492 * 7493 * @param context A Kerberos 5 context 7494 * @param fac Facility to use for logging. 7495 * 7496 * @ingroup krb5_error 7497 */ 7498 7499KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7500krb5_set_debug_dest ( 7501 krb5_context context, 7502 krb5_log_facility *fac); 7503 7504/** 7505 * Set the default encryption types that will be use in communcation 7506 * with the KDC, clients and servers. 7507 * 7508 * If any of the enctypes selected are not valid, they are removed out 7509 * from the list. If the list becomes empty because non of the 7510 * proposed enctypes are supported, KRB5_PROG_ETYPE_NOSUPP is 7511 * returned. 7512 * 7513 * @param context Kerberos 5 context. 7514 * @param etypes Encryption types, array terminated with ETYPE_NULL (0). 7515 * 7516 * @return Returns 0 to indicate success. Otherwise an kerberos et 7517 * error code is returned, see krb5_get_error_message(). 7518 * 7519 * @ingroup krb5 7520 */ 7521 7522KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7523krb5_set_default_in_tkt_etypes ( 7524 krb5_context context, 7525 const krb5_enctype *etypes); 7526 7527/** 7528 * Set the knowledge of the default realm(s) in context. 7529 * If realm is not NULL, that's the new default realm. 7530 * Otherwise, the realm(s) are figured out from plugin, configuration file or DNS. 7531 * 7532 * @param context Kerberos 5 context. 7533 * @param realm the new default realm or NULL for using configuration. 7534 7535 * @return Returns 0 to indicate success. Otherwise an kerberos et 7536 * error code is returned, see krb5_get_error_message(). 7537 * 7538 * @ingroup krb5 7539 */ 7540 7541KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7542krb5_set_default_realm ( 7543 krb5_context context, 7544 const char *realm); 7545 7546/** 7547 * Set if the library should use DNS to canonicalize hostnames. 7548 * 7549 * @param context Kerberos 5 context. 7550 * @param flag if its dns canonicalizion is used or not. 7551 * 7552 * @ingroup krb5 7553 */ 7554 7555KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7556krb5_set_dns_canonicalize_hostname ( 7557 krb5_context context, 7558 krb5_boolean flag); 7559 7560/** 7561 * Set the context full error string for a specific error code. 7562 * The error that is stored should be internationalized. 7563 * 7564 * The if context is NULL, no error string is stored. 7565 * 7566 * @param context Kerberos 5 context 7567 * @param ret The error code 7568 * @param fmt Error string for the error code 7569 * @param ... printf(3) style parameters. 7570 * 7571 * @ingroup krb5_error 7572 */ 7573 7574KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7575krb5_set_error_message ( 7576 krb5_context context, 7577 krb5_error_code ret, 7578 const char *fmt, 7579 ...) 7580 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)); 7581 7582/** 7583 * Set the error message returned by krb5_get_error_string(). 7584 * 7585 * Deprecated: use krb5_get_error_message() 7586 * 7587 * @param context Kerberos context 7588 * @param fmt error message to free 7589 * 7590 * @return Return an error code or 0. 7591 * 7592 * @ingroup krb5_deprecated 7593 */ 7594 7595KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7596krb5_set_error_string ( 7597 krb5_context context, 7598 const char *fmt, 7599 ...) 7600 KRB5_DEPRECATED_FUNCTION("Use X instead") HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)); 7601 7602/** 7603 * Set extra address to the address list that the library will add to 7604 * the client's address list when communicating with the KDC. 7605 * 7606 * @param context Kerberos 5 context. 7607 * @param addresses addreses to set 7608 * 7609 * @return Returns 0 to indicate success. Otherwise an kerberos et 7610 * error code is returned, see krb5_get_error_message(). 7611 * 7612 * @ingroup krb5 7613 */ 7614 7615KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7616krb5_set_extra_addresses ( 7617 krb5_context context, 7618 const krb5_addresses *addresses); 7619 7620/** 7621 * Set version of fcache that the library should use. 7622 * 7623 * @param context Kerberos 5 context. 7624 * @param version version number. 7625 * 7626 * @return Returns 0 to indicate success. Otherwise an kerberos et 7627 * error code is returned, see krb5_get_error_message(). 7628 * 7629 * @ingroup krb5 7630 */ 7631 7632KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7633krb5_set_fcache_version ( 7634 krb5_context context, 7635 int version); 7636 7637/** 7638 * Enable and disable home directory access on either the global state 7639 * or the krb5_context state. By calling krb5_set_home_dir_access() 7640 * with context set to NULL, the global state is configured otherwise 7641 * the state for the krb5_context is modified. 7642 * 7643 * For home directory access to be allowed, both the global state and 7644 * the krb5_context state have to be allowed. 7645 * 7646 * Administrator (root user), never uses the home directory. 7647 * 7648 * @param context a Kerberos 5 context or NULL 7649 * @param allow allow if TRUE home directory 7650 * @return the old value 7651 * 7652 * @ingroup krb5 7653 */ 7654 7655KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7656krb5_set_home_dir_access ( 7657 krb5_context context, 7658 krb5_boolean allow); 7659 7660/** 7661 * Set extra addresses to ignore when fetching addresses from the 7662 * underlaying operating system. 7663 * 7664 * @param context Kerberos 5 context. 7665 * @param addresses addreses to ignore 7666 * 7667 * @return Returns 0 to indicate success. Otherwise an kerberos et 7668 * error code is returned, see krb5_get_error_message(). 7669 * 7670 * @ingroup krb5 7671 */ 7672 7673KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7674krb5_set_ignore_addresses ( 7675 krb5_context context, 7676 const krb5_addresses *addresses); 7677 7678/** 7679 * Set current offset in time to the KDC. 7680 * 7681 * @param context Kerberos 5 context. 7682 * @param sec seconds part of offset. 7683 * @param usec micro seconds part of offset. 7684 * 7685 * @return returns zero 7686 * 7687 * @ingroup krb5 7688 */ 7689 7690KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7691krb5_set_kdc_sec_offset ( 7692 krb5_context context, 7693 int32_t sec, 7694 int32_t usec); 7695 7696/** 7697 * Set max time skew allowed. 7698 * 7699 * @param context Kerberos 5 context. 7700 * @param t timeskew in seconds. 7701 * 7702 * @ingroup krb5 7703 */ 7704 7705KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7706krb5_set_max_time_skew ( 7707 krb5_context context, 7708 time_t t); 7709 7710/** 7711 * Change password using creds. 7712 * 7713 * @param context a Keberos context 7714 * @param creds The initial kadmin/passwd for the principal or an admin principal 7715 * @param newpw The new password to set 7716 * @param targprinc For most callers should pass NULL in this 7717 * argument. Targprinc is the principal to change the password 7718 * for. This argument should only be set when you want to 7719 * change another Kerberos principal's password, ie you are an 7720 * admin. If NULL, the default authenticating principal in the 7721 * creds argument is used instead. 7722 * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. 7723 * @param result_code_string binary message from the server, contains 7724 * at least the result_code. 7725 * @param result_string A message from the kpasswd service or the 7726 * library in human printable form. The string is NUL terminated. 7727 * 7728 * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. 7729 7730 * @ingroup @krb5 7731 */ 7732 7733KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7734krb5_set_password ( 7735 krb5_context context, 7736 krb5_creds *creds, 7737 const char *newpw, 7738 krb5_principal targprinc, 7739 int *result_code, 7740 krb5_data *result_code_string, 7741 krb5_data *result_string); 7742 7743/** 7744 * Change password using a credential cache that contains an initial 7745 * credential or an admin credential. 7746 * 7747 * @param context a Keberos context 7748 * @param ccache the credential cache to use to find the 7749 * kadmin/changepw principal. 7750 * @param newpw The new password to set 7751 * @param targprinc For most callers should pass NULL in this 7752 * argument. Targprinc is the principal to change the password 7753 * for. This argument should only be set when you want to 7754 * change another Kerberos principal's password, ie you are an 7755 * admin. If NULL, the default authenticating principal in the 7756 * creds argument is used instead. 7757 * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. 7758 * @param result_code_string binary message from the server, contains 7759 * at least the result_code. 7760 * @param result_string A message from the kpasswd service or the 7761 * library in human printable form. The string is NUL terminated. 7762 * 7763 * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. 7764 * 7765 */ 7766 7767KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7768krb5_set_password_using_ccache ( 7769 krb5_context context, 7770 krb5_ccache ccache, 7771 const char *newpw, 7772 krb5_principal targprinc, 7773 int *result_code, 7774 krb5_data *result_code_string, 7775 krb5_data *result_string); 7776 7777/** 7778 * Set the absolute time that the caller knows the kdc has so the 7779 * kerberos library can calculate the relative diffrence beteen the 7780 * KDC time and local system time. 7781 * 7782 * @param context Keberos 5 context. 7783 * @param sec The applications new of "now" in seconds 7784 * @param usec The applications new of "now" in micro seconds 7785 7786 * @return Kerberos 5 error code, see krb5_get_error_message(). 7787 * 7788 * @ingroup krb5 7789 */ 7790 7791KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7792krb5_set_real_time ( 7793 krb5_context context, 7794 krb5_timestamp sec, 7795 int32_t usec); 7796 7797KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7798krb5_set_send_to_kdc_func ( 7799 krb5_context context, 7800 krb5_send_to_kdc_func func, 7801 void *data); 7802 7803/** 7804 * Make the kerberos library default to the admin KDC. 7805 * 7806 * @param context Kerberos 5 context. 7807 * @param flag boolean flag to select if the use the admin KDC or not. 7808 * 7809 * @ingroup krb5 7810 */ 7811 7812KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7813krb5_set_use_admin_kdc ( 7814 krb5_context context, 7815 krb5_boolean flag); 7816 7817/** 7818 * Set the default logging facility. 7819 * 7820 * @param context A Kerberos 5 context 7821 * @param fac Facility to use for logging. 7822 * 7823 * @ingroup krb5_error 7824 */ 7825 7826KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7827krb5_set_warn_dest ( 7828 krb5_context context, 7829 krb5_log_facility *fac); 7830 7831/** 7832 * Create a principal for the service running on hostname. If 7833 * KRB5_NT_SRV_HST is used, the hostname is canonization using DNS (or 7834 * some other service), this is potentially insecure. 7835 * 7836 * @param context A Kerberos context. 7837 * @param hostname hostname to use 7838 * @param sname Service name to use 7839 * @param type name type of pricipal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN. 7840 * @param ret_princ return principal, free with krb5_free_principal(). 7841 * 7842 * @return An krb5 error code, see krb5_get_error_message(). 7843 * 7844 * @ingroup krb5_principal 7845 */ 7846 7847KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7848krb5_sname_to_principal ( 7849 krb5_context context, 7850 const char *hostname, 7851 const char *sname, 7852 int32_t type, 7853 krb5_principal *ret_princ); 7854 7855KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7856krb5_sock_to_principal ( 7857 krb5_context context, 7858 int sock, 7859 const char *sname, 7860 int32_t type, 7861 krb5_principal *ret_princ); 7862 7863/** 7864 * krb5_sockaddr2address stores a address a "struct sockaddr" sa in 7865 * the krb5_address addr. 7866 * 7867 * @param context a Keberos context 7868 * @param sa a struct sockaddr to extract the address from 7869 * @param addr an Kerberos 5 address to store the address in. 7870 * 7871 * @return Return an error code or 0. 7872 * 7873 * @ingroup krb5_address 7874 */ 7875 7876KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7877krb5_sockaddr2address ( 7878 krb5_context context, 7879 const struct sockaddr *sa, 7880 krb5_address *addr); 7881 7882/** 7883 * krb5_sockaddr2port extracts a port (if possible) from a "struct 7884 * sockaddr. 7885 * 7886 * @param context a Keberos context 7887 * @param sa a struct sockaddr to extract the port from 7888 * @param port a pointer to an int16_t store the port in. 7889 * 7890 * @return Return an error code or 0. Will return 7891 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 7892 * 7893 * @ingroup krb5_address 7894 */ 7895 7896KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7897krb5_sockaddr2port ( 7898 krb5_context context, 7899 const struct sockaddr *sa, 7900 int16_t *port); 7901 7902KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7903krb5_sockaddr_is_loopback (const struct sockaddr *sa); 7904 7905/** 7906 * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the 7907 * kerberos library thinks are uninteresting. One example are link 7908 * local addresses. 7909 * 7910 * @param sa pointer to struct sockaddr that might be interesting. 7911 * 7912 * @return Return a non zero for uninteresting addresses. 7913 * 7914 * @ingroup krb5_address 7915 */ 7916 7917KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7918krb5_sockaddr_uninteresting (const struct sockaddr *sa); 7919 7920KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7921krb5_std_usage ( 7922 int code, 7923 struct getargs *args, 7924 int num_args); 7925 7926/** 7927 * Clear the flags on a storage buffer 7928 * 7929 * @param sp the storage buffer to clear the flags on 7930 * @param flags the flags to clear 7931 * 7932 * @ingroup krb5_storage 7933 */ 7934 7935KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7936krb5_storage_clear_flags ( 7937 krb5_storage *sp, 7938 krb5_flags flags); 7939 7940/** 7941 * Create a elastic (allocating) memory storage backend. Memory is 7942 * allocated on demand. Free returned krb5_storage with 7943 * krb5_storage_free(). 7944 * 7945 * @return A krb5_storage on success, or NULL on out of memory error. 7946 * 7947 * @ingroup krb5_storage 7948 * 7949 * @sa krb5_storage_from_mem() 7950 * @sa krb5_storage_from_readonly_mem() 7951 * @sa krb5_storage_from_fd() 7952 * @sa krb5_storage_from_data() 7953 */ 7954 7955KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7956krb5_storage_emem (void); 7957 7958/** 7959 * Free a krb5 storage. 7960 * 7961 * @param sp the storage to free. 7962 * 7963 * @return An Kerberos 5 error code. 7964 * 7965 * @ingroup krb5_storage 7966 */ 7967 7968KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7969krb5_storage_free (krb5_storage *sp); 7970 7971/** 7972 * Create a fixed size memory storage block 7973 * 7974 * @return A krb5_storage on success, or NULL on out of memory error. 7975 * 7976 * @ingroup krb5_storage 7977 * 7978 * @sa krb5_storage_mem() 7979 * @sa krb5_storage_from_mem() 7980 * @sa krb5_storage_from_readonly_mem() 7981 * @sa krb5_storage_from_fd() 7982 * @sa krb5_storage_from_mem_copy() 7983 */ 7984 7985KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7986krb5_storage_from_data (krb5_data *data); 7987 7988/** 7989 * 7990 * 7991 * @return A krb5_storage on success, or NULL on out of memory error. 7992 * 7993 * @ingroup krb5_storage 7994 * 7995 * @sa krb5_storage_emem() 7996 * @sa krb5_storage_from_mem() 7997 * @sa krb5_storage_from_readonly_mem() 7998 * @sa krb5_storage_from_data() 7999 */ 8000 8001KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8002krb5_storage_from_fd (krb5_socket_t fd_in); 8003 8004/** 8005 * Create a fixed size memory storage block 8006 * 8007 * @return A krb5_storage on success, or NULL on out of memory error. 8008 * 8009 * @ingroup krb5_storage 8010 * 8011 * @sa krb5_storage_emem() 8012 * @sa krb5_storage_from_readonly_mem() 8013 * @sa krb5_storage_from_data() 8014 * @sa krb5_storage_from_fd() 8015 * @sa krb5_storage_from_mem_copy() 8016 */ 8017 8018KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8019krb5_storage_from_mem ( 8020 void *buf, 8021 size_t len); 8022 8023/** 8024 * Create a copy of a memory and assign it to a storage block 8025 * 8026 * The input data buffer is copied and the orignal buffer can be freed 8027 * during the life the storage. 8028 * 8029 * @return A krb5_storage on success, or NULL on out of memory error. 8030 * 8031 * @ingroup krb5_storage 8032 * 8033 * @sa krb5_storage_emem() 8034 * @sa krb5_storage_from_mem() 8035 * @sa krb5_storage_from_data() 8036 * @sa krb5_storage_from_fd() 8037 */ 8038 8039krb5_storage * KRB5_LIB_FUNCTION 8040krb5_storage_from_mem_copy ( 8041 void *buf, 8042 size_t len); 8043 8044/** 8045 * Create a fixed size memory storage block that is read only 8046 * 8047 * @return A krb5_storage on success, or NULL on out of memory error. 8048 * 8049 * @ingroup krb5_storage 8050 * 8051 * @sa krb5_storage_emem() 8052 * @sa krb5_storage_from_mem() 8053 * @sa krb5_storage_from_data() 8054 * @sa krb5_storage_from_fd() 8055 * @sa krb5_storage_from_mem_copy() 8056 */ 8057 8058KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8059krb5_storage_from_readonly_mem ( 8060 const void *buf, 8061 size_t len); 8062 8063/** 8064 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants. 8065 * 8066 * @ingroup krb5_storage 8067 */ 8068 8069KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL 8070krb5_storage_get_byteorder (krb5_storage *sp); 8071 8072/** 8073 * Get the return code that will be used when end of storage is reached. 8074 * 8075 * @param sp the storage 8076 * 8077 * @return storage error code 8078 * 8079 * @ingroup krb5_storage 8080 */ 8081 8082KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8083krb5_storage_get_eof_code (krb5_storage *sp); 8084 8085/** 8086 * Return true or false depending on if the storage flags is set or 8087 * not. NB testing for the flag 0 always return true. 8088 * 8089 * @param sp the storage buffer to check flags on 8090 * @param flags The flags to test for 8091 * 8092 * @return true if all the flags are set, false if not. 8093 * 8094 * @ingroup krb5_storage 8095 */ 8096 8097KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 8098krb5_storage_is_flags ( 8099 krb5_storage *sp, 8100 krb5_flags flags); 8101 8102/** 8103 * Read to the storage buffer. 8104 * 8105 * @param sp the storage buffer to read from 8106 * @param buf the buffer to store the data in 8107 * @param len the length to read 8108 * 8109 * @return The length of data read (can be shorter then len), or negative on error. 8110 * 8111 * @ingroup krb5_storage 8112 */ 8113 8114KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 8115krb5_storage_read ( 8116 krb5_storage *sp, 8117 void *buf, 8118 size_t len); 8119 8120/** 8121 * Seek to a new offset. 8122 * 8123 * @param sp the storage buffer to seek in. 8124 * @param offset the offset to seek 8125 * @param whence relateive searching, SEEK_CUR from the current 8126 * position, SEEK_END from the end, SEEK_SET absolute from the start. 8127 * 8128 * @return The new current offset 8129 * 8130 * @ingroup krb5_storage 8131 */ 8132 8133KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL 8134krb5_storage_seek ( 8135 krb5_storage *sp, 8136 off_t offset, 8137 int whence); 8138 8139/** 8140 * Set the new byte order of the storage buffer. 8141 * 8142 * @param sp the storage buffer to set the byte order for. 8143 * @param byteorder the new byte order. 8144 * 8145 * The byte order are: KRB5_STORAGE_BYTEORDER_BE, 8146 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. 8147 * 8148 * @ingroup krb5_storage 8149 */ 8150 8151KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8152krb5_storage_set_byteorder ( 8153 krb5_storage *sp, 8154 krb5_flags byteorder); 8155 8156/** 8157 * Set the return code that will be used when end of storage is reached. 8158 * 8159 * @param sp the storage 8160 * @param code the error code to return on end of storage 8161 * 8162 * @ingroup krb5_storage 8163 */ 8164 8165KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8166krb5_storage_set_eof_code ( 8167 krb5_storage *sp, 8168 int code); 8169 8170/** 8171 * Add the flags on a storage buffer by or-ing in the flags to the buffer. 8172 * 8173 * @param sp the storage buffer to set the flags on 8174 * @param flags the flags to set 8175 * 8176 * @ingroup krb5_storage 8177 */ 8178 8179KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8180krb5_storage_set_flags ( 8181 krb5_storage *sp, 8182 krb5_flags flags); 8183 8184/** 8185 * Set the max alloc value 8186 * 8187 * @param sp the storage buffer set the max allow for 8188 * @param size maximum size to allocate, use 0 to remove limit 8189 * 8190 * @ingroup krb5_storage 8191 */ 8192 8193KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8194krb5_storage_set_max_alloc ( 8195 krb5_storage *sp, 8196 size_t size); 8197 8198/** 8199 * Copy the contnent of storage 8200 * 8201 * @param sp the storage to copy to a data 8202 * @param data the copied data, free with krb5_data_free() 8203 * 8204 * @return 0 for success, or a Kerberos 5 error code on failure. 8205 * 8206 * @ingroup krb5_storage 8207 */ 8208 8209KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8210krb5_storage_to_data ( 8211 krb5_storage *sp, 8212 krb5_data *data); 8213 8214/** 8215 * Truncate the storage buffer in sp to offset. 8216 * 8217 * @param sp the storage buffer to truncate. 8218 * @param offset the offset to truncate too. 8219 * 8220 * @return An Kerberos 5 error code. 8221 * 8222 * @ingroup krb5_storage 8223 */ 8224 8225KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8226krb5_storage_truncate ( 8227 krb5_storage *sp, 8228 off_t offset); 8229 8230/** 8231 * Write to the storage buffer. 8232 * 8233 * @param sp the storage buffer to write to 8234 * @param buf the buffer to write to the storage buffer 8235 * @param len the length to write 8236 * 8237 * @return The length of data written (can be shorter then len), or negative on error. 8238 * 8239 * @ingroup krb5_storage 8240 */ 8241 8242KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 8243krb5_storage_write ( 8244 krb5_storage *sp, 8245 const void *buf, 8246 size_t len); 8247 8248/** 8249 * Write a address block to storage. 8250 * 8251 * @param sp the storage buffer to write to 8252 * @param p the address block to write. 8253 * 8254 * @return 0 on success, a Kerberos 5 error code on failure. 8255 * 8256 * @ingroup krb5_storage 8257 */ 8258 8259KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8260krb5_store_address ( 8261 krb5_storage *sp, 8262 krb5_address p); 8263 8264/** 8265 * Write a addresses block to storage. 8266 * 8267 * @param sp the storage buffer to write to 8268 * @param p the addresses block to write. 8269 * 8270 * @return 0 on success, a Kerberos 5 error code on failure. 8271 * 8272 * @ingroup krb5_storage 8273 */ 8274 8275KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8276krb5_store_addrs ( 8277 krb5_storage *sp, 8278 krb5_addresses p); 8279 8280/** 8281 * Write a auth data block to storage. 8282 * 8283 * @param sp the storage buffer to write to 8284 * @param auth the auth data block to write. 8285 * 8286 * @return 0 on success, a Kerberos 5 error code on failure. 8287 * 8288 * @ingroup krb5_storage 8289 */ 8290 8291KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8292krb5_store_authdata ( 8293 krb5_storage *sp, 8294 krb5_authdata auth); 8295 8296/** 8297 * Write a credentials block to storage. 8298 * 8299 * @param sp the storage buffer to write to 8300 * @param creds the creds block to write. 8301 * 8302 * @return 0 on success, a Kerberos 5 error code on failure. 8303 * 8304 * @ingroup krb5_storage 8305 */ 8306 8307KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8308krb5_store_creds ( 8309 krb5_storage *sp, 8310 krb5_creds *creds); 8311 8312/** 8313 * Write a tagged credentials block to storage. 8314 * 8315 * @param sp the storage buffer to write to 8316 * @param creds the creds block to write. 8317 * 8318 * @return 0 on success, a Kerberos 5 error code on failure. 8319 * 8320 * @ingroup krb5_storage 8321 */ 8322 8323KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8324krb5_store_creds_tag ( 8325 krb5_storage *sp, 8326 krb5_creds *creds); 8327 8328/** 8329 * Store a data to the storage. The data is stored with an int32 as 8330 * lenght plus the data (not padded). 8331 * 8332 * @param sp the storage buffer to write to 8333 * @param data the buffer to store. 8334 * 8335 * @return 0 on success, a Kerberos 5 error code on failure. 8336 * 8337 * @ingroup krb5_storage 8338 */ 8339 8340KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8341krb5_store_data ( 8342 krb5_storage *sp, 8343 krb5_data data); 8344 8345/** 8346 * Store a int16 to storage, byte order is controlled by the settings 8347 * on the storage, see krb5_storage_set_byteorder(). 8348 * 8349 * @param sp the storage to write too 8350 * @param value the value to store 8351 * 8352 * @return 0 for success, or a Kerberos 5 error code on failure. 8353 * 8354 * @ingroup krb5_storage 8355 */ 8356 8357KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8358krb5_store_int16 ( 8359 krb5_storage *sp, 8360 int16_t value); 8361 8362/** 8363 * Store a int32 to storage, byte order is controlled by the settings 8364 * on the storage, see krb5_storage_set_byteorder(). 8365 * 8366 * @param sp the storage to write too 8367 * @param value the value to store 8368 * 8369 * @return 0 for success, or a Kerberos 5 error code on failure. 8370 * 8371 * @ingroup krb5_storage 8372 */ 8373 8374KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8375krb5_store_int32 ( 8376 krb5_storage *sp, 8377 int32_t value); 8378 8379/** 8380 * Store a int8 to storage. 8381 * 8382 * @param sp the storage to write too 8383 * @param value the value to store 8384 * 8385 * @return 0 for success, or a Kerberos 5 error code on failure. 8386 * 8387 * @ingroup krb5_storage 8388 */ 8389 8390KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8391krb5_store_int8 ( 8392 krb5_storage *sp, 8393 int8_t value); 8394 8395/** 8396 * Store a keyblock to the storage. 8397 * 8398 * @param sp the storage buffer to write to 8399 * @param p the keyblock to write 8400 * 8401 * @return 0 on success, a Kerberos 5 error code on failure. 8402 * 8403 * @ingroup krb5_storage 8404 */ 8405 8406KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8407krb5_store_keyblock ( 8408 krb5_storage *sp, 8409 krb5_keyblock p); 8410 8411/** 8412 * Write a principal block to storage. 8413 * 8414 * @param sp the storage buffer to write to 8415 * @param p the principal block to write. 8416 * 8417 * @return 0 on success, a Kerberos 5 error code on failure. 8418 * 8419 * @ingroup krb5_storage 8420 */ 8421 8422KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8423krb5_store_principal ( 8424 krb5_storage *sp, 8425 krb5_const_principal p); 8426 8427/** 8428 * Store a string to the buffer. The data is formated as an len:uint32 8429 * plus the string itself (not padded). 8430 * 8431 * @param sp the storage buffer to write to 8432 * @param s the string to store. 8433 * 8434 * @return 0 on success, a Kerberos 5 error code on failure. 8435 * 8436 * @ingroup krb5_storage 8437 */ 8438 8439KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8440krb5_store_string ( 8441 krb5_storage *sp, 8442 const char *s); 8443 8444KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8445krb5_store_stringnl ( 8446 krb5_storage *sp, 8447 const char *s); 8448 8449/** 8450 * Store a zero terminated string to the buffer. The data is stored 8451 * one character at a time until a NUL is stored. 8452 * 8453 * @param sp the storage buffer to write to 8454 * @param s the string to store. 8455 * 8456 * @return 0 on success, a Kerberos 5 error code on failure. 8457 * 8458 * @ingroup krb5_storage 8459 */ 8460 8461KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8462krb5_store_stringz ( 8463 krb5_storage *sp, 8464 const char *s); 8465 8466/** 8467 * Write a times block to storage. 8468 * 8469 * @param sp the storage buffer to write to 8470 * @param times the times block to write. 8471 * 8472 * @return 0 on success, a Kerberos 5 error code on failure. 8473 * 8474 * @ingroup krb5_storage 8475 */ 8476 8477KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8478krb5_store_times ( 8479 krb5_storage *sp, 8480 krb5_times times); 8481 8482/** 8483 * Store a uint16 to storage, byte order is controlled by the settings 8484 * on the storage, see krb5_storage_set_byteorder(). 8485 * 8486 * @param sp the storage to write too 8487 * @param value the value to store 8488 * 8489 * @return 0 for success, or a Kerberos 5 error code on failure. 8490 * 8491 * @ingroup krb5_storage 8492 */ 8493 8494KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8495krb5_store_uint16 ( 8496 krb5_storage *sp, 8497 uint16_t value); 8498 8499/** 8500 * Store a uint32 to storage, byte order is controlled by the settings 8501 * on the storage, see krb5_storage_set_byteorder(). 8502 * 8503 * @param sp the storage to write too 8504 * @param value the value to store 8505 * 8506 * @return 0 for success, or a Kerberos 5 error code on failure. 8507 * 8508 * @ingroup krb5_storage 8509 */ 8510 8511KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8512krb5_store_uint32 ( 8513 krb5_storage *sp, 8514 uint32_t value); 8515 8516/** 8517 * Store a uint8 to storage. 8518 * 8519 * @param sp the storage to write too 8520 * @param value the value to store 8521 * 8522 * @return 0 for success, or a Kerberos 5 error code on failure. 8523 * 8524 * @ingroup krb5_storage 8525 */ 8526 8527KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8528krb5_store_uint8 ( 8529 krb5_storage *sp, 8530 uint8_t value); 8531 8532krb5_error_code 8533krb5_store_uuid ( 8534 krb5_storage *sp, 8535 krb5_uuid uuid); 8536 8537KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8538krb5_string_to_deltat ( 8539 const char *string, 8540 krb5_deltat *deltat); 8541 8542KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8543krb5_string_to_enctype ( 8544 krb5_context context, 8545 const char *string, 8546 krb5_enctype *etype); 8547 8548KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8549krb5_string_to_key ( 8550 krb5_context context, 8551 krb5_enctype enctype, 8552 const char *password, 8553 krb5_principal principal, 8554 krb5_keyblock *key); 8555 8556KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8557krb5_string_to_key_data ( 8558 krb5_context context, 8559 krb5_enctype enctype, 8560 krb5_data password, 8561 krb5_principal principal, 8562 krb5_keyblock *key); 8563 8564KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8565krb5_string_to_key_data_salt ( 8566 krb5_context context, 8567 krb5_enctype enctype, 8568 krb5_data password, 8569 krb5_salt salt, 8570 krb5_keyblock *key); 8571 8572KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8573krb5_string_to_key_data_salt_opaque ( 8574 krb5_context context, 8575 krb5_enctype enctype, 8576 krb5_data password, 8577 krb5_salt salt, 8578 krb5_data opaque, 8579 krb5_keyblock *key); 8580 8581KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8582krb5_string_to_key_derived ( 8583 krb5_context context, 8584 const void *str, 8585 size_t len, 8586 krb5_enctype etype, 8587 krb5_keyblock *key); 8588 8589KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8590krb5_string_to_key_salt ( 8591 krb5_context context, 8592 krb5_enctype enctype, 8593 const char *password, 8594 krb5_salt salt, 8595 krb5_keyblock *key); 8596 8597KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8598krb5_string_to_key_salt_opaque ( 8599 krb5_context context, 8600 krb5_enctype enctype, 8601 const char *password, 8602 krb5_salt salt, 8603 krb5_data opaque, 8604 krb5_keyblock *key); 8605 8606/** 8607 * Deprecated: keytypes doesn't exists, they are really enctypes in 8608 * most cases, use krb5_string_to_enctype(). 8609 * 8610 * @ingroup krb5_deprecated 8611 */ 8612 8613KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8614krb5_string_to_keytype ( 8615 krb5_context context, 8616 const char *string, 8617 krb5_keytype *keytype) 8618 KRB5_DEPRECATED_FUNCTION("Use X instead"); 8619 8620KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8621krb5_string_to_salttype ( 8622 krb5_context context, 8623 krb5_enctype etype, 8624 const char *string, 8625 krb5_salttype *salttype); 8626 8627krb5_error_code KRB5_LIB_FUNCTION 8628krb5_string_to_uuid ( 8629 const char *str, 8630 krb5_uuid uuid); 8631 8632/** 8633 * Extract the authorization data type of type from the ticket. Store 8634 * the field in data. This function is to use for kerberos 8635 * applications. 8636 * 8637 * @param context a Kerberos 5 context 8638 * @param ticket Kerberos ticket 8639 * @param type type to fetch 8640 * @param data returned data, free with krb5_data_free() 8641 * 8642 * @ingroup krb5 8643 */ 8644 8645KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8646krb5_ticket_get_authorization_data_type ( 8647 krb5_context context, 8648 krb5_ticket *ticket, 8649 int type, 8650 krb5_data *data); 8651 8652/** 8653 * Return client principal in ticket 8654 * 8655 * @param context a Kerberos 5 context 8656 * @param ticket ticket to copy 8657 * @param client client principal, free with krb5_free_principal() 8658 * 8659 * @return Returns 0 to indicate success. Otherwise an kerberos et 8660 * error code is returned, see krb5_get_error_message(). 8661 * 8662 * @ingroup krb5 8663 */ 8664 8665KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8666krb5_ticket_get_client ( 8667 krb5_context context, 8668 const krb5_ticket *ticket, 8669 krb5_principal *client); 8670 8671/** 8672 * Return end time of ticket 8673 * 8674 * @param context a Kerberos 5 context 8675 * @param ticket ticket to copy 8676 * 8677 * @return end time of ticket 8678 * 8679 * @ingroup krb5 8680 */ 8681 8682KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 8683krb5_ticket_get_endtime ( 8684 krb5_context context, 8685 const krb5_ticket *ticket); 8686 8687/** 8688 * Get the flags from the Kerberos ticket 8689 * 8690 * @param context Kerberos context 8691 * @param ticket Kerberos ticket 8692 * 8693 * @return ticket flags 8694 * 8695 * @ingroup krb5_ticket 8696 */ 8697 8698KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 8699krb5_ticket_get_flags ( 8700 krb5_context context, 8701 const krb5_ticket *ticket); 8702 8703/** 8704 * Return server principal in ticket 8705 * 8706 * @param context a Kerberos 5 context 8707 * @param ticket ticket to copy 8708 * @param server server principal, free with krb5_free_principal() 8709 * 8710 * @return Returns 0 to indicate success. Otherwise an kerberos et 8711 * error code is returned, see krb5_get_error_message(). 8712 * 8713 * @ingroup krb5 8714 */ 8715 8716KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8717krb5_ticket_get_server ( 8718 krb5_context context, 8719 const krb5_ticket *ticket, 8720 krb5_principal *server); 8721 8722krb5_deltat 8723krb5_time_abs ( 8724 krb5_deltat t1, 8725 krb5_deltat t2); 8726 8727/** 8728 * If the caller passes in a negative usec, its assumed to be 8729 * unknown and the function will use the current time usec. 8730 */ 8731 8732KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8733krb5_timeofday ( 8734 krb5_context context, 8735 krb5_timestamp *timeret); 8736 8737/** 8738 * 8739 */ 8740 8741KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8742krb5_tkt_creds_free ( 8743 krb5_context context, 8744 krb5_tkt_creds_context ctx); 8745 8746/** 8747 * 8748 */ 8749 8750KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8751krb5_tkt_creds_get_creds ( 8752 krb5_context context, 8753 krb5_tkt_creds_context ctx, 8754 krb5_creds **cred); 8755 8756/** 8757 * Create a context for a credential fetching process 8758 */ 8759 8760KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8761krb5_tkt_creds_init ( 8762 krb5_context context, 8763 krb5_ccache ccache, 8764 krb5_creds *in_cred, 8765 krb5_flags options, 8766 krb5_tkt_creds_context *pctx); 8767 8768/** 8769 * Step though next step in the TGS-REP process 8770 * 8771 * Pointer returned in realm is valid to next call to 8772 * krb5_tkt_creds_step() or krb5_tkt_creds_free(). 8773 */ 8774 8775KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8776krb5_tkt_creds_step ( 8777 krb5_context context, 8778 krb5_tkt_creds_context ctx, 8779 krb5_data *in, 8780 krb5_data *out, 8781 krb5_realm *realm, 8782 unsigned int *flags); 8783 8784/** 8785 * Unparse the Kerberos name into a string 8786 * 8787 * @param context Kerberos 5 context 8788 * @param principal principal to query 8789 * @param name resulting string, free with krb5_xfree() 8790 * 8791 * @return An krb5 error code, see krb5_get_error_message(). 8792 * 8793 * @ingroup krb5_principal 8794 */ 8795 8796KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8797krb5_unparse_name ( 8798 krb5_context context, 8799 krb5_const_principal principal, 8800 char **name); 8801 8802/** 8803 * Unparse the principal name to a fixed buffer 8804 * 8805 * @param context A Kerberos context. 8806 * @param principal principal to unparse 8807 * @param name buffer to write name to 8808 * @param len length of buffer 8809 * 8810 * @return An krb5 error code, see krb5_get_error_message(). 8811 * 8812 * @ingroup krb5_principal 8813 */ 8814 8815KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8816krb5_unparse_name_fixed ( 8817 krb5_context context, 8818 krb5_const_principal principal, 8819 char *name, 8820 size_t len); 8821 8822/** 8823 * Unparse the principal name with unparse flags to a fixed buffer. 8824 * 8825 * @param context A Kerberos context. 8826 * @param principal principal to unparse 8827 * @param flags unparse flags 8828 * @param name buffer to write name to 8829 * @param len length of buffer 8830 * 8831 * @return An krb5 error code, see krb5_get_error_message(). 8832 * 8833 * @ingroup krb5_principal 8834 */ 8835 8836KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8837krb5_unparse_name_fixed_flags ( 8838 krb5_context context, 8839 krb5_const_principal principal, 8840 int flags, 8841 char *name, 8842 size_t len); 8843 8844/** 8845 * Unparse the principal name to a fixed buffer. The realm is skipped 8846 * if its a default realm. 8847 * 8848 * @param context A Kerberos context. 8849 * @param principal principal to unparse 8850 * @param name buffer to write name to 8851 * @param len length of buffer 8852 * 8853 * @return An krb5 error code, see krb5_get_error_message(). 8854 * 8855 * @ingroup krb5_principal 8856 */ 8857 8858KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8859krb5_unparse_name_fixed_short ( 8860 krb5_context context, 8861 krb5_const_principal principal, 8862 char *name, 8863 size_t len); 8864 8865/** 8866 * Unparse the Kerberos name into a string 8867 * 8868 * @param context Kerberos 5 context 8869 * @param principal principal to query 8870 * @param flags flag to determine the behavior 8871 * @param name resulting string, free with krb5_xfree() 8872 * 8873 * @return An krb5 error code, see krb5_get_error_message(). 8874 * 8875 * @ingroup krb5_principal 8876 */ 8877 8878KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8879krb5_unparse_name_flags ( 8880 krb5_context context, 8881 krb5_const_principal principal, 8882 int flags, 8883 char **name); 8884 8885/** 8886 * Unparse the principal name to a allocated buffer. The realm is 8887 * skipped if its a default realm. 8888 * 8889 * @param context A Kerberos context. 8890 * @param principal principal to unparse 8891 * @param name returned buffer, free with krb5_xfree() 8892 * 8893 * @return An krb5 error code, see krb5_get_error_message(). 8894 * 8895 * @ingroup krb5_principal 8896 */ 8897 8898KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8899krb5_unparse_name_short ( 8900 krb5_context context, 8901 krb5_const_principal principal, 8902 char **name); 8903 8904KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8905krb5_us_timeofday ( 8906 krb5_context context, 8907 krb5_timestamp *sec, 8908 int32_t *usec); 8909 8910char * KRB5_LIB_FUNCTION 8911krb5_uuid_to_string (krb5_uuid uuid); 8912 8913/** 8914 * Log a warning to the log, default stderr, include bthe error from 8915 * the last failure and then abort. 8916 * 8917 * @param context A Kerberos 5 context 8918 * @param code error code of the last error 8919 * @param fmt message to print 8920 * @param ap arguments 8921 * 8922 * @ingroup krb5_error 8923 */ 8924 8925KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8926krb5_vabort ( 8927 krb5_context context, 8928 krb5_error_code code, 8929 const char *fmt, 8930 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)) 8931 HEIMDAL_NORETURN_ATTRIBUTE; 8932 8933KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8934krb5_vabortx ( 8935 krb5_context context, 8936 const char *fmt, 8937 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0)) 8938 HEIMDAL_NORETURN_ATTRIBUTE; 8939 8940KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8941krb5_verify_ap_req ( 8942 krb5_context context, 8943 krb5_auth_context *auth_context, 8944 krb5_ap_req *ap_req, 8945 krb5_const_principal server, 8946 krb5_keyblock *keyblock, 8947 krb5_flags flags, 8948 krb5_flags *ap_req_options, 8949 krb5_ticket **ticket); 8950 8951KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8952krb5_verify_ap_req2 ( 8953 krb5_context context, 8954 krb5_auth_context *auth_context, 8955 krb5_ap_req *ap_req, 8956 krb5_const_principal server, 8957 krb5_keyblock *keyblock, 8958 krb5_flags flags, 8959 krb5_flags *ap_req_options, 8960 krb5_ticket **ticket, 8961 krb5_key_usage usage); 8962 8963KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8964krb5_verify_authenticator_checksum ( 8965 krb5_context context, 8966 krb5_auth_context ac, 8967 void *data, 8968 size_t len); 8969 8970KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8971krb5_verify_checksum ( 8972 krb5_context context, 8973 krb5_crypto crypto, 8974 krb5_key_usage usage, 8975 void *data, 8976 size_t len, 8977 Checksum *cksum); 8978 8979/** 8980 * Verify a Kerberos message checksum. 8981 * 8982 * @param context Kerberos context 8983 * @param crypto Kerberos crypto context 8984 * @param usage Key usage for this buffer 8985 * @param data array of buffers to process 8986 * @param num_data length of array 8987 * @param type return checksum type if not NULL 8988 * 8989 * @return Return an error code or 0. 8990 * @ingroup krb5_crypto 8991 */ 8992 8993KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8994krb5_verify_checksum_iov ( 8995 krb5_context context, 8996 krb5_crypto crypto, 8997 unsigned usage, 8998 krb5_crypto_iov *data, 8999 unsigned int num_data, 9000 krb5_cksumtype *type); 9001 9002KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9003krb5_verify_init_creds ( 9004 krb5_context context, 9005 krb5_creds *creds, 9006 krb5_principal ap_req_server, 9007 krb5_keytab ap_req_keytab, 9008 krb5_ccache *ccache, 9009 krb5_verify_init_creds_opt *options); 9010 9011KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9012krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt *options); 9013 9014KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9015krb5_verify_init_creds_opt_set_ap_req_nofail ( 9016 krb5_verify_init_creds_opt *options, 9017 int ap_req_nofail); 9018 9019KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9020krb5_verify_init_creds_opt_set_service ( 9021 krb5_verify_init_creds_opt *options, 9022 const char *service); 9023 9024KRB5_LIB_FUNCTION int KRB5_LIB_CALL 9025krb5_verify_opt_alloc ( 9026 krb5_context context, 9027 krb5_verify_opt **opt); 9028 9029KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9030krb5_verify_opt_free (krb5_verify_opt *opt); 9031 9032KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9033krb5_verify_opt_init (krb5_verify_opt *opt); 9034 9035KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9036krb5_verify_opt_set_ccache ( 9037 krb5_verify_opt *opt, 9038 krb5_ccache ccache); 9039 9040KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9041krb5_verify_opt_set_flags ( 9042 krb5_verify_opt *opt, 9043 unsigned int flags); 9044 9045KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9046krb5_verify_opt_set_keytab ( 9047 krb5_verify_opt *opt, 9048 krb5_keytab keytab); 9049 9050KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9051krb5_verify_opt_set_prompter ( 9052 krb5_verify_opt *opt, 9053 krb5_prompter_fct prompter, 9054 void *prompter_data); 9055 9056KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9057krb5_verify_opt_set_secure ( 9058 krb5_verify_opt *opt, 9059 krb5_boolean secure); 9060 9061KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9062krb5_verify_opt_set_server ( 9063 krb5_verify_opt *opt, 9064 krb5_principal server); 9065 9066KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9067krb5_verify_opt_set_service ( 9068 krb5_verify_opt *opt, 9069 const char *service); 9070 9071KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9072krb5_verify_user ( 9073 krb5_context context, 9074 krb5_principal principal, 9075 krb5_ccache ccache, 9076 const char *password, 9077 krb5_boolean secure, 9078 const char *service); 9079 9080KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9081krb5_verify_user_lrealm ( 9082 krb5_context context, 9083 krb5_principal principal, 9084 krb5_ccache ccache, 9085 const char *password, 9086 krb5_boolean secure, 9087 const char *service); 9088 9089KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9090krb5_verify_user_opt ( 9091 krb5_context context, 9092 krb5_principal principal, 9093 const char *password, 9094 krb5_verify_opt *opt); 9095 9096/** 9097 * Log a warning to the log, default stderr, include bthe error from 9098 * the last failure and then exit. 9099 * 9100 * @param context A Kerberos 5 context 9101 * @param eval the exit code to exit with 9102 * @param code error code of the last error 9103 * @param fmt message to print 9104 * @param ap arguments 9105 * 9106 * @ingroup krb5_error 9107 */ 9108 9109KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9110krb5_verr ( 9111 krb5_context context, 9112 int eval, 9113 krb5_error_code code, 9114 const char *fmt, 9115 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 0)) 9116 HEIMDAL_NORETURN_ATTRIBUTE; 9117 9118/** 9119 * Log a warning to the log, default stderr, and then exit. 9120 * 9121 * @param context A Kerberos 5 context 9122 * @param eval the exit code to exit with 9123 * @param fmt message to print 9124 * @param ap arguments 9125 * 9126 * @ingroup krb5_error 9127 */ 9128 9129KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9130krb5_verrx ( 9131 krb5_context context, 9132 int eval, 9133 const char *fmt, 9134 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)) 9135 HEIMDAL_NORETURN_ATTRIBUTE; 9136 9137KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9138krb5_vlog ( 9139 krb5_context context, 9140 krb5_log_facility *fac, 9141 int level, 9142 const char *fmt, 9143 va_list ap) 9144 HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 0)); 9145 9146KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9147krb5_vlog_msg ( 9148 krb5_context context, 9149 krb5_log_facility *fac, 9150 char **reply, 9151 int level, 9152 const char *fmt, 9153 va_list ap) 9154 HEIMDAL_PRINTF_ATTRIBUTE((printf, 5, 0)); 9155 9156/** 9157 * Prepend the contexts's full error string for a specific error code. 9158 * 9159 * The if context is NULL, no error string is stored. 9160 * 9161 * @param context Kerberos 5 context 9162 * @param ret The error code 9163 * @param fmt Error string for the error code 9164 * @param args printf(3) style parameters. 9165 * 9166 * @ingroup krb5_error 9167 */ 9168 9169KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9170krb5_vprepend_error_message ( 9171 krb5_context context, 9172 krb5_error_code ret, 9173 const char *fmt, 9174 va_list args) 9175 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)); 9176 9177/** 9178 * Set the context full error string for a specific error code. 9179 * 9180 * The if context is NULL, no error string is stored. 9181 * 9182 * @param context Kerberos 5 context 9183 * @param ret The error code 9184 * @param fmt Error string for the error code 9185 * @param args printf(3) style parameters. 9186 * 9187 * @ingroup krb5_error 9188 */ 9189 9190KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9191krb5_vset_error_message ( 9192 krb5_context context, 9193 krb5_error_code ret, 9194 const char *fmt, 9195 va_list args) 9196 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)); 9197 9198/** 9199 * Set the error message returned by krb5_get_error_string(), 9200 * deprecated, use krb5_set_error_message(). 9201 * 9202 * Deprecated: use krb5_vset_error_message() 9203 * 9204 * @param context Kerberos context 9205 * @param fmt error message to free 9206 * 9207 * @return Return an error code or 0. 9208 * 9209 * @ingroup krb5_deprecated 9210 */ 9211 9212KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9213krb5_vset_error_string ( 9214 krb5_context context, 9215 const char *fmt, 9216 va_list args) 9217 KRB5_DEPRECATED_FUNCTION("Use krb5_set_error_message instead") HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0)); 9218 9219/** 9220 * Log a warning to the log, default stderr, include the error from 9221 * the last failure. 9222 * 9223 * @param context A Kerberos 5 context. 9224 * @param code error code of the last error 9225 * @param fmt message to print 9226 * @param ap arguments 9227 * 9228 * @ingroup krb5_error 9229 */ 9230 9231KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9232krb5_vwarn ( 9233 krb5_context context, 9234 krb5_error_code code, 9235 const char *fmt, 9236 va_list ap) 9237 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)); 9238 9239/** 9240 * Log a warning to the log, default stderr. 9241 * 9242 * @param context A Kerberos 5 context. 9243 * @param fmt message to print 9244 * @param ap arguments 9245 * 9246 * @ingroup krb5_error 9247 */ 9248 9249KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9250krb5_vwarnx ( 9251 krb5_context context, 9252 const char *fmt, 9253 va_list ap) 9254 HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0)); 9255 9256/** 9257 * Log a warning to the log, default stderr, include the error from 9258 * the last failure. 9259 * 9260 * @param context A Kerberos 5 context. 9261 * @param code error code of the last error 9262 * @param fmt message to print 9263 * 9264 * @ingroup krb5_error 9265 */ 9266 9267KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9268krb5_warn ( 9269 krb5_context context, 9270 krb5_error_code code, 9271 const char *fmt, 9272 ...) 9273 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)); 9274 9275/** 9276 * Log a warning to the log, default stderr. 9277 * 9278 * @param context A Kerberos 5 context. 9279 * @param fmt message to print 9280 * 9281 * @ingroup krb5_error 9282 */ 9283 9284KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9285krb5_warnx ( 9286 krb5_context context, 9287 const char *fmt, 9288 ...) 9289 HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)); 9290 9291KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9292krb5_write_message ( 9293 krb5_context context, 9294 krb5_pointer p_fd, 9295 krb5_data *data); 9296 9297KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9298krb5_write_priv_message ( 9299 krb5_context context, 9300 krb5_auth_context ac, 9301 krb5_pointer p_fd, 9302 krb5_data *data); 9303 9304KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9305krb5_write_safe_message ( 9306 krb5_context context, 9307 krb5_auth_context ac, 9308 krb5_pointer p_fd, 9309 krb5_data *data); 9310 9311KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9312krb5_xfree (void *ptr); 9313 9314#ifdef __cplusplus 9315} 9316#endif 9317 9318#undef KRB5_DEPRECATED_FUNCTION 9319 9320#endif /* __krb5_protos_h__ */ 9321