1/* This is a generated file */ 2#ifndef __krb5_protos_h__ 3#define __krb5_protos_h__ 4 5#include <stdarg.h> 6 7#ifndef KRB5_DEPRECATED_FUNCTION 8#ifndef __has_extension 9#define __has_extension(x) 0 10#define KRB5_DEPRECATED_FUNCTIONhas_extension 1 11#endif 12#if __has_extension(attribute_deprecated_with_message) 13#define KRB5_DEPRECATED_FUNCTION(x) __attribute__((__deprecated__(x))) 14#elif defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 15#define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__)) 16#else 17#define KRB5_DEPRECATED_FUNCTION(X) 18#endif 19#ifdef KRB5_DEPRECATED_FUNCTIONhas_extension 20#undef __has_extension 21#undef KRB5_DEPRECATED_FUNCTIONhas_extension 22#endif 23#endif /* KRB5_DEPRECATED_FUNCTION */ 24 25 26#ifdef __cplusplus 27extern "C" { 28#endif 29 30#ifndef KRB5_LIB 31#ifndef KRB5_LIB_FUNCTION 32#if defined(_WIN32) 33#define KRB5_LIB_FUNCTION __declspec(dllimport) 34#define KRB5_LIB_CALL __stdcall 35#define KRB5_LIB_VARIABLE __declspec(dllimport) 36#else 37#define KRB5_LIB_FUNCTION 38#define KRB5_LIB_CALL 39#define KRB5_LIB_VARIABLE 40#endif 41#endif 42#endif 43typedef 44int ( 45 *check_func_t)(krb5_context, const char*, char*);; 46 47/** 48 * Convert the v5 credentials in in_cred to v4-dito in v4creds. This 49 * is done by sending them to the 524 function in the KDC. If 50 * `in_cred' doesn't contain a DES session key, then a new one is 51 * gotten from the KDC and stored in the cred cache `ccache'. 52 * 53 * @param context Kerberos 5 context. 54 * @param in_cred the credential to convert 55 * @param v4creds the converted credential 56 * 57 * @return Returns 0 to indicate success. Otherwise an kerberos et 58 * error code is returned, see krb5_get_error_message(). 59 * 60 * @ingroup krb5_v4compat 61 */ 62KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 63krb524_convert_creds_kdc ( 64 krb5_context /*context*/, 65 krb5_creds */*in_cred*/, 66 struct credentials */*v4creds*/) 67 KRB5_DEPRECATED_FUNCTION("Use X instead"); 68 69/** 70 * Convert the v5 credentials in in_cred to v4-dito in v4creds, 71 * check the credential cache ccache before checking with the KDC. 72 * 73 * @param context Kerberos 5 context. 74 * @param ccache credential cache used to check for des-ticket. 75 * @param in_cred the credential to convert 76 * @param v4creds the converted credential 77 * 78 * @return Returns 0 to indicate success. Otherwise an kerberos et 79 * error code is returned, see krb5_get_error_message(). 80 * 81 * @ingroup krb5_v4compat 82 */ 83KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 84krb524_convert_creds_kdc_ccache ( 85 krb5_context /*context*/, 86 krb5_ccache /*ccache*/, 87 krb5_creds */*in_cred*/, 88 struct credentials */*v4creds*/) 89 KRB5_DEPRECATED_FUNCTION("Use X instead"); 90 91/** 92 * Log a warning to the log, default stderr, include the error from 93 * the last failure and then abort. 94 * 95 * @param context A Kerberos 5 context 96 * @param code error code of the last error 97 * @param fmt message to print 98 * 99 * @ingroup krb5_error 100 */ 101KRB5_LIB_FUNCTION void KRB5_LIB_CALL 102krb5_abort ( 103 krb5_context /*context*/, 104 krb5_error_code /*code*/, 105 const char */*fmt*/, 106 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)) 107 HEIMDAL_NORETURN_ATTRIBUTE; 108 109/** 110 * Log a warning to the log, default stderr, and then abort. 111 * 112 * @param context A Kerberos 5 context 113 * @param code error code of the last error 114 * @param fmt message to print 115 * 116 * @ingroup krb5_error 117 */ 118KRB5_LIB_FUNCTION void KRB5_LIB_CALL 119krb5_abortx ( 120 krb5_context /*context*/, 121 const char */*fmt*/, 122 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)) 123 HEIMDAL_NORETURN_ATTRIBUTE; 124 125/** 126 * krb5_acl_match_file matches ACL format against each line in a file 127 * using krb5_acl_match_string(). Lines starting with # are treated 128 * like comments and ignored. 129 * 130 * @param context Kerberos 5 context. 131 * @param file file with acl listed in the file. 132 * @param format format to match. 133 * @param ... parameter to format string. 134 * 135 * @return Return an error code or 0. 136 * 137 * @sa krb5_acl_match_string 138 * @ingroup krb5_support 139 */ 140KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 141krb5_acl_match_file ( 142 krb5_context /*context*/, 143 const char */*file*/, 144 const char */*format*/, 145 ...); 146 147/** 148 * krb5_acl_match_string matches ACL format against a string. 149 * 150 * The ACL format has three format specifiers: s, f, and r. Each 151 * specifier will retrieve one argument from the variable arguments 152 * for either matching or storing data. The input string is split up 153 * using " " (space) and "\t" (tab) as a delimiter; multiple and "\t" 154 * in a row are considered to be the same. 155 * 156 * List of format specifiers: 157 * - s Matches a string using strcmp(3) (case sensitive). 158 * - f Matches the string with fnmatch(3). Theflags 159 * argument (the last argument) passed to the fnmatch function is 0. 160 * - r Returns a copy of the string in the char ** passed in; the copy 161 * must be freed with free(3). There is no need to free(3) the 162 * string on error: the function will clean up and set the pointer 163 * to NULL. 164 * 165 * @param context Kerberos 5 context 166 * @param string string to match with 167 * @param format format to match 168 * @param ... parameter to format string 169 * 170 * @return Return an error code or 0. 171 * 172 * 173 * @code 174 * char *s; 175 * 176 * ret = krb5_acl_match_string(context, "foo", "s", "foo"); 177 * if (ret) 178 * krb5_errx(context, 1, "acl didn't match"); 179 * ret = krb5_acl_match_string(context, "foo foo baz/kaka", 180 * "ss", "foo", &s, "foo/\\*"); 181 * if (ret) { 182 * // no need to free(s) on error 183 * assert(s == NULL); 184 * krb5_errx(context, 1, "acl didn't match"); 185 * } 186 * free(s); 187 * @endcode 188 * 189 * @sa krb5_acl_match_file 190 * @ingroup krb5_support 191 */ 192KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 193krb5_acl_match_string ( 194 krb5_context /*context*/, 195 const char */*string*/, 196 const char */*format*/, 197 ...); 198 199/** 200 * Add a specified list of error messages to the et list in context. 201 * Call func (probably a comerr-generated function) with a pointer to 202 * the current et_list. 203 * 204 * @param context A kerberos context. 205 * @param func The generated com_err et function. 206 * 207 * @return Returns 0 to indicate success. Otherwise an kerberos et 208 * error code is returned, see krb5_get_error_message(). 209 * 210 * @ingroup krb5 211 */ 212KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 213krb5_add_et_list ( 214 krb5_context /*context*/, 215 void (*/*func*/)(struct et_list **)); 216 217/** 218 * Add extra address to the address list that the library will add to 219 * the client's address list when communicating with the KDC. 220 * 221 * @param context Kerberos 5 context. 222 * @param addresses addreses to add 223 * 224 * @return Returns 0 to indicate success. Otherwise an kerberos et 225 * error code is returned, see krb5_get_error_message(). 226 * 227 * @ingroup krb5 228 */ 229KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 230krb5_add_extra_addresses ( 231 krb5_context /*context*/, 232 krb5_addresses */*addresses*/); 233 234/** 235 * Add extra addresses to ignore when fetching addresses from the 236 * underlaying operating system. 237 * 238 * @param context Kerberos 5 context. 239 * @param addresses addreses to ignore 240 * 241 * @return Returns 0 to indicate success. Otherwise an kerberos et 242 * error code is returned, see krb5_get_error_message(). 243 * 244 * @ingroup krb5 245 */ 246KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 247krb5_add_ignore_addresses ( 248 krb5_context /*context*/, 249 krb5_addresses */*addresses*/); 250 251KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 252krb5_addlog_dest ( 253 krb5_context /*context*/, 254 krb5_log_facility */*f*/, 255 const char */*orig*/); 256 257KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 258krb5_addlog_func ( 259 krb5_context /*context*/, 260 krb5_log_facility */*fac*/, 261 int /*min*/, 262 int /*max*/, 263 krb5_log_log_func_t /*log_func*/, 264 krb5_log_close_func_t /*close_func*/, 265 void */*data*/); 266 267/** 268 * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr 269 * and port. The argument sa_size should initially contain the size of 270 * the sa and after the call, it will contain the actual length of the 271 * address. In case of the sa is too small to fit the whole address, 272 * the up to *sa_size will be stored, and then *sa_size will be set to 273 * the required length. 274 * 275 * @param context a Keberos context 276 * @param addr the address to copy the from 277 * @param sa the struct sockaddr that will be filled in 278 * @param sa_size pointer to length of sa, and after the call, it will 279 * contain the actual length of the address. 280 * @param port set port in sa. 281 * 282 * @return Return an error code or 0. Will return 283 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 284 * 285 * @ingroup krb5_address 286 */ 287KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 288krb5_addr2sockaddr ( 289 krb5_context /*context*/, 290 const krb5_address */*addr*/, 291 struct sockaddr */*sa*/, 292 krb5_socklen_t */*sa_size*/, 293 int /*port*/); 294 295/** 296 * krb5_address_compare compares the addresses addr1 and addr2. 297 * Returns TRUE if the two addresses are the same. 298 * 299 * @param context a Keberos context 300 * @param addr1 address to compare 301 * @param addr2 address to compare 302 * 303 * @return Return an TRUE is the address are the same FALSE if not 304 * 305 * @ingroup krb5_address 306 */ 307KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 308krb5_address_compare ( 309 krb5_context /*context*/, 310 const krb5_address */*addr1*/, 311 const krb5_address */*addr2*/); 312 313/** 314 * krb5_address_order compares the addresses addr1 and addr2 so that 315 * it can be used for sorting addresses. If the addresses are the same 316 * address krb5_address_order will return 0. Behavies like memcmp(2). 317 * 318 * @param context a Keberos context 319 * @param addr1 krb5_address to compare 320 * @param addr2 krb5_address to compare 321 * 322 * @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and 323 * addr2 is the same address, > 0 if addr2 is "less" then addr1. 324 * 325 * @ingroup krb5_address 326 */ 327KRB5_LIB_FUNCTION int KRB5_LIB_CALL 328krb5_address_order ( 329 krb5_context /*context*/, 330 const krb5_address */*addr1*/, 331 const krb5_address */*addr2*/); 332 333/** 334 * Calculate the boundary addresses of `inaddr'/`prefixlen' and store 335 * them in `low' and `high'. 336 * 337 * @param context a Keberos context 338 * @param inaddr address in prefixlen that the bondery searched 339 * @param prefixlen width of boundery 340 * @param low lowest address 341 * @param high highest address 342 * 343 * @return Return an error code or 0. 344 * 345 * @ingroup krb5_address 346 */ 347KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 348krb5_address_prefixlen_boundary ( 349 krb5_context /*context*/, 350 const krb5_address */*inaddr*/, 351 unsigned long /*prefixlen*/, 352 krb5_address */*low*/, 353 krb5_address */*high*/); 354 355/** 356 * krb5_address_search checks if the address addr is a member of the 357 * address set list addrlist . 358 * 359 * @param context a Keberos context. 360 * @param addr address to search for. 361 * @param addrlist list of addresses to look in for addr. 362 * 363 * @return Return an error code or 0. 364 * 365 * @ingroup krb5_address 366 */ 367KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 368krb5_address_search ( 369 krb5_context /*context*/, 370 const krb5_address */*addr*/, 371 const krb5_addresses */*addrlist*/); 372 373/** 374 * Enable or disable all weak encryption types 375 * 376 * @param context Kerberos 5 context 377 * @param enable true to enable, false to disable 378 * 379 * @return Return an error code or 0. 380 * 381 * @ingroup krb5_crypto 382 */ 383KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 384krb5_allow_weak_crypto ( 385 krb5_context /*context*/, 386 krb5_boolean /*enable*/); 387 388KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 389krb5_aname_to_localname ( 390 krb5_context /*context*/, 391 krb5_const_principal /*aname*/, 392 size_t /*lnsize*/, 393 char */*lname*/); 394 395/** 396 * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to 397 * bind(2) to. The argument sa_size should initially contain the size 398 * of the sa, and after the call, it will contain the actual length 399 * of the address. 400 * 401 * @param context a Keberos context 402 * @param af address family 403 * @param sa sockaddr 404 * @param sa_size lenght of sa. 405 * @param port for to fill into sa. 406 * 407 * @return Return an error code or 0. 408 * 409 * @ingroup krb5_address 410 */ 411KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 412krb5_anyaddr ( 413 krb5_context /*context*/, 414 int /*af*/, 415 struct sockaddr */*sa*/, 416 krb5_socklen_t */*sa_size*/, 417 int /*port*/); 418 419KRB5_LIB_FUNCTION void KRB5_LIB_CALL 420krb5_appdefault_boolean ( 421 krb5_context /*context*/, 422 const char */*appname*/, 423 krb5_const_realm /*realm*/, 424 const char */*option*/, 425 krb5_boolean /*def_val*/, 426 krb5_boolean */*ret_val*/); 427 428KRB5_LIB_FUNCTION void KRB5_LIB_CALL 429krb5_appdefault_string ( 430 krb5_context /*context*/, 431 const char */*appname*/, 432 krb5_const_realm /*realm*/, 433 const char */*option*/, 434 const char */*def_val*/, 435 char **/*ret_val*/); 436 437KRB5_LIB_FUNCTION void KRB5_LIB_CALL 438krb5_appdefault_time ( 439 krb5_context /*context*/, 440 const char */*appname*/, 441 krb5_const_realm /*realm*/, 442 const char */*option*/, 443 time_t /*def_val*/, 444 time_t */*ret_val*/); 445 446/** 447 * krb5_append_addresses adds the set of addresses in source to 448 * dest. While copying the addresses, duplicates are also sorted out. 449 * 450 * @param context a Keberos context 451 * @param dest destination of copy operation 452 * @param source adresses that are going to be added to dest 453 * 454 * @return Return an error code or 0. 455 * 456 * @ingroup krb5_address 457 */ 458KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 459krb5_append_addresses ( 460 krb5_context /*context*/, 461 krb5_addresses */*dest*/, 462 const krb5_addresses */*source*/); 463 464KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 465krb5_auth_con_addflags ( 466 krb5_context /*context*/, 467 krb5_auth_context /*auth_context*/, 468 int32_t /*addflags*/, 469 int32_t */*flags*/); 470 471KRB5_LIB_FUNCTION void KRB5_LIB_CALL 472krb5_auth_con_clear ( 473 krb5_context /*context*/, 474 krb5_auth_context /*auth_context*/, 475 unsigned int /*flags*/); 476 477KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 478krb5_auth_con_free ( 479 krb5_context /*context*/, 480 krb5_auth_context /*auth_context*/); 481 482KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 483krb5_auth_con_genaddrs ( 484 krb5_context /*context*/, 485 krb5_auth_context /*auth_context*/, 486 krb5_socket_t /*fd*/, 487 int /*flags*/); 488 489KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 490krb5_auth_con_generatelocalsubkey ( 491 krb5_context /*context*/, 492 krb5_auth_context /*auth_context*/, 493 krb5_keyblock */*key*/); 494 495KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 496krb5_auth_con_getaddrs ( 497 krb5_context /*context*/, 498 krb5_auth_context /*auth_context*/, 499 krb5_address **/*local_addr*/, 500 krb5_address **/*remote_addr*/); 501 502KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 503krb5_auth_con_getauthenticator ( 504 krb5_context /*context*/, 505 krb5_auth_context /*auth_context*/, 506 krb5_authenticator */*authenticator*/); 507 508KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 509krb5_auth_con_getcksumtype ( 510 krb5_context /*context*/, 511 krb5_auth_context /*auth_context*/, 512 krb5_cksumtype */*cksumtype*/); 513 514KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 515krb5_auth_con_getflags ( 516 krb5_context /*context*/, 517 krb5_auth_context /*auth_context*/, 518 int32_t */*flags*/); 519 520KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 521krb5_auth_con_getkey ( 522 krb5_context /*context*/, 523 krb5_auth_context /*auth_context*/, 524 krb5_keyblock **/*keyblock*/); 525 526KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 527krb5_auth_con_getkeytype ( 528 krb5_context /*context*/, 529 krb5_auth_context /*auth_context*/, 530 krb5_keytype */*keytype*/); 531 532KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 533krb5_auth_con_getlocalseqnumber ( 534 krb5_context /*context*/, 535 krb5_auth_context /*auth_context*/, 536 int32_t */*seqnumber*/); 537 538KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 539krb5_auth_con_getlocalsubkey ( 540 krb5_context /*context*/, 541 krb5_auth_context /*auth_context*/, 542 krb5_keyblock **/*keyblock*/); 543 544KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 545krb5_auth_con_getrcache ( 546 krb5_context /*context*/, 547 krb5_auth_context /*auth_context*/, 548 krb5_rcache */*rcache*/); 549 550KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 551krb5_auth_con_getrecvsubkey ( 552 krb5_context /*context*/, 553 krb5_auth_context /*auth_context*/, 554 krb5_keyblock **/*keyblock*/); 555 556KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 557krb5_auth_con_getremoteseqnumber ( 558 krb5_context /*context*/, 559 krb5_auth_context /*auth_context*/, 560 int32_t */*seqnumber*/); 561 562KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 563krb5_auth_con_getremotesubkey ( 564 krb5_context /*context*/, 565 krb5_auth_context /*auth_context*/, 566 krb5_keyblock **/*keyblock*/); 567 568KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 569krb5_auth_con_getsendsubkey ( 570 krb5_context /*context*/, 571 krb5_auth_context /*auth_context*/, 572 krb5_keyblock **/*keyblock*/); 573 574KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 575krb5_auth_con_init ( 576 krb5_context /*context*/, 577 krb5_auth_context */*auth_context*/); 578 579KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 580krb5_auth_con_removeflags ( 581 krb5_context /*context*/, 582 krb5_auth_context /*auth_context*/, 583 int32_t /*removeflags*/, 584 int32_t */*flags*/); 585 586KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 587krb5_auth_con_setaddrs ( 588 krb5_context /*context*/, 589 krb5_auth_context /*auth_context*/, 590 krb5_address */*local_addr*/, 591 krb5_address */*remote_addr*/); 592 593KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 594krb5_auth_con_setaddrs_from_fd ( 595 krb5_context /*context*/, 596 krb5_auth_context /*auth_context*/, 597 void */*p_fd*/); 598 599KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 600krb5_auth_con_setcksumtype ( 601 krb5_context /*context*/, 602 krb5_auth_context /*auth_context*/, 603 krb5_cksumtype /*cksumtype*/); 604 605KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 606krb5_auth_con_setflags ( 607 krb5_context /*context*/, 608 krb5_auth_context /*auth_context*/, 609 int32_t /*flags*/); 610 611KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 612krb5_auth_con_setkey ( 613 krb5_context /*context*/, 614 krb5_auth_context /*auth_context*/, 615 krb5_keyblock */*keyblock*/); 616 617KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 618krb5_auth_con_setkeytype ( 619 krb5_context /*context*/, 620 krb5_auth_context /*auth_context*/, 621 krb5_keytype /*keytype*/); 622 623KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 624krb5_auth_con_setlocalseqnumber ( 625 krb5_context /*context*/, 626 krb5_auth_context /*auth_context*/, 627 int32_t /*seqnumber*/); 628 629KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 630krb5_auth_con_setlocalsubkey ( 631 krb5_context /*context*/, 632 krb5_auth_context /*auth_context*/, 633 krb5_keyblock */*keyblock*/); 634 635KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 636krb5_auth_con_setrcache ( 637 krb5_context /*context*/, 638 krb5_auth_context /*auth_context*/, 639 krb5_rcache /*rcache*/); 640 641KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 642krb5_auth_con_setrecvsubkey ( 643 krb5_context /*context*/, 644 krb5_auth_context /*auth_context*/, 645 krb5_keyblock */*keyblock*/); 646 647KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 648krb5_auth_con_setremoteseqnumber ( 649 krb5_context /*context*/, 650 krb5_auth_context /*auth_context*/, 651 int32_t /*seqnumber*/); 652 653KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 654krb5_auth_con_setremotesubkey ( 655 krb5_context /*context*/, 656 krb5_auth_context /*auth_context*/, 657 krb5_keyblock */*keyblock*/); 658 659KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 660krb5_auth_con_setsendsubkey ( 661 krb5_context /*context*/, 662 krb5_auth_context /*auth_context*/, 663 krb5_keyblock */*keyblock*/); 664 665KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 666krb5_auth_con_setuserkey ( 667 krb5_context /*context*/, 668 krb5_auth_context /*auth_context*/, 669 krb5_keyblock */*keyblock*/); 670 671/** 672 * Deprecated: use krb5_auth_con_getremoteseqnumber() 673 * 674 * @ingroup krb5_deprecated 675 */ 676KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 677krb5_auth_getremoteseqnumber ( 678 krb5_context /*context*/, 679 krb5_auth_context /*auth_context*/, 680 int32_t */*seqnumber*/) 681 KRB5_DEPRECATED_FUNCTION("Use X instead"); 682 683KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 684krb5_build_ap_req ( 685 krb5_context /*context*/, 686 krb5_enctype /*enctype*/, 687 krb5_creds */*cred*/, 688 krb5_flags /*ap_options*/, 689 krb5_data /*authenticator*/, 690 krb5_data */*retdata*/); 691 692/** 693 * Build a principal using vararg style building 694 * 695 * @param context A Kerberos context. 696 * @param principal returned principal 697 * @param rlen length of realm 698 * @param realm realm name 699 * @param ... a list of components ended with NULL. 700 * 701 * @return An krb5 error code, see krb5_get_error_message(). 702 * 703 * @ingroup krb5_principal 704 */ 705KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 706krb5_build_principal ( 707 krb5_context /*context*/, 708 krb5_principal */*principal*/, 709 int /*rlen*/, 710 krb5_const_realm /*realm*/, 711 ...); 712 713KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 714krb5_build_principal_ext ( 715 krb5_context /*context*/, 716 krb5_principal */*principal*/, 717 int /*rlen*/, 718 krb5_const_realm /*realm*/, 719 ...); 720 721KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 722krb5_build_principal_va ( 723 krb5_context /*context*/, 724 krb5_principal */*principal*/, 725 int /*rlen*/, 726 krb5_const_realm /*realm*/, 727 va_list /*ap*/); 728 729KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 730krb5_build_principal_va_ext ( 731 krb5_context /*context*/, 732 krb5_principal */*principal*/, 733 int /*rlen*/, 734 krb5_const_realm /*realm*/, 735 va_list /*ap*/); 736 737KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 738krb5_c_block_size ( 739 krb5_context /*context*/, 740 krb5_enctype /*enctype*/, 741 size_t */*blocksize*/); 742 743KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 744krb5_c_checksum_length ( 745 krb5_context /*context*/, 746 krb5_cksumtype /*cksumtype*/, 747 size_t */*length*/); 748 749KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 750krb5_c_decrypt ( 751 krb5_context /*context*/, 752 const krb5_keyblock /*key*/, 753 krb5_keyusage /*usage*/, 754 const krb5_data */*ivec*/, 755 krb5_enc_data */*input*/, 756 krb5_data */*output*/); 757 758KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 759krb5_c_encrypt ( 760 krb5_context /*context*/, 761 const krb5_keyblock */*key*/, 762 krb5_keyusage /*usage*/, 763 const krb5_data */*ivec*/, 764 const krb5_data */*input*/, 765 krb5_enc_data */*output*/); 766 767KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 768krb5_c_encrypt_length ( 769 krb5_context /*context*/, 770 krb5_enctype /*enctype*/, 771 size_t /*inputlen*/, 772 size_t */*length*/); 773 774/** 775 * Deprecated: keytypes doesn't exists, they are really enctypes. 776 * 777 * @ingroup krb5_deprecated 778 */ 779KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 780krb5_c_enctype_compare ( 781 krb5_context /*context*/, 782 krb5_enctype /*e1*/, 783 krb5_enctype /*e2*/, 784 krb5_boolean */*similar*/) 785 KRB5_DEPRECATED_FUNCTION("Use X instead"); 786 787KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 788krb5_c_get_checksum ( 789 krb5_context /*context*/, 790 const krb5_checksum */*cksum*/, 791 krb5_cksumtype */*type*/, 792 krb5_data **/*data*/); 793 794KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 795krb5_c_is_coll_proof_cksum (krb5_cksumtype /*ctype*/); 796 797KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 798krb5_c_is_keyed_cksum (krb5_cksumtype /*ctype*/); 799 800KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 801krb5_c_keylengths ( 802 krb5_context /*context*/, 803 krb5_enctype /*enctype*/, 804 size_t */*ilen*/, 805 size_t */*keylen*/); 806 807KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 808krb5_c_make_checksum ( 809 krb5_context /*context*/, 810 krb5_cksumtype /*cksumtype*/, 811 const krb5_keyblock */*key*/, 812 krb5_keyusage /*usage*/, 813 const krb5_data */*input*/, 814 krb5_checksum */*cksum*/); 815 816KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 817krb5_c_make_random_key ( 818 krb5_context /*context*/, 819 krb5_enctype /*enctype*/, 820 krb5_keyblock */*random_key*/); 821 822KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 823krb5_c_prf ( 824 krb5_context /*context*/, 825 const krb5_keyblock */*key*/, 826 const krb5_data */*input*/, 827 krb5_data */*output*/); 828 829KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 830krb5_c_prf_length ( 831 krb5_context /*context*/, 832 krb5_enctype /*type*/, 833 size_t */*length*/); 834 835KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 836krb5_c_random_make_octets ( 837 krb5_context /*context*/, 838 krb5_data * /*data*/); 839 840KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 841krb5_c_set_checksum ( 842 krb5_context /*context*/, 843 krb5_checksum */*cksum*/, 844 krb5_cksumtype /*type*/, 845 const krb5_data */*data*/); 846 847KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 848krb5_c_valid_cksumtype (krb5_cksumtype /*ctype*/); 849 850KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 851krb5_c_valid_enctype (krb5_enctype /*etype*/); 852 853KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 854krb5_c_verify_checksum ( 855 krb5_context /*context*/, 856 const krb5_keyblock */*key*/, 857 krb5_keyusage /*usage*/, 858 const krb5_data */*data*/, 859 const krb5_checksum */*cksum*/, 860 krb5_boolean */*valid*/); 861 862/** 863 * Destroy the cursor `cursor'. 864 * 865 * @return Return an error code or 0, see krb5_get_error_message(). 866 * 867 * @ingroup krb5_ccache 868 */ 869KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 870krb5_cc_cache_end_seq_get ( 871 krb5_context /*context*/, 872 krb5_cc_cache_cursor /*cursor*/); 873 874/** 875 * Start iterating over all caches of specified type. See also 876 * krb5_cccol_cursor_new(). 877 878 * @param context A Kerberos 5 context 879 * @param type optional type to iterate over, if NULL, the default cache is used. 880 * @param cursor cursor should be freed with krb5_cc_cache_end_seq_get(). 881 * 882 * @return Return an error code or 0, see krb5_get_error_message(). 883 * 884 * @ingroup krb5_ccache 885 */ 886KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 887krb5_cc_cache_get_first ( 888 krb5_context /*context*/, 889 const char */*type*/, 890 krb5_cc_cache_cursor */*cursor*/); 891 892/** 893 * Search for a matching credential cache that have the 894 * `principal' as the default principal. On success, `id' needs to be 895 * freed with krb5_cc_close() or krb5_cc_destroy(). 896 * 897 * If the input principal have 0 name_string, the code will only 898 * compare the realm (and ignore the name_strings of the pricipal in 899 * the cache). 900 * 901 * @param context A Kerberos 5 context 902 * @param client The principal to search for 903 * @param id the returned credential cache 904 * 905 * @return On failure, error code is returned and `id' is set to NULL. 906 * 907 * @ingroup krb5_ccache 908 */ 909KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 910krb5_cc_cache_match ( 911 krb5_context /*context*/, 912 krb5_principal /*client*/, 913 krb5_ccache */*id*/); 914 915/** 916 * Retrieve the next cache pointed to by (`cursor') in `id' 917 * and advance `cursor'. 918 * 919 * @param context A Kerberos 5 context 920 * @param cursor the iterator cursor, returned by krb5_cc_cache_get_first() 921 * @param id next ccache 922 * 923 * @return Return 0 or an error code. Returns KRB5_CC_END when the end 924 * of caches is reached, see krb5_get_error_message(). 925 * 926 * @ingroup krb5_ccache 927 */ 928KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 929krb5_cc_cache_next ( 930 krb5_context /*context*/, 931 krb5_cc_cache_cursor /*cursor*/, 932 krb5_ccache */*id*/); 933 934/** 935 * Clear `mcreds' so it can be used with krb5_cc_retrieve_cred 936 * 937 * @ingroup krb5_ccache 938 */ 939KRB5_LIB_FUNCTION void KRB5_LIB_CALL 940krb5_cc_clear_mcred (krb5_creds */*mcred*/); 941 942/** 943 * Stop using the ccache `id' and free the related resources. 944 * 945 * @return Return an error code or 0, see krb5_get_error_message(). 946 * 947 * @ingroup krb5_ccache 948 */ 949KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 950krb5_cc_close ( 951 krb5_context /*context*/, 952 krb5_ccache /*id*/); 953 954/** 955 * Just like krb5_cc_copy_match_f(), but copy everything. 956 * 957 * @ingroup @krb5_ccache 958 */ 959KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 960krb5_cc_copy_cache ( 961 krb5_context /*context*/, 962 const krb5_ccache /*from*/, 963 krb5_ccache /*to*/); 964 965/** 966 * MIT compat glue 967 * 968 * @ingroup krb5_ccache 969 */ 970KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 971krb5_cc_copy_creds ( 972 krb5_context /*context*/, 973 const krb5_ccache /*from*/, 974 krb5_ccache /*to*/); 975 976/** 977 * Copy the contents of `from' to `to' if the given match function 978 * return true. 979 * 980 * @param context A Kerberos 5 context. 981 * @param from the cache to copy data from. 982 * @param to the cache to copy data to. 983 * @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied. 984 * @param matchctx context passed to match function. 985 * @param matched set to true if there was a credential that matched, may be NULL. 986 * 987 * @return Return an error code or 0, see krb5_get_error_message(). 988 * 989 * @ingroup krb5_ccache 990 */ 991KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 992krb5_cc_copy_match_f ( 993 krb5_context /*context*/, 994 const krb5_ccache /*from*/, 995 krb5_ccache /*to*/, 996 krb5_boolean (*/*match*/)(krb5_context, void *, const krb5_creds *), 997 void */*matchctx*/, 998 unsigned int */*matched*/); 999 1000/** 1001 * Open the default ccache in `id'. 1002 * 1003 * @return Return an error code or 0, see krb5_get_error_message(). 1004 * 1005 * @ingroup krb5_ccache 1006 */ 1007KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1008krb5_cc_default ( 1009 krb5_context /*context*/, 1010 krb5_ccache */*id*/); 1011 1012/** 1013 * Return a pointer to a context static string containing the default 1014 * ccache name. 1015 * 1016 * @return String to the default credential cache name. 1017 * 1018 * @ingroup krb5_ccache 1019 */ 1020KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1021krb5_cc_default_name (krb5_context /*context*/); 1022 1023/** 1024 * Remove the ccache `id'. 1025 * 1026 * @return Return an error code or 0, see krb5_get_error_message(). 1027 * 1028 * @ingroup krb5_ccache 1029 */ 1030KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1031krb5_cc_destroy ( 1032 krb5_context /*context*/, 1033 krb5_ccache /*id*/); 1034 1035/** 1036 * Destroy the cursor `cursor'. 1037 * 1038 * @ingroup krb5_ccache 1039 */ 1040KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1041krb5_cc_end_seq_get ( 1042 krb5_context /*context*/, 1043 const krb5_ccache /*id*/, 1044 krb5_cc_cursor */*cursor*/); 1045 1046/** 1047 * Generate a new ccache of type `ops' in `id'. 1048 * 1049 * Deprecated: use krb5_cc_new_unique() instead. 1050 * 1051 * @return Return an error code or 0, see krb5_get_error_message(). 1052 * 1053 * @ingroup krb5_ccache 1054 */ 1055KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1056krb5_cc_gen_new ( 1057 krb5_context /*context*/, 1058 const krb5_cc_ops */*ops*/, 1059 krb5_ccache */*id*/) 1060 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1061 1062/** 1063 * Get some configuration for the credential cache in the cache. 1064 * 1065 * @param context a Keberos context 1066 * @param id the credential cache to store the data for 1067 * @param principal configuration for a specific principal, if 1068 * NULL, global for the whole cache. 1069 * @param name name under which the configuraion is stored. 1070 * @param data data to fetched, free with krb5_data_free() 1071 * 1072 * @ingroup krb5_ccache 1073 */ 1074KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1075krb5_cc_get_config ( 1076 krb5_context /*context*/, 1077 krb5_ccache /*id*/, 1078 krb5_const_principal /*principal*/, 1079 const char */*name*/, 1080 krb5_data */*data*/); 1081 1082/** 1083 * Get the flags of `id', store them in `flags'. 1084 * 1085 * @ingroup krb5_ccache 1086 */ 1087KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1088krb5_cc_get_flags ( 1089 krb5_context /*context*/, 1090 krb5_ccache /*id*/, 1091 krb5_flags */*flags*/); 1092 1093/** 1094 * Return a friendly name on credential cache. Free the result with krb5_xfree(). 1095 * 1096 * @return Return an error code or 0, see krb5_get_error_message(). 1097 * 1098 * @ingroup krb5_ccache 1099 */ 1100KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1101krb5_cc_get_friendly_name ( 1102 krb5_context /*context*/, 1103 krb5_ccache /*id*/, 1104 char **/*name*/); 1105 1106/** 1107 * Return the complete resolvable name the cache 1108 1109 * @param context a Keberos context 1110 * @param id return pointer to a found credential cache 1111 * @param str the returned name of a credential cache, free with krb5_xfree() 1112 * 1113 * @return Returns 0 or an error (and then *str is set to NULL). 1114 * 1115 * @ingroup krb5_ccache 1116 */ 1117KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1118krb5_cc_get_full_name ( 1119 krb5_context /*context*/, 1120 krb5_ccache /*id*/, 1121 char **/*str*/); 1122 1123/** 1124 * Get the time offset betwen the client and the KDC 1125 * 1126 * If the backend doesn't support KDC offset, use the context global setting. 1127 * 1128 * @param context A Kerberos 5 context. 1129 * @param id a credential cache 1130 * @param offset the offset in seconds 1131 * 1132 * @return Return an error code or 0, see krb5_get_error_message(). 1133 * 1134 * @ingroup krb5_ccache 1135 */ 1136KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1137krb5_cc_get_kdc_offset ( 1138 krb5_context /*context*/, 1139 krb5_ccache /*id*/, 1140 krb5_deltat */*offset*/); 1141 1142/** 1143 * Get the aproximate lifetime of credential cache 1144 * 1145 * Time t is always set to a known value, in case of an error, its set to 0. 1146 * 1147 * @param context A Kerberos 5 context. 1148 * @param id a credential cache. 1149 * @param t the relative lifetime of cache. 1150 * 1151 * @return Return an error code or 0, see krb5_get_error_message(). 1152 * 1153 * @ingroup krb5_ccache 1154 */ 1155KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1156krb5_cc_get_lifetime ( 1157 krb5_context /*context*/, 1158 krb5_ccache /*id*/, 1159 time_t */*t*/); 1160 1161/** 1162 * Return the name of the ccache `id' 1163 * 1164 * @ingroup krb5_ccache 1165 */ 1166KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1167krb5_cc_get_name ( 1168 krb5_context /*context*/, 1169 krb5_ccache /*id*/); 1170 1171/** 1172 * Return krb5_cc_ops of a the ccache `id'. 1173 * 1174 * @ingroup krb5_ccache 1175 */ 1176KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1177krb5_cc_get_ops ( 1178 krb5_context /*context*/, 1179 krb5_ccache /*id*/); 1180 1181/** 1182 * Get the cc ops that is registered in `context' to handle the 1183 * prefix. prefix can be a complete credential cache name or a 1184 * prefix, the function will only use part up to the first colon (:) 1185 * if there is one. If prefix the argument is NULL, the default ccache 1186 * implemtation is returned. 1187 * 1188 * @return Returns NULL if ops not found. 1189 * 1190 * @ingroup krb5_ccache 1191 */ 1192KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1193krb5_cc_get_prefix_ops ( 1194 krb5_context /*context*/, 1195 const char */*prefix*/); 1196 1197/** 1198 * Return the principal of `id' in `principal'. 1199 * 1200 * @return Return an error code or 0, see krb5_get_error_message(). 1201 * 1202 * @ingroup krb5_ccache 1203 */ 1204KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1205krb5_cc_get_principal ( 1206 krb5_context /*context*/, 1207 krb5_ccache /*id*/, 1208 krb5_principal */*principal*/); 1209 1210/** 1211 * Return the type of the ccache `id'. 1212 * 1213 * @ingroup krb5_ccache 1214 */ 1215KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1216krb5_cc_get_type ( 1217 krb5_context /*context*/, 1218 krb5_ccache /*id*/); 1219 1220krb5_error_code 1221krb5_cc_get_uuid ( 1222 krb5_context /*context*/, 1223 krb5_ccache /*id*/, 1224 krb5_uuid /*uuid*/); 1225 1226/** 1227 * Return the version of `id'. 1228 * 1229 * @ingroup krb5_ccache 1230 */ 1231KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1232krb5_cc_get_version ( 1233 krb5_context /*context*/, 1234 const krb5_ccache /*id*/); 1235 1236krb5_error_code 1237krb5_cc_hold ( 1238 krb5_context /*context*/, 1239 krb5_ccache /*id*/); 1240 1241/** 1242 * Create a new ccache in `id' for `primary_principal'. 1243 * 1244 * @return Return an error code or 0, see krb5_get_error_message(). 1245 * 1246 * @ingroup krb5_ccache 1247 */ 1248KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1249krb5_cc_initialize ( 1250 krb5_context /*context*/, 1251 krb5_ccache /*id*/, 1252 krb5_principal /*primary_principal*/); 1253 1254/** 1255 * Return the last time the credential cache was modified. 1256 * 1257 * @param context A Kerberos 5 context 1258 * @param id The credential cache to probe 1259 * @param mtime the last modification time, set to 0 on error. 1260 1261 * @return Return 0 or and error. See krb5_get_error_message(). 1262 * 1263 * @ingroup krb5_ccache 1264 */ 1265KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1266krb5_cc_last_change_time ( 1267 krb5_context /*context*/, 1268 krb5_ccache /*id*/, 1269 krb5_timestamp */*mtime*/); 1270 1271/** 1272 * Move the content from one credential cache to another. The 1273 * operation is an atomic switch. 1274 * 1275 * @param context a Keberos context 1276 * @param from the credential cache to move the content from 1277 * @param to the credential cache to move the content to 1278 1279 * @return On sucess, from is freed. On failure, error code is 1280 * returned and from and to are both still allocated, see krb5_get_error_message(). 1281 * 1282 * @ingroup krb5_ccache 1283 */ 1284KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1285krb5_cc_move ( 1286 krb5_context /*context*/, 1287 krb5_ccache /*from*/, 1288 krb5_ccache /*to*/); 1289 1290/** 1291 * Generates a new unique ccache of `type` in `id'. If `type' is NULL, 1292 * the library chooses the default credential cache type. The supplied 1293 * `hint' (that can be NULL) is a string that the credential cache 1294 * type can use to base the name of the credential on, this is to make 1295 * it easier for the user to differentiate the credentials. 1296 * 1297 * @return Return an error code or 0, see krb5_get_error_message(). 1298 * 1299 * @ingroup krb5_ccache 1300 */ 1301KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1302krb5_cc_new_unique ( 1303 krb5_context /*context*/, 1304 const char */*type*/, 1305 const char */*hint*/, 1306 krb5_ccache */*id*/); 1307 1308/** 1309 * Retrieve the next cred pointed to by (`id', `cursor') in `creds' 1310 * and advance `cursor'. 1311 * 1312 * @return Return an error code or 0, see krb5_get_error_message(). 1313 * 1314 * @ingroup krb5_ccache 1315 */ 1316KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1317krb5_cc_next_cred ( 1318 krb5_context /*context*/, 1319 const krb5_ccache /*id*/, 1320 krb5_cc_cursor */*cursor*/, 1321 krb5_creds */*creds*/); 1322 1323/** 1324 * Add a new ccache type with operations `ops', overwriting any 1325 * existing one if `override'. 1326 * 1327 * @param context a Keberos context 1328 * @param ops type of plugin symbol 1329 * @param override flag to select if the registration is to overide 1330 * an existing ops with the same name. 1331 * 1332 * @return Return an error code or 0, see krb5_get_error_message(). 1333 * 1334 * @ingroup krb5_ccache 1335 */ 1336KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1337krb5_cc_register ( 1338 krb5_context /*context*/, 1339 const krb5_cc_ops */*ops*/, 1340 krb5_boolean /*override*/); 1341 1342/** 1343 * Remove the credential identified by `cred', `which' from `id'. 1344 * 1345 * @ingroup krb5_ccache 1346 */ 1347KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1348krb5_cc_remove_cred ( 1349 krb5_context /*context*/, 1350 krb5_ccache /*id*/, 1351 krb5_flags /*which*/, 1352 krb5_creds */*cred*/); 1353 1354/** 1355 * Find and allocate a ccache in `id' from the specification in `residual'. 1356 * If the ccache name doesn't contain any colon, interpret it as a file name. 1357 * 1358 * @param context a Keberos context. 1359 * @param name string name of a credential cache. 1360 * @param id return pointer to a found credential cache. 1361 * 1362 * @return Return 0 or an error code. In case of an error, id is set 1363 * to NULL, see krb5_get_error_message(). 1364 * 1365 * @ingroup krb5_ccache 1366 */ 1367KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1368krb5_cc_resolve ( 1369 krb5_context /*context*/, 1370 const char */*name*/, 1371 krb5_ccache */*id*/); 1372 1373krb5_error_code 1374krb5_cc_resolve_by_uuid ( 1375 krb5_context /*context*/, 1376 const char */*type*/, 1377 krb5_ccache */*id*/, 1378 krb5_uuid /*uuid*/); 1379 1380/** 1381 * Retrieve the credential identified by `mcreds' (and `whichfields') 1382 * from `id' in `creds'. 'creds' must be free by the caller using 1383 * krb5_free_cred_contents. 1384 * 1385 * @param context A Kerberos 5 context 1386 * @param id a Kerberos 5 credential cache 1387 * @param whichfields what fields to use for matching credentials, same 1388 * flags as whichfields in krb5_compare_creds() 1389 * @param mcreds template credential to use for comparing 1390 * @param creds returned credential, free with krb5_free_cred_contents() 1391 * 1392 * @return Return an error code or 0, see krb5_get_error_message(). 1393 * 1394 * @ingroup krb5_ccache 1395 */ 1396KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1397krb5_cc_retrieve_cred ( 1398 krb5_context /*context*/, 1399 krb5_ccache /*id*/, 1400 krb5_flags /*whichfields*/, 1401 const krb5_creds */*mcreds*/, 1402 krb5_creds */*creds*/); 1403 1404krb5_error_code 1405krb5_cc_set_acl ( 1406 krb5_context /*context*/, 1407 krb5_ccache /*id*/, 1408 const char */*type*/, 1409 void */*ptr*/); 1410 1411/** 1412 * Store some configuration for the credential cache in the cache. 1413 * Existing configuration under the same name is over-written. 1414 * 1415 * @param context a Keberos context 1416 * @param id the credential cache to store the data for 1417 * @param principal configuration for a specific principal, if 1418 * NULL, global for the whole cache. 1419 * @param name name under which the configuraion is stored. 1420 * @param data data to store, if NULL, configure is removed. 1421 * 1422 * @ingroup krb5_ccache 1423 */ 1424KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1425krb5_cc_set_config ( 1426 krb5_context /*context*/, 1427 krb5_ccache /*id*/, 1428 krb5_const_principal /*principal*/, 1429 const char */*name*/, 1430 krb5_data */*data*/); 1431 1432/** 1433 * Set the default cc name for `context' to `name'. 1434 * 1435 * @param context a krb5 context 1436 * @param name if set, will use this as the default name, if NULL, default name will be set 1437 * 1438 * @return Return an error code or 0, see krb5_get_error_message(). 1439 * 1440 * @ingroup krb5_ccache 1441 */ 1442KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1443krb5_cc_set_default_name ( 1444 krb5_context /*context*/, 1445 const char */*name*/); 1446 1447/** 1448 * Set the flags of `id' to `flags'. 1449 * 1450 * @ingroup krb5_ccache 1451 */ 1452KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1453krb5_cc_set_flags ( 1454 krb5_context /*context*/, 1455 krb5_ccache /*id*/, 1456 krb5_flags /*flags*/); 1457 1458/** 1459 * Set the friendly name on credential cache. 1460 * 1461 * @return Return an error code or 0, see krb5_get_error_message(). 1462 * 1463 * @ingroup krb5_ccache 1464 */ 1465KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1466krb5_cc_set_friendly_name ( 1467 krb5_context /*context*/, 1468 krb5_ccache /*id*/, 1469 const char */*name*/); 1470 1471/** 1472 * Set the time offset betwen the client and the KDC 1473 * 1474 * If the backend doesn't support KDC offset, use the context global setting. 1475 * 1476 * @param context A Kerberos 5 context. 1477 * @param id a credential cache 1478 * @param offset the offset in seconds 1479 * 1480 * @return Return an error code or 0, see krb5_get_error_message(). 1481 * 1482 * @ingroup krb5_ccache 1483 */ 1484KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1485krb5_cc_set_kdc_offset ( 1486 krb5_context /*context*/, 1487 krb5_ccache /*id*/, 1488 krb5_deltat /*offset*/); 1489 1490/** 1491 * Start iterating over `id', `cursor' is initialized to the 1492 * beginning. Caller must free the cursor with krb5_cc_end_seq_get(). 1493 * 1494 * @return Return an error code or 0, see krb5_get_error_message(). 1495 * 1496 * @ingroup krb5_ccache 1497 */ 1498KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1499krb5_cc_start_seq_get ( 1500 krb5_context /*context*/, 1501 const krb5_ccache /*id*/, 1502 krb5_cc_cursor */*cursor*/); 1503 1504/** 1505 * Store `creds' in the ccache `id'. 1506 * 1507 * @return Return an error code or 0, see krb5_get_error_message(). 1508 * 1509 * @ingroup krb5_ccache 1510 */ 1511KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1512krb5_cc_store_cred ( 1513 krb5_context /*context*/, 1514 krb5_ccache /*id*/, 1515 krb5_creds */*creds*/); 1516 1517/** 1518 * Return true if the default credential cache support switch 1519 * 1520 * @ingroup krb5_ccache 1521 */ 1522KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1523krb5_cc_support_switch ( 1524 krb5_context /*context*/, 1525 const char */*type*/); 1526 1527/** 1528 * Switch the default default credential cache for a specific 1529 * credcache type (and name for some implementations). 1530 * 1531 * @return Return an error code or 0, see krb5_get_error_message(). 1532 * 1533 * @ingroup krb5_ccache 1534 */ 1535KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1536krb5_cc_switch ( 1537 krb5_context /*context*/, 1538 krb5_ccache /*id*/); 1539 1540krb5_error_code 1541krb5_cc_unhold ( 1542 krb5_context /*context*/, 1543 krb5_ccache /*id*/); 1544 1545/** 1546 * End an iteration and free all resources, can be done before end is reached. 1547 * 1548 * @param context A Kerberos 5 context 1549 * @param cursor the iteration cursor to be freed. 1550 * 1551 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1552 * of iteration. See krb5_get_error_message(). 1553 * 1554 * @ingroup krb5_ccache 1555 */ 1556KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1557krb5_cccol_cursor_free ( 1558 krb5_context /*context*/, 1559 krb5_cccol_cursor */*cursor*/); 1560 1561/** 1562 * Get a new cache interation cursor that will interate over all 1563 * credentials caches independent of type. 1564 * 1565 * @param context a Keberos context 1566 * @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free(). 1567 * 1568 * @return Returns 0 or and error code, see krb5_get_error_message(). 1569 * 1570 * @ingroup krb5_ccache 1571 */ 1572KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1573krb5_cccol_cursor_new ( 1574 krb5_context /*context*/, 1575 krb5_cccol_cursor */*cursor*/); 1576 1577/** 1578 * Get next credential cache from the iteration. 1579 * 1580 * @param context A Kerberos 5 context 1581 * @param cursor the iteration cursor 1582 * @param cache the returned cursor, pointer is set to NULL on failure 1583 * and a cache on success. The returned cache needs to be freed 1584 * with krb5_cc_close() or destroyed with krb5_cc_destroy(). 1585 * MIT Kerberos behavies slightly diffrent and sets cache to NULL 1586 * when all caches are iterated over and return 0. 1587 * 1588 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1589 * of iteration. See krb5_get_error_message(). 1590 * 1591 * @ingroup krb5_ccache 1592 */ 1593KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1594krb5_cccol_cursor_next ( 1595 krb5_context /*context*/, 1596 krb5_cccol_cursor /*cursor*/, 1597 krb5_ccache */*cache*/); 1598 1599/** 1600 * Return the last modfication time for a cache collection. The query 1601 * can be limited to a specific cache type. If the function return 0 1602 * and mtime is 0, there was no credentials in the caches. 1603 * 1604 * @param context A Kerberos 5 context 1605 * @param type The credential cache to probe, if NULL, all type are traversed. 1606 * @param mtime the last modification time, set to 0 on error. 1607 1608 * @return Return 0 or and error. See krb5_get_error_message(). 1609 * 1610 * @ingroup krb5_ccache 1611 */ 1612KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1613krb5_cccol_last_change_time ( 1614 krb5_context /*context*/, 1615 const char */*type*/, 1616 krb5_timestamp */*mtime*/); 1617 1618/** 1619 * Deprecated: krb5_change_password() is deprecated, use krb5_set_password(). 1620 * 1621 * @param context a Keberos context 1622 * @param creds 1623 * @param newpw 1624 * @param result_code 1625 * @param result_code_string 1626 * @param result_string 1627 * 1628 * @return On sucess password is changed. 1629 1630 * @ingroup @krb5_deprecated 1631 */ 1632KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1633krb5_change_password ( 1634 krb5_context /*context*/, 1635 krb5_creds */*creds*/, 1636 const char */*newpw*/, 1637 int */*result_code*/, 1638 krb5_data */*result_code_string*/, 1639 krb5_data */*result_string*/) 1640 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1641 1642KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1643krb5_check_transited ( 1644 krb5_context /*context*/, 1645 krb5_const_realm /*client_realm*/, 1646 krb5_const_realm /*server_realm*/, 1647 krb5_realm */*realms*/, 1648 unsigned int /*num_realms*/, 1649 int */*bad_realm*/); 1650 1651KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1652krb5_check_transited_realms ( 1653 krb5_context /*context*/, 1654 const char *const */*realms*/, 1655 unsigned int /*num_realms*/, 1656 int */*bad_realm*/); 1657 1658KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1659krb5_checksum_disable ( 1660 krb5_context /*context*/, 1661 krb5_cksumtype /*type*/); 1662 1663KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1664krb5_checksum_free ( 1665 krb5_context /*context*/, 1666 krb5_checksum */*cksum*/); 1667 1668KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1669krb5_checksum_is_collision_proof ( 1670 krb5_context /*context*/, 1671 krb5_cksumtype /*type*/); 1672 1673KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1674krb5_checksum_is_keyed ( 1675 krb5_context /*context*/, 1676 krb5_cksumtype /*type*/); 1677 1678KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1679krb5_checksumsize ( 1680 krb5_context /*context*/, 1681 krb5_cksumtype /*type*/, 1682 size_t */*size*/); 1683 1684/** 1685 * Return the coresponding encryption type for a checksum type. 1686 * 1687 * @param context Kerberos context 1688 * @param ctype The checksum type to get the result enctype for 1689 * @param etype The returned encryption, when the matching etype is 1690 * not found, etype is set to ETYPE_NULL. 1691 * 1692 * @return Return an error code for an failure or 0 on success. 1693 * @ingroup krb5_crypto 1694 */ 1695KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1696krb5_cksumtype_to_enctype ( 1697 krb5_context /*context*/, 1698 krb5_cksumtype /*ctype*/, 1699 krb5_enctype */*etype*/) 1700 KRB5_DEPRECATED; 1701 1702KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1703krb5_cksumtype_valid ( 1704 krb5_context /*context*/, 1705 krb5_cksumtype /*ctype*/); 1706 1707/** 1708 * Clears the error message from the Kerberos 5 context. 1709 * 1710 * @param context The Kerberos 5 context to clear 1711 * 1712 * @ingroup krb5_error 1713 */ 1714KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1715krb5_clear_error_message (krb5_context /*context*/); 1716 1717/** 1718 * Clear the error message returned by krb5_get_error_string(). 1719 * 1720 * Deprecated: use krb5_clear_error_message() 1721 * 1722 * @param context Kerberos context 1723 * 1724 * @ingroup krb5_deprecated 1725 */ 1726KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1727krb5_clear_error_string (krb5_context /*context*/) 1728 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1729 1730KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1731krb5_closelog ( 1732 krb5_context /*context*/, 1733 krb5_log_facility */*fac*/); 1734 1735/** 1736 * Return TRUE if `mcreds' and `creds' are equal (`whichfields' 1737 * determines what equal means). 1738 * 1739 * 1740 * The following flags, set in whichfields affects the comparison: 1741 * - KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal. 1742 * - KRB5_TC_MATCH_KEYTYPE Compare enctypes. 1743 * - KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical. 1744 * - KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds . 1745 * - KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly. 1746 * - KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds. 1747 * - KRB5_TC_MATCH_AUTHDATA Compares the authdata fields. 1748 * - KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication). 1749 * - KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket. 1750 * 1751 * @param context Kerberos 5 context. 1752 * @param whichfields which fields to compare. 1753 * @param mcreds cred to compare with. 1754 * @param creds cred to compare with. 1755 * 1756 * @return return TRUE if mcred and creds are equal, FALSE if not. 1757 * 1758 * @ingroup krb5 1759 */ 1760KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1761krb5_compare_creds ( 1762 krb5_context /*context*/, 1763 krb5_flags /*whichfields*/, 1764 const krb5_creds * /*mcreds*/, 1765 const krb5_creds * /*creds*/); 1766 1767/** 1768 * Free configuration file section, the result of 1769 * krb5_config_parse_file() and krb5_config_parse_file_multi(). 1770 * 1771 * @param context A Kerberos 5 context 1772 * @param s the configuration section to free 1773 * 1774 * @return returns 0 on successes, otherwise an error code, see 1775 * krb5_get_error_message() 1776 * 1777 * @ingroup krb5_support 1778 */ 1779KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1780krb5_config_file_free ( 1781 krb5_context /*context*/, 1782 krb5_config_section */*s*/); 1783 1784/** 1785 * Free the resulting strings from krb5_config-get_strings() and 1786 * krb5_config_vget_strings(). 1787 * 1788 * @param strings strings to free 1789 * 1790 * @ingroup krb5_support 1791 */ 1792KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1793krb5_config_free_strings (char **/*strings*/); 1794 1795/** 1796 * Like krb5_config_get_bool() but with a va_list list of 1797 * configuration selection. 1798 * 1799 * Configuration value to a boolean value, where yes/true and any 1800 * non-zero number means TRUE and other value is FALSE. 1801 * 1802 * @param context A Kerberos 5 context. 1803 * @param c a configuration section, or NULL to use the section from context 1804 * @param ... a list of names, terminated with NULL. 1805 * 1806 * @return TRUE or FALSE 1807 * 1808 * @ingroup krb5_support 1809 */ 1810KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1811krb5_config_get_bool ( 1812 krb5_context /*context*/, 1813 const krb5_config_section */*c*/, 1814 ...); 1815 1816/** 1817 * krb5_config_get_bool_default() will convert the configuration 1818 * option value to a boolean value, where yes/true and any non-zero 1819 * number means TRUE and other value is FALSE. 1820 * 1821 * @param context A Kerberos 5 context. 1822 * @param c a configuration section, or NULL to use the section from context 1823 * @param def_value the default value to return if no configuration 1824 * found in the database. 1825 * @param ... a list of names, terminated with NULL. 1826 * 1827 * @return TRUE or FALSE 1828 * 1829 * @ingroup krb5_support 1830 */ 1831KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1832krb5_config_get_bool_default ( 1833 krb5_context /*context*/, 1834 const krb5_config_section */*c*/, 1835 krb5_boolean /*def_value*/, 1836 ...); 1837 1838KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1839krb5_config_get_int ( 1840 krb5_context /*context*/, 1841 const krb5_config_section */*c*/, 1842 ...); 1843 1844KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1845krb5_config_get_int_default ( 1846 krb5_context /*context*/, 1847 const krb5_config_section */*c*/, 1848 int /*def_value*/, 1849 ...); 1850 1851/** 1852 * Get a list of configuration binding list for more processing 1853 * 1854 * @param context A Kerberos 5 context. 1855 * @param c a configuration section, or NULL to use the section from context 1856 * @param ... a list of names, terminated with NULL. 1857 * 1858 * @return NULL if configuration list is not found, a list otherwise 1859 * 1860 * @ingroup krb5_support 1861 */ 1862KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 1863krb5_config_get_list ( 1864 krb5_context /*context*/, 1865 const krb5_config_section */*c*/, 1866 ...); 1867 1868/** 1869 * Returns a "const char *" to a string in the configuration database. 1870 * The string may not be valid after a reload of the configuration 1871 * database so a caller should make a local copy if it needs to keep 1872 * the string. 1873 * 1874 * @param context A Kerberos 5 context. 1875 * @param c a configuration section, or NULL to use the section from context 1876 * @param ... a list of names, terminated with NULL. 1877 * 1878 * @return NULL if configuration string not found, a string otherwise 1879 * 1880 * @ingroup krb5_support 1881 */ 1882KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1883krb5_config_get_string ( 1884 krb5_context /*context*/, 1885 const krb5_config_section */*c*/, 1886 ...); 1887 1888/** 1889 * Like krb5_config_get_string(), but instead of returning NULL, 1890 * instead return a default value. 1891 * 1892 * @param context A Kerberos 5 context. 1893 * @param c a configuration section, or NULL to use the section from context 1894 * @param def_value the default value to return if no configuration 1895 * found in the database. 1896 * @param ... a list of names, terminated with NULL. 1897 * 1898 * @return a configuration string 1899 * 1900 * @ingroup krb5_support 1901 */ 1902KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1903krb5_config_get_string_default ( 1904 krb5_context /*context*/, 1905 const krb5_config_section */*c*/, 1906 const char */*def_value*/, 1907 ...); 1908 1909/** 1910 * Get a list of configuration strings, free the result with 1911 * krb5_config_free_strings(). 1912 * 1913 * @param context A Kerberos 5 context. 1914 * @param c a configuration section, or NULL to use the section from context 1915 * @param ... a list of names, terminated with NULL. 1916 * 1917 * @return TRUE or FALSE 1918 * 1919 * @ingroup krb5_support 1920 */ 1921KRB5_LIB_FUNCTION char** KRB5_LIB_CALL 1922krb5_config_get_strings ( 1923 krb5_context /*context*/, 1924 const krb5_config_section */*c*/, 1925 ...); 1926 1927/** 1928 * Get the time from the configuration file using a relative time, for example: 1h30s 1929 * 1930 * @param context A Kerberos 5 context. 1931 * @param c a configuration section, or NULL to use the section from context 1932 * @param ... a list of names, terminated with NULL. 1933 * 1934 * @return parsed the time or -1 on error 1935 * 1936 * @ingroup krb5_support 1937 */ 1938KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 1939krb5_config_get_time ( 1940 krb5_context /*context*/, 1941 const krb5_config_section */*c*/, 1942 ...); 1943 1944/** 1945 * Get the time from the configuration file using a relative time, for example: 1h30s 1946 * 1947 * @param context A Kerberos 5 context. 1948 * @param c a configuration section, or NULL to use the section from context 1949 * @param def_value the default value to return if no configuration 1950 * found in the database. 1951 * @param ... a list of names, terminated with NULL. 1952 * 1953 * @return parsed the time (or def_value on parse error) 1954 * 1955 * @ingroup krb5_support 1956 */ 1957KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 1958krb5_config_get_time_default ( 1959 krb5_context /*context*/, 1960 const krb5_config_section */*c*/, 1961 krb5_deltat /*def_value*/, 1962 ...); 1963 1964/** 1965 * If the fname starts with "~/" parse configuration file in the 1966 * current users home directory. The behavior can be disabled and 1967 * enabled by calling krb5_set_home_dir_access(). 1968 */ 1969KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1970krb5_config_parse_file ( 1971 krb5_context /*context*/, 1972 const char */*fname*/, 1973 krb5_config_section **/*res*/); 1974 1975/** 1976 * Parse a configuration file and add the result into res. This 1977 * interface can be used to parse several configuration files into one 1978 * resulting krb5_config_section by calling it repeatably. 1979 * 1980 * @param context a Kerberos 5 context. 1981 * @param fname a file name to a Kerberos configuration file 1982 * @param res the returned result, must be free with krb5_free_config_files(). 1983 * @return Return an error code or 0, see krb5_get_error_message(). 1984 * 1985 * @ingroup krb5_support 1986 */ 1987KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1988krb5_config_parse_file_multi ( 1989 krb5_context /*context*/, 1990 const char */*fname*/, 1991 krb5_config_section **/*res*/); 1992 1993/** 1994 * Deprecated: configuration files are not strings 1995 * 1996 * @ingroup krb5_deprecated 1997 */ 1998KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1999krb5_config_parse_string_multi ( 2000 krb5_context /*context*/, 2001 const char */*string*/, 2002 krb5_config_section **/*res*/) 2003 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2004 2005/** 2006 * krb5_config_get_bool() will convert the configuration 2007 * option value to a boolean value, where yes/true and any non-zero 2008 * number means TRUE and other value is FALSE. 2009 * 2010 * @param context A Kerberos 5 context. 2011 * @param c a configuration section, or NULL to use the section from context 2012 * @param args a va_list of arguments 2013 * 2014 * @return TRUE or FALSE 2015 * 2016 * @ingroup krb5_support 2017 */ 2018KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2019krb5_config_vget_bool ( 2020 krb5_context /*context*/, 2021 const krb5_config_section */*c*/, 2022 va_list /*args*/); 2023 2024/** 2025 * Like krb5_config_get_bool_default() but with a va_list list of 2026 * configuration selection. 2027 * 2028 * Configuration value to a boolean value, where yes/true and any 2029 * non-zero number means TRUE and other value is FALSE. 2030 * 2031 * @param context A Kerberos 5 context. 2032 * @param c a configuration section, or NULL to use the section from context 2033 * @param def_value the default value to return if no configuration 2034 * found in the database. 2035 * @param args a va_list of arguments 2036 * 2037 * @return TRUE or FALSE 2038 * 2039 * @ingroup krb5_support 2040 */ 2041KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2042krb5_config_vget_bool_default ( 2043 krb5_context /*context*/, 2044 const krb5_config_section */*c*/, 2045 krb5_boolean /*def_value*/, 2046 va_list /*args*/); 2047 2048KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2049krb5_config_vget_int ( 2050 krb5_context /*context*/, 2051 const krb5_config_section */*c*/, 2052 va_list /*args*/); 2053 2054KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2055krb5_config_vget_int_default ( 2056 krb5_context /*context*/, 2057 const krb5_config_section */*c*/, 2058 int /*def_value*/, 2059 va_list /*args*/); 2060 2061/** 2062 * Get a list of configuration binding list for more processing 2063 * 2064 * @param context A Kerberos 5 context. 2065 * @param c a configuration section, or NULL to use the section from context 2066 * @param args a va_list of arguments 2067 * 2068 * @return NULL if configuration list is not found, a list otherwise 2069 * 2070 * @ingroup krb5_support 2071 */ 2072KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 2073krb5_config_vget_list ( 2074 krb5_context /*context*/, 2075 const krb5_config_section */*c*/, 2076 va_list /*args*/); 2077 2078/** 2079 * Like krb5_config_get_string(), but uses a va_list instead of ... 2080 * 2081 * @param context A Kerberos 5 context. 2082 * @param c a configuration section, or NULL to use the section from context 2083 * @param args a va_list of arguments 2084 * 2085 * @return NULL if configuration string not found, a string otherwise 2086 * 2087 * @ingroup krb5_support 2088 */ 2089KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2090krb5_config_vget_string ( 2091 krb5_context /*context*/, 2092 const krb5_config_section */*c*/, 2093 va_list /*args*/); 2094 2095/** 2096 * Like krb5_config_vget_string(), but instead of returning NULL, 2097 * instead return a default value. 2098 * 2099 * @param context A Kerberos 5 context. 2100 * @param c a configuration section, or NULL to use the section from context 2101 * @param def_value the default value to return if no configuration 2102 * found in the database. 2103 * @param args a va_list of arguments 2104 * 2105 * @return a configuration string 2106 * 2107 * @ingroup krb5_support 2108 */ 2109KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2110krb5_config_vget_string_default ( 2111 krb5_context /*context*/, 2112 const krb5_config_section */*c*/, 2113 const char */*def_value*/, 2114 va_list /*args*/); 2115 2116/** 2117 * Get a list of configuration strings, free the result with 2118 * krb5_config_free_strings(). 2119 * 2120 * @param context A Kerberos 5 context. 2121 * @param c a configuration section, or NULL to use the section from context 2122 * @param args a va_list of arguments 2123 * 2124 * @return TRUE or FALSE 2125 * 2126 * @ingroup krb5_support 2127 */ 2128KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL 2129krb5_config_vget_strings ( 2130 krb5_context /*context*/, 2131 const krb5_config_section */*c*/, 2132 va_list /*args*/); 2133 2134/** 2135 * Get the time from the configuration file using a relative time, for example: 1h30s 2136 * 2137 * @param context A Kerberos 5 context. 2138 * @param c a configuration section, or NULL to use the section from context 2139 * @param args a va_list of arguments 2140 * 2141 * @return parsed the time or -1 on error 2142 * 2143 * @ingroup krb5_support 2144 */ 2145KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 2146krb5_config_vget_time ( 2147 krb5_context /*context*/, 2148 const krb5_config_section */*c*/, 2149 va_list /*args*/); 2150 2151/** 2152 * Get the time from the configuration file using a relative time. 2153 * 2154 * Like krb5_config_get_time_default() but with a va_list list of 2155 * configuration selection. 2156 * 2157 * @param context A Kerberos 5 context. 2158 * @param c a configuration section, or NULL to use the section from context 2159 * @param def_value the default value to return if no configuration 2160 * found in the database. 2161 * @param args a va_list of arguments 2162 * 2163 * @return parsed the time (or def_value on parse error) 2164 * 2165 * @ingroup krb5_support 2166 */ 2167KRB5_LIB_FUNCTION krb5_deltat KRB5_LIB_CALL 2168krb5_config_vget_time_default ( 2169 krb5_context /*context*/, 2170 const krb5_config_section */*c*/, 2171 krb5_deltat /*def_value*/, 2172 va_list /*args*/); 2173 2174/** 2175 * krb5_copy_address copies the content of address 2176 * inaddr to outaddr. 2177 * 2178 * @param context a Keberos context 2179 * @param inaddr pointer to source address 2180 * @param outaddr pointer to destination address 2181 * 2182 * @return Return an error code or 0. 2183 * 2184 * @ingroup krb5_address 2185 */ 2186KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2187krb5_copy_address ( 2188 krb5_context /*context*/, 2189 const krb5_address */*inaddr*/, 2190 krb5_address */*outaddr*/); 2191 2192/** 2193 * krb5_copy_addresses copies the content of addresses 2194 * inaddr to outaddr. 2195 * 2196 * @param context a Keberos context 2197 * @param inaddr pointer to source addresses 2198 * @param outaddr pointer to destination addresses 2199 * 2200 * @return Return an error code or 0. 2201 * 2202 * @ingroup krb5_address 2203 */ 2204KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2205krb5_copy_addresses ( 2206 krb5_context /*context*/, 2207 const krb5_addresses */*inaddr*/, 2208 krb5_addresses */*outaddr*/); 2209 2210KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2211krb5_copy_checksum ( 2212 krb5_context /*context*/, 2213 const krb5_checksum */*old*/, 2214 krb5_checksum **/*new*/); 2215 2216/** 2217 * Make a copy for the Kerberos 5 context, the new krb5_context shoud 2218 * be freed with krb5_free_context(). 2219 * 2220 * @param context the Kerberos context to copy 2221 * @param out the copy of the Kerberos, set to NULL error. 2222 * 2223 * @return Returns 0 to indicate success. Otherwise an kerberos et 2224 * error code is returned, see krb5_get_error_message(). 2225 * 2226 * @ingroup krb5 2227 */ 2228KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2229krb5_copy_context ( 2230 krb5_context /*context*/, 2231 krb5_context */*out*/); 2232 2233/** 2234 * Copy krb5_creds. 2235 * 2236 * @param context Kerberos 5 context. 2237 * @param incred source credential 2238 * @param outcred destination credential, free with krb5_free_creds(). 2239 * 2240 * @return Returns 0 to indicate success. Otherwise an kerberos et 2241 * error code is returned, see krb5_get_error_message(). 2242 * 2243 * @ingroup krb5 2244 */ 2245KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2246krb5_copy_creds ( 2247 krb5_context /*context*/, 2248 const krb5_creds */*incred*/, 2249 krb5_creds **/*outcred*/); 2250 2251/** 2252 * Copy content of krb5_creds. 2253 * 2254 * @param context Kerberos 5 context. 2255 * @param incred source credential 2256 * @param c destination credential, free with krb5_free_cred_contents(). 2257 * 2258 * @return Returns 0 to indicate success. Otherwise an kerberos et 2259 * error code is returned, see krb5_get_error_message(). 2260 * 2261 * @ingroup krb5 2262 */ 2263KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2264krb5_copy_creds_contents ( 2265 krb5_context /*context*/, 2266 const krb5_creds */*incred*/, 2267 krb5_creds */*c*/); 2268 2269/** 2270 * Copy the data into a newly allocated krb5_data. 2271 * 2272 * @param context Kerberos 5 context. 2273 * @param indata the krb5_data data to copy 2274 * @param outdata new krb5_date to copy too. Free with krb5_free_data(). 2275 * 2276 * @return Returns 0 to indicate success. Otherwise an kerberos et 2277 * error code is returned. 2278 * 2279 * @ingroup krb5 2280 */ 2281KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2282krb5_copy_data ( 2283 krb5_context /*context*/, 2284 const krb5_data */*indata*/, 2285 krb5_data **/*outdata*/); 2286 2287/** 2288 * Copy the list of realms from `from' to `to'. 2289 * 2290 * @param context Kerberos 5 context. 2291 * @param from list of realms to copy from. 2292 * @param to list of realms to copy to, free list of krb5_free_host_realm(). 2293 * 2294 * @return Returns 0 to indicate success. Otherwise an kerberos et 2295 * error code is returned, see krb5_get_error_message(). 2296 * 2297 * @ingroup krb5 2298 */ 2299KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2300krb5_copy_host_realm ( 2301 krb5_context /*context*/, 2302 const krb5_realm */*from*/, 2303 krb5_realm **/*to*/); 2304 2305/** 2306 * Copy a keyblock, free the output keyblock with 2307 * krb5_free_keyblock(). 2308 * 2309 * @param context a Kerberos 5 context 2310 * @param inblock the key to copy 2311 * @param to the output key. 2312 * 2313 * @return 0 on success or a Kerberos 5 error code 2314 * 2315 * @ingroup krb5_crypto 2316 */ 2317KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2318krb5_copy_keyblock ( 2319 krb5_context /*context*/, 2320 const krb5_keyblock */*inblock*/, 2321 krb5_keyblock **/*to*/); 2322 2323/** 2324 * Copy a keyblock, free the output keyblock with 2325 * krb5_free_keyblock_contents(). 2326 * 2327 * @param context a Kerberos 5 context 2328 * @param inblock the key to copy 2329 * @param to the output key. 2330 * 2331 * @return 0 on success or a Kerberos 5 error code 2332 * 2333 * @ingroup krb5_crypto 2334 */ 2335KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2336krb5_copy_keyblock_contents ( 2337 krb5_context /*context*/, 2338 const krb5_keyblock */*inblock*/, 2339 krb5_keyblock */*to*/); 2340 2341/** 2342 * Copy a principal 2343 * 2344 * @param context A Kerberos context. 2345 * @param inprinc principal to copy 2346 * @param outprinc copied principal, free with krb5_free_principal() 2347 * 2348 * @return An krb5 error code, see krb5_get_error_message(). 2349 * 2350 * @ingroup krb5_principal 2351 */ 2352KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2353krb5_copy_principal ( 2354 krb5_context /*context*/, 2355 krb5_const_principal /*inprinc*/, 2356 krb5_principal */*outprinc*/); 2357 2358/** 2359 * Copy ticket and content 2360 * 2361 * @param context a Kerberos 5 context 2362 * @param from ticket to copy 2363 * @param to new copy of ticket, free with krb5_free_ticket() 2364 * 2365 * @return Returns 0 to indicate success. Otherwise an kerberos et 2366 * error code is returned, see krb5_get_error_message(). 2367 * 2368 * @ingroup krb5 2369 */ 2370KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2371krb5_copy_ticket ( 2372 krb5_context /*context*/, 2373 const krb5_ticket */*from*/, 2374 krb5_ticket **/*to*/); 2375 2376KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2377krb5_create_checksum ( 2378 krb5_context /*context*/, 2379 krb5_crypto /*crypto*/, 2380 krb5_key_usage /*usage*/, 2381 int /*type*/, 2382 void */*data*/, 2383 size_t /*len*/, 2384 Checksum */*result*/); 2385 2386/** 2387 * Create a Kerberos message checksum. 2388 * 2389 * @param context Kerberos context 2390 * @param crypto Kerberos crypto context 2391 * @param usage Key usage for this buffer 2392 * @param data array of buffers to process 2393 * @param num_data length of array 2394 * @param type output data 2395 * 2396 * @return Return an error code or 0. 2397 * @ingroup krb5_crypto 2398 */ 2399KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2400krb5_create_checksum_iov ( 2401 krb5_context /*context*/, 2402 krb5_crypto /*crypto*/, 2403 unsigned /*usage*/, 2404 krb5_crypto_iov */*data*/, 2405 unsigned int /*num_data*/, 2406 krb5_cksumtype */*type*/); 2407 2408/** 2409 * Returns the ticket flags for the credentials in creds. 2410 * See also krb5_ticket_get_flags(). 2411 * 2412 * @param creds credential to get ticket flags from 2413 * 2414 * @return ticket flags 2415 * 2416 * @ingroup krb5 2417 */ 2418KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 2419krb5_creds_get_ticket_flags (krb5_creds */*creds*/); 2420 2421/** 2422 * Free a crypto context created by krb5_crypto_init(). 2423 * 2424 * @param context Kerberos context 2425 * @param crypto crypto context to free 2426 * 2427 * @return Return an error code or 0. 2428 * 2429 * @ingroup krb5_crypto 2430 */ 2431KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2432krb5_crypto_destroy ( 2433 krb5_context /*context*/, 2434 krb5_crypto /*crypto*/); 2435 2436/** 2437 * The FX-CF2 key derivation function, used in FAST and preauth framework. 2438 * 2439 * @param context Kerberos 5 context 2440 * @param crypto1 first key to combine 2441 * @param crypto2 second key to combine 2442 * @param pepper1 factor to combine with first key to garante uniqueness 2443 * @param pepper2 factor to combine with second key to garante uniqueness 2444 * @param enctype the encryption type of the resulting key 2445 * @param res allocated key, free with krb5_free_keyblock_contents() 2446 * 2447 * @return Return an error code or 0. 2448 * 2449 * @ingroup krb5_crypto 2450 */ 2451KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2452krb5_crypto_fx_cf2 ( 2453 krb5_context /*context*/, 2454 const krb5_crypto /*crypto1*/, 2455 const krb5_crypto /*crypto2*/, 2456 krb5_data */*pepper1*/, 2457 krb5_data */*pepper2*/, 2458 krb5_enctype /*enctype*/, 2459 krb5_keyblock */*res*/); 2460 2461KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2462krb5_crypto_get_checksum_type ( 2463 krb5_context /*context*/, 2464 krb5_crypto /*crypto*/, 2465 krb5_cksumtype */*type*/); 2466 2467/** 2468 * Return the blocksize used algorithm referenced by the crypto context 2469 * 2470 * @param context Kerberos context 2471 * @param crypto crypto context to query 2472 * @param blocksize the resulting blocksize 2473 * 2474 * @return Return an error code or 0. 2475 * 2476 * @ingroup krb5_crypto 2477 */ 2478KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2479krb5_crypto_getblocksize ( 2480 krb5_context /*context*/, 2481 krb5_crypto /*crypto*/, 2482 size_t */*blocksize*/); 2483 2484/** 2485 * Return the confounder size used by the crypto context 2486 * 2487 * @param context Kerberos context 2488 * @param crypto crypto context to query 2489 * @param confoundersize the returned confounder size 2490 * 2491 * @return Return an error code or 0. 2492 * 2493 * @ingroup krb5_crypto 2494 */ 2495KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2496krb5_crypto_getconfoundersize ( 2497 krb5_context /*context*/, 2498 krb5_crypto /*crypto*/, 2499 size_t */*confoundersize*/); 2500 2501/** 2502 * Return the encryption type used by the crypto context 2503 * 2504 * @param context Kerberos context 2505 * @param crypto crypto context to query 2506 * @param enctype the resulting encryption type 2507 * 2508 * @return Return an error code or 0. 2509 * 2510 * @ingroup krb5_crypto 2511 */ 2512KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2513krb5_crypto_getenctype ( 2514 krb5_context /*context*/, 2515 krb5_crypto /*crypto*/, 2516 krb5_enctype */*enctype*/); 2517 2518/** 2519 * Return the padding size used by the crypto context 2520 * 2521 * @param context Kerberos context 2522 * @param crypto crypto context to query 2523 * @param padsize the return padding size 2524 * 2525 * @return Return an error code or 0. 2526 * 2527 * @ingroup krb5_crypto 2528 */ 2529KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2530krb5_crypto_getpadsize ( 2531 krb5_context /*context*/, 2532 krb5_crypto /*crypto*/, 2533 size_t */*padsize*/); 2534 2535/** 2536 * Create a crypto context used for all encryption and signature 2537 * operation. The encryption type to use is taken from the key, but 2538 * can be overridden with the enctype parameter. This can be useful 2539 * for encryptions types which is compatiable (DES for example). 2540 * 2541 * To free the crypto context, use krb5_crypto_destroy(). 2542 * 2543 * @param context Kerberos context 2544 * @param key the key block information with all key data 2545 * @param etype the encryption type 2546 * @param crypto the resulting crypto context 2547 * 2548 * @return Return an error code or 0. 2549 * 2550 * @ingroup krb5_crypto 2551 */ 2552KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2553krb5_crypto_init ( 2554 krb5_context /*context*/, 2555 const krb5_keyblock */*key*/, 2556 krb5_enctype /*etype*/, 2557 krb5_crypto */*crypto*/); 2558 2559KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2560krb5_crypto_length ( 2561 krb5_context /*context*/, 2562 krb5_crypto /*crypto*/, 2563 int /*type*/, 2564 size_t */*len*/); 2565 2566KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2567krb5_crypto_length_iov ( 2568 krb5_context /*context*/, 2569 krb5_crypto /*crypto*/, 2570 krb5_crypto_iov */*data*/, 2571 unsigned int /*num_data*/); 2572 2573size_t 2574krb5_crypto_overhead ( 2575 krb5_context /*context*/, 2576 krb5_crypto /*crypto*/); 2577 2578KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2579krb5_crypto_prf ( 2580 krb5_context /*context*/, 2581 const krb5_crypto /*crypto*/, 2582 const krb5_data */*input*/, 2583 krb5_data */*output*/); 2584 2585KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2586krb5_crypto_prf_length ( 2587 krb5_context /*context*/, 2588 krb5_enctype /*type*/, 2589 size_t */*length*/); 2590 2591/** 2592 * Allocate data of and krb5_data. 2593 * 2594 * @param p krb5_data to allocate. 2595 * @param len size to allocate. 2596 * 2597 * @return Returns 0 to indicate success. Otherwise an kerberos et 2598 * error code is returned. 2599 * 2600 * @ingroup krb5 2601 */ 2602KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2603krb5_data_alloc ( 2604 krb5_data */*p*/, 2605 size_t /*len*/); 2606 2607/** 2608 * Compare to data. 2609 * 2610 * @param data1 krb5_data to compare 2611 * @param data2 krb5_data to compare 2612 * 2613 * @return return the same way as memcmp(), useful when sorting. 2614 * 2615 * @ingroup krb5 2616 */ 2617KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2618krb5_data_cmp ( 2619 const krb5_data */*data1*/, 2620 const krb5_data */*data2*/); 2621 2622/** 2623 * Copy the data of len into the krb5_data. 2624 * 2625 * @param p krb5_data to copy into. 2626 * @param data data to copy.. 2627 * @param len new size. 2628 * 2629 * @return Returns 0 to indicate success. Otherwise an kerberos et 2630 * error code is returned. 2631 * 2632 * @ingroup krb5 2633 */ 2634KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2635krb5_data_copy ( 2636 krb5_data */*p*/, 2637 const void */*data*/, 2638 size_t /*len*/); 2639 2640/** 2641 * Compare to data not exposing timing information from the checksum data 2642 * 2643 * @param data1 krb5_data to compare 2644 * @param data2 krb5_data to compare 2645 * 2646 * @return returns zero for same data, otherwise non zero. 2647 * 2648 * @ingroup krb5 2649 */ 2650KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2651krb5_data_ct_cmp ( 2652 const krb5_data */*data1*/, 2653 const krb5_data */*data2*/); 2654 2655/** 2656 * Print using a printf formater into a krb5_data. 2657 * 2658 * NUL is not included in the length, but the string is allocated with 2659 * one so its safe to print the string using "%s" if there is no 2660 * embedded NULs. 2661 * 2662 */ 2663KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2664krb5_data_format ( 2665 krb5_data */*data*/, 2666 const char */*fmt*/, 2667 ...) 2668 HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)); 2669 2670/** 2671 * Free the content of krb5_data structure, its ok to free a zeroed 2672 * structure (with memset() or krb5_data_zero()). When done, the 2673 * structure will be zeroed. The same function is called 2674 * krb5_free_data_contents() in MIT Kerberos. 2675 * 2676 * @param p krb5_data to free. 2677 * 2678 * @ingroup krb5 2679 */ 2680KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2681krb5_data_free (krb5_data */*p*/); 2682 2683/** 2684 * Grow (or shrink) the content of krb5_data to a new size. 2685 * 2686 * @param p krb5_data to free. 2687 * @param len new size. 2688 * 2689 * @return Returns 0 to indicate success. Otherwise an kerberos et 2690 * error code is returned. 2691 * 2692 * @ingroup krb5 2693 */ 2694KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2695krb5_data_realloc ( 2696 krb5_data */*p*/, 2697 size_t /*len*/); 2698 2699/** 2700 * Reset the (potentially uninitalized) krb5_data structure. 2701 * 2702 * @param p krb5_data to reset. 2703 * 2704 * @ingroup krb5 2705 */ 2706KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2707krb5_data_zero (krb5_data */*p*/); 2708 2709KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2710krb5_decode_Authenticator ( 2711 krb5_context /*context*/, 2712 const void */*data*/, 2713 size_t /*length*/, 2714 Authenticator */*t*/, 2715 size_t */*len*/) 2716 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2717 2718KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2719krb5_decode_ETYPE_INFO ( 2720 krb5_context /*context*/, 2721 const void */*data*/, 2722 size_t /*length*/, 2723 ETYPE_INFO */*t*/, 2724 size_t */*len*/) 2725 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2726 2727KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2728krb5_decode_ETYPE_INFO2 ( 2729 krb5_context /*context*/, 2730 const void */*data*/, 2731 size_t /*length*/, 2732 ETYPE_INFO2 */*t*/, 2733 size_t */*len*/) 2734 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2735 2736KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2737krb5_decode_EncAPRepPart ( 2738 krb5_context /*context*/, 2739 const void */*data*/, 2740 size_t /*length*/, 2741 EncAPRepPart */*t*/, 2742 size_t */*len*/) 2743 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2744 2745KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2746krb5_decode_EncASRepPart ( 2747 krb5_context /*context*/, 2748 const void */*data*/, 2749 size_t /*length*/, 2750 EncASRepPart */*t*/, 2751 size_t */*len*/) 2752 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2753 2754KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2755krb5_decode_EncKrbCredPart ( 2756 krb5_context /*context*/, 2757 const void */*data*/, 2758 size_t /*length*/, 2759 EncKrbCredPart */*t*/, 2760 size_t */*len*/) 2761 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2762 2763KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2764krb5_decode_EncTGSRepPart ( 2765 krb5_context /*context*/, 2766 const void */*data*/, 2767 size_t /*length*/, 2768 EncTGSRepPart */*t*/, 2769 size_t */*len*/) 2770 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2771 2772KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2773krb5_decode_EncTicketPart ( 2774 krb5_context /*context*/, 2775 const void */*data*/, 2776 size_t /*length*/, 2777 EncTicketPart */*t*/, 2778 size_t */*len*/) 2779 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2780 2781KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2782krb5_decode_ap_req ( 2783 krb5_context /*context*/, 2784 const krb5_data */*inbuf*/, 2785 krb5_ap_req */*ap_req*/); 2786 2787KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2788krb5_decrypt ( 2789 krb5_context /*context*/, 2790 krb5_crypto /*crypto*/, 2791 unsigned /*usage*/, 2792 void */*data*/, 2793 size_t /*len*/, 2794 krb5_data */*result*/); 2795 2796KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2797krb5_decrypt_EncryptedData ( 2798 krb5_context /*context*/, 2799 krb5_crypto /*crypto*/, 2800 unsigned /*usage*/, 2801 const EncryptedData */*e*/, 2802 krb5_data */*result*/); 2803 2804/** 2805 * Inline decrypt a Kerberos message. 2806 * 2807 * @param context Kerberos context 2808 * @param crypto Kerberos crypto context 2809 * @param usage Key usage for this buffer 2810 * @param data array of buffers to process 2811 * @param num_data length of array 2812 * @param ivec initial cbc/cts vector 2813 * 2814 * @return Return an error code or 0. 2815 * @ingroup krb5_crypto 2816 * 2817 * 1. KRB5_CRYPTO_TYPE_HEADER 2818 * 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in 2819 * any order, however the receiver have to aware of the 2820 * order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted 2821 * protocol headers and trailers. The output data will be of same 2822 * size as the input data or shorter. 2823 */ 2824KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2825krb5_decrypt_iov_ivec ( 2826 krb5_context /*context*/, 2827 krb5_crypto /*crypto*/, 2828 unsigned /*usage*/, 2829 krb5_crypto_iov */*data*/, 2830 unsigned int /*num_data*/, 2831 void */*ivec*/); 2832 2833KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2834krb5_decrypt_ivec ( 2835 krb5_context /*context*/, 2836 krb5_crypto /*crypto*/, 2837 unsigned /*usage*/, 2838 void */*data*/, 2839 size_t /*len*/, 2840 krb5_data */*result*/, 2841 void */*ivec*/); 2842 2843KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2844krb5_decrypt_ticket ( 2845 krb5_context /*context*/, 2846 Ticket */*ticket*/, 2847 krb5_keyblock */*key*/, 2848 EncTicketPart */*out*/, 2849 krb5_flags /*flags*/); 2850 2851KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2852krb5_derive_key ( 2853 krb5_context /*context*/, 2854 const krb5_keyblock */*key*/, 2855 krb5_enctype /*etype*/, 2856 const void */*constant*/, 2857 size_t /*constant_len*/, 2858 krb5_keyblock **/*derived_key*/); 2859 2860KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2861krb5_digest_alloc ( 2862 krb5_context /*context*/, 2863 krb5_digest */*digest*/); 2864 2865KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2866krb5_digest_free (krb5_digest /*digest*/); 2867 2868KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2869krb5_digest_get_client_binding ( 2870 krb5_context /*context*/, 2871 krb5_digest /*digest*/, 2872 char **/*type*/, 2873 char **/*binding*/); 2874 2875KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2876krb5_digest_get_identifier ( 2877 krb5_context /*context*/, 2878 krb5_digest /*digest*/); 2879 2880KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2881krb5_digest_get_opaque ( 2882 krb5_context /*context*/, 2883 krb5_digest /*digest*/); 2884 2885KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2886krb5_digest_get_rsp ( 2887 krb5_context /*context*/, 2888 krb5_digest /*digest*/); 2889 2890KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2891krb5_digest_get_server_nonce ( 2892 krb5_context /*context*/, 2893 krb5_digest /*digest*/); 2894 2895KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2896krb5_digest_get_session_key ( 2897 krb5_context /*context*/, 2898 krb5_digest /*digest*/, 2899 krb5_data */*data*/); 2900 2901KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2902krb5_digest_get_tickets ( 2903 krb5_context /*context*/, 2904 krb5_digest /*digest*/, 2905 Ticket **/*tickets*/); 2906 2907KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2908krb5_digest_init_request ( 2909 krb5_context /*context*/, 2910 krb5_digest /*digest*/, 2911 krb5_realm /*realm*/, 2912 krb5_ccache /*ccache*/); 2913 2914/** 2915 * Get the supported/allowed mechanism for this principal. 2916 * 2917 * @param context A Keberos context. 2918 * @param realm The realm of the KDC. 2919 * @param ccache The credential cache to use when talking to the KDC. 2920 * @param flags The supported mechanism. 2921 * 2922 * @return Return an error code or 0. 2923 * 2924 * @ingroup krb5_digest 2925 */ 2926KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2927krb5_digest_probe ( 2928 krb5_context /*context*/, 2929 krb5_realm /*realm*/, 2930 krb5_ccache /*ccache*/, 2931 unsigned */*flags*/); 2932 2933KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2934krb5_digest_rep_get_status ( 2935 krb5_context /*context*/, 2936 krb5_digest /*digest*/); 2937 2938KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2939krb5_digest_request ( 2940 krb5_context /*context*/, 2941 krb5_digest /*digest*/, 2942 krb5_realm /*realm*/, 2943 krb5_ccache /*ccache*/); 2944 2945KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2946krb5_digest_set_authentication_user ( 2947 krb5_context /*context*/, 2948 krb5_digest /*digest*/, 2949 krb5_principal /*authentication_user*/); 2950 2951KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2952krb5_digest_set_authid ( 2953 krb5_context /*context*/, 2954 krb5_digest /*digest*/, 2955 const char */*authid*/); 2956 2957KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2958krb5_digest_set_client_nonce ( 2959 krb5_context /*context*/, 2960 krb5_digest /*digest*/, 2961 const char */*nonce*/); 2962 2963KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2964krb5_digest_set_digest ( 2965 krb5_context /*context*/, 2966 krb5_digest /*digest*/, 2967 const char */*dgst*/); 2968 2969KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2970krb5_digest_set_hostname ( 2971 krb5_context /*context*/, 2972 krb5_digest /*digest*/, 2973 const char */*hostname*/); 2974 2975KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2976krb5_digest_set_identifier ( 2977 krb5_context /*context*/, 2978 krb5_digest /*digest*/, 2979 const char */*id*/); 2980 2981KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2982krb5_digest_set_method ( 2983 krb5_context /*context*/, 2984 krb5_digest /*digest*/, 2985 const char */*method*/); 2986 2987KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2988krb5_digest_set_nonceCount ( 2989 krb5_context /*context*/, 2990 krb5_digest /*digest*/, 2991 const char */*nonce_count*/); 2992 2993KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2994krb5_digest_set_opaque ( 2995 krb5_context /*context*/, 2996 krb5_digest /*digest*/, 2997 const char */*opaque*/); 2998 2999KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3000krb5_digest_set_qop ( 3001 krb5_context /*context*/, 3002 krb5_digest /*digest*/, 3003 const char */*qop*/); 3004 3005KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3006krb5_digest_set_realm ( 3007 krb5_context /*context*/, 3008 krb5_digest /*digest*/, 3009 const char */*realm*/); 3010 3011KRB5_LIB_FUNCTION int KRB5_LIB_CALL 3012krb5_digest_set_responseData ( 3013 krb5_context /*context*/, 3014 krb5_digest /*digest*/, 3015 const char */*response*/); 3016 3017KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3018krb5_digest_set_server_cb ( 3019 krb5_context /*context*/, 3020 krb5_digest /*digest*/, 3021 const char */*type*/, 3022 const char */*binding*/); 3023 3024KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3025krb5_digest_set_server_nonce ( 3026 krb5_context /*context*/, 3027 krb5_digest /*digest*/, 3028 const char */*nonce*/); 3029 3030KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3031krb5_digest_set_type ( 3032 krb5_context /*context*/, 3033 krb5_digest /*digest*/, 3034 const char */*type*/); 3035 3036KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3037krb5_digest_set_uri ( 3038 krb5_context /*context*/, 3039 krb5_digest /*digest*/, 3040 const char */*uri*/); 3041 3042KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3043krb5_digest_set_username ( 3044 krb5_context /*context*/, 3045 krb5_digest /*digest*/, 3046 const char */*username*/); 3047 3048KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3049krb5_domain_x500_decode ( 3050 krb5_context /*context*/, 3051 krb5_data /*tr*/, 3052 char ***/*realms*/, 3053 unsigned int */*num_realms*/, 3054 const char */*client_realm*/, 3055 const char */*server_realm*/); 3056 3057KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3058krb5_domain_x500_encode ( 3059 char **/*realms*/, 3060 unsigned int /*num_realms*/, 3061 krb5_data */*encoding*/); 3062 3063/** 3064 * Convert the getaddrinfo() error code to a Kerberos et error code. 3065 * 3066 * @param eai_errno contains the error code from getaddrinfo(). 3067 * @param system_error should have the value of errno after the failed getaddrinfo(). 3068 * 3069 * @return Kerberos error code representing the EAI errors. 3070 * 3071 * @ingroup krb5_error 3072 */ 3073KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3074krb5_eai_to_heim_errno ( 3075 int /*eai_errno*/, 3076 int /*system_error*/); 3077 3078KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3079krb5_encode_Authenticator ( 3080 krb5_context /*context*/, 3081 void */*data*/, 3082 size_t /*length*/, 3083 Authenticator */*t*/, 3084 size_t */*len*/) 3085 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3086 3087KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3088krb5_encode_ETYPE_INFO ( 3089 krb5_context /*context*/, 3090 void */*data*/, 3091 size_t /*length*/, 3092 ETYPE_INFO */*t*/, 3093 size_t */*len*/) 3094 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3095 3096KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3097krb5_encode_ETYPE_INFO2 ( 3098 krb5_context /*context*/, 3099 void */*data*/, 3100 size_t /*length*/, 3101 ETYPE_INFO2 */*t*/, 3102 size_t */*len*/) 3103 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3104 3105KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3106krb5_encode_EncAPRepPart ( 3107 krb5_context /*context*/, 3108 void */*data*/, 3109 size_t /*length*/, 3110 EncAPRepPart */*t*/, 3111 size_t */*len*/) 3112 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3113 3114KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3115krb5_encode_EncASRepPart ( 3116 krb5_context /*context*/, 3117 void */*data*/, 3118 size_t /*length*/, 3119 EncASRepPart */*t*/, 3120 size_t */*len*/) 3121 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3122 3123KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3124krb5_encode_EncKrbCredPart ( 3125 krb5_context /*context*/, 3126 void */*data*/, 3127 size_t /*length*/, 3128 EncKrbCredPart */*t*/, 3129 size_t */*len*/) 3130 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3131 3132KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3133krb5_encode_EncTGSRepPart ( 3134 krb5_context /*context*/, 3135 void */*data*/, 3136 size_t /*length*/, 3137 EncTGSRepPart */*t*/, 3138 size_t */*len*/) 3139 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3140 3141KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3142krb5_encode_EncTicketPart ( 3143 krb5_context /*context*/, 3144 void */*data*/, 3145 size_t /*length*/, 3146 EncTicketPart */*t*/, 3147 size_t */*len*/) 3148 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3149 3150KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3151krb5_encrypt ( 3152 krb5_context /*context*/, 3153 krb5_crypto /*crypto*/, 3154 unsigned /*usage*/, 3155 const void */*data*/, 3156 size_t /*len*/, 3157 krb5_data */*result*/); 3158 3159KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3160krb5_encrypt_EncryptedData ( 3161 krb5_context /*context*/, 3162 krb5_crypto /*crypto*/, 3163 unsigned /*usage*/, 3164 void */*data*/, 3165 size_t /*len*/, 3166 int /*kvno*/, 3167 EncryptedData */*result*/); 3168 3169/** 3170 * Inline encrypt a kerberos message 3171 * 3172 * @param context Kerberos context 3173 * @param crypto Kerberos crypto context 3174 * @param usage Key usage for this buffer 3175 * @param data array of buffers to process 3176 * @param num_data length of array 3177 * @param ivec initial cbc/cts vector 3178 * 3179 * @return Return an error code or 0. 3180 * @ingroup krb5_crypto 3181 * 3182 * Kerberos encrypted data look like this: 3183 * 3184 * 1. KRB5_CRYPTO_TYPE_HEADER 3185 * 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] 3186 * KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver 3187 * have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is 3188 * commonly used headers and trailers. 3189 * 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 3190 * 4. KRB5_CRYPTO_TYPE_TRAILER 3191 */ 3192KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3193krb5_encrypt_iov_ivec ( 3194 krb5_context /*context*/, 3195 krb5_crypto /*crypto*/, 3196 unsigned /*usage*/, 3197 krb5_crypto_iov */*data*/, 3198 int /*num_data*/, 3199 void */*ivec*/); 3200 3201KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3202krb5_encrypt_ivec ( 3203 krb5_context /*context*/, 3204 krb5_crypto /*crypto*/, 3205 unsigned /*usage*/, 3206 const void */*data*/, 3207 size_t /*len*/, 3208 krb5_data */*result*/, 3209 void */*ivec*/); 3210 3211/** 3212 * Disable encryption type 3213 * 3214 * @param context Kerberos 5 context 3215 * @param enctype encryption type to disable 3216 * 3217 * @return Return an error code or 0. 3218 * 3219 * @ingroup krb5_crypto 3220 */ 3221KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3222krb5_enctype_disable ( 3223 krb5_context /*context*/, 3224 krb5_enctype /*enctype*/); 3225 3226/** 3227 * Enable encryption type 3228 * 3229 * @param context Kerberos 5 context 3230 * @param enctype encryption type to enable 3231 * 3232 * @return Return an error code or 0. 3233 * 3234 * @ingroup krb5_crypto 3235 */ 3236KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3237krb5_enctype_enable ( 3238 krb5_context /*context*/, 3239 krb5_enctype /*enctype*/); 3240 3241KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3242krb5_enctype_keybits ( 3243 krb5_context /*context*/, 3244 krb5_enctype /*type*/, 3245 size_t */*keybits*/); 3246 3247KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3248krb5_enctype_keysize ( 3249 krb5_context /*context*/, 3250 krb5_enctype /*type*/, 3251 size_t */*keysize*/); 3252 3253KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3254krb5_enctype_to_keytype ( 3255 krb5_context /*context*/, 3256 krb5_enctype /*etype*/, 3257 krb5_keytype */*keytype*/); 3258 3259KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3260krb5_enctype_to_string ( 3261 krb5_context /*context*/, 3262 krb5_enctype /*etype*/, 3263 char **/*string*/); 3264 3265/** 3266 * Check if a enctype is valid, return 0 if it is. 3267 * 3268 * @param context Kerberos context 3269 * @param etype enctype to check if its valid or not 3270 * 3271 * @return Return an error code for an failure or 0 on success (enctype valid). 3272 * @ingroup krb5_crypto 3273 */ 3274KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3275krb5_enctype_valid ( 3276 krb5_context /*context*/, 3277 krb5_enctype /*etype*/); 3278 3279/** 3280 * Deprecated: keytypes doesn't exists, they are really enctypes. 3281 * 3282 * @ingroup krb5_deprecated 3283 */ 3284KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3285krb5_enctypes_compatible_keys ( 3286 krb5_context /*context*/, 3287 krb5_enctype /*etype1*/, 3288 krb5_enctype /*etype2*/) 3289 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3290 3291krb5_error_code 3292krb5_enomem (krb5_context /*context*/); 3293 3294/** 3295 * Log a warning to the log, default stderr, include bthe error from 3296 * the last failure and then exit. 3297 * 3298 * @param context A Kerberos 5 context 3299 * @param eval the exit code to exit with 3300 * @param code error code of the last error 3301 * @param fmt message to print 3302 * 3303 * @ingroup krb5_error 3304 */ 3305KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3306krb5_err ( 3307 krb5_context /*context*/, 3308 int /*eval*/, 3309 krb5_error_code /*code*/, 3310 const char */*fmt*/, 3311 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 5)) 3312 HEIMDAL_NORETURN_ATTRIBUTE; 3313 3314KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3315krb5_error_from_rd_error ( 3316 krb5_context /*context*/, 3317 const krb5_error */*error*/, 3318 const krb5_creds */*creds*/); 3319 3320/** 3321 * Log a warning to the log, default stderr, and then exit. 3322 * 3323 * @param context A Kerberos 5 context 3324 * @param eval the exit code to exit with 3325 * @param fmt message to print 3326 * 3327 * @ingroup krb5_error 3328 */ 3329KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3330krb5_errx ( 3331 krb5_context /*context*/, 3332 int /*eval*/, 3333 const char */*fmt*/, 3334 ...) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)) 3335 HEIMDAL_NORETURN_ATTRIBUTE; 3336 3337/** 3338 * krb5_expand_hostname() tries to make orig_hostname into a more 3339 * canonical one in the newly allocated space returned in 3340 * new_hostname. 3341 3342 * @param context a Keberos context 3343 * @param orig_hostname hostname to canonicalise. 3344 * @param new_hostname output hostname, caller must free hostname with 3345 * krb5_xfree(). 3346 * 3347 * @return Return an error code or 0, see krb5_get_error_message(). 3348 * 3349 * @ingroup krb5_support 3350 */ 3351KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3352krb5_expand_hostname ( 3353 krb5_context /*context*/, 3354 const char */*orig_hostname*/, 3355 char **/*new_hostname*/); 3356 3357/** 3358 * krb5_expand_hostname_realms() expands orig_hostname to a name we 3359 * believe to be a hostname in newly allocated space in new_hostname 3360 * and return the realms new_hostname is believed to belong to in 3361 * realms. 3362 * 3363 * @param context a Keberos context 3364 * @param orig_hostname hostname to canonicalise. 3365 * @param new_hostname output hostname, caller must free hostname with 3366 * krb5_xfree(). 3367 * @param realms output possible realms, is an array that is terminated 3368 * with NULL. Caller must free with krb5_free_host_realm(). 3369 * 3370 * @return Return an error code or 0, see krb5_get_error_message(). 3371 * 3372 * @ingroup krb5_support 3373 */ 3374KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3375krb5_expand_hostname_realms ( 3376 krb5_context /*context*/, 3377 const char */*orig_hostname*/, 3378 char **/*new_hostname*/, 3379 char ***/*realms*/); 3380 3381KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL 3382krb5_find_padata ( 3383 PA_DATA */*val*/, 3384 unsigned /*len*/, 3385 int /*type*/, 3386 int */*idx*/); 3387 3388KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3389krb5_format_time ( 3390 krb5_context /*context*/, 3391 time_t /*t*/, 3392 char */*s*/, 3393 size_t /*len*/, 3394 krb5_boolean /*include_time*/); 3395 3396/** 3397 * krb5_free_address frees the data stored in the address that is 3398 * alloced with any of the krb5_address functions. 3399 * 3400 * @param context a Keberos context 3401 * @param address addresss to be freed. 3402 * 3403 * @return Return an error code or 0. 3404 * 3405 * @ingroup krb5_address 3406 */ 3407KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3408krb5_free_address ( 3409 krb5_context /*context*/, 3410 krb5_address */*address*/); 3411 3412/** 3413 * krb5_free_addresses frees the data stored in the address that is 3414 * alloced with any of the krb5_address functions. 3415 * 3416 * @param context a Keberos context 3417 * @param addresses addressses to be freed. 3418 * 3419 * @return Return an error code or 0. 3420 * 3421 * @ingroup krb5_address 3422 */ 3423KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3424krb5_free_addresses ( 3425 krb5_context /*context*/, 3426 krb5_addresses */*addresses*/); 3427 3428KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3429krb5_free_ap_rep_enc_part ( 3430 krb5_context /*context*/, 3431 krb5_ap_rep_enc_part */*val*/); 3432 3433KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3434krb5_free_authenticator ( 3435 krb5_context /*context*/, 3436 krb5_authenticator */*authenticator*/); 3437 3438KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3439krb5_free_checksum ( 3440 krb5_context /*context*/, 3441 krb5_checksum */*cksum*/); 3442 3443KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3444krb5_free_checksum_contents ( 3445 krb5_context /*context*/, 3446 krb5_checksum */*cksum*/); 3447 3448/** 3449 * Free a list of configuration files. 3450 * 3451 * @param filenames list, terminated with a NULL pointer, to be 3452 * freed. NULL is an valid argument. 3453 * 3454 * @return Returns 0 to indicate success. Otherwise an kerberos et 3455 * error code is returned, see krb5_get_error_message(). 3456 * 3457 * @ingroup krb5 3458 */ 3459KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3460krb5_free_config_files (char **/*filenames*/); 3461 3462/** 3463 * Frees the krb5_context allocated by krb5_init_context(). 3464 * 3465 * @param context context to be freed. 3466 * 3467 * @ingroup krb5 3468 */ 3469KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3470krb5_free_context (krb5_context /*context*/); 3471 3472/** 3473 * Free content of krb5_creds. 3474 * 3475 * @param context Kerberos 5 context. 3476 * @param c krb5_creds to free. 3477 * 3478 * @return Returns 0 to indicate success. Otherwise an kerberos et 3479 * error code is returned, see krb5_get_error_message(). 3480 * 3481 * @ingroup krb5 3482 */ 3483KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3484krb5_free_cred_contents ( 3485 krb5_context /*context*/, 3486 krb5_creds */*c*/); 3487 3488/** 3489 * Free krb5_creds. 3490 * 3491 * @param context Kerberos 5 context. 3492 * @param c krb5_creds to free. 3493 * 3494 * @return Returns 0 to indicate success. Otherwise an kerberos et 3495 * error code is returned, see krb5_get_error_message(). 3496 * 3497 * @ingroup krb5 3498 */ 3499KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3500krb5_free_creds ( 3501 krb5_context /*context*/, 3502 krb5_creds */*c*/); 3503 3504/** 3505 * Deprecated: use krb5_free_cred_contents() 3506 * 3507 * @ingroup krb5_deprecated 3508 */ 3509KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3510krb5_free_creds_contents ( 3511 krb5_context /*context*/, 3512 krb5_creds */*c*/) 3513 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3514 3515/** 3516 * Free krb5_data (and its content). 3517 * 3518 * @param context Kerberos 5 context. 3519 * @param p krb5_data to free. 3520 * 3521 * @ingroup krb5 3522 */ 3523KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3524krb5_free_data ( 3525 krb5_context /*context*/, 3526 krb5_data */*p*/); 3527 3528/** 3529 * Same as krb5_data_free(). MIT compat. 3530 * 3531 * Deprecated: use krb5_data_free(). 3532 * 3533 * @param context Kerberos 5 context. 3534 * @param data krb5_data to free. 3535 * 3536 * @ingroup krb5_deprecated 3537 */ 3538KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3539krb5_free_data_contents ( 3540 krb5_context /*context*/, 3541 krb5_data */*data*/) 3542 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3543 3544KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3545krb5_free_default_realm ( 3546 krb5_context /*context*/, 3547 krb5_realm /*realm*/); 3548 3549KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3550krb5_free_error ( 3551 krb5_context /*context*/, 3552 krb5_error */*error*/); 3553 3554KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3555krb5_free_error_contents ( 3556 krb5_context /*context*/, 3557 krb5_error */*error*/); 3558 3559/** 3560 * Free the error message returned by krb5_get_error_message(). 3561 * 3562 * @param context Kerberos context 3563 * @param msg error message to free, returned byg 3564 * krb5_get_error_message(). 3565 * 3566 * @ingroup krb5_error 3567 */ 3568KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3569krb5_free_error_message ( 3570 krb5_context /*context*/, 3571 const char */*msg*/); 3572 3573/** 3574 * Free the error message returned by krb5_get_error_string(). 3575 * 3576 * Deprecated: use krb5_free_error_message() 3577 * 3578 * @param context Kerberos context 3579 * @param str error message to free 3580 * 3581 * @ingroup krb5_deprecated 3582 */ 3583KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3584krb5_free_error_string ( 3585 krb5_context /*context*/, 3586 char */*str*/) 3587 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3588 3589/** 3590 * Free all memory allocated by `realmlist' 3591 * 3592 * @param context A Kerberos 5 context. 3593 * @param realmlist realmlist to free, NULL is ok 3594 * 3595 * @return a Kerberos error code, always 0. 3596 * 3597 * @ingroup krb5_support 3598 */ 3599KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3600krb5_free_host_realm ( 3601 krb5_context /*context*/, 3602 krb5_realm */*realmlist*/); 3603 3604/** 3605 * Variable containing the FILE based credential cache implemention. 3606 * 3607 * @ingroup krb5_ccache 3608 */ 3609KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3610krb5_free_kdc_rep ( 3611 krb5_context /*context*/, 3612 krb5_kdc_rep */*rep*/); 3613 3614/** 3615 * Free a keyblock, also zero out the content of the keyblock, uses 3616 * krb5_free_keyblock_contents() to free the content. 3617 * 3618 * @param context a Kerberos 5 context 3619 * @param keyblock keyblock to free, NULL is valid argument 3620 * 3621 * @ingroup krb5_crypto 3622 */ 3623KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3624krb5_free_keyblock ( 3625 krb5_context /*context*/, 3626 krb5_keyblock */*keyblock*/); 3627 3628/** 3629 * Free a keyblock's content, also zero out the content of the keyblock. 3630 * 3631 * @param context a Kerberos 5 context 3632 * @param keyblock keyblock content to free, NULL is valid argument 3633 * 3634 * @ingroup krb5_crypto 3635 */ 3636KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3637krb5_free_keyblock_contents ( 3638 krb5_context /*context*/, 3639 krb5_keyblock */*keyblock*/); 3640 3641KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3642krb5_free_krbhst ( 3643 krb5_context /*context*/, 3644 char **/*hostlist*/); 3645 3646/** 3647 * Frees a Kerberos principal allocated by the library with 3648 * krb5_parse_name(), krb5_make_principal() or any other related 3649 * principal functions. 3650 * 3651 * @param context A Kerberos context. 3652 * @param p a principal to free. 3653 * 3654 * @return An krb5 error code, see krb5_get_error_message(). 3655 * 3656 * @ingroup krb5_principal 3657 */ 3658KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3659krb5_free_principal ( 3660 krb5_context /*context*/, 3661 krb5_principal /*p*/); 3662 3663KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3664krb5_free_salt ( 3665 krb5_context /*context*/, 3666 krb5_salt /*salt*/); 3667 3668/** 3669 * Free ticket and content 3670 * 3671 * @param context a Kerberos 5 context 3672 * @param ticket ticket to free 3673 * 3674 * @return Returns 0 to indicate success. Otherwise an kerberos et 3675 * error code is returned, see krb5_get_error_message(). 3676 * 3677 * @ingroup krb5 3678 */ 3679KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3680krb5_free_ticket ( 3681 krb5_context /*context*/, 3682 krb5_ticket */*ticket*/); 3683 3684/** 3685 * Deprecated: use krb5_xfree(). 3686 * 3687 * @ingroup krb5_deprecated 3688 */ 3689KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3690krb5_free_unparsed_name ( 3691 krb5_context /*context*/, 3692 char */*str*/) 3693 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3694 3695/** 3696 * Forward credentials for client to host hostname , making them 3697 * forwardable if forwardable, and returning the blob of data to sent 3698 * in out_data. If hostname == NULL, pick it from server. 3699 * 3700 * @param context A kerberos 5 context. 3701 * @param auth_context the auth context with the key to encrypt the out_data. 3702 * @param hostname the host to forward the tickets too. 3703 * @param client the client to delegate from. 3704 * @param server the server to delegate the credential too. 3705 * @param ccache credential cache to use. 3706 * @param forwardable make the forwarded ticket forwabledable. 3707 * @param out_data the resulting credential. 3708 * 3709 * @return Return an error code or 0. 3710 * 3711 * @ingroup krb5_credential 3712 */ 3713KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3714krb5_fwd_tgt_creds ( 3715 krb5_context /*context*/, 3716 krb5_auth_context /*auth_context*/, 3717 const char */*hostname*/, 3718 krb5_principal /*client*/, 3719 krb5_principal /*server*/, 3720 krb5_ccache /*ccache*/, 3721 int /*forwardable*/, 3722 krb5_data */*out_data*/); 3723 3724KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3725krb5_generate_random_block ( 3726 void */*buf*/, 3727 size_t /*len*/); 3728 3729KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3730krb5_generate_random_keyblock ( 3731 krb5_context /*context*/, 3732 krb5_enctype /*type*/, 3733 krb5_keyblock */*key*/); 3734 3735KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3736krb5_generate_seq_number ( 3737 krb5_context /*context*/, 3738 const krb5_keyblock */*key*/, 3739 uint32_t */*seqno*/); 3740 3741/** 3742 * Deprecated: use krb5_generate_subkey_extended() 3743 * 3744 * @ingroup krb5_deprecated 3745 */ 3746KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3747krb5_generate_subkey ( 3748 krb5_context /*context*/, 3749 const krb5_keyblock */*key*/, 3750 krb5_keyblock **/*subkey*/) 3751 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3752 3753/** 3754 * Generate subkey, from keyblock 3755 * 3756 * @param context kerberos context 3757 * @param key session key 3758 * @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype 3759 * @param subkey returned new, free with krb5_free_keyblock(). 3760 * 3761 * @return 0 on success or a Kerberos 5 error code 3762 * 3763* @ingroup krb5_crypto 3764 */ 3765KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3766krb5_generate_subkey_extended ( 3767 krb5_context /*context*/, 3768 const krb5_keyblock */*key*/, 3769 krb5_enctype /*etype*/, 3770 krb5_keyblock **/*subkey*/); 3771 3772KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3773krb5_get_all_any_addrs ( 3774 krb5_context /*context*/, 3775 krb5_addresses */*res*/); 3776 3777KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3778krb5_get_all_client_addrs ( 3779 krb5_context /*context*/, 3780 krb5_addresses */*res*/); 3781 3782KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3783krb5_get_all_server_addrs ( 3784 krb5_context /*context*/, 3785 krb5_addresses */*res*/); 3786 3787/** 3788 * Deprecated: use krb5_get_credentials_with_flags(). 3789 * 3790 * @ingroup krb5_deprecated 3791 */ 3792KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3793krb5_get_cred_from_kdc ( 3794 krb5_context /*context*/, 3795 krb5_ccache /*ccache*/, 3796 krb5_creds */*in_creds*/, 3797 krb5_creds **/*out_creds*/, 3798 krb5_creds ***/*ret_tgts*/) 3799 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3800 3801/** 3802 * Deprecated: use krb5_get_credentials_with_flags(). 3803 * 3804 * @ingroup krb5_deprecated 3805 */ 3806KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3807krb5_get_cred_from_kdc_opt ( 3808 krb5_context /*context*/, 3809 krb5_ccache /*ccache*/, 3810 krb5_creds */*in_creds*/, 3811 krb5_creds **/*out_creds*/, 3812 krb5_creds ***/*ret_tgts*/, 3813 krb5_flags /*flags*/) 3814 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3815 3816KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3817krb5_get_credentials ( 3818 krb5_context /*context*/, 3819 krb5_flags /*options*/, 3820 krb5_ccache /*ccache*/, 3821 krb5_creds */*in_creds*/, 3822 krb5_creds **/*out_creds*/); 3823 3824/** 3825 * Get credentials specified by in_cred->server and flags 3826 * 3827 * @param context A kerberos 5 context. 3828 * @param options KRB5_TC_* options 3829 * @param flags KDC option flags 3830 * @param ccache credential cache to use. 3831 * @param in_creds input matching credential. 3832 * @param out_creds the resulting credential. 3833 * 3834 * @return Return an error code or 0. 3835 * 3836 * @ingroup krb5_credential 3837 */ 3838KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3839krb5_get_credentials_with_flags ( 3840 krb5_context /*context*/, 3841 krb5_flags /*options*/, 3842 krb5_kdc_flags /*flags*/, 3843 krb5_ccache /*ccache*/, 3844 krb5_creds */*in_creds*/, 3845 krb5_creds **/*out_creds*/); 3846 3847KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3848krb5_get_creds ( 3849 krb5_context /*context*/, 3850 krb5_get_creds_opt /*opt*/, 3851 krb5_ccache /*ccache*/, 3852 krb5_const_principal /*inprinc*/, 3853 krb5_creds **/*out_creds*/); 3854 3855KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3856krb5_get_creds_opt_add_options ( 3857 krb5_context /*context*/, 3858 krb5_get_creds_opt /*opt*/, 3859 krb5_flags /*options*/); 3860 3861KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3862krb5_get_creds_opt_alloc ( 3863 krb5_context /*context*/, 3864 krb5_get_creds_opt */*opt*/); 3865 3866KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3867krb5_get_creds_opt_free ( 3868 krb5_context /*context*/, 3869 krb5_get_creds_opt /*opt*/); 3870 3871KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3872krb5_get_creds_opt_set_enctype ( 3873 krb5_context /*context*/, 3874 krb5_get_creds_opt /*opt*/, 3875 krb5_enctype /*enctype*/); 3876 3877KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3878krb5_get_creds_opt_set_impersonate ( 3879 krb5_context /*context*/, 3880 krb5_get_creds_opt /*opt*/, 3881 krb5_const_principal /*self*/); 3882 3883KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3884krb5_get_creds_opt_set_options ( 3885 krb5_context /*context*/, 3886 krb5_get_creds_opt /*opt*/, 3887 krb5_flags /*options*/); 3888 3889KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3890krb5_get_creds_opt_set_ticket ( 3891 krb5_context /*context*/, 3892 krb5_get_creds_opt /*opt*/, 3893 const Ticket */*ticket*/); 3894 3895/** 3896 * Get the default debug logging facility. 3897 * 3898 * @param context A Kerberos 5 context 3899 * 3900 * @ingroup krb5_error 3901 */ 3902KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL 3903krb5_get_debug_dest (krb5_context /*context*/); 3904 3905/** 3906 * Get the global configuration list. 3907 * 3908 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 3909 * 3910 * @return Returns 0 to indicate success. Otherwise an kerberos et 3911 * error code is returned, see krb5_get_error_message(). 3912 * 3913 * @ingroup krb5 3914 */ 3915KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3916krb5_get_default_config_files (char ***/*pfilenames*/); 3917 3918/** 3919 * Get the default encryption types that will be use in communcation 3920 * with the KDC, clients and servers. 3921 * 3922 * @param context Kerberos 5 context. 3923 * @param etypes Encryption types, array terminated with 3924 * ETYPE_NULL(0), caller should free array with krb5_xfree(): 3925 * 3926 * @return Returns 0 to indicate success. Otherwise an kerberos et 3927 * error code is returned, see krb5_get_error_message(). 3928 * 3929 * @ingroup krb5 3930 */ 3931KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3932krb5_get_default_in_tkt_etypes ( 3933 krb5_context /*context*/, 3934 krb5_pdu /*pdu_type*/, 3935 krb5_enctype **/*etypes*/); 3936 3937KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3938krb5_get_default_principal ( 3939 krb5_context /*context*/, 3940 krb5_principal */*princ*/); 3941 3942KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3943krb5_get_default_realm ( 3944 krb5_context /*context*/, 3945 krb5_realm */*realm*/); 3946 3947KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3948krb5_get_default_realms ( 3949 krb5_context /*context*/, 3950 krb5_realm **/*realms*/); 3951 3952/** 3953 * Get if the library uses DNS to canonicalize hostnames. 3954 * 3955 * @param context Kerberos 5 context. 3956 * 3957 * @return return non zero if the library uses DNS to canonicalize hostnames. 3958 * 3959 * @ingroup krb5 3960 */ 3961KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3962krb5_get_dns_canonicalize_hostname (krb5_context /*context*/); 3963 3964/** 3965 * Return the error string for the error code. The caller must not 3966 * free the string. 3967 * 3968 * This function is deprecated since its not threadsafe. 3969 * 3970 * @param context Kerberos 5 context. 3971 * @param code Kerberos error code. 3972 * 3973 * @return the error message matching code 3974 * 3975 * @ingroup krb5 3976 */ 3977KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 3978krb5_get_err_text ( 3979 krb5_context /*context*/, 3980 krb5_error_code /*code*/) 3981 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 3982 3983/** 3984 * Return the error message for `code' in context. On memory 3985 * allocation error the function returns NULL. 3986 * 3987 * @param context Kerberos 5 context 3988 * @param code Error code related to the error 3989 * 3990 * @return an error string, needs to be freed with 3991 * krb5_free_error_message(). The functions return NULL on error. 3992 * 3993 * @ingroup krb5_error 3994 */ 3995KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3996krb5_get_error_message ( 3997 krb5_context /*context*/, 3998 krb5_error_code /*code*/); 3999 4000/** 4001 * Return the error message in context. On error or no error string, 4002 * the function returns NULL. 4003 * 4004 * @param context Kerberos 5 context 4005 * 4006 * @return an error string, needs to be freed with 4007 * krb5_free_error_message(). The functions return NULL on error. 4008 * 4009 * @ingroup krb5_error 4010 */ 4011KRB5_LIB_FUNCTION char * KRB5_LIB_CALL 4012krb5_get_error_string (krb5_context /*context*/) 4013 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4014 4015/** 4016 * Get extra address to the address list that the library will add to 4017 * the client's address list when communicating with the KDC. 4018 * 4019 * @param context Kerberos 5 context. 4020 * @param addresses addreses to set 4021 * 4022 * @return Returns 0 to indicate success. Otherwise an kerberos et 4023 * error code is returned, see krb5_get_error_message(). 4024 * 4025 * @ingroup krb5 4026 */ 4027KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4028krb5_get_extra_addresses ( 4029 krb5_context /*context*/, 4030 krb5_addresses */*addresses*/); 4031 4032/** 4033 * Get version of fcache that the library should use. 4034 * 4035 * @param context Kerberos 5 context. 4036 * @param version version number. 4037 * 4038 * @return Returns 0 to indicate success. Otherwise an kerberos et 4039 * error code is returned, see krb5_get_error_message(). 4040 * 4041 * @ingroup krb5 4042 */ 4043KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4044krb5_get_fcache_version ( 4045 krb5_context /*context*/, 4046 int */*version*/); 4047 4048/** 4049 * Gets tickets forwarded to hostname. If the tickets that are 4050 * forwarded are address-less, the forwarded tickets will also be 4051 * address-less. 4052 * 4053 * If the ticket have any address, hostname will be used for figure 4054 * out the address to forward the ticket too. This since this might 4055 * use DNS, its insecure and also doesn't represent configured all 4056 * addresses of the host. For example, the host might have two 4057 * adresses, one IPv4 and one IPv6 address where the later is not 4058 * published in DNS. This IPv6 address might be used communications 4059 * and thus the resulting ticket useless. 4060 * 4061 * @param context A kerberos 5 context. 4062 * @param auth_context the auth context with the key to encrypt the out_data. 4063 * @param ccache credential cache to use 4064 * @param flags the flags to control the resulting ticket flags 4065 * @param hostname the host to forward the tickets too. 4066 * @param in_creds the in client and server ticket names. The client 4067 * and server components forwarded to the remote host. 4068 * @param out_data the resulting credential. 4069 * 4070 * @return Return an error code or 0. 4071 * 4072 * @ingroup krb5_credential 4073 */ 4074KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4075krb5_get_forwarded_creds ( 4076 krb5_context /*context*/, 4077 krb5_auth_context /*auth_context*/, 4078 krb5_ccache /*ccache*/, 4079 krb5_flags /*flags*/, 4080 const char */*hostname*/, 4081 krb5_creds */*in_creds*/, 4082 krb5_data */*out_data*/); 4083 4084KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4085krb5_get_host_realm ( 4086 krb5_context /*context*/, 4087 const char */*host*/, 4088 krb5_realm **/*realms*/); 4089 4090/** 4091 * Get extra addresses to ignore when fetching addresses from the 4092 * underlaying operating system. 4093 * 4094 * @param context Kerberos 5 context. 4095 * @param addresses list addreses ignored 4096 * 4097 * @return Returns 0 to indicate success. Otherwise an kerberos et 4098 * error code is returned, see krb5_get_error_message(). 4099 * 4100 * @ingroup krb5 4101 */ 4102KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4103krb5_get_ignore_addresses ( 4104 krb5_context /*context*/, 4105 krb5_addresses */*addresses*/); 4106 4107KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4108krb5_get_in_cred ( 4109 krb5_context /*context*/, 4110 krb5_flags /*options*/, 4111 const krb5_addresses */*addrs*/, 4112 const krb5_enctype */*etypes*/, 4113 const krb5_preauthtype */*ptypes*/, 4114 const krb5_preauthdata */*preauth*/, 4115 krb5_key_proc /*key_proc*/, 4116 krb5_const_pointer /*keyseed*/, 4117 krb5_decrypt_proc /*decrypt_proc*/, 4118 krb5_const_pointer /*decryptarg*/, 4119 krb5_creds */*creds*/, 4120 krb5_kdc_rep */*ret_as_reply*/) 4121 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4122 4123KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4124krb5_get_in_tkt ( 4125 krb5_context /*context*/, 4126 krb5_flags /*options*/, 4127 const krb5_addresses */*addrs*/, 4128 const krb5_enctype */*etypes*/, 4129 const krb5_preauthtype */*ptypes*/, 4130 krb5_key_proc /*key_proc*/, 4131 krb5_const_pointer /*keyseed*/, 4132 krb5_decrypt_proc /*decrypt_proc*/, 4133 krb5_const_pointer /*decryptarg*/, 4134 krb5_creds */*creds*/, 4135 krb5_ccache /*ccache*/, 4136 krb5_kdc_rep */*ret_as_reply*/) 4137 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4138 4139/** 4140 * Deprecated: use krb5_get_init_creds() and friends. 4141 * 4142 * @ingroup krb5_deprecated 4143 */ 4144KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4145krb5_get_in_tkt_with_keytab ( 4146 krb5_context /*context*/, 4147 krb5_flags /*options*/, 4148 krb5_addresses */*addrs*/, 4149 const krb5_enctype */*etypes*/, 4150 const krb5_preauthtype */*pre_auth_types*/, 4151 krb5_keytab /*keytab*/, 4152 krb5_ccache /*ccache*/, 4153 krb5_creds */*creds*/, 4154 krb5_kdc_rep */*ret_as_reply*/) 4155 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4156 4157/** 4158 * Deprecated: use krb5_get_init_creds() and friends. 4159 * 4160 * @ingroup krb5_deprecated 4161 */ 4162KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4163krb5_get_in_tkt_with_password ( 4164 krb5_context /*context*/, 4165 krb5_flags /*options*/, 4166 krb5_addresses */*addrs*/, 4167 const krb5_enctype */*etypes*/, 4168 const krb5_preauthtype */*pre_auth_types*/, 4169 const char */*password*/, 4170 krb5_ccache /*ccache*/, 4171 krb5_creds */*creds*/, 4172 krb5_kdc_rep */*ret_as_reply*/) 4173 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4174 4175/** 4176 * Deprecated: use krb5_get_init_creds() and friends. 4177 * 4178 * @ingroup krb5_deprecated 4179 */ 4180KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4181krb5_get_in_tkt_with_skey ( 4182 krb5_context /*context*/, 4183 krb5_flags /*options*/, 4184 krb5_addresses */*addrs*/, 4185 const krb5_enctype */*etypes*/, 4186 const krb5_preauthtype */*pre_auth_types*/, 4187 const krb5_keyblock */*key*/, 4188 krb5_ccache /*ccache*/, 4189 krb5_creds */*creds*/, 4190 krb5_kdc_rep */*ret_as_reply*/) 4191 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4192 4193/** 4194 * Get new credentials using keyblock. 4195 * 4196 * @ingroup krb5_credential 4197 */ 4198KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4199krb5_get_init_creds_keyblock ( 4200 krb5_context /*context*/, 4201 krb5_creds */*creds*/, 4202 krb5_principal /*client*/, 4203 krb5_keyblock */*keyblock*/, 4204 krb5_deltat /*start_time*/, 4205 const char */*in_tkt_service*/, 4206 krb5_get_init_creds_opt */*options*/); 4207 4208/** 4209 * Get new credentials using keytab. 4210 * 4211 * @ingroup krb5_credential 4212 */ 4213KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4214krb5_get_init_creds_keytab ( 4215 krb5_context /*context*/, 4216 krb5_creds */*creds*/, 4217 krb5_principal /*client*/, 4218 krb5_keytab /*keytab*/, 4219 krb5_deltat /*start_time*/, 4220 const char */*in_tkt_service*/, 4221 krb5_get_init_creds_opt */*options*/); 4222 4223/** 4224 * Allocate a new krb5_get_init_creds_opt structure, free with 4225 * krb5_get_init_creds_opt_free(). 4226 * 4227 * @ingroup krb5_credential 4228 */ 4229KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4230krb5_get_init_creds_opt_alloc ( 4231 krb5_context /*context*/, 4232 krb5_get_init_creds_opt **/*opt*/); 4233 4234/** 4235 * Free krb5_get_init_creds_opt structure. 4236 * 4237 * @ingroup krb5_credential 4238 */ 4239KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4240krb5_get_init_creds_opt_free ( 4241 krb5_context /*context*/, 4242 krb5_get_init_creds_opt */*opt*/); 4243 4244/** 4245 * Deprecated: use the new krb5_init_creds_init() and 4246 * krb5_init_creds_get_error(). 4247 * 4248 * @ingroup krb5_deprecated 4249 */ 4250KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4251krb5_get_init_creds_opt_get_error ( 4252 krb5_context /*context*/, 4253 krb5_get_init_creds_opt */*opt*/, 4254 KRB_ERROR **/*error*/) 4255 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4256 4257/** 4258 * Deprecated: use krb5_get_init_creds_opt_alloc(). 4259 * 4260 * The reason krb5_get_init_creds_opt_init() is deprecated is that 4261 * krb5_get_init_creds_opt is a static structure and for ABI reason it 4262 * can't grow, ie can't add new functionality. 4263 * 4264 * @ingroup krb5_deprecated 4265 */ 4266KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4267krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */*opt*/) 4268 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4269 4270KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4271krb5_get_init_creds_opt_set_address_list ( 4272 krb5_get_init_creds_opt */*opt*/, 4273 krb5_addresses */*addresses*/); 4274 4275KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4276krb5_get_init_creds_opt_set_addressless ( 4277 krb5_context /*context*/, 4278 krb5_get_init_creds_opt */*opt*/, 4279 krb5_boolean /*addressless*/); 4280 4281KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4282krb5_get_init_creds_opt_set_anonymous ( 4283 krb5_get_init_creds_opt */*opt*/, 4284 int /*anonymous*/); 4285 4286KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4287krb5_get_init_creds_opt_set_canonicalize ( 4288 krb5_context /*context*/, 4289 krb5_get_init_creds_opt */*opt*/, 4290 krb5_boolean /*req*/); 4291 4292KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4293krb5_get_init_creds_opt_set_default_flags ( 4294 krb5_context /*context*/, 4295 const char */*appname*/, 4296 krb5_const_realm /*realm*/, 4297 krb5_get_init_creds_opt */*opt*/); 4298 4299KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4300krb5_get_init_creds_opt_set_etype_list ( 4301 krb5_get_init_creds_opt */*opt*/, 4302 krb5_enctype */*etype_list*/, 4303 int /*etype_list_length*/); 4304 4305KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4306krb5_get_init_creds_opt_set_forwardable ( 4307 krb5_get_init_creds_opt */*opt*/, 4308 int /*forwardable*/); 4309 4310KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4311krb5_get_init_creds_opt_set_pa_password ( 4312 krb5_context /*context*/, 4313 krb5_get_init_creds_opt */*opt*/, 4314 const char */*password*/, 4315 krb5_s2k_proc /*key_proc*/); 4316 4317KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4318krb5_get_init_creds_opt_set_pac_request ( 4319 krb5_context /*context*/, 4320 krb5_get_init_creds_opt */*opt*/, 4321 krb5_boolean /*req_pac*/); 4322 4323KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4324krb5_get_init_creds_opt_set_pkinit ( 4325 krb5_context /*context*/, 4326 krb5_get_init_creds_opt */*opt*/, 4327 krb5_principal /*principal*/, 4328 const char */*user_id*/, 4329 const char */*x509_anchors*/, 4330 char * const * /*pool*/, 4331 char * const * /*pki_revoke*/, 4332 int /*flags*/, 4333 krb5_prompter_fct /*prompter*/, 4334 void */*prompter_data*/, 4335 char */*password*/); 4336 4337krb5_error_code KRB5_LIB_FUNCTION 4338krb5_get_init_creds_opt_set_pkinit_user_cert ( 4339 krb5_context /*context*/, 4340 krb5_get_init_creds_opt */*opt*/, 4341 struct hx509_cert_data */*cert*/); 4342 4343KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4344krb5_get_init_creds_opt_set_preauth_list ( 4345 krb5_get_init_creds_opt */*opt*/, 4346 krb5_preauthtype */*preauth_list*/, 4347 int /*preauth_list_length*/); 4348 4349KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4350krb5_get_init_creds_opt_set_process_last_req ( 4351 krb5_context /*context*/, 4352 krb5_get_init_creds_opt */*opt*/, 4353 krb5_gic_process_last_req /*func*/, 4354 void */*ctx*/); 4355 4356KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4357krb5_get_init_creds_opt_set_proxiable ( 4358 krb5_get_init_creds_opt */*opt*/, 4359 int /*proxiable*/); 4360 4361KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4362krb5_get_init_creds_opt_set_renew_life ( 4363 krb5_get_init_creds_opt */*opt*/, 4364 krb5_deltat /*renew_life*/); 4365 4366KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4367krb5_get_init_creds_opt_set_salt ( 4368 krb5_get_init_creds_opt */*opt*/, 4369 krb5_data */*salt*/); 4370 4371KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4372krb5_get_init_creds_opt_set_tkt_life ( 4373 krb5_get_init_creds_opt */*opt*/, 4374 krb5_deltat /*tkt_life*/); 4375 4376KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4377krb5_get_init_creds_opt_set_win2k ( 4378 krb5_context /*context*/, 4379 krb5_get_init_creds_opt */*opt*/, 4380 krb5_boolean /*req*/); 4381 4382/** 4383 * Get new credentials using password. 4384 * 4385 * @ingroup krb5_credential 4386 */ 4387KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4388krb5_get_init_creds_password ( 4389 krb5_context /*context*/, 4390 krb5_creds */*creds*/, 4391 krb5_principal /*client*/, 4392 const char */*password*/, 4393 krb5_prompter_fct /*prompter*/, 4394 void */*data*/, 4395 krb5_deltat /*start_time*/, 4396 const char */*in_tkt_service*/, 4397 krb5_get_init_creds_opt */*options*/); 4398 4399KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4400krb5_get_kdc_cred ( 4401 krb5_context /*context*/, 4402 krb5_ccache /*id*/, 4403 krb5_kdc_flags /*flags*/, 4404 krb5_addresses */*addresses*/, 4405 Ticket */*second_ticket*/, 4406 krb5_creds */*in_creds*/, 4407 krb5_creds **out_creds ); 4408 4409/** 4410 * Get current offset in time to the KDC. 4411 * 4412 * @param context Kerberos 5 context. 4413 * @param sec seconds part of offset. 4414 * @param usec micro seconds part of offset. 4415 * 4416 * @return returns zero 4417 * 4418 * @ingroup krb5 4419 */ 4420KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4421krb5_get_kdc_sec_offset ( 4422 krb5_context /*context*/, 4423 int32_t */*sec*/, 4424 int32_t */*usec*/); 4425 4426KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4427krb5_get_krb524hst ( 4428 krb5_context /*context*/, 4429 const krb5_realm */*realm*/, 4430 char ***/*hostlist*/); 4431 4432KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4433krb5_get_krb_admin_hst ( 4434 krb5_context /*context*/, 4435 const krb5_realm */*realm*/, 4436 char ***/*hostlist*/); 4437 4438KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4439krb5_get_krb_changepw_hst ( 4440 krb5_context /*context*/, 4441 const krb5_realm */*realm*/, 4442 char ***/*hostlist*/); 4443 4444KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4445krb5_get_krbhst ( 4446 krb5_context /*context*/, 4447 const krb5_realm */*realm*/, 4448 char ***/*hostlist*/); 4449 4450/** 4451 * Get max time skew allowed. 4452 * 4453 * @param context Kerberos 5 context. 4454 * 4455 * @return timeskew in seconds. 4456 * 4457 * @ingroup krb5 4458 */ 4459KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 4460krb5_get_max_time_skew (krb5_context /*context*/); 4461 4462KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4463krb5_get_pw_salt ( 4464 krb5_context /*context*/, 4465 krb5_const_principal /*principal*/, 4466 krb5_salt */*salt*/); 4467 4468KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4469krb5_get_renewed_creds ( 4470 krb5_context /*context*/, 4471 krb5_creds */*creds*/, 4472 krb5_const_principal /*client*/, 4473 krb5_ccache /*ccache*/, 4474 const char */*in_tkt_service*/); 4475 4476KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4477krb5_get_server_rcache ( 4478 krb5_context /*context*/, 4479 const krb5_data */*piece*/, 4480 krb5_rcache */*id*/); 4481 4482/** 4483 * Make the kerberos library default to the admin KDC. 4484 * 4485 * @param context Kerberos 5 context. 4486 * 4487 * @return boolean flag to telling the context will use admin KDC as the default KDC. 4488 * 4489 * @ingroup krb5 4490 */ 4491KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4492krb5_get_use_admin_kdc (krb5_context /*context*/); 4493 4494/** 4495 * Validate the newly fetch credential, see also krb5_verify_init_creds(). 4496 * 4497 * @param context a Kerberos 5 context 4498 * @param creds the credentials to verify 4499 * @param client the client name to match up 4500 * @param ccache the credential cache to use 4501 * @param service a service name to use, used with 4502 * krb5_sname_to_principal() to build a hostname to use to 4503 * verify. 4504 * 4505 * @ingroup krb5_ccache 4506 */ 4507KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4508krb5_get_validated_creds ( 4509 krb5_context /*context*/, 4510 krb5_creds */*creds*/, 4511 krb5_principal /*client*/, 4512 krb5_ccache /*ccache*/, 4513 char */*service*/); 4514 4515/** 4516 * Get the default logging facility. 4517 * 4518 * @param context A Kerberos 5 context 4519 * 4520 * @ingroup krb5_error 4521 */ 4522KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL 4523krb5_get_warn_dest (krb5_context /*context*/); 4524 4525KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 4526krb5_get_wrapped_length ( 4527 krb5_context /*context*/, 4528 krb5_crypto /*crypto*/, 4529 size_t /*data_len*/); 4530 4531KRB5_LIB_FUNCTION int KRB5_LIB_CALL 4532krb5_getportbyname ( 4533 krb5_context /*context*/, 4534 const char */*service*/, 4535 const char */*proto*/, 4536 int /*default_port*/); 4537 4538/** 4539 * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception 4540 * that it operates on a krb5_address instead of a struct sockaddr. 4541 * 4542 * @param context a Keberos context 4543 * @param af address family 4544 * @param haddr host address from struct hostent. 4545 * @param addr returned krb5_address. 4546 * 4547 * @return Return an error code or 0. 4548 * 4549 * @ingroup krb5_address 4550 */ 4551KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4552krb5_h_addr2addr ( 4553 krb5_context /*context*/, 4554 int /*af*/, 4555 const char */*haddr*/, 4556 krb5_address */*addr*/); 4557 4558/** 4559 * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and 4560 * the "struct hostent" (see gethostbyname(3) ) h_addr_list 4561 * component. The argument sa_size should initially contain the size 4562 * of the sa, and after the call, it will contain the actual length of 4563 * the address. 4564 * 4565 * @param context a Keberos context 4566 * @param af addresses 4567 * @param addr address 4568 * @param sa returned struct sockaddr 4569 * @param sa_size size of sa 4570 * @param port port to set in sa. 4571 * 4572 * @return Return an error code or 0. 4573 * 4574 * @ingroup krb5_address 4575 */ 4576KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4577krb5_h_addr2sockaddr ( 4578 krb5_context /*context*/, 4579 int /*af*/, 4580 const char */*addr*/, 4581 struct sockaddr */*sa*/, 4582 krb5_socklen_t */*sa_size*/, 4583 int /*port*/); 4584 4585/** 4586 * Convert the gethostname() error code (h_error) to a Kerberos et 4587 * error code. 4588 * 4589 * @param eai_errno contains the error code from gethostname(). 4590 * 4591 * @return Kerberos error code representing the gethostname errors. 4592 * 4593 * @ingroup krb5_error 4594 */ 4595KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4596krb5_h_errno_to_heim_errno (int /*eai_errno*/); 4597 4598KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4599krb5_have_error_string (krb5_context /*context*/) 4600 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4601 4602KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4603krb5_hmac ( 4604 krb5_context /*context*/, 4605 krb5_cksumtype /*cktype*/, 4606 const void */*data*/, 4607 size_t /*len*/, 4608 unsigned /*usage*/, 4609 krb5_keyblock */*key*/, 4610 Checksum */*result*/); 4611 4612krb5_boolean 4613krb5_homedir_access (krb5_context /*context*/); 4614 4615/** 4616 * Initializes the context structure and reads the configuration files. 4617 4618 * The structure should be freed by calling krb5_free_context() when 4619 * it is no longer being used. 4620 * 4621 * @param context pointer to returned context 4622 * 4623 * @return Returns 0 to indicate success. 4624 * 4625 * @ingroup krb5 4626 */ 4627KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4628krb5_init_context (krb5_context */*context*/); 4629 4630/** 4631 * Initializes the context structure and reads the configuration files. 4632 * 4633 * The structure should be freed by calling 4634 * krb5_free_context() when it is no longer being used. 4635 * 4636 * @param context pointer to returned context 4637 * @param flags controls context creation failure. 4638 * 4639 * Possible flags are: 4640 * - KRB5_CONTEXT_FLAG_NO_CONFIG - don't read the any configuration files 4641 * 4642 * @return Returns 0 to indicate success. Otherwise an errno code is 4643 * returned. Failure means either that something bad happened during 4644 * initialization (typically ENOMEM) or that Kerberos should not be 4645 * used ENXIO. 4646 * 4647 * @see krb5_init_context 4648 * @ingroup krb5 4649 */ 4650KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4651krb5_init_context_flags ( 4652 unsigned int /*flags*/, 4653 krb5_context */*context*/); 4654 4655/** 4656 * Free the krb5_init_creds_context allocated by krb5_init_creds_init(). 4657 * 4658 * @param context A Kerberos 5 context. 4659 * @param ctx The krb5_init_creds_context to free. 4660 * 4661 * @ingroup krb5_credential 4662 */ 4663KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4664krb5_init_creds_free ( 4665 krb5_context /*context*/, 4666 krb5_init_creds_context /*ctx*/); 4667 4668/** 4669 * Get new credentials as setup by the krb5_init_creds_context. 4670 * 4671 * @param context A Kerberos 5 context. 4672 * @param ctx The krb5_init_creds_context to process. 4673 * 4674 * @ingroup krb5_credential 4675 */ 4676KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4677krb5_init_creds_get ( 4678 krb5_context /*context*/, 4679 krb5_init_creds_context /*ctx*/); 4680 4681/** 4682 * Extract the newly acquired credentials from krb5_init_creds_context 4683 * context. 4684 * 4685 * @param context A Kerberos 5 context. 4686 * @param ctx 4687 * @param cred credentials, free with krb5_free_cred_contents(). 4688 * 4689 * @return 0 for sucess or An Kerberos error code, see krb5_get_error_message(). 4690 */ 4691KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4692krb5_init_creds_get_creds ( 4693 krb5_context /*context*/, 4694 krb5_init_creds_context /*ctx*/, 4695 krb5_creds */*cred*/); 4696 4697/** 4698 * Get the last error from the transaction. 4699 * 4700 * @return Returns 0 or an error code 4701 * 4702 * @ingroup krb5_credential 4703 */ 4704KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4705krb5_init_creds_get_error ( 4706 krb5_context /*context*/, 4707 krb5_init_creds_context /*ctx*/, 4708 KRB_ERROR */*error*/); 4709 4710/** 4711 * Start a new context to get a new initial credential. 4712 * 4713 * @param context A Kerberos 5 context. 4714 * @param client The Kerberos principal to get the credential for, if 4715 * NULL is given, the default principal is used as determined by 4716 * krb5_get_default_principal(). 4717 * @param prompter 4718 * @param prompter_data 4719 * @param start_time the time the ticket should start to be valid or 0 for now. 4720 * @param options a options structure, can be NULL for default options. 4721 * @param rctx A new allocated free with krb5_init_creds_free(). 4722 * 4723 * @return 0 for success or an Kerberos 5 error code, see krb5_get_error_message(). 4724 * 4725 * @ingroup krb5_credential 4726 */ 4727KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4728krb5_init_creds_init ( 4729 krb5_context /*context*/, 4730 krb5_principal /*client*/, 4731 krb5_prompter_fct /*prompter*/, 4732 void */*prompter_data*/, 4733 krb5_deltat /*start_time*/, 4734 krb5_get_init_creds_opt */*options*/, 4735 krb5_init_creds_context */*rctx*/); 4736 4737KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4738krb5_init_creds_set_fast_ccache ( 4739 krb5_context /*context*/, 4740 krb5_init_creds_context /*ctx*/, 4741 krb5_ccache /*fast_ccache*/); 4742 4743/** 4744 * The set KDC hostname for the initial request, it will not be 4745 * considered in referrals to another KDC. 4746 * 4747 * @param context a Kerberos 5 context. 4748 * @param ctx a krb5_init_creds_context context. 4749 * @param hostname the hostname for the KDC of realm 4750 * 4751 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4752 * @ingroup krb5_credential 4753 */ 4754krb5_error_code KRB5_LIB_FUNCTION 4755krb5_init_creds_set_kdc_hostname ( 4756 krb5_context /*context*/, 4757 krb5_init_creds_context /*ctx*/, 4758 const char */*hostname*/); 4759 4760KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4761krb5_init_creds_set_keyblock ( 4762 krb5_context /*context*/, 4763 krb5_init_creds_context /*ctx*/, 4764 krb5_keyblock */*keyblock*/); 4765 4766/** 4767 * Set the keytab to use for authentication. 4768 * 4769 * @param context a Kerberos 5 context. 4770 * @param ctx ctx krb5_init_creds_context context. 4771 * @param keytab the keytab to read the key from. 4772 * 4773 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4774 * @ingroup krb5_credential 4775 */ 4776KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4777krb5_init_creds_set_keytab ( 4778 krb5_context /*context*/, 4779 krb5_init_creds_context /*ctx*/, 4780 krb5_keytab /*keytab*/); 4781 4782/** 4783 * Sets the password that will use for the request. 4784 * 4785 * @param context a Kerberos 5 context. 4786 * @param ctx krb5_init_creds_context context. 4787 * @param password the password to use. 4788 * 4789 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4790 * @ingroup krb5_credential 4791 */ 4792KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4793krb5_init_creds_set_password ( 4794 krb5_context /*context*/, 4795 krb5_init_creds_context /*ctx*/, 4796 const char */*password*/); 4797 4798/** 4799 * Sets the password that will use for the request. 4800 * 4801 * @param context a Kerberos 5 context. 4802 * @param ctx a krb5_init_creds_context context. 4803 * @param cert client cert 4804 * 4805 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4806 * @ingroup krb5_credential 4807 */ 4808krb5_error_code KRB5_LIB_FUNCTION 4809krb5_init_creds_set_pkinit_client_cert ( 4810 krb5_context /*context*/, 4811 krb5_init_creds_context /*ctx*/, 4812 struct hx509_cert_data */*cert*/); 4813 4814/** 4815 * Sets the service that the is requested. This call is only neede for 4816 * special initial tickets, by default the a krbtgt is fetched in the default realm. 4817 * 4818 * @param context a Kerberos 5 context. 4819 * @param ctx a krb5_init_creds_context context. 4820 * @param service the service given as a string, for example 4821 * "kadmind/admin". If NULL, the default krbtgt in the clients 4822 * realm is set. 4823 * 4824 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4825 * @ingroup krb5_credential 4826 */ 4827KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4828krb5_init_creds_set_service ( 4829 krb5_context /*context*/, 4830 krb5_init_creds_context /*ctx*/, 4831 const char */*service*/); 4832 4833/** 4834 * The core loop if krb5_get_init_creds() function family. Create the 4835 * packets and have the caller send them off to the KDC. 4836 * 4837 * If the caller want all work been done for them, use 4838 * krb5_init_creds_get() instead. 4839 * 4840 * @param context a Kerberos 5 context. 4841 * @param ctx ctx krb5_init_creds_context context. 4842 * @param in input data from KDC, first round it should be reset by krb5_data_zer(). 4843 * @param out reply to KDC. 4844 * @param hostinfo KDC address info, first round it can be NULL. 4845 * @param realm realm is a pointer the realm to send the packet, it have the 4846 * lifetime the next call to krb5_init_creds_step() or krb5_init_creds_free(). 4847 * @param flags status of the round, if 4848 * KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round. 4849 * 4850 * @return 0 for success, or an Kerberos 5 error code, see 4851 * krb5_get_error_message(). 4852 * 4853 * @ingroup krb5_credential 4854 */ 4855KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4856krb5_init_creds_step ( 4857 krb5_context /*context*/, 4858 krb5_init_creds_context /*ctx*/, 4859 krb5_data */*in*/, 4860 krb5_data */*out*/, 4861 krb5_krbhst_info */*hostinfo*/, 4862 krb5_realm */*realm*/, 4863 unsigned int */*flags*/); 4864 4865krb5_error_code 4866krb5_init_creds_store ( 4867 krb5_context /*context*/, 4868 krb5_init_creds_context /*ctx*/, 4869 krb5_ccache /*id*/); 4870 4871/** 4872 * Store config 4873 * 4874 * @param context A Kerberos 5 context. 4875 * @param ctx The krb5_init_creds_context to free. 4876 * @param id store 4877 * 4878 * @return Returns 0 or an error code 4879 * 4880 * @ingroup krb5_credential 4881 */ 4882krb5_error_code KRB5_LIB_FUNCTION 4883krb5_init_creds_store_config ( 4884 krb5_context /*context*/, 4885 krb5_init_creds_context /*ctx*/, 4886 krb5_ccache /*id*/); 4887 4888/** 4889 * Warn the user using prompter in the krb5_init_creds_context about 4890 * possible password and account expiration. 4891 * 4892 * @param context a Kerberos 5 context. 4893 * @param ctx a krb5_init_creds_context context. 4894 * 4895 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4896 * @ingroup krb5_credential 4897 */ 4898KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4899krb5_init_creds_warn_user ( 4900 krb5_context /*context*/, 4901 krb5_init_creds_context /*ctx*/); 4902 4903/** 4904 * Init the built-in ets in the Kerberos library. 4905 * 4906 * @param context kerberos context to add the ets too 4907 * 4908 * @ingroup krb5 4909 */ 4910KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4911krb5_init_ets (krb5_context /*context*/); 4912 4913KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4914krb5_initlog ( 4915 krb5_context /*context*/, 4916 const char */*program*/, 4917 krb5_log_facility **/*fac*/); 4918 4919/** 4920 * Return TRUE (non zero) if the principal is a configuration 4921 * principal (generated part of krb5_cc_set_config()). Returns FALSE 4922 * (zero) if not a configuration principal. 4923 * 4924 * @param context a Keberos context 4925 * @param principal principal to check if it a configuration principal 4926 * 4927 * @ingroup krb5_ccache 4928 */ 4929KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4930krb5_is_config_principal ( 4931 krb5_context /*context*/, 4932 krb5_const_principal /*principal*/); 4933 4934/** 4935 * Returns is the encryption is strong or weak 4936 * 4937 * @param context Kerberos 5 context 4938 * @param enctype encryption type to probe 4939 * 4940 * @return Returns true if encryption type is weak or is not supported. 4941 * 4942 * @ingroup krb5_crypto 4943 */ 4944KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4945krb5_is_enctype_weak ( 4946 krb5_context /*context*/, 4947 krb5_enctype /*enctype*/); 4948 4949/** 4950 * Runtime check if the Kerberos library was complied with thread support. 4951 * 4952 * @return TRUE if the library was compiled with thread support, FALSE if not. 4953 * 4954 * @ingroup krb5 4955 */ 4956KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4957krb5_is_thread_safe (void); 4958 4959KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4960krb5_kcm_call ( 4961 krb5_context /*context*/, 4962 krb5_storage */*request*/, 4963 krb5_storage **/*response_p*/, 4964 krb5_data */*response_data_p*/); 4965 4966/** 4967 * Variable containing the KEYCHAIN based credential cache implemention. 4968 * 4969 * @ingroup krb5_ccache 4970 */ 4971KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4972krb5_kcm_storage_request ( 4973 krb5_context /*context*/, 4974 uint16_t /*opcode*/, 4975 krb5_storage **/*storage_p*/); 4976 4977/** 4978 * Returns the list of Kerberos encryption types sorted in order of 4979 * most preferred to least preferred encryption type. Note that some 4980 * encryption types might be disabled, so you need to check with 4981 * krb5_enctype_valid() before using the encryption type. 4982 * 4983 * @return list of enctypes, terminated with ETYPE_NULL. Its a static 4984 * array completed into the Kerberos library so the content doesn't 4985 * need to be freed. 4986 * 4987 * @ingroup krb5 4988 */ 4989KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL 4990krb5_kerberos_enctypes (krb5_context /*context*/); 4991 4992/** 4993 * Get encryption type of a keyblock. 4994 * 4995 * @ingroup krb5_crypto 4996 */ 4997KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 4998krb5_keyblock_get_enctype (const krb5_keyblock */*block*/); 4999 5000/** 5001 * Fill in `key' with key data of type `enctype' from `data' of length 5002 * `size'. Key should be freed using krb5_free_keyblock_contents(). 5003 * 5004 * @return 0 on success or a Kerberos 5 error code 5005 * 5006 * @ingroup krb5_crypto 5007 */ 5008KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5009krb5_keyblock_init ( 5010 krb5_context /*context*/, 5011 krb5_enctype /*type*/, 5012 const void */*data*/, 5013 size_t /*size*/, 5014 krb5_keyblock */*key*/); 5015 5016KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5017krb5_keyblock_key_proc ( 5018 krb5_context /*context*/, 5019 krb5_keytype /*type*/, 5020 krb5_data */*salt*/, 5021 krb5_const_pointer /*keyseed*/, 5022 krb5_keyblock **/*key*/); 5023 5024/** 5025 * Zero out a keyblock 5026 * 5027 * @param keyblock keyblock to zero out 5028 * 5029 * @ingroup krb5_crypto 5030 */ 5031KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5032krb5_keyblock_zero (krb5_keyblock */*keyblock*/); 5033 5034/** 5035 * Deprecated: use krb5_get_init_creds() and friends. 5036 * 5037 * @ingroup krb5_deprecated 5038 */ 5039KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 5040krb5_keytab_key_proc ( 5041 krb5_context /*context*/, 5042 krb5_enctype /*enctype*/, 5043 krb5_salt /*salt*/, 5044 krb5_const_pointer /*keyseed*/, 5045 krb5_keyblock **/*key*/) 5046 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5047 5048/** 5049 * Deprecated: keytypes doesn't exists, they are really enctypes. 5050 * 5051 * @ingroup krb5_deprecated 5052 */ 5053KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5054krb5_keytype_to_enctypes ( 5055 krb5_context /*context*/, 5056 krb5_keytype /*keytype*/, 5057 unsigned */*len*/, 5058 krb5_enctype **/*val*/) 5059 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5060 5061/** 5062 * Deprecated: keytypes doesn't exists, they are really enctypes. 5063 * 5064 * @ingroup krb5_deprecated 5065 */ 5066KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5067krb5_keytype_to_enctypes_default ( 5068 krb5_context /*context*/, 5069 krb5_keytype /*keytype*/, 5070 unsigned */*len*/, 5071 krb5_enctype **/*val*/) 5072 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5073 5074/** 5075 * Deprecated: keytypes doesn't exists, they are really enctypes in 5076 * most cases, use krb5_enctype_to_string(). 5077 * 5078 * @ingroup krb5_deprecated 5079 */ 5080KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5081krb5_keytype_to_string ( 5082 krb5_context /*context*/, 5083 krb5_keytype /*keytype*/, 5084 char **/*string*/) 5085 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5086 5087KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5088krb5_krbhst_format_string ( 5089 krb5_context /*context*/, 5090 const krb5_krbhst_info */*host*/, 5091 char */*hostname*/, 5092 size_t /*hostlen*/); 5093 5094KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5095krb5_krbhst_free ( 5096 krb5_context /*context*/, 5097 krb5_krbhst_handle /*handle*/); 5098 5099/** 5100 * Return an `struct addrinfo *' for a KDC host. 5101 * 5102 * Returns an the struct addrinfo in in that corresponds to the 5103 * information in `host'. free:ing is handled by krb5_krbhst_free, so 5104 * the returned ai must not be released. 5105 * 5106 * @ingroup krb5 5107 */ 5108KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5109krb5_krbhst_get_addrinfo ( 5110 krb5_context /*context*/, 5111 krb5_krbhst_info */*host*/, 5112 struct addrinfo **/*ai*/); 5113 5114/** 5115 * If the hostname contains a dot, assumes it's a FQDN and 5116 * don't use search domains since that might be painfully slow 5117 * when machine is disconnected from that network. 5118 */ 5119KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5120krb5_krbhst_init ( 5121 krb5_context /*context*/, 5122 const char */*realm*/, 5123 unsigned int /*type*/, 5124 krb5_krbhst_handle */*handle*/); 5125 5126KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5127krb5_krbhst_init_flags ( 5128 krb5_context /*context*/, 5129 const char */*realm*/, 5130 unsigned int /*type*/, 5131 int /*flags*/, 5132 krb5_krbhst_handle */*handle*/); 5133 5134KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5135krb5_krbhst_next ( 5136 krb5_context /*context*/, 5137 krb5_krbhst_handle /*handle*/, 5138 krb5_krbhst_info **/*host*/); 5139 5140KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5141krb5_krbhst_next_as_string ( 5142 krb5_context /*context*/, 5143 krb5_krbhst_handle /*handle*/, 5144 char */*hostname*/, 5145 size_t /*hostlen*/); 5146 5147KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5148krb5_krbhst_reset ( 5149 krb5_context /*context*/, 5150 krb5_krbhst_handle /*handle*/); 5151 5152krb5_error_code KRB5_LIB_FUNCTION 5153krb5_krbhst_set_hostname ( 5154 krb5_context /*context*/, 5155 krb5_krbhst_handle /*handle*/, 5156 const char */*hostname*/); 5157 5158/** 5159 * Add the entry in `entry' to the keytab `id'. 5160 * 5161 * @param context a Keberos context. 5162 * @param id a keytab. 5163 * @param entry the entry to add 5164 * 5165 * @return Return an error code or 0, see krb5_get_error_message(). 5166 * 5167 * @ingroup krb5_keytab 5168 */ 5169KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5170krb5_kt_add_entry ( 5171 krb5_context /*context*/, 5172 krb5_keytab /*id*/, 5173 krb5_keytab_entry */*entry*/); 5174 5175/** 5176 * Finish using the keytab in `id'. All resources will be released, 5177 * even on errors. 5178 * 5179 * @param context a Keberos context. 5180 * @param id keytab to close. 5181 * 5182 * @return Return an error code or 0, see krb5_get_error_message(). 5183 * 5184 * @ingroup krb5_keytab 5185 */ 5186KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5187krb5_kt_close ( 5188 krb5_context /*context*/, 5189 krb5_keytab /*id*/); 5190 5191/** 5192 * Compare `entry' against `principal, vno, enctype'. 5193 * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. 5194 * Return TRUE if they compare the same, FALSE otherwise. 5195 * 5196 * @param context a Keberos context. 5197 * @param entry an entry to match with. 5198 * @param principal principal to match, NULL matches all principals. 5199 * @param vno key version to match, 0 matches all key version numbers. 5200 * @param enctype encryption type to match, 0 matches all encryption types. 5201 * 5202 * @return Return TRUE or match, FALSE if not matched. 5203 * 5204 * @ingroup krb5_keytab 5205 */ 5206KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5207krb5_kt_compare ( 5208 krb5_context /*context*/, 5209 krb5_keytab_entry */*entry*/, 5210 krb5_const_principal /*principal*/, 5211 krb5_kvno /*vno*/, 5212 krb5_enctype /*enctype*/); 5213 5214/** 5215 * Copy the contents of `in' into `out'. 5216 * 5217 * @param context a Keberos context. 5218 * @param in the keytab entry to copy. 5219 * @param out the copy of the keytab entry, free with krb5_kt_free_entry(). 5220 * 5221 * @return Return an error code or 0, see krb5_get_error_message(). 5222 * 5223 * @ingroup krb5_keytab 5224 */ 5225KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5226krb5_kt_copy_entry_contents ( 5227 krb5_context /*context*/, 5228 const krb5_keytab_entry */*in*/, 5229 krb5_keytab_entry */*out*/); 5230 5231/** 5232 * Set `id' to the default keytab. 5233 * 5234 * @param context a Keberos context. 5235 * @param id the new default keytab. 5236 * 5237 * @return Return an error code or 0, see krb5_get_error_message(). 5238 * 5239 * @ingroup krb5_keytab 5240 */ 5241KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5242krb5_kt_default ( 5243 krb5_context /*context*/, 5244 krb5_keytab */*id*/); 5245 5246/** 5247 * Copy the name of the default modify keytab into `name'. 5248 * 5249 * @param context a Keberos context. 5250 * @param name buffer where the name will be written 5251 * @param namesize length of name 5252 * 5253 * @return Return an error code or 0, see krb5_get_error_message(). 5254 * 5255 * @ingroup krb5_keytab 5256 */ 5257KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5258krb5_kt_default_modify_name ( 5259 krb5_context /*context*/, 5260 char */*name*/, 5261 size_t /*namesize*/); 5262 5263/** 5264 * copy the name of the default keytab into `name'. 5265 * 5266 * @param context a Keberos context. 5267 * @param name buffer where the name will be written 5268 * @param namesize length of name 5269 * 5270 * @return Return an error code or 0, see krb5_get_error_message(). 5271 * 5272 * @ingroup krb5_keytab 5273 */ 5274KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5275krb5_kt_default_name ( 5276 krb5_context /*context*/, 5277 char */*name*/, 5278 size_t /*namesize*/); 5279 5280/** 5281 * Destroy (remove) the keytab in `id'. All resources will be released, 5282 * even on errors, does the equvalment of krb5_kt_close() on the resources. 5283 * 5284 * @param context a Keberos context. 5285 * @param id keytab to destroy. 5286 * 5287 * @return Return an error code or 0, see krb5_get_error_message(). 5288 * 5289 * @ingroup krb5_keytab 5290 */ 5291KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5292krb5_kt_destroy ( 5293 krb5_context /*context*/, 5294 krb5_keytab /*id*/); 5295 5296/** 5297 * Release all resources associated with `cursor'. 5298 * 5299 * @param context a Keberos context. 5300 * @param id a keytab. 5301 * @param cursor the cursor to free. 5302 * 5303 * @return Return an error code or 0, see krb5_get_error_message(). 5304 * 5305 * @ingroup krb5_keytab 5306 */ 5307KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5308krb5_kt_end_seq_get ( 5309 krb5_context /*context*/, 5310 krb5_keytab /*id*/, 5311 krb5_kt_cursor */*cursor*/); 5312 5313/** 5314 * Free the contents of `entry'. 5315 * 5316 * @param context a Keberos context. 5317 * @param entry the entry to free 5318 * 5319 * @return Return an error code or 0, see krb5_get_error_message(). 5320 * 5321 * @ingroup krb5_keytab 5322 */ 5323KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5324krb5_kt_free_entry ( 5325 krb5_context /*context*/, 5326 krb5_keytab_entry */*entry*/); 5327 5328/** 5329 * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' 5330 * from the keytab `id'. Matching is done like krb5_kt_compare(). 5331 * 5332 * @param context a Keberos context. 5333 * @param id a keytab. 5334 * @param principal principal to match, NULL matches all principals. 5335 * @param kvno key version to match, 0 matches all key version numbers. 5336 * @param enctype encryption type to match, 0 matches all encryption types. 5337 * @param entry the returned entry, free with krb5_kt_free_entry(). 5338 * 5339 * @return Return an error code or 0, see krb5_get_error_message(). 5340 * 5341 * @ingroup krb5_keytab 5342 */ 5343KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5344krb5_kt_get_entry ( 5345 krb5_context /*context*/, 5346 krb5_keytab /*id*/, 5347 krb5_const_principal /*principal*/, 5348 krb5_kvno /*kvno*/, 5349 krb5_enctype /*enctype*/, 5350 krb5_keytab_entry */*entry*/); 5351 5352/** 5353 * Retrieve the full name of the keytab `keytab' and store the name in 5354 * `str'. 5355 * 5356 * @param context a Keberos context. 5357 * @param keytab keytab to get name for. 5358 * @param str the name of the keytab name, usee krb5_xfree() to free 5359 * the string. On error, *str is set to NULL. 5360 * 5361 * @return Return an error code or 0, see krb5_get_error_message(). 5362 * 5363 * @ingroup krb5_keytab 5364 */ 5365KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5366krb5_kt_get_full_name ( 5367 krb5_context /*context*/, 5368 krb5_keytab /*keytab*/, 5369 char **/*str*/); 5370 5371/** 5372 * Retrieve the name of the keytab `keytab' into `name', `namesize' 5373 * 5374 * @param context a Keberos context. 5375 * @param keytab the keytab to get the name for. 5376 * @param name name buffer. 5377 * @param namesize size of name buffer. 5378 * 5379 * @return Return an error code or 0, see krb5_get_error_message(). 5380 * 5381 * @ingroup krb5_keytab 5382 */ 5383KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5384krb5_kt_get_name ( 5385 krb5_context /*context*/, 5386 krb5_keytab /*keytab*/, 5387 char */*name*/, 5388 size_t /*namesize*/); 5389 5390/** 5391 * Return the type of the `keytab' in the string `prefix of length 5392 * `prefixsize'. 5393 * 5394 * @param context a Keberos context. 5395 * @param keytab the keytab to get the prefix for 5396 * @param prefix prefix buffer 5397 * @param prefixsize length of prefix buffer 5398 * 5399 * @return Return an error code or 0, see krb5_get_error_message(). 5400 * 5401 * @ingroup krb5_keytab 5402 */ 5403KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5404krb5_kt_get_type ( 5405 krb5_context /*context*/, 5406 krb5_keytab /*keytab*/, 5407 char */*prefix*/, 5408 size_t /*prefixsize*/); 5409 5410/** 5411 * Return true if the keytab exists and have entries 5412 * 5413 * @param context a Keberos context. 5414 * @param id a keytab. 5415 * 5416 * @return Return an error code or 0, see krb5_get_error_message(). 5417 * 5418 * @ingroup krb5_keytab 5419 */ 5420KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5421krb5_kt_have_content ( 5422 krb5_context /*context*/, 5423 krb5_keytab /*id*/); 5424 5425/** 5426 * Get the next entry from keytab, advance the cursor. On last entry 5427 * the function will return KRB5_KT_END. 5428 * 5429 * @param context a Keberos context. 5430 * @param id a keytab. 5431 * @param entry the returned entry, free with krb5_kt_free_entry(). 5432 * @param cursor the cursor of the iteration. 5433 * 5434 * @return Return an error code or 0, see krb5_get_error_message(). 5435 * 5436 * @ingroup krb5_keytab 5437 */ 5438KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5439krb5_kt_next_entry ( 5440 krb5_context /*context*/, 5441 krb5_keytab /*id*/, 5442 krb5_keytab_entry */*entry*/, 5443 krb5_kt_cursor */*cursor*/); 5444 5445/** 5446 * Read the key identified by `(principal, vno, enctype)' from the 5447 * keytab in `keyprocarg' (the default if == NULL) into `*key'. 5448 * 5449 * @param context a Keberos context. 5450 * @param keyprocarg 5451 * @param principal 5452 * @param vno 5453 * @param enctype 5454 * @param key 5455 * 5456 * @return Return an error code or 0, see krb5_get_error_message(). 5457 * 5458 * @ingroup krb5_keytab 5459 */ 5460KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5461krb5_kt_read_service_key ( 5462 krb5_context /*context*/, 5463 krb5_pointer /*keyprocarg*/, 5464 krb5_principal /*principal*/, 5465 krb5_kvno /*vno*/, 5466 krb5_enctype /*enctype*/, 5467 krb5_keyblock **/*key*/); 5468 5469/** 5470 * Register a new keytab backend. 5471 * 5472 * @param context a Keberos context. 5473 * @param ops a backend to register. 5474 * 5475 * @return Return an error code or 0, see krb5_get_error_message(). 5476 * 5477 * @ingroup krb5_keytab 5478 */ 5479KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5480krb5_kt_register ( 5481 krb5_context /*context*/, 5482 const krb5_kt_ops */*ops*/); 5483 5484/** 5485 * Remove an entry from the keytab, matching is done using 5486 * krb5_kt_compare(). 5487 5488 * @param context a Keberos context. 5489 * @param id a keytab. 5490 * @param entry the entry to remove 5491 * 5492 * @return Return an error code or 0, see krb5_get_error_message(). 5493 * 5494 * @ingroup krb5_keytab 5495 */ 5496KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5497krb5_kt_remove_entry ( 5498 krb5_context /*context*/, 5499 krb5_keytab /*id*/, 5500 krb5_keytab_entry */*entry*/); 5501 5502/** 5503 * Resolve the keytab name (of the form `type:residual') in `name' 5504 * into a keytab in `id'. 5505 * 5506 * @param context a Keberos context. 5507 * @param name name to resolve 5508 * @param id resulting keytab, free with krb5_kt_close(). 5509 * 5510 * @return Return an error code or 0, see krb5_get_error_message(). 5511 * 5512 * @ingroup krb5_keytab 5513 */ 5514KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5515krb5_kt_resolve ( 5516 krb5_context /*context*/, 5517 const char */*name*/, 5518 krb5_keytab */*id*/); 5519 5520/** 5521 * Set `cursor' to point at the beginning of `id'. 5522 * 5523 * @param context a Keberos context. 5524 * @param id a keytab. 5525 * @param cursor a newly allocated cursor, free with krb5_kt_end_seq_get(). 5526 * 5527 * @return Return an error code or 0, see krb5_get_error_message(). 5528 * 5529 * @ingroup krb5_keytab 5530 */ 5531KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5532krb5_kt_start_seq_get ( 5533 krb5_context /*context*/, 5534 krb5_keytab /*id*/, 5535 krb5_kt_cursor */*cursor*/); 5536 5537/** 5538 * This function takes the name of a local user and checks if 5539 * principal is allowed to log in as that user. 5540 * 5541 * The user may have a ~/.k5login file listing principals that are 5542 * allowed to login as that user. If that file does not exist, all 5543 * principals with a first component identical to the username, and a 5544 * realm considered local, are allowed access. 5545 * 5546 * The .k5login file must contain one principal per line, be owned by 5547 * user and not be writable by group or other (but must be readable by 5548 * anyone). 5549 * 5550 * Note that if the file exists, no implicit access rights are given 5551 * to user@@LOCALREALM. 5552 * 5553 * Optionally, a set of files may be put in ~/.k5login.d (a 5554 * directory), in which case they will all be checked in the same 5555 * manner as .k5login. The files may be called anything, but files 5556 * starting with a hash (#) , or ending with a tilde (~) are 5557 * ignored. Subdirectories are not traversed. Note that this directory 5558 * may not be checked by other Kerberos implementations. 5559 * 5560 * If no configuration file exists, match user against local domains, 5561 * ie luser@@LOCAL-REALMS-IN-CONFIGURATION-FILES. 5562 * 5563 * @param context Kerberos 5 context. 5564 * @param principal principal to check if allowed to login 5565 * @param luser local user id 5566 * 5567 * @return returns TRUE if access should be granted, FALSE otherwise. 5568 * 5569 * @ingroup krb5_support 5570 */ 5571KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5572krb5_kuserok ( 5573 krb5_context /*context*/, 5574 krb5_principal /*principal*/, 5575 const char */*luser*/); 5576 5577void 5578krb5_load_plugins ( 5579 krb5_context /*context*/, 5580 const char */*name*/, 5581 const char **/*paths*/); 5582 5583KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5584krb5_log ( 5585 krb5_context /*context*/, 5586 krb5_log_facility */*fac*/, 5587 int /*level*/, 5588 const char */*fmt*/, 5589 ...) 5590 HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 5)); 5591 5592KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5593krb5_log_msg ( 5594 krb5_context /*context*/, 5595 krb5_log_facility */*fac*/, 5596 int /*level*/, 5597 char **/*reply*/, 5598 const char */*fmt*/, 5599 ...) 5600 HEIMDAL_PRINTF_ATTRIBUTE((printf, 5, 6)); 5601 5602/** 5603 * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) 5604 * 5605 * @param context a Keberos context 5606 * @param res built address from addr/port 5607 * @param addr address to use 5608 * @param port port to use 5609 * 5610 * @return Return an error code or 0. 5611 * 5612 * @ingroup krb5_address 5613 */ 5614KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5615krb5_make_addrport ( 5616 krb5_context /*context*/, 5617 krb5_address **/*res*/, 5618 const krb5_address */*addr*/, 5619 int16_t /*port*/); 5620 5621/** 5622 * Build a principal using vararg style building 5623 * 5624 * @param context A Kerberos context. 5625 * @param principal returned principal 5626 * @param realm realm name 5627 * @param ... a list of components ended with NULL. 5628 * 5629 * @return An krb5 error code, see krb5_get_error_message(). 5630 * 5631 * @ingroup krb5_principal 5632 */ 5633KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5634krb5_make_principal ( 5635 krb5_context /*context*/, 5636 krb5_principal */*principal*/, 5637 krb5_const_realm /*realm*/, 5638 ...); 5639 5640/** 5641 * krb5_max_sockaddr_size returns the max size of the .Li struct 5642 * sockaddr that the Kerberos library will return. 5643 * 5644 * @return Return an size_t of the maximum struct sockaddr. 5645 * 5646 * @ingroup krb5_address 5647 */ 5648KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 5649krb5_max_sockaddr_size (void); 5650 5651KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5652krb5_mk_error ( 5653 krb5_context /*context*/, 5654 krb5_error_code /*error_code*/, 5655 const char */*e_text*/, 5656 const krb5_data */*e_data*/, 5657 const krb5_principal /*client*/, 5658 const krb5_principal /*server*/, 5659 time_t */*client_time*/, 5660 int */*client_usec*/, 5661 krb5_data */*reply*/); 5662 5663KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5664krb5_mk_priv ( 5665 krb5_context /*context*/, 5666 krb5_auth_context /*auth_context*/, 5667 const krb5_data */*userdata*/, 5668 krb5_data */*outbuf*/, 5669 krb5_replay_data */*outdata*/); 5670 5671KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5672krb5_mk_rep ( 5673 krb5_context /*context*/, 5674 krb5_auth_context /*auth_context*/, 5675 krb5_data */*outbuf*/); 5676 5677KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5678krb5_mk_req ( 5679 krb5_context /*context*/, 5680 krb5_auth_context */*auth_context*/, 5681 const krb5_flags /*ap_req_options*/, 5682 const char */*service*/, 5683 const char */*hostname*/, 5684 krb5_data */*in_data*/, 5685 krb5_ccache /*ccache*/, 5686 krb5_data */*outbuf*/); 5687 5688KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5689krb5_mk_req_exact ( 5690 krb5_context /*context*/, 5691 krb5_auth_context */*auth_context*/, 5692 const krb5_flags /*ap_req_options*/, 5693 const krb5_principal /*server*/, 5694 krb5_data */*in_data*/, 5695 krb5_ccache /*ccache*/, 5696 krb5_data */*outbuf*/); 5697 5698KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5699krb5_mk_req_extended ( 5700 krb5_context /*context*/, 5701 krb5_auth_context */*auth_context*/, 5702 const krb5_flags /*ap_req_options*/, 5703 krb5_data */*in_data*/, 5704 krb5_creds */*in_creds*/, 5705 krb5_data */*outbuf*/); 5706 5707KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5708krb5_mk_safe ( 5709 krb5_context /*context*/, 5710 krb5_auth_context /*auth_context*/, 5711 const krb5_data */*userdata*/, 5712 krb5_data */*outbuf*/, 5713 krb5_replay_data */*outdata*/); 5714 5715KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5716krb5_net_read ( 5717 krb5_context /*context*/, 5718 void */*p_fd*/, 5719 void */*buf*/, 5720 size_t /*len*/); 5721 5722KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5723krb5_net_write ( 5724 krb5_context /*context*/, 5725 void */*p_fd*/, 5726 const void */*buf*/, 5727 size_t /*len*/); 5728 5729KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5730krb5_net_write_block ( 5731 krb5_context /*context*/, 5732 void */*p_fd*/, 5733 const void */*buf*/, 5734 size_t /*len*/, 5735 time_t /*timeout*/); 5736 5737KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5738krb5_ntlm_alloc ( 5739 krb5_context /*context*/, 5740 krb5_ntlm */*ntlm*/); 5741 5742KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5743krb5_ntlm_free ( 5744 krb5_context /*context*/, 5745 krb5_ntlm /*ntlm*/); 5746 5747KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5748krb5_ntlm_init_get_challange ( 5749 krb5_context /*context*/, 5750 krb5_ntlm /*ntlm*/, 5751 krb5_data */*challenge*/); 5752 5753KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5754krb5_ntlm_init_get_flags ( 5755 krb5_context /*context*/, 5756 krb5_ntlm /*ntlm*/, 5757 uint32_t */*flags*/); 5758 5759KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5760krb5_ntlm_init_get_opaque ( 5761 krb5_context /*context*/, 5762 krb5_ntlm /*ntlm*/, 5763 krb5_data */*opaque*/); 5764 5765KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5766krb5_ntlm_init_get_targetinfo ( 5767 krb5_context /*context*/, 5768 krb5_ntlm /*ntlm*/, 5769 krb5_data */*data*/); 5770 5771KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5772krb5_ntlm_init_get_targetname ( 5773 krb5_context /*context*/, 5774 krb5_ntlm /*ntlm*/, 5775 char **/*name*/); 5776 5777KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5778krb5_ntlm_init_request ( 5779 krb5_context /*context*/, 5780 krb5_ntlm /*ntlm*/, 5781 krb5_realm /*realm*/, 5782 krb5_ccache /*ccache*/, 5783 uint32_t /*flags*/, 5784 const char */*hostname*/, 5785 const char */*domainname*/); 5786 5787KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5788krb5_ntlm_rep_get_sessionkey ( 5789 krb5_context /*context*/, 5790 krb5_ntlm /*ntlm*/, 5791 krb5_data */*data*/); 5792 5793KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5794krb5_ntlm_rep_get_status ( 5795 krb5_context /*context*/, 5796 krb5_ntlm /*ntlm*/); 5797 5798KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5799krb5_ntlm_req_set_flags ( 5800 krb5_context /*context*/, 5801 krb5_ntlm /*ntlm*/, 5802 uint32_t /*flags*/); 5803 5804KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5805krb5_ntlm_req_set_lm ( 5806 krb5_context /*context*/, 5807 krb5_ntlm /*ntlm*/, 5808 void */*hash*/, 5809 size_t /*len*/); 5810 5811KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5812krb5_ntlm_req_set_ntlm ( 5813 krb5_context /*context*/, 5814 krb5_ntlm /*ntlm*/, 5815 void */*hash*/, 5816 size_t /*len*/); 5817 5818KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5819krb5_ntlm_req_set_opaque ( 5820 krb5_context /*context*/, 5821 krb5_ntlm /*ntlm*/, 5822 krb5_data */*opaque*/); 5823 5824KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5825krb5_ntlm_req_set_session ( 5826 krb5_context /*context*/, 5827 krb5_ntlm /*ntlm*/, 5828 void */*sessionkey*/, 5829 size_t /*length*/); 5830 5831KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5832krb5_ntlm_req_set_targetname ( 5833 krb5_context /*context*/, 5834 krb5_ntlm /*ntlm*/, 5835 const char */*targetname*/); 5836 5837KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5838krb5_ntlm_req_set_username ( 5839 krb5_context /*context*/, 5840 krb5_ntlm /*ntlm*/, 5841 const char */*username*/); 5842 5843KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5844krb5_ntlm_request ( 5845 krb5_context /*context*/, 5846 krb5_ntlm /*ntlm*/, 5847 krb5_realm /*realm*/, 5848 krb5_ccache /*ccache*/); 5849 5850KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5851krb5_openlog ( 5852 krb5_context /*context*/, 5853 const char */*program*/, 5854 krb5_log_facility **/*fac*/); 5855 5856KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5857krb5_pac_add_buffer ( 5858 krb5_context /*context*/, 5859 krb5_pac /*p*/, 5860 uint32_t /*type*/, 5861 const krb5_data */*data*/); 5862 5863/** 5864 * Free the windows PAC 5865 * 5866 * @param context Kerberos 5 context. 5867 * @param pac the pac structure returned by krb5_pac_parse() and others 5868 * 5869 * @ingroup krb5_pac 5870 */ 5871KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5872krb5_pac_free ( 5873 krb5_context /*context*/, 5874 krb5_pac /*pac*/); 5875 5876/** 5877 * Get the PAC buffer of specific type from the pac. 5878 * 5879 * @param context Kerberos 5 context. 5880 * @param p the pac structure returned by krb5_pac_parse(). 5881 * @param type type of buffer to get 5882 * @param data return data, free with krb5_data_free(). 5883 * 5884 * @return Returns 0 to indicate success. Otherwise an kerberos et 5885 * error code is returned, see krb5_get_error_message(). 5886 * 5887 * @ingroup krb5_pac 5888 */ 5889KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5890krb5_pac_get_buffer ( 5891 krb5_context /*context*/, 5892 krb5_pac /*p*/, 5893 uint32_t /*type*/, 5894 krb5_data */*data*/); 5895 5896KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5897krb5_pac_get_types ( 5898 krb5_context /*context*/, 5899 krb5_pac /*p*/, 5900 size_t */*len*/, 5901 uint32_t **/*types*/); 5902 5903KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5904krb5_pac_init ( 5905 krb5_context /*context*/, 5906 krb5_pac */*pac*/); 5907 5908KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5909krb5_pac_parse ( 5910 krb5_context /*context*/, 5911 const void */*ptr*/, 5912 size_t /*len*/, 5913 krb5_pac */*pac*/); 5914 5915/** 5916 * Verify the PAC. 5917 * 5918 * @param context Kerberos 5 context. 5919 * @param pac the pac structure returned by krb5_pac_parse(). 5920 * @param authtime The time of the ticket the PAC belongs to. 5921 * @param principal the principal to verify. 5922 * @param server The service key, most always be given. 5923 * @param privsvr The KDC key, may be given. 5924 5925 * @return Returns 0 to indicate success. Otherwise an kerberos et 5926 * error code is returned, see krb5_get_error_message(). 5927 * 5928 * @ingroup krb5_pac 5929 */ 5930KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5931krb5_pac_verify ( 5932 krb5_context /*context*/, 5933 const krb5_pac /*pac*/, 5934 time_t /*authtime*/, 5935 krb5_const_principal /*principal*/, 5936 const krb5_keyblock */*server*/, 5937 const krb5_keyblock */*privsvr*/); 5938 5939KRB5_LIB_FUNCTION int KRB5_LIB_CALL 5940krb5_padata_add ( 5941 krb5_context /*context*/, 5942 METHOD_DATA */*md*/, 5943 int /*type*/, 5944 void */*buf*/, 5945 size_t /*len*/); 5946 5947/** 5948 * krb5_parse_address returns the resolved hostname in string to the 5949 * krb5_addresses addresses . 5950 * 5951 * @param context a Keberos context 5952 * @param string 5953 * @param addresses 5954 * 5955 * @return Return an error code or 0. 5956 * 5957 * @ingroup krb5_address 5958 */ 5959KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5960krb5_parse_address ( 5961 krb5_context /*context*/, 5962 const char */*string*/, 5963 krb5_addresses */*addresses*/); 5964 5965/** 5966 * Parse a name into a krb5_principal structure 5967 * 5968 * @param context Kerberos 5 context 5969 * @param name name to parse into a Kerberos principal 5970 * @param principal returned principal, free with krb5_free_principal(). 5971 * 5972 * @return An krb5 error code, see krb5_get_error_message(). 5973 * 5974 * @ingroup krb5_principal 5975 */ 5976KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5977krb5_parse_name ( 5978 krb5_context /*context*/, 5979 const char */*name*/, 5980 krb5_principal */*principal*/); 5981 5982/** 5983 * Parse a name into a krb5_principal structure, flags controls the behavior. 5984 * 5985 * @param context Kerberos 5 context 5986 * @param name name to parse into a Kerberos principal 5987 * @param flags flags to control the behavior 5988 * @param principal returned principal, free with krb5_free_principal(). 5989 * 5990 * @return An krb5 error code, see krb5_get_error_message(). 5991 * 5992 * @ingroup krb5_principal 5993 */ 5994KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5995krb5_parse_name_flags ( 5996 krb5_context /*context*/, 5997 const char */*name*/, 5998 int /*flags*/, 5999 krb5_principal */*principal*/); 6000 6001/** 6002 * Parse nametype string and return a nametype integer 6003 * 6004 * @ingroup krb5_principal 6005 */ 6006KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6007krb5_parse_nametype ( 6008 krb5_context /*context*/, 6009 const char */*str*/, 6010 int32_t */*nametype*/); 6011 6012KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6013krb5_passwd_result_to_string ( 6014 krb5_context /*context*/, 6015 int /*result*/); 6016 6017/** 6018 * Deprecated: use krb5_get_init_creds() and friends. 6019 * 6020 * @ingroup krb5_deprecated 6021 */ 6022KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 6023krb5_password_key_proc ( 6024 krb5_context /*context*/, 6025 krb5_enctype /*type*/, 6026 krb5_salt /*salt*/, 6027 krb5_const_pointer /*keyseed*/, 6028 krb5_keyblock **/*key*/) 6029 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6030 6031KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6032krb5_pk_enterprise_cert ( 6033 krb5_context /*context*/, 6034 const char */*user_id*/, 6035 krb5_const_realm /*realm*/, 6036 krb5_principal */*principal*/, 6037 struct hx509_cert_data **/*res*/); 6038 6039/** 6040 * Register a plugin symbol name of specific type. 6041 * @param context a Keberos context 6042 * @param type type of plugin symbol 6043 * @param name name of plugin symbol 6044 * @param symbol a pointer to the named symbol 6045 * @return In case of error a non zero error com_err error is returned 6046 * and the Kerberos error string is set. 6047 * 6048 * @ingroup krb5_support 6049 */ 6050KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6051krb5_plugin_register ( 6052 krb5_context /*context*/, 6053 enum krb5_plugin_type /*type*/, 6054 const char */*name*/, 6055 void */*symbol*/); 6056 6057krb5_error_code 6058krb5_plugin_run_f ( 6059 krb5_context /*context*/, 6060 const char */*module*/, 6061 const char */*name*/, 6062 int /*min_version*/, 6063 int /*flags*/, 6064 void */*userctx*/, 6065 krb5_error_code (*/*func*/)(krb5_context, const void *, void *, void *)); 6066 6067KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6068krb5_prepend_config_files ( 6069 const char */*filelist*/, 6070 char **/*pq*/, 6071 char ***/*ret_pp*/); 6072 6073/** 6074 * Prepend the filename to the global configuration list. 6075 * 6076 * @param filelist a filename to add to the default list of filename 6077 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 6078 * 6079 * @return Returns 0 to indicate success. Otherwise an kerberos et 6080 * error code is returned, see krb5_get_error_message(). 6081 * 6082 * @ingroup krb5 6083 */ 6084KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6085krb5_prepend_config_files_default ( 6086 const char */*filelist*/, 6087 char ***/*pfilenames*/); 6088 6089/** 6090 * Prepend the context full error string for a specific error code. 6091 * The error that is stored should be internationalized. 6092 * 6093 * The if context is NULL, no error string is stored. 6094 * 6095 * @param context Kerberos 5 context 6096 * @param ret The error code 6097 * @param fmt Error string for the error code 6098 * @param ... printf(3) style parameters. 6099 * 6100 * @ingroup krb5_error 6101 */ 6102KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6103krb5_prepend_error_message ( 6104 krb5_context /*context*/, 6105 krb5_error_code /*ret*/, 6106 const char */*fmt*/, 6107 ...) 6108 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)); 6109 6110/** 6111 * Deprecated: use krb5_principal_get_realm() 6112 * 6113 * @ingroup krb5_deprecated 6114 */ 6115KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL 6116krb5_princ_realm ( 6117 krb5_context /*context*/, 6118 krb5_principal /*principal*/) 6119 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6120 6121/** 6122 * Deprecated: use krb5_principal_set_realm() 6123 * 6124 * @ingroup krb5_deprecated 6125 */ 6126KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6127krb5_princ_set_realm ( 6128 krb5_context /*context*/, 6129 krb5_principal /*principal*/, 6130 krb5_realm */*realm*/) 6131 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6132 6133/** 6134 * Compares the two principals, including realm of the principals and returns 6135 * TRUE if they are the same and FALSE if not. 6136 * 6137 * @param context Kerberos 5 context 6138 * @param princ1 first principal to compare 6139 * @param princ2 second principal to compare 6140 * 6141 * @ingroup krb5_principal 6142 * @see krb5_principal_compare_any_realm() 6143 * @see krb5_realm_compare() 6144 */ 6145KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6146krb5_principal_compare ( 6147 krb5_context /*context*/, 6148 krb5_const_principal /*princ1*/, 6149 krb5_const_principal /*princ2*/); 6150 6151/** 6152 * Return TRUE iff princ1 == princ2 (without considering the realm) 6153 * 6154 * @param context Kerberos 5 context 6155 * @param princ1 first principal to compare 6156 * @param princ2 second principal to compare 6157 * 6158 * @return non zero if equal, 0 if not 6159 * 6160 * @ingroup krb5_principal 6161 * @see krb5_principal_compare() 6162 * @see krb5_realm_compare() 6163 */ 6164KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6165krb5_principal_compare_any_realm ( 6166 krb5_context /*context*/, 6167 krb5_const_principal /*princ1*/, 6168 krb5_const_principal /*princ2*/); 6169 6170KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6171krb5_principal_get_comp_string ( 6172 krb5_context /*context*/, 6173 krb5_const_principal /*principal*/, 6174 unsigned int /*component*/); 6175 6176/** 6177 * Get number of component is principal. 6178 * 6179 * @param context Kerberos 5 context 6180 * @param principal principal to query 6181 * 6182 * @return number of components in string 6183 * 6184 * @ingroup krb5_principal 6185 */ 6186KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL 6187krb5_principal_get_num_comp ( 6188 krb5_context /*context*/, 6189 krb5_const_principal /*principal*/); 6190 6191/** 6192 * Get the realm of the principal 6193 * 6194 * @param context A Kerberos context. 6195 * @param principal principal to get the realm for 6196 * 6197 * @return realm of the principal, don't free or use after krb5_principal is freed 6198 * 6199 * @ingroup krb5_principal 6200 */ 6201KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6202krb5_principal_get_realm ( 6203 krb5_context /*context*/, 6204 krb5_const_principal /*principal*/); 6205 6206/** 6207 * Get the type of the principal 6208 * 6209 * @param context A Kerberos context. 6210 * @param principal principal to get the type for 6211 * 6212 * @return the type of principal 6213 * 6214 * @ingroup krb5_principal 6215 */ 6216KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6217krb5_principal_get_type ( 6218 krb5_context /*context*/, 6219 krb5_const_principal /*principal*/); 6220 6221/** 6222 * Returns true iff name is an WELLKNOWN:ORG.H5L.HOSTBASED-SERVICE 6223 * 6224 * @ingroup krb5_principal 6225 */ 6226krb5_boolean KRB5_LIB_FUNCTION 6227krb5_principal_is_gss_hostbased_service ( 6228 krb5_context /*context*/, 6229 krb5_const_principal /*principal*/); 6230 6231/** 6232 * Check if the cname part of the principal is a krbtgt principal 6233 * 6234 * @ingroup krb5_principal 6235 */ 6236KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6237krb5_principal_is_krbtgt ( 6238 krb5_context /*context*/, 6239 krb5_const_principal /*p*/); 6240 6241/** 6242 * Returns true if name is Kerberos an LKDC realm 6243 * 6244 * @ingroup krb5_principal 6245 */ 6246krb5_boolean KRB5_LIB_FUNCTION 6247krb5_principal_is_lkdc ( 6248 krb5_context /*context*/, 6249 krb5_const_principal /*principal*/); 6250 6251/** 6252 * Returns true if name is Kerberos NULL name 6253 * 6254 * @ingroup krb5_principal 6255 */ 6256krb5_boolean KRB5_LIB_FUNCTION 6257krb5_principal_is_null ( 6258 krb5_context /*context*/, 6259 krb5_const_principal /*principal*/); 6260 6261/** 6262 * Returns true if name is Kerberos an LKDC realm 6263 * 6264 * @ingroup krb5_principal 6265 */ 6266krb5_boolean KRB5_LIB_FUNCTION 6267krb5_principal_is_pku2u ( 6268 krb5_context /*context*/, 6269 krb5_const_principal /*principal*/); 6270 6271/** 6272 * Check if the cname part of the principal is a initial or renewed krbtgt principal 6273 * 6274 * @ingroup krb5_principal 6275 */ 6276krb5_boolean KRB5_LIB_FUNCTION 6277krb5_principal_is_root_krbtgt ( 6278 krb5_context /*context*/, 6279 krb5_const_principal /*p*/); 6280 6281/** 6282 * return TRUE iff princ matches pattern 6283 * 6284 * @ingroup krb5_principal 6285 */ 6286KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6287krb5_principal_match ( 6288 krb5_context /*context*/, 6289 krb5_const_principal /*princ*/, 6290 krb5_const_principal /*pattern*/); 6291 6292/** 6293 * Set a new realm for a principal, and as a side-effect free the 6294 * previous realm. 6295 * 6296 * @param context A Kerberos context. 6297 * @param principal principal set the realm for 6298 * @param realm the new realm to set 6299 * 6300 * @return An krb5 error code, see krb5_get_error_message(). 6301 * 6302 * @ingroup krb5_principal 6303 */ 6304KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6305krb5_principal_set_realm ( 6306 krb5_context /*context*/, 6307 krb5_principal /*principal*/, 6308 krb5_const_realm /*realm*/); 6309 6310/** 6311 * Set the type of the principal 6312 * 6313 * @param context A Kerberos context. 6314 * @param principal principal to set the type for 6315 * @param type the new type 6316 * 6317 * @return An krb5 error code, see krb5_get_error_message(). 6318 * 6319 * @ingroup krb5_principal 6320 */ 6321KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6322krb5_principal_set_type ( 6323 krb5_context /*context*/, 6324 krb5_principal /*principal*/, 6325 int /*type*/); 6326 6327/** 6328 * krb5_print_address prints the address in addr to the string string 6329 * that have the length len. If ret_len is not NULL, it will be filled 6330 * with the length of the string if size were unlimited (not including 6331 * the final NUL) . 6332 * 6333 * @param addr address to be printed 6334 * @param str pointer string to print the address into 6335 * @param len length that will fit into area pointed to by "str". 6336 * @param ret_len return length the str. 6337 * 6338 * @return Return an error code or 0. 6339 * 6340 * @ingroup krb5_address 6341 */ 6342KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6343krb5_print_address ( 6344 const krb5_address */*addr*/, 6345 char */*str*/, 6346 size_t /*len*/, 6347 size_t */*ret_len*/); 6348 6349krb5_error_code 6350krb5_process_last_request ( 6351 krb5_context /*context*/, 6352 krb5_get_init_creds_opt */*options*/, 6353 krb5_init_creds_context /*ctx*/); 6354 6355KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6356krb5_program_setup ( 6357 krb5_context */*context*/, 6358 int /*argc*/, 6359 char **/*argv*/, 6360 struct getargs */*args*/, 6361 int /*num_args*/, 6362 void (KRB5_LIB_CALL *usage)(int, struct getargs*, int)); 6363 6364KRB5_LIB_FUNCTION int KRB5_CALLCONV 6365krb5_prompter_posix ( 6366 krb5_context /*context*/, 6367 void */*data*/, 6368 const char */*name*/, 6369 const char */*banner*/, 6370 int /*num_prompts*/, 6371 krb5_prompt prompts[]); 6372 6373/** 6374 * Converts the random bytestring to a protocol key according to 6375 * Kerberos crypto frame work. It may be assumed that all the bits of 6376 * the input string are equally random, even though the entropy 6377 * present in the random source may be limited. 6378 * 6379 * @param context Kerberos 5 context 6380 * @param type the enctype resulting key will be of 6381 * @param data input random data to convert to a key 6382 * @param size size of input random data, at least krb5_enctype_keysize() long 6383 * @param key key, output key, free with krb5_free_keyblock_contents() 6384 * 6385 * @return Return an error code or 0. 6386 * 6387 * @ingroup krb5_crypto 6388 */ 6389KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6390krb5_random_to_key ( 6391 krb5_context /*context*/, 6392 krb5_enctype /*type*/, 6393 const void */*data*/, 6394 size_t /*size*/, 6395 krb5_keyblock */*key*/); 6396 6397KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6398krb5_rc_close ( 6399 krb5_context /*context*/, 6400 krb5_rcache /*id*/); 6401 6402KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6403krb5_rc_default ( 6404 krb5_context /*context*/, 6405 krb5_rcache */*id*/); 6406 6407KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6408krb5_rc_default_name (krb5_context /*context*/); 6409 6410KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6411krb5_rc_default_type (krb5_context /*context*/); 6412 6413KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6414krb5_rc_destroy ( 6415 krb5_context /*context*/, 6416 krb5_rcache /*id*/); 6417 6418KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6419krb5_rc_expunge ( 6420 krb5_context /*context*/, 6421 krb5_rcache /*id*/); 6422 6423KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6424krb5_rc_get_lifespan ( 6425 krb5_context /*context*/, 6426 krb5_rcache /*id*/, 6427 krb5_deltat */*auth_lifespan*/); 6428 6429KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6430krb5_rc_get_name ( 6431 krb5_context /*context*/, 6432 krb5_rcache /*id*/); 6433 6434KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6435krb5_rc_get_type ( 6436 krb5_context /*context*/, 6437 krb5_rcache /*id*/); 6438 6439KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6440krb5_rc_initialize ( 6441 krb5_context /*context*/, 6442 krb5_rcache /*id*/, 6443 krb5_deltat /*auth_lifespan*/); 6444 6445KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6446krb5_rc_recover ( 6447 krb5_context /*context*/, 6448 krb5_rcache /*id*/); 6449 6450KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6451krb5_rc_resolve ( 6452 krb5_context /*context*/, 6453 krb5_rcache /*id*/, 6454 const char */*name*/); 6455 6456KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6457krb5_rc_resolve_full ( 6458 krb5_context /*context*/, 6459 krb5_rcache */*id*/, 6460 const char */*string_name*/); 6461 6462KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6463krb5_rc_resolve_type ( 6464 krb5_context /*context*/, 6465 krb5_rcache */*id*/, 6466 const char */*type*/); 6467 6468KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6469krb5_rc_store ( 6470 krb5_context /*context*/, 6471 krb5_rcache /*id*/, 6472 krb5_donot_replay */*rep*/); 6473 6474KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6475krb5_rd_cred ( 6476 krb5_context /*context*/, 6477 krb5_auth_context /*auth_context*/, 6478 krb5_data */*in_data*/, 6479 krb5_creds ***/*ret_creds*/, 6480 krb5_replay_data */*outdata*/); 6481 6482KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6483krb5_rd_cred2 ( 6484 krb5_context /*context*/, 6485 krb5_auth_context /*auth_context*/, 6486 krb5_ccache /*ccache*/, 6487 krb5_data */*in_data*/); 6488 6489KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6490krb5_rd_error ( 6491 krb5_context /*context*/, 6492 const krb5_data */*msg*/, 6493 KRB_ERROR */*result*/); 6494 6495KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6496krb5_rd_priv ( 6497 krb5_context /*context*/, 6498 krb5_auth_context /*auth_context*/, 6499 const krb5_data */*inbuf*/, 6500 krb5_data */*outbuf*/, 6501 krb5_replay_data */*outdata*/); 6502 6503KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6504krb5_rd_rep ( 6505 krb5_context /*context*/, 6506 krb5_auth_context /*auth_context*/, 6507 const krb5_data */*inbuf*/, 6508 krb5_ap_rep_enc_part **/*repl*/); 6509 6510KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6511krb5_rd_req ( 6512 krb5_context /*context*/, 6513 krb5_auth_context */*auth_context*/, 6514 const krb5_data */*inbuf*/, 6515 krb5_const_principal /*server*/, 6516 krb5_keytab /*keytab*/, 6517 krb5_flags */*ap_req_options*/, 6518 krb5_ticket **/*ticket*/); 6519 6520/** 6521 * The core server function that verify application authentication 6522 * requests from clients. 6523 * 6524 * @param context Keberos 5 context. 6525 * @param auth_context the authentication context, can be NULL, then 6526 * default values for the authentication context will used. 6527 * @param inbuf the (AP-REQ) authentication buffer 6528 * 6529 * @param server the server with authenticate as, if NULL the function 6530 * will try to find any available credential in the keytab 6531 * that will verify the reply. The function will prefer the 6532 * server the server client specified in the AP-REQ, but if 6533 * there is no mach, it will try all keytab entries for a 6534 * match. This have serious performance issues for larger keytabs. 6535 * 6536 * @param inctx control the behavior of the function, if NULL, the 6537 * default behavior is used. 6538 * @param outctx the return outctx, free with krb5_rd_req_out_ctx_free(). 6539 * @return Kerberos 5 error code, see krb5_get_error_message(). 6540 * 6541 * @ingroup krb5_auth 6542 */ 6543KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6544krb5_rd_req_ctx ( 6545 krb5_context /*context*/, 6546 krb5_auth_context */*auth_context*/, 6547 const krb5_data */*inbuf*/, 6548 krb5_const_principal /*server*/, 6549 krb5_rd_req_in_ctx /*inctx*/, 6550 krb5_rd_req_out_ctx */*outctx*/); 6551 6552/** 6553 * Allocate a krb5_rd_req_in_ctx as an input parameter to 6554 * krb5_rd_req_ctx(). The caller should free the context with 6555 * krb5_rd_req_in_ctx_free() when done with the context. 6556 * 6557 * @param context Keberos 5 context. 6558 * @param ctx in ctx to krb5_rd_req_ctx(). 6559 * 6560 * @return Kerberos 5 error code, see krb5_get_error_message(). 6561 * 6562 * @ingroup krb5_auth 6563 */ 6564KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6565krb5_rd_req_in_ctx_alloc ( 6566 krb5_context /*context*/, 6567 krb5_rd_req_in_ctx */*ctx*/); 6568 6569KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6570krb5_rd_req_in_ctx_free ( 6571 krb5_context /*context*/, 6572 krb5_rd_req_in_ctx /*ctx*/); 6573 6574KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6575krb5_rd_req_in_set_keyblock ( 6576 krb5_context /*context*/, 6577 krb5_rd_req_in_ctx /*in*/, 6578 krb5_keyblock */*keyblock*/); 6579 6580/** 6581 * Set the keytab that krb5_rd_req_ctx() will use. 6582 * 6583 * @param context Keberos 5 context. 6584 * @param in in ctx to krb5_rd_req_ctx(). 6585 * @param keytab keytab that krb5_rd_req_ctx() will use, only copy the 6586 * pointer, so the caller must free they keytab after 6587 * krb5_rd_req_in_ctx_free() is called. 6588 * 6589 * @return Kerberos 5 error code, see krb5_get_error_message(). 6590 * 6591 * @ingroup krb5_auth 6592 */ 6593KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6594krb5_rd_req_in_set_keytab ( 6595 krb5_context /*context*/, 6596 krb5_rd_req_in_ctx /*in*/, 6597 krb5_keytab /*keytab*/); 6598 6599/** 6600 * Set if krb5_rq_red() is going to check the Windows PAC or not 6601 * 6602 * @param context Keberos 5 context. 6603 * @param in krb5_rd_req_in_ctx to check the option on. 6604 * @param flag flag to select if to check the pac (TRUE) or not (FALSE). 6605 * 6606 * @return Kerberos 5 error code, see krb5_get_error_message(). 6607 * 6608 * @ingroup krb5_auth 6609 */ 6610KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6611krb5_rd_req_in_set_pac_check ( 6612 krb5_context /*context*/, 6613 krb5_rd_req_in_ctx /*in*/, 6614 krb5_boolean /*flag*/); 6615 6616/** 6617 * Free the krb5_rd_req_out_ctx. 6618 * 6619 * @param context Keberos 5 context. 6620 * @param ctx krb5_rd_req_out_ctx context to free. 6621 * 6622 * @ingroup krb5_auth 6623 */ 6624KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6625krb5_rd_req_out_ctx_free ( 6626 krb5_context /*context*/, 6627 krb5_rd_req_out_ctx /*ctx*/); 6628 6629KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6630krb5_rd_req_out_get_ap_req_options ( 6631 krb5_context /*context*/, 6632 krb5_rd_req_out_ctx /*out*/, 6633 krb5_flags */*ap_req_options*/); 6634 6635int KRB5_LIB_FUNCTION 6636krb5_rd_req_out_get_flags ( 6637 krb5_context /*context*/, 6638 krb5_rd_req_out_ctx /*ctx*/); 6639 6640KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6641krb5_rd_req_out_get_keyblock ( 6642 krb5_context /*context*/, 6643 krb5_rd_req_out_ctx /*out*/, 6644 krb5_keyblock **/*keyblock*/); 6645 6646/** 6647 * Get the principal that was used in the request from the 6648 * client. Might not match whats in the ticket if krb5_rd_req_ctx() 6649 * searched in the keytab for a matching key. 6650 * 6651 * @param context a Kerberos 5 context. 6652 * @param out a krb5_rd_req_out_ctx from krb5_rd_req_ctx(). 6653 * @param principal return principal, free with krb5_free_principal(). 6654 * 6655 * @ingroup krb5_auth 6656 */ 6657KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6658krb5_rd_req_out_get_server ( 6659 krb5_context /*context*/, 6660 krb5_rd_req_out_ctx /*out*/, 6661 krb5_principal */*principal*/); 6662 6663KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6664krb5_rd_req_out_get_ticket ( 6665 krb5_context /*context*/, 6666 krb5_rd_req_out_ctx /*out*/, 6667 krb5_ticket **/*ticket*/); 6668 6669KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6670krb5_rd_req_with_keyblock ( 6671 krb5_context /*context*/, 6672 krb5_auth_context */*auth_context*/, 6673 const krb5_data */*inbuf*/, 6674 krb5_const_principal /*server*/, 6675 krb5_keyblock */*keyblock*/, 6676 krb5_flags */*ap_req_options*/, 6677 krb5_ticket **/*ticket*/); 6678 6679KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6680krb5_rd_safe ( 6681 krb5_context /*context*/, 6682 krb5_auth_context /*auth_context*/, 6683 const krb5_data */*inbuf*/, 6684 krb5_data */*outbuf*/, 6685 krb5_replay_data */*outdata*/); 6686 6687KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6688krb5_read_message ( 6689 krb5_context /*context*/, 6690 krb5_pointer /*p_fd*/, 6691 krb5_data */*data*/); 6692 6693KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6694krb5_read_priv_message ( 6695 krb5_context /*context*/, 6696 krb5_auth_context /*ac*/, 6697 krb5_pointer /*p_fd*/, 6698 krb5_data */*data*/); 6699 6700KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6701krb5_read_safe_message ( 6702 krb5_context /*context*/, 6703 krb5_auth_context /*ac*/, 6704 krb5_pointer /*p_fd*/, 6705 krb5_data */*data*/); 6706 6707/** 6708 * return TRUE iff realm(princ1) == realm(princ2) 6709 * 6710 * @param context Kerberos 5 context 6711 * @param princ1 first principal to compare 6712 * @param princ2 second principal to compare 6713 * 6714 * @ingroup krb5_principal 6715 * @see krb5_principal_compare_any_realm() 6716 * @see krb5_principal_compare() 6717 */ 6718KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6719krb5_realm_compare ( 6720 krb5_context /*context*/, 6721 krb5_const_principal /*princ1*/, 6722 krb5_const_principal /*princ2*/); 6723 6724/** 6725 * Returns true if name is Kerberos an LKDC realm 6726 * 6727 * @ingroup krb5_principal 6728 */ 6729krb5_boolean KRB5_LIB_FUNCTION 6730krb5_realm_is_lkdc (const char */*realm*/); 6731 6732KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6733krb5_recvauth ( 6734 krb5_context /*context*/, 6735 krb5_auth_context */*auth_context*/, 6736 krb5_pointer /*p_fd*/, 6737 const char */*appl_version*/, 6738 krb5_principal /*server*/, 6739 int32_t /*flags*/, 6740 krb5_keytab /*keytab*/, 6741 krb5_ticket **/*ticket*/); 6742 6743KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6744krb5_recvauth_match_version ( 6745 krb5_context /*context*/, 6746 krb5_auth_context */*auth_context*/, 6747 krb5_pointer /*p_fd*/, 6748 krb5_boolean (*/*match_appl_version*/)(const void *, const char*), 6749 const void */*match_data*/, 6750 krb5_principal /*server*/, 6751 int32_t /*flags*/, 6752 krb5_keytab /*keytab*/, 6753 krb5_ticket **/*ticket*/); 6754 6755/** 6756 * Reload the configuration files that was used last time, used when 6757 * they might have changed. Will only reload if know for sure that the 6758 * files need to be reloaded. 6759 * 6760 * @param context the krb5 context to reload 6761 * @param flags flag field, pass 0 for now 6762 * @param reread the configuration file was re-read, 6763 * NULL is valid if the caller doesn't want to 6764 * know if it was re-read or not. 6765 * 6766 * @return Returns 0 to indicate success. Otherwise an kerberos et 6767 * error code is returned, see krb5_get_error_message(). 6768 * 6769 * @ingroup krb5 6770 */ 6771krb5_error_code 6772krb5_reload_config ( 6773 krb5_context /*context*/, 6774 unsigned /*flags*/, 6775 krb5_boolean */*reread*/); 6776 6777/** 6778 * Read a address block from the storage. 6779 * 6780 * @param sp the storage buffer to write to 6781 * @param adr the address block read from storage 6782 * 6783 * @return 0 on success, a Kerberos 5 error code on failure. 6784 * 6785 * @ingroup krb5_storage 6786 */ 6787KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6788krb5_ret_address ( 6789 krb5_storage */*sp*/, 6790 krb5_address */*adr*/); 6791 6792/** 6793 * Read a addresses block from the storage. 6794 * 6795 * @param sp the storage buffer to write to 6796 * @param adr the addresses block read from storage 6797 * 6798 * @return 0 on success, a Kerberos 5 error code on failure. 6799 * 6800 * @ingroup krb5_storage 6801 */ 6802KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6803krb5_ret_addrs ( 6804 krb5_storage */*sp*/, 6805 krb5_addresses */*adr*/); 6806 6807/** 6808 * Read a auth data from the storage. 6809 * 6810 * @param sp the storage buffer to write to 6811 * @param auth the auth data block read from storage 6812 * 6813 * @return 0 on success, a Kerberos 5 error code on failure. 6814 * 6815 * @ingroup krb5_storage 6816 */ 6817KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6818krb5_ret_authdata ( 6819 krb5_storage */*sp*/, 6820 krb5_authdata */*auth*/); 6821 6822/** 6823 * Read a credentials block from the storage. 6824 * 6825 * @param sp the storage buffer to write to 6826 * @param creds the credentials block read from storage 6827 * 6828 * @return 0 on success, a Kerberos 5 error code on failure. 6829 * 6830 * @ingroup krb5_storage 6831 */ 6832KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6833krb5_ret_creds ( 6834 krb5_storage */*sp*/, 6835 krb5_creds */*creds*/); 6836 6837/** 6838 * Read a tagged credentials block from the storage. 6839 * 6840 * @param sp the storage buffer to write to 6841 * @param creds the credentials block read from storage 6842 * 6843 * @return 0 on success, a Kerberos 5 error code on failure. 6844 * 6845 * @ingroup krb5_storage 6846 */ 6847KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6848krb5_ret_creds_tag ( 6849 krb5_storage */*sp*/, 6850 krb5_creds */*creds*/); 6851 6852/** 6853 * Parse a data from the storage. 6854 * 6855 * @param sp the storage buffer to read from 6856 * @param data the parsed data 6857 * 6858 * @return 0 on success, a Kerberos 5 error code on failure. 6859 * 6860 * @ingroup krb5_storage 6861 */ 6862KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6863krb5_ret_data ( 6864 krb5_storage */*sp*/, 6865 krb5_data */*data*/); 6866 6867/** 6868 * Read a int16 from storage, byte order is controlled by the settings 6869 * on the storage, see krb5_storage_set_byteorder(). 6870 * 6871 * @param sp the storage to write too 6872 * @param value the value read from the buffer 6873 * 6874 * @return 0 for success, or a Kerberos 5 error code on failure. 6875 * 6876 * @ingroup krb5_storage 6877 */ 6878KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6879krb5_ret_int16 ( 6880 krb5_storage */*sp*/, 6881 int16_t */*value*/); 6882 6883/** 6884 * Read a int32 from storage, byte order is controlled by the settings 6885 * on the storage, see krb5_storage_set_byteorder(). 6886 * 6887 * @param sp the storage to write too 6888 * @param value the value read from the buffer 6889 * 6890 * @return 0 for success, or a Kerberos 5 error code on failure. 6891 * 6892 * @ingroup krb5_storage 6893 */ 6894KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6895krb5_ret_int32 ( 6896 krb5_storage */*sp*/, 6897 int32_t */*value*/); 6898 6899/** 6900 * Read a int8 from storage 6901 * 6902 * @param sp the storage to write too 6903 * @param value the value read from the buffer 6904 * 6905 * @return 0 for success, or a Kerberos 5 error code on failure. 6906 * 6907 * @ingroup krb5_storage 6908 */ 6909KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6910krb5_ret_int8 ( 6911 krb5_storage */*sp*/, 6912 int8_t */*value*/); 6913 6914/** 6915 * Read a keyblock from the storage. 6916 * 6917 * @param sp the storage buffer to write to 6918 * @param p the keyblock read from storage, free using krb5_free_keyblock() 6919 * 6920 * @return 0 on success, a Kerberos 5 error code on failure. 6921 * 6922 * @ingroup krb5_storage 6923 */ 6924KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6925krb5_ret_keyblock ( 6926 krb5_storage */*sp*/, 6927 krb5_keyblock */*p*/); 6928 6929/** 6930 * Parse principal from the storage. 6931 * 6932 * @param sp the storage buffer to read from 6933 * @param princ the parsed principal 6934 * 6935 * @return 0 on success, a Kerberos 5 error code on failure. 6936 * 6937 * @ingroup krb5_storage 6938 */ 6939KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6940krb5_ret_principal ( 6941 krb5_storage */*sp*/, 6942 krb5_principal */*princ*/); 6943 6944/** 6945 * Parse a string from the storage. 6946 * 6947 * @param sp the storage buffer to read from 6948 * @param string the parsed string 6949 * 6950 * @return 0 on success, a Kerberos 5 error code on failure. 6951 * 6952 * @ingroup krb5_storage 6953 */ 6954KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6955krb5_ret_string ( 6956 krb5_storage */*sp*/, 6957 char **/*string*/); 6958 6959KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6960krb5_ret_stringnl ( 6961 krb5_storage */*sp*/, 6962 char **/*string*/); 6963 6964/** 6965 * Parse zero terminated string from the storage. 6966 * 6967 * @param sp the storage buffer to read from 6968 * @param string the parsed string 6969 * 6970 * @return 0 on success, a Kerberos 5 error code on failure. 6971 * 6972 * @ingroup krb5_storage 6973 */ 6974KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6975krb5_ret_stringz ( 6976 krb5_storage */*sp*/, 6977 char **/*string*/); 6978 6979/** 6980 * Read a times block from the storage. 6981 * 6982 * @param sp the storage buffer to write to 6983 * @param times the times block read from storage 6984 * 6985 * @return 0 on success, a Kerberos 5 error code on failure. 6986 * 6987 * @ingroup krb5_storage 6988 */ 6989KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6990krb5_ret_times ( 6991 krb5_storage */*sp*/, 6992 krb5_times */*times*/); 6993 6994/** 6995 * Read a int16 from storage, byte order is controlled by the settings 6996 * on the storage, see krb5_storage_set_byteorder(). 6997 * 6998 * @param sp the storage to write too 6999 * @param value the value read from the buffer 7000 * 7001 * @return 0 for success, or a Kerberos 5 error code on failure. 7002 * 7003 * @ingroup krb5_storage 7004 */ 7005KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7006krb5_ret_uint16 ( 7007 krb5_storage */*sp*/, 7008 uint16_t */*value*/); 7009 7010/** 7011 * Read a uint32 from storage, byte order is controlled by the settings 7012 * on the storage, see krb5_storage_set_byteorder(). 7013 * 7014 * @param sp the storage to write too 7015 * @param value the value read from the buffer 7016 * 7017 * @return 0 for success, or a Kerberos 5 error code on failure. 7018 * 7019 * @ingroup krb5_storage 7020 */ 7021KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7022krb5_ret_uint32 ( 7023 krb5_storage */*sp*/, 7024 uint32_t */*value*/); 7025 7026/** 7027 * Read a uint8 from storage 7028 * 7029 * @param sp the storage to write too 7030 * @param value the value read from the buffer 7031 * 7032 * @return 0 for success, or a Kerberos 5 error code on failure. 7033 * 7034 * @ingroup krb5_storage 7035 */ 7036KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7037krb5_ret_uint8 ( 7038 krb5_storage */*sp*/, 7039 uint8_t */*value*/); 7040 7041krb5_error_code 7042krb5_ret_uuid ( 7043 krb5_storage */*sp*/, 7044 krb5_uuid /*uuid*/); 7045 7046KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7047krb5_salttype_to_string ( 7048 krb5_context /*context*/, 7049 krb5_enctype /*etype*/, 7050 krb5_salttype /*stype*/, 7051 char **/*string*/); 7052 7053KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7054krb5_sendauth ( 7055 krb5_context /*context*/, 7056 krb5_auth_context */*auth_context*/, 7057 krb5_pointer /*p_fd*/, 7058 const char */*appl_version*/, 7059 krb5_principal /*client*/, 7060 krb5_principal /*server*/, 7061 krb5_flags /*ap_req_options*/, 7062 krb5_data */*in_data*/, 7063 krb5_creds */*in_creds*/, 7064 krb5_ccache /*ccache*/, 7065 krb5_error **/*ret_error*/, 7066 krb5_ap_rep_enc_part **/*rep_result*/, 7067 krb5_creds **/*out_creds*/); 7068 7069KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7070krb5_sendto ( 7071 krb5_context /*context*/, 7072 const krb5_data */*send_data*/, 7073 krb5_krbhst_handle /*handle*/, 7074 krb5_data */*receive*/); 7075 7076KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7077krb5_sendto_context ( 7078 krb5_context /*context*/, 7079 krb5_sendto_ctx /*ctx*/, 7080 const krb5_data */*send_data*/, 7081 krb5_const_realm /*realm*/, 7082 krb5_data */*receive*/); 7083 7084KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7085krb5_sendto_ctx_add_flags ( 7086 krb5_sendto_ctx /*ctx*/, 7087 int /*flags*/); 7088 7089/** 7090 * @section send_to_kdc Locating and sending packets to the KDC 7091 * 7092 * The send to kdc code is responsible to request the list of KDC from 7093 * the locate-kdc subsystem and then send requests to each of them. 7094 * 7095 * - Each second a new hostname is tried. 7096 * - If the hostname have several addresses, the first will be tried 7097 * directly then in turn the other will be tried every 3 seconds 7098 * (host_timeout). 7099 * - UDP requests are tried 3 times, and it tried with a individual timeout of kdc_timeout / 3. 7100 * - TCP and HTTP requests are tried 1 time. 7101 * 7102 * Total wait time shorter then (number of addresses * 3) + kdc_timeout seconds. 7103 * 7104 */ 7105KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7106krb5_sendto_ctx_alloc ( 7107 krb5_context /*context*/, 7108 krb5_sendto_ctx */*ctx*/); 7109 7110KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7111krb5_sendto_ctx_free ( 7112 krb5_context /*context*/, 7113 krb5_sendto_ctx /*ctx*/); 7114 7115KRB5_LIB_FUNCTION int KRB5_LIB_CALL 7116krb5_sendto_ctx_get_flags (krb5_sendto_ctx /*ctx*/); 7117 7118KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7119krb5_sendto_ctx_set_func ( 7120 krb5_sendto_ctx /*ctx*/, 7121 krb5_sendto_ctx_func /*func*/, 7122 void */*data*/); 7123 7124KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7125krb5_sendto_ctx_set_type ( 7126 krb5_sendto_ctx /*ctx*/, 7127 int /*type*/); 7128 7129KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7130krb5_sendto_kdc ( 7131 krb5_context /*context*/, 7132 const krb5_data */*send_data*/, 7133 const krb5_realm */*realm*/, 7134 krb5_data */*receive*/); 7135 7136KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7137krb5_sendto_kdc_flags ( 7138 krb5_context /*context*/, 7139 const krb5_data */*send_data*/, 7140 const krb5_realm */*realm*/, 7141 krb5_data */*receive*/, 7142 int /*flags*/); 7143 7144KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7145krb5_sendto_set_hostname ( 7146 krb5_context /*context*/, 7147 krb5_sendto_ctx /*ctx*/, 7148 const char */*hostname*/); 7149 7150/** 7151 * Reinit the context from a new set of filenames. 7152 * 7153 * @param context context to add configuration too. 7154 * @param filenames array of filenames, end of list is indicated with a NULL filename. 7155 * 7156 * @return Returns 0 to indicate success. Otherwise an kerberos et 7157 * error code is returned, see krb5_get_error_message(). 7158 * 7159 * @ingroup krb5 7160 */ 7161KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7162krb5_set_config_files ( 7163 krb5_context /*context*/, 7164 char **/*filenames*/); 7165 7166/** 7167 * Set the default debug logging facility. 7168 * 7169 * @param context A Kerberos 5 context 7170 * @param fac Facility to use for logging. 7171 * 7172 * @ingroup krb5_error 7173 */ 7174KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7175krb5_set_debug_dest ( 7176 krb5_context /*context*/, 7177 krb5_log_facility */*fac*/); 7178 7179/** 7180 * Set the default encryption types that will be use in communcation 7181 * with the KDC, clients and servers. 7182 * 7183 * If any of the enctypes selected are not valid, they are removed out 7184 * from the list. If the list becomes empty because non of the 7185 * proposed enctypes are supported, KRB5_PROG_ETYPE_NOSUPP is 7186 * returned. 7187 * 7188 * @param context Kerberos 5 context. 7189 * @param etypes Encryption types, array terminated with ETYPE_NULL (0). 7190 * 7191 * @return Returns 0 to indicate success. Otherwise an kerberos et 7192 * error code is returned, see krb5_get_error_message(). 7193 * 7194 * @ingroup krb5 7195 */ 7196KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7197krb5_set_default_in_tkt_etypes ( 7198 krb5_context /*context*/, 7199 const krb5_enctype */*etypes*/); 7200 7201/** 7202 * Set the knowledge of the default realm(s) in context. 7203 * If realm is not NULL, that's the new default realm. 7204 * Otherwise, the realm(s) are figured out from plugin, configuration file or DNS. 7205 * 7206 * @param context Kerberos 5 context. 7207 * @param realm the new default realm or NULL for using configuration. 7208 7209 * @return Returns 0 to indicate success. Otherwise an kerberos et 7210 * error code is returned, see krb5_get_error_message(). 7211 * 7212 * @ingroup krb5 7213 */ 7214KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7215krb5_set_default_realm ( 7216 krb5_context /*context*/, 7217 const char */*realm*/); 7218 7219/** 7220 * Set if the library should use DNS to canonicalize hostnames. 7221 * 7222 * @param context Kerberos 5 context. 7223 * @param flag if its dns canonicalizion is used or not. 7224 * 7225 * @ingroup krb5 7226 */ 7227KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7228krb5_set_dns_canonicalize_hostname ( 7229 krb5_context /*context*/, 7230 krb5_boolean /*flag*/); 7231 7232/** 7233 * Set the context full error string for a specific error code. 7234 * The error that is stored should be internationalized. 7235 * 7236 * The if context is NULL, no error string is stored. 7237 * 7238 * @param context Kerberos 5 context 7239 * @param ret The error code 7240 * @param fmt Error string for the error code 7241 * @param ... printf(3) style parameters. 7242 * 7243 * @ingroup krb5_error 7244 */ 7245KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7246krb5_set_error_message ( 7247 krb5_context /*context*/, 7248 krb5_error_code /*ret*/, 7249 const char */*fmt*/, 7250 ...) 7251 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)); 7252 7253/** 7254 * Set the error message returned by krb5_get_error_string(). 7255 * 7256 * Deprecated: use krb5_get_error_message() 7257 * 7258 * @param context Kerberos context 7259 * @param fmt error message to free 7260 * 7261 * @return Return an error code or 0. 7262 * 7263 * @ingroup krb5_deprecated 7264 */ 7265KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7266krb5_set_error_string ( 7267 krb5_context /*context*/, 7268 const char */*fmt*/, 7269 ...) 7270 KRB5_DEPRECATED_FUNCTION("Use X instead") HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)); 7271 7272/** 7273 * Set extra address to the address list that the library will add to 7274 * the client's address list when communicating with the KDC. 7275 * 7276 * @param context Kerberos 5 context. 7277 * @param addresses addreses to set 7278 * 7279 * @return Returns 0 to indicate success. Otherwise an kerberos et 7280 * error code is returned, see krb5_get_error_message(). 7281 * 7282 * @ingroup krb5 7283 */ 7284KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7285krb5_set_extra_addresses ( 7286 krb5_context /*context*/, 7287 const krb5_addresses */*addresses*/); 7288 7289/** 7290 * Set version of fcache that the library should use. 7291 * 7292 * @param context Kerberos 5 context. 7293 * @param version version number. 7294 * 7295 * @return Returns 0 to indicate success. Otherwise an kerberos et 7296 * error code is returned, see krb5_get_error_message(). 7297 * 7298 * @ingroup krb5 7299 */ 7300KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7301krb5_set_fcache_version ( 7302 krb5_context /*context*/, 7303 int /*version*/); 7304 7305/** 7306 * Enable and disable home directory access on either the global state 7307 * or the krb5_context state. By calling krb5_set_home_dir_access() 7308 * with context set to NULL, the global state is configured otherwise 7309 * the state for the krb5_context is modified. 7310 * 7311 * For home directory access to be allowed, both the global state and 7312 * the krb5_context state have to be allowed. 7313 * 7314 * Administrator (root user), never uses the home directory. 7315 * 7316 * @param context a Kerberos 5 context or NULL 7317 * @param allow allow if TRUE home directory 7318 * @return the old value 7319 * 7320 * @ingroup krb5 7321 */ 7322KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7323krb5_set_home_dir_access ( 7324 krb5_context /*context*/, 7325 krb5_boolean /*allow*/); 7326 7327/** 7328 * Set extra addresses to ignore when fetching addresses from the 7329 * underlaying operating system. 7330 * 7331 * @param context Kerberos 5 context. 7332 * @param addresses addreses to ignore 7333 * 7334 * @return Returns 0 to indicate success. Otherwise an kerberos et 7335 * error code is returned, see krb5_get_error_message(). 7336 * 7337 * @ingroup krb5 7338 */ 7339KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7340krb5_set_ignore_addresses ( 7341 krb5_context /*context*/, 7342 const krb5_addresses */*addresses*/); 7343 7344/** 7345 * Set current offset in time to the KDC. 7346 * 7347 * @param context Kerberos 5 context. 7348 * @param sec seconds part of offset. 7349 * @param usec micro seconds part of offset. 7350 * 7351 * @return returns zero 7352 * 7353 * @ingroup krb5 7354 */ 7355KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7356krb5_set_kdc_sec_offset ( 7357 krb5_context /*context*/, 7358 int32_t /*sec*/, 7359 int32_t /*usec*/); 7360 7361/** 7362 * Set max time skew allowed. 7363 * 7364 * @param context Kerberos 5 context. 7365 * @param t timeskew in seconds. 7366 * 7367 * @ingroup krb5 7368 */ 7369KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7370krb5_set_max_time_skew ( 7371 krb5_context /*context*/, 7372 time_t /*t*/); 7373 7374/** 7375 * Change password using creds. 7376 * 7377 * @param context a Keberos context 7378 * @param creds The initial kadmin/passwd for the principal or an admin principal 7379 * @param newpw The new password to set 7380 * @param targprinc For most callers should pass NULL in this 7381 * argument. Targprinc is the principal to change the password 7382 * for. This argument should only be set when you want to 7383 * change another Kerberos principal's password, ie you are an 7384 * admin. If NULL, the default authenticating principal in the 7385 * creds argument is used instead. 7386 * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. 7387 * @param result_code_string binary message from the server, contains 7388 * at least the result_code. 7389 * @param result_string A message from the kpasswd service or the 7390 * library in human printable form. The string is NUL terminated. 7391 * 7392 * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. 7393 7394 * @ingroup @krb5 7395 */ 7396KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7397krb5_set_password ( 7398 krb5_context /*context*/, 7399 krb5_creds */*creds*/, 7400 const char */*newpw*/, 7401 krb5_principal /*targprinc*/, 7402 int */*result_code*/, 7403 krb5_data */*result_code_string*/, 7404 krb5_data */*result_string*/); 7405 7406/** 7407 * Change password using a credential cache that contains an initial 7408 * credential or an admin credential. 7409 * 7410 * @param context a Keberos context 7411 * @param ccache the credential cache to use to find the 7412 * kadmin/changepw principal. 7413 * @param newpw The new password to set 7414 * @param targprinc For most callers should pass NULL in this 7415 * argument. Targprinc is the principal to change the password 7416 * for. This argument should only be set when you want to 7417 * change another Kerberos principal's password, ie you are an 7418 * admin. If NULL, the default authenticating principal in the 7419 * creds argument is used instead. 7420 * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. 7421 * @param result_code_string binary message from the server, contains 7422 * at least the result_code. 7423 * @param result_string A message from the kpasswd service or the 7424 * library in human printable form. The string is NUL terminated. 7425 * 7426 * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. 7427 * 7428 */ 7429KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7430krb5_set_password_using_ccache ( 7431 krb5_context /*context*/, 7432 krb5_ccache /*ccache*/, 7433 const char */*newpw*/, 7434 krb5_principal /*targprinc*/, 7435 int */*result_code*/, 7436 krb5_data */*result_code_string*/, 7437 krb5_data */*result_string*/); 7438 7439/** 7440 * Set the absolute time that the caller knows the kdc has so the 7441 * kerberos library can calculate the relative diffrence beteen the 7442 * KDC time and local system time. 7443 * 7444 * @param context Keberos 5 context. 7445 * @param sec The applications new of "now" in seconds 7446 * @param usec The applications new of "now" in micro seconds 7447 7448 * @return Kerberos 5 error code, see krb5_get_error_message(). 7449 * 7450 * @ingroup krb5 7451 */ 7452KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7453krb5_set_real_time ( 7454 krb5_context /*context*/, 7455 krb5_timestamp /*sec*/, 7456 int32_t /*usec*/); 7457 7458KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7459krb5_set_send_to_kdc_func ( 7460 krb5_context /*context*/, 7461 krb5_send_to_kdc_func /*func*/, 7462 void */*data*/); 7463 7464/** 7465 * Make the kerberos library default to the admin KDC. 7466 * 7467 * @param context Kerberos 5 context. 7468 * @param flag boolean flag to select if the use the admin KDC or not. 7469 * 7470 * @ingroup krb5 7471 */ 7472KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7473krb5_set_use_admin_kdc ( 7474 krb5_context /*context*/, 7475 krb5_boolean /*flag*/); 7476 7477/** 7478 * Set the default logging facility. 7479 * 7480 * @param context A Kerberos 5 context 7481 * @param fac Facility to use for logging. 7482 * 7483 * @ingroup krb5_error 7484 */ 7485KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7486krb5_set_warn_dest ( 7487 krb5_context /*context*/, 7488 krb5_log_facility */*fac*/); 7489 7490/** 7491 * Create a principal for the service running on hostname. If 7492 * KRB5_NT_SRV_HST is used, the hostname is canonization using DNS (or 7493 * some other service), this is potentially insecure. 7494 * 7495 * @param context A Kerberos context. 7496 * @param hostname hostname to use 7497 * @param sname Service name to use 7498 * @param type name type of pricipal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN. 7499 * @param ret_princ return principal, free with krb5_free_principal(). 7500 * 7501 * @return An krb5 error code, see krb5_get_error_message(). 7502 * 7503 * @ingroup krb5_principal 7504 */ 7505KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7506krb5_sname_to_principal ( 7507 krb5_context /*context*/, 7508 const char */*hostname*/, 7509 const char */*sname*/, 7510 int32_t /*type*/, 7511 krb5_principal */*ret_princ*/); 7512 7513KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7514krb5_sock_to_principal ( 7515 krb5_context /*context*/, 7516 int /*sock*/, 7517 const char */*sname*/, 7518 int32_t /*type*/, 7519 krb5_principal */*ret_princ*/); 7520 7521/** 7522 * krb5_sockaddr2address stores a address a "struct sockaddr" sa in 7523 * the krb5_address addr. 7524 * 7525 * @param context a Keberos context 7526 * @param sa a struct sockaddr to extract the address from 7527 * @param addr an Kerberos 5 address to store the address in. 7528 * 7529 * @return Return an error code or 0. 7530 * 7531 * @ingroup krb5_address 7532 */ 7533KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7534krb5_sockaddr2address ( 7535 krb5_context /*context*/, 7536 const struct sockaddr */*sa*/, 7537 krb5_address */*addr*/); 7538 7539/** 7540 * krb5_sockaddr2port extracts a port (if possible) from a "struct 7541 * sockaddr. 7542 * 7543 * @param context a Keberos context 7544 * @param sa a struct sockaddr to extract the port from 7545 * @param port a pointer to an int16_t store the port in. 7546 * 7547 * @return Return an error code or 0. Will return 7548 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 7549 * 7550 * @ingroup krb5_address 7551 */ 7552KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7553krb5_sockaddr2port ( 7554 krb5_context /*context*/, 7555 const struct sockaddr */*sa*/, 7556 int16_t */*port*/); 7557 7558KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7559krb5_sockaddr_is_loopback (const struct sockaddr */*sa*/); 7560 7561/** 7562 * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the 7563 * kerberos library thinks are uninteresting. One example are link 7564 * local addresses. 7565 * 7566 * @param sa pointer to struct sockaddr that might be interesting. 7567 * 7568 * @return Return a non zero for uninteresting addresses. 7569 * 7570 * @ingroup krb5_address 7571 */ 7572KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7573krb5_sockaddr_uninteresting (const struct sockaddr */*sa*/); 7574 7575KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7576krb5_std_usage ( 7577 int /*code*/, 7578 struct getargs */*args*/, 7579 int /*num_args*/); 7580 7581/** 7582 * Clear the flags on a storage buffer 7583 * 7584 * @param sp the storage buffer to clear the flags on 7585 * @param flags the flags to clear 7586 * 7587 * @ingroup krb5_storage 7588 */ 7589KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7590krb5_storage_clear_flags ( 7591 krb5_storage */*sp*/, 7592 krb5_flags /*flags*/); 7593 7594/** 7595 * Create a elastic (allocating) memory storage backend. Memory is 7596 * allocated on demand. Free returned krb5_storage with 7597 * krb5_storage_free(). 7598 * 7599 * @return A krb5_storage on success, or NULL on out of memory error. 7600 * 7601 * @ingroup krb5_storage 7602 * 7603 * @sa krb5_storage_from_mem() 7604 * @sa krb5_storage_from_readonly_mem() 7605 * @sa krb5_storage_from_fd() 7606 * @sa krb5_storage_from_data() 7607 */ 7608KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7609krb5_storage_emem (void); 7610 7611/** 7612 * Free a krb5 storage. 7613 * 7614 * @param sp the storage to free. 7615 * 7616 * @return An Kerberos 5 error code. 7617 * 7618 * @ingroup krb5_storage 7619 */ 7620KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7621krb5_storage_free (krb5_storage */*sp*/); 7622 7623/** 7624 * Create a fixed size memory storage block 7625 * 7626 * @return A krb5_storage on success, or NULL on out of memory error. 7627 * 7628 * @ingroup krb5_storage 7629 * 7630 * @sa krb5_storage_mem() 7631 * @sa krb5_storage_from_mem() 7632 * @sa krb5_storage_from_readonly_mem() 7633 * @sa krb5_storage_from_fd() 7634 * @sa krb5_storage_from_mem_copy() 7635 */ 7636KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7637krb5_storage_from_data (krb5_data */*data*/); 7638 7639/** 7640 * 7641 * 7642 * @return A krb5_storage on success, or NULL on out of memory error. 7643 * 7644 * @ingroup krb5_storage 7645 * 7646 * @sa krb5_storage_emem() 7647 * @sa krb5_storage_from_mem() 7648 * @sa krb5_storage_from_readonly_mem() 7649 * @sa krb5_storage_from_data() 7650 */ 7651KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7652krb5_storage_from_fd (krb5_socket_t /*fd_in*/); 7653 7654/** 7655 * Create a fixed size memory storage block 7656 * 7657 * @return A krb5_storage on success, or NULL on out of memory error. 7658 * 7659 * @ingroup krb5_storage 7660 * 7661 * @sa krb5_storage_emem() 7662 * @sa krb5_storage_from_readonly_mem() 7663 * @sa krb5_storage_from_data() 7664 * @sa krb5_storage_from_fd() 7665 * @sa krb5_storage_from_mem_copy() 7666 */ 7667KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7668krb5_storage_from_mem ( 7669 void */*buf*/, 7670 size_t /*len*/); 7671 7672/** 7673 * Create a copy of a memory and assign it to a storage block 7674 * 7675 * The input data buffer is copied and the orignal buffer can be freed 7676 * during the life the storage. 7677 * 7678 * @return A krb5_storage on success, or NULL on out of memory error. 7679 * 7680 * @ingroup krb5_storage 7681 * 7682 * @sa krb5_storage_emem() 7683 * @sa krb5_storage_from_mem() 7684 * @sa krb5_storage_from_data() 7685 * @sa krb5_storage_from_fd() 7686 */ 7687krb5_storage * KRB5_LIB_FUNCTION 7688krb5_storage_from_mem_copy ( 7689 void */*buf*/, 7690 size_t /*len*/); 7691 7692/** 7693 * Create a fixed size memory storage block that is read only 7694 * 7695 * @return A krb5_storage on success, or NULL on out of memory error. 7696 * 7697 * @ingroup krb5_storage 7698 * 7699 * @sa krb5_storage_emem() 7700 * @sa krb5_storage_from_mem() 7701 * @sa krb5_storage_from_data() 7702 * @sa krb5_storage_from_fd() 7703 * @sa krb5_storage_from_mem_copy() 7704 */ 7705KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7706krb5_storage_from_readonly_mem ( 7707 const void */*buf*/, 7708 size_t /*len*/); 7709 7710/** 7711 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants. 7712 * 7713 * @ingroup krb5_storage 7714 */ 7715KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL 7716krb5_storage_get_byteorder (krb5_storage */*sp*/); 7717 7718/** 7719 * Get the return code that will be used when end of storage is reached. 7720 * 7721 * @param sp the storage 7722 * 7723 * @return storage error code 7724 * 7725 * @ingroup krb5_storage 7726 */ 7727KRB5_LIB_FUNCTION int KRB5_LIB_CALL 7728krb5_storage_get_eof_code (krb5_storage */*sp*/); 7729 7730/** 7731 * Return true or false depending on if the storage flags is set or 7732 * not. NB testing for the flag 0 always return true. 7733 * 7734 * @param sp the storage buffer to check flags on 7735 * @param flags The flags to test for 7736 * 7737 * @return true if all the flags are set, false if not. 7738 * 7739 * @ingroup krb5_storage 7740 */ 7741KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7742krb5_storage_is_flags ( 7743 krb5_storage */*sp*/, 7744 krb5_flags /*flags*/); 7745 7746/** 7747 * Read to the storage buffer. 7748 * 7749 * @param sp the storage buffer to read from 7750 * @param buf the buffer to store the data in 7751 * @param len the length to read 7752 * 7753 * @return The length of data read (can be shorter then len), or negative on error. 7754 * 7755 * @ingroup krb5_storage 7756 */ 7757KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 7758krb5_storage_read ( 7759 krb5_storage */*sp*/, 7760 void */*buf*/, 7761 size_t /*len*/); 7762 7763/** 7764 * Seek to a new offset. 7765 * 7766 * @param sp the storage buffer to seek in. 7767 * @param offset the offset to seek 7768 * @param whence relateive searching, SEEK_CUR from the current 7769 * position, SEEK_END from the end, SEEK_SET absolute from the start. 7770 * 7771 * @return The new current offset 7772 * 7773 * @ingroup krb5_storage 7774 */ 7775KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL 7776krb5_storage_seek ( 7777 krb5_storage */*sp*/, 7778 off_t /*offset*/, 7779 int /*whence*/); 7780 7781/** 7782 * Set the new byte order of the storage buffer. 7783 * 7784 * @param sp the storage buffer to set the byte order for. 7785 * @param byteorder the new byte order. 7786 * 7787 * The byte order are: KRB5_STORAGE_BYTEORDER_BE, 7788 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. 7789 * 7790 * @ingroup krb5_storage 7791 */ 7792KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7793krb5_storage_set_byteorder ( 7794 krb5_storage */*sp*/, 7795 krb5_flags /*byteorder*/); 7796 7797/** 7798 * Set the return code that will be used when end of storage is reached. 7799 * 7800 * @param sp the storage 7801 * @param code the error code to return on end of storage 7802 * 7803 * @ingroup krb5_storage 7804 */ 7805KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7806krb5_storage_set_eof_code ( 7807 krb5_storage */*sp*/, 7808 int /*code*/); 7809 7810/** 7811 * Add the flags on a storage buffer by or-ing in the flags to the buffer. 7812 * 7813 * @param sp the storage buffer to set the flags on 7814 * @param flags the flags to set 7815 * 7816 * @ingroup krb5_storage 7817 */ 7818KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7819krb5_storage_set_flags ( 7820 krb5_storage */*sp*/, 7821 krb5_flags /*flags*/); 7822 7823/** 7824 * Set the max alloc value 7825 * 7826 * @param sp the storage buffer set the max allow for 7827 * @param size maximum size to allocate, use 0 to remove limit 7828 * 7829 * @ingroup krb5_storage 7830 */ 7831KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7832krb5_storage_set_max_alloc ( 7833 krb5_storage */*sp*/, 7834 size_t /*size*/); 7835 7836/** 7837 * Copy the contnent of storage 7838 * 7839 * @param sp the storage to copy to a data 7840 * @param data the copied data, free with krb5_data_free() 7841 * 7842 * @return 0 for success, or a Kerberos 5 error code on failure. 7843 * 7844 * @ingroup krb5_storage 7845 */ 7846KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7847krb5_storage_to_data ( 7848 krb5_storage */*sp*/, 7849 krb5_data */*data*/); 7850 7851/** 7852 * Truncate the storage buffer in sp to offset. 7853 * 7854 * @param sp the storage buffer to truncate. 7855 * @param offset the offset to truncate too. 7856 * 7857 * @return An Kerberos 5 error code. 7858 * 7859 * @ingroup krb5_storage 7860 */ 7861KRB5_LIB_FUNCTION int KRB5_LIB_CALL 7862krb5_storage_truncate ( 7863 krb5_storage */*sp*/, 7864 off_t /*offset*/); 7865 7866/** 7867 * Write to the storage buffer. 7868 * 7869 * @param sp the storage buffer to write to 7870 * @param buf the buffer to write to the storage buffer 7871 * @param len the length to write 7872 * 7873 * @return The length of data written (can be shorter then len), or negative on error. 7874 * 7875 * @ingroup krb5_storage 7876 */ 7877KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 7878krb5_storage_write ( 7879 krb5_storage */*sp*/, 7880 const void */*buf*/, 7881 size_t /*len*/); 7882 7883/** 7884 * Write a address block to storage. 7885 * 7886 * @param sp the storage buffer to write to 7887 * @param p the address block to write. 7888 * 7889 * @return 0 on success, a Kerberos 5 error code on failure. 7890 * 7891 * @ingroup krb5_storage 7892 */ 7893KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7894krb5_store_address ( 7895 krb5_storage */*sp*/, 7896 krb5_address /*p*/); 7897 7898/** 7899 * Write a addresses block to storage. 7900 * 7901 * @param sp the storage buffer to write to 7902 * @param p the addresses block to write. 7903 * 7904 * @return 0 on success, a Kerberos 5 error code on failure. 7905 * 7906 * @ingroup krb5_storage 7907 */ 7908KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7909krb5_store_addrs ( 7910 krb5_storage */*sp*/, 7911 krb5_addresses /*p*/); 7912 7913/** 7914 * Write a auth data block to storage. 7915 * 7916 * @param sp the storage buffer to write to 7917 * @param auth the auth data block to write. 7918 * 7919 * @return 0 on success, a Kerberos 5 error code on failure. 7920 * 7921 * @ingroup krb5_storage 7922 */ 7923KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7924krb5_store_authdata ( 7925 krb5_storage */*sp*/, 7926 krb5_authdata /*auth*/); 7927 7928/** 7929 * Write a credentials block to storage. 7930 * 7931 * @param sp the storage buffer to write to 7932 * @param creds the creds block to write. 7933 * 7934 * @return 0 on success, a Kerberos 5 error code on failure. 7935 * 7936 * @ingroup krb5_storage 7937 */ 7938KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7939krb5_store_creds ( 7940 krb5_storage */*sp*/, 7941 krb5_creds */*creds*/); 7942 7943/** 7944 * Write a tagged credentials block to storage. 7945 * 7946 * @param sp the storage buffer to write to 7947 * @param creds the creds block to write. 7948 * 7949 * @return 0 on success, a Kerberos 5 error code on failure. 7950 * 7951 * @ingroup krb5_storage 7952 */ 7953KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7954krb5_store_creds_tag ( 7955 krb5_storage */*sp*/, 7956 krb5_creds */*creds*/); 7957 7958/** 7959 * Store a data to the storage. The data is stored with an int32 as 7960 * lenght plus the data (not padded). 7961 * 7962 * @param sp the storage buffer to write to 7963 * @param data the buffer to store. 7964 * 7965 * @return 0 on success, a Kerberos 5 error code on failure. 7966 * 7967 * @ingroup krb5_storage 7968 */ 7969KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7970krb5_store_data ( 7971 krb5_storage */*sp*/, 7972 krb5_data /*data*/); 7973 7974/** 7975 * Store a int16 to storage, byte order is controlled by the settings 7976 * on the storage, see krb5_storage_set_byteorder(). 7977 * 7978 * @param sp the storage to write too 7979 * @param value the value to store 7980 * 7981 * @return 0 for success, or a Kerberos 5 error code on failure. 7982 * 7983 * @ingroup krb5_storage 7984 */ 7985KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7986krb5_store_int16 ( 7987 krb5_storage */*sp*/, 7988 int16_t /*value*/); 7989 7990/** 7991 * Store a int32 to storage, byte order is controlled by the settings 7992 * on the storage, see krb5_storage_set_byteorder(). 7993 * 7994 * @param sp the storage to write too 7995 * @param value the value to store 7996 * 7997 * @return 0 for success, or a Kerberos 5 error code on failure. 7998 * 7999 * @ingroup krb5_storage 8000 */ 8001KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8002krb5_store_int32 ( 8003 krb5_storage */*sp*/, 8004 int32_t /*value*/); 8005 8006/** 8007 * Store a int8 to storage. 8008 * 8009 * @param sp the storage to write too 8010 * @param value the value to store 8011 * 8012 * @return 0 for success, or a Kerberos 5 error code on failure. 8013 * 8014 * @ingroup krb5_storage 8015 */ 8016KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8017krb5_store_int8 ( 8018 krb5_storage */*sp*/, 8019 int8_t /*value*/); 8020 8021/** 8022 * Store a keyblock to the storage. 8023 * 8024 * @param sp the storage buffer to write to 8025 * @param p the keyblock to write 8026 * 8027 * @return 0 on success, a Kerberos 5 error code on failure. 8028 * 8029 * @ingroup krb5_storage 8030 */ 8031KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8032krb5_store_keyblock ( 8033 krb5_storage */*sp*/, 8034 krb5_keyblock /*p*/); 8035 8036/** 8037 * Write a principal block to storage. 8038 * 8039 * @param sp the storage buffer to write to 8040 * @param p the principal block to write. 8041 * 8042 * @return 0 on success, a Kerberos 5 error code on failure. 8043 * 8044 * @ingroup krb5_storage 8045 */ 8046KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8047krb5_store_principal ( 8048 krb5_storage */*sp*/, 8049 krb5_const_principal /*p*/); 8050 8051/** 8052 * Store a string to the buffer. The data is formated as an len:uint32 8053 * plus the string itself (not padded). 8054 * 8055 * @param sp the storage buffer to write to 8056 * @param s the string to store. 8057 * 8058 * @return 0 on success, a Kerberos 5 error code on failure. 8059 * 8060 * @ingroup krb5_storage 8061 */ 8062KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8063krb5_store_string ( 8064 krb5_storage */*sp*/, 8065 const char */*s*/); 8066 8067KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8068krb5_store_stringnl ( 8069 krb5_storage */*sp*/, 8070 const char */*s*/); 8071 8072/** 8073 * Store a zero terminated string to the buffer. The data is stored 8074 * one character at a time until a NUL is stored. 8075 * 8076 * @param sp the storage buffer to write to 8077 * @param s the string to store. 8078 * 8079 * @return 0 on success, a Kerberos 5 error code on failure. 8080 * 8081 * @ingroup krb5_storage 8082 */ 8083KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8084krb5_store_stringz ( 8085 krb5_storage */*sp*/, 8086 const char */*s*/); 8087 8088/** 8089 * Write a times block to storage. 8090 * 8091 * @param sp the storage buffer to write to 8092 * @param times the times block to write. 8093 * 8094 * @return 0 on success, a Kerberos 5 error code on failure. 8095 * 8096 * @ingroup krb5_storage 8097 */ 8098KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8099krb5_store_times ( 8100 krb5_storage */*sp*/, 8101 krb5_times /*times*/); 8102 8103/** 8104 * Store a uint16 to storage, byte order is controlled by the settings 8105 * on the storage, see krb5_storage_set_byteorder(). 8106 * 8107 * @param sp the storage to write too 8108 * @param value the value to store 8109 * 8110 * @return 0 for success, or a Kerberos 5 error code on failure. 8111 * 8112 * @ingroup krb5_storage 8113 */ 8114KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8115krb5_store_uint16 ( 8116 krb5_storage */*sp*/, 8117 uint16_t /*value*/); 8118 8119/** 8120 * Store a uint32 to storage, byte order is controlled by the settings 8121 * on the storage, see krb5_storage_set_byteorder(). 8122 * 8123 * @param sp the storage to write too 8124 * @param value the value to store 8125 * 8126 * @return 0 for success, or a Kerberos 5 error code on failure. 8127 * 8128 * @ingroup krb5_storage 8129 */ 8130KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8131krb5_store_uint32 ( 8132 krb5_storage */*sp*/, 8133 uint32_t /*value*/); 8134 8135/** 8136 * Store a uint8 to storage. 8137 * 8138 * @param sp the storage to write too 8139 * @param value the value to store 8140 * 8141 * @return 0 for success, or a Kerberos 5 error code on failure. 8142 * 8143 * @ingroup krb5_storage 8144 */ 8145KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8146krb5_store_uint8 ( 8147 krb5_storage */*sp*/, 8148 uint8_t /*value*/); 8149 8150krb5_error_code 8151krb5_store_uuid ( 8152 krb5_storage */*sp*/, 8153 krb5_uuid /*uuid*/); 8154 8155KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8156krb5_string_to_deltat ( 8157 const char */*string*/, 8158 krb5_deltat */*deltat*/); 8159 8160KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8161krb5_string_to_enctype ( 8162 krb5_context /*context*/, 8163 const char */*string*/, 8164 krb5_enctype */*etype*/); 8165 8166KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8167krb5_string_to_key ( 8168 krb5_context /*context*/, 8169 krb5_enctype /*enctype*/, 8170 const char */*password*/, 8171 krb5_principal /*principal*/, 8172 krb5_keyblock */*key*/); 8173 8174KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8175krb5_string_to_key_data ( 8176 krb5_context /*context*/, 8177 krb5_enctype /*enctype*/, 8178 krb5_data /*password*/, 8179 krb5_principal /*principal*/, 8180 krb5_keyblock */*key*/); 8181 8182KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8183krb5_string_to_key_data_salt ( 8184 krb5_context /*context*/, 8185 krb5_enctype /*enctype*/, 8186 krb5_data /*password*/, 8187 krb5_salt /*salt*/, 8188 krb5_keyblock */*key*/); 8189 8190KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8191krb5_string_to_key_data_salt_opaque ( 8192 krb5_context /*context*/, 8193 krb5_enctype /*enctype*/, 8194 krb5_data /*password*/, 8195 krb5_salt /*salt*/, 8196 krb5_data /*opaque*/, 8197 krb5_keyblock */*key*/); 8198 8199KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8200krb5_string_to_key_derived ( 8201 krb5_context /*context*/, 8202 const void */*str*/, 8203 size_t /*len*/, 8204 krb5_enctype /*etype*/, 8205 krb5_keyblock */*key*/); 8206 8207KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8208krb5_string_to_key_salt ( 8209 krb5_context /*context*/, 8210 krb5_enctype /*enctype*/, 8211 const char */*password*/, 8212 krb5_salt /*salt*/, 8213 krb5_keyblock */*key*/); 8214 8215KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8216krb5_string_to_key_salt_opaque ( 8217 krb5_context /*context*/, 8218 krb5_enctype /*enctype*/, 8219 const char */*password*/, 8220 krb5_salt /*salt*/, 8221 krb5_data /*opaque*/, 8222 krb5_keyblock */*key*/); 8223 8224/** 8225 * Deprecated: keytypes doesn't exists, they are really enctypes in 8226 * most cases, use krb5_string_to_enctype(). 8227 * 8228 * @ingroup krb5_deprecated 8229 */ 8230KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8231krb5_string_to_keytype ( 8232 krb5_context /*context*/, 8233 const char */*string*/, 8234 krb5_keytype */*keytype*/) 8235 KRB5_DEPRECATED_FUNCTION("Use X instead"); 8236 8237KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8238krb5_string_to_salttype ( 8239 krb5_context /*context*/, 8240 krb5_enctype /*etype*/, 8241 const char */*string*/, 8242 krb5_salttype */*salttype*/); 8243 8244krb5_error_code KRB5_LIB_FUNCTION 8245krb5_string_to_uuid ( 8246 const char */*str*/, 8247 krb5_uuid /*uuid*/); 8248 8249/** 8250 * Extract the authorization data type of type from the ticket. Store 8251 * the field in data. This function is to use for kerberos 8252 * applications. 8253 * 8254 * @param context a Kerberos 5 context 8255 * @param ticket Kerberos ticket 8256 * @param type type to fetch 8257 * @param data returned data, free with krb5_data_free() 8258 * 8259 * @ingroup krb5 8260 */ 8261KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8262krb5_ticket_get_authorization_data_type ( 8263 krb5_context /*context*/, 8264 krb5_ticket */*ticket*/, 8265 int /*type*/, 8266 krb5_data */*data*/); 8267 8268/** 8269 * Return client principal in ticket 8270 * 8271 * @param context a Kerberos 5 context 8272 * @param ticket ticket to copy 8273 * @param client client principal, free with krb5_free_principal() 8274 * 8275 * @return Returns 0 to indicate success. Otherwise an kerberos et 8276 * error code is returned, see krb5_get_error_message(). 8277 * 8278 * @ingroup krb5 8279 */ 8280KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8281krb5_ticket_get_client ( 8282 krb5_context /*context*/, 8283 const krb5_ticket */*ticket*/, 8284 krb5_principal */*client*/); 8285 8286/** 8287 * Return end time of ticket 8288 * 8289 * @param context a Kerberos 5 context 8290 * @param ticket ticket to copy 8291 * 8292 * @return end time of ticket 8293 * 8294 * @ingroup krb5 8295 */ 8296KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 8297krb5_ticket_get_endtime ( 8298 krb5_context /*context*/, 8299 const krb5_ticket */*ticket*/); 8300 8301/** 8302 * Get the flags from the Kerberos ticket 8303 * 8304 * @param context Kerberos context 8305 * @param ticket Kerberos ticket 8306 * 8307 * @return ticket flags 8308 * 8309 * @ingroup krb5_ticket 8310 */ 8311KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 8312krb5_ticket_get_flags ( 8313 krb5_context /*context*/, 8314 const krb5_ticket */*ticket*/); 8315 8316/** 8317 * Return server principal in ticket 8318 * 8319 * @param context a Kerberos 5 context 8320 * @param ticket ticket to copy 8321 * @param server server principal, free with krb5_free_principal() 8322 * 8323 * @return Returns 0 to indicate success. Otherwise an kerberos et 8324 * error code is returned, see krb5_get_error_message(). 8325 * 8326 * @ingroup krb5 8327 */ 8328KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8329krb5_ticket_get_server ( 8330 krb5_context /*context*/, 8331 const krb5_ticket */*ticket*/, 8332 krb5_principal */*server*/); 8333 8334krb5_deltat 8335krb5_time_abs ( 8336 krb5_deltat /*t1*/, 8337 krb5_deltat /*t2*/); 8338 8339/** 8340 * If the caller passes in a negative usec, its assumed to be 8341 * unknown and the function will use the current time usec. 8342 */ 8343KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8344krb5_timeofday ( 8345 krb5_context /*context*/, 8346 krb5_timestamp */*timeret*/); 8347 8348/** 8349 * 8350 */ 8351KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8352krb5_tkt_creds_free ( 8353 krb5_context /*context*/, 8354 krb5_tkt_creds_context /*ctx*/); 8355 8356/** 8357 * 8358 */ 8359KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8360krb5_tkt_creds_get_creds ( 8361 krb5_context /*context*/, 8362 krb5_tkt_creds_context /*ctx*/, 8363 krb5_creds **/*cred*/); 8364 8365/** 8366 * Create a context for a credential fetching process 8367 */ 8368KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8369krb5_tkt_creds_init ( 8370 krb5_context /*context*/, 8371 krb5_ccache /*ccache*/, 8372 krb5_creds */*in_cred*/, 8373 krb5_flags /*options*/, 8374 krb5_tkt_creds_context */*pctx*/); 8375 8376/** 8377 * Step though next step in the TGS-REP process 8378 * 8379 * Pointer returned in realm is valid to next call to 8380 * krb5_tkt_creds_step() or krb5_tkt_creds_free(). 8381 */ 8382KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8383krb5_tkt_creds_step ( 8384 krb5_context /*context*/, 8385 krb5_tkt_creds_context /*ctx*/, 8386 krb5_data */*in*/, 8387 krb5_data */*out*/, 8388 krb5_realm */*realm*/, 8389 unsigned int */*flags*/); 8390 8391/** 8392 * Unparse the Kerberos name into a string 8393 * 8394 * @param context Kerberos 5 context 8395 * @param principal principal to query 8396 * @param name resulting string, free with krb5_xfree() 8397 * 8398 * @return An krb5 error code, see krb5_get_error_message(). 8399 * 8400 * @ingroup krb5_principal 8401 */ 8402KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8403krb5_unparse_name ( 8404 krb5_context /*context*/, 8405 krb5_const_principal /*principal*/, 8406 char **/*name*/); 8407 8408/** 8409 * Unparse the principal name to a fixed buffer 8410 * 8411 * @param context A Kerberos context. 8412 * @param principal principal to unparse 8413 * @param name buffer to write name to 8414 * @param len length of buffer 8415 * 8416 * @return An krb5 error code, see krb5_get_error_message(). 8417 * 8418 * @ingroup krb5_principal 8419 */ 8420KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8421krb5_unparse_name_fixed ( 8422 krb5_context /*context*/, 8423 krb5_const_principal /*principal*/, 8424 char */*name*/, 8425 size_t /*len*/); 8426 8427/** 8428 * Unparse the principal name with unparse flags to a fixed buffer. 8429 * 8430 * @param context A Kerberos context. 8431 * @param principal principal to unparse 8432 * @param flags unparse flags 8433 * @param name buffer to write name to 8434 * @param len length of buffer 8435 * 8436 * @return An krb5 error code, see krb5_get_error_message(). 8437 * 8438 * @ingroup krb5_principal 8439 */ 8440KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8441krb5_unparse_name_fixed_flags ( 8442 krb5_context /*context*/, 8443 krb5_const_principal /*principal*/, 8444 int /*flags*/, 8445 char */*name*/, 8446 size_t /*len*/); 8447 8448/** 8449 * Unparse the principal name to a fixed buffer. The realm is skipped 8450 * if its a default realm. 8451 * 8452 * @param context A Kerberos context. 8453 * @param principal principal to unparse 8454 * @param name buffer to write name to 8455 * @param len length of buffer 8456 * 8457 * @return An krb5 error code, see krb5_get_error_message(). 8458 * 8459 * @ingroup krb5_principal 8460 */ 8461KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8462krb5_unparse_name_fixed_short ( 8463 krb5_context /*context*/, 8464 krb5_const_principal /*principal*/, 8465 char */*name*/, 8466 size_t /*len*/); 8467 8468/** 8469 * Unparse the Kerberos name into a string 8470 * 8471 * @param context Kerberos 5 context 8472 * @param principal principal to query 8473 * @param flags flag to determine the behavior 8474 * @param name resulting string, free with krb5_xfree() 8475 * 8476 * @return An krb5 error code, see krb5_get_error_message(). 8477 * 8478 * @ingroup krb5_principal 8479 */ 8480KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8481krb5_unparse_name_flags ( 8482 krb5_context /*context*/, 8483 krb5_const_principal /*principal*/, 8484 int /*flags*/, 8485 char **/*name*/); 8486 8487/** 8488 * Unparse the principal name to a allocated buffer. The realm is 8489 * skipped if its a default realm. 8490 * 8491 * @param context A Kerberos context. 8492 * @param principal principal to unparse 8493 * @param name returned buffer, free with krb5_xfree() 8494 * 8495 * @return An krb5 error code, see krb5_get_error_message(). 8496 * 8497 * @ingroup krb5_principal 8498 */ 8499KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8500krb5_unparse_name_short ( 8501 krb5_context /*context*/, 8502 krb5_const_principal /*principal*/, 8503 char **/*name*/); 8504 8505KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8506krb5_us_timeofday ( 8507 krb5_context /*context*/, 8508 krb5_timestamp */*sec*/, 8509 int32_t */*usec*/); 8510 8511char * KRB5_LIB_FUNCTION 8512krb5_uuid_to_string (krb5_uuid /*uuid*/); 8513 8514/** 8515 * Log a warning to the log, default stderr, include bthe error from 8516 * the last failure and then abort. 8517 * 8518 * @param context A Kerberos 5 context 8519 * @param code error code of the last error 8520 * @param fmt message to print 8521 * @param ap arguments 8522 * 8523 * @ingroup krb5_error 8524 */ 8525KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8526krb5_vabort ( 8527 krb5_context /*context*/, 8528 krb5_error_code /*code*/, 8529 const char */*fmt*/, 8530 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)) 8531 HEIMDAL_NORETURN_ATTRIBUTE; 8532 8533KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8534krb5_vabortx ( 8535 krb5_context /*context*/, 8536 const char */*fmt*/, 8537 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0)) 8538 HEIMDAL_NORETURN_ATTRIBUTE; 8539 8540KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8541krb5_verify_ap_req ( 8542 krb5_context /*context*/, 8543 krb5_auth_context */*auth_context*/, 8544 krb5_ap_req */*ap_req*/, 8545 krb5_const_principal /*server*/, 8546 krb5_keyblock */*keyblock*/, 8547 krb5_flags /*flags*/, 8548 krb5_flags */*ap_req_options*/, 8549 krb5_ticket **/*ticket*/); 8550 8551KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8552krb5_verify_ap_req2 ( 8553 krb5_context /*context*/, 8554 krb5_auth_context */*auth_context*/, 8555 krb5_ap_req */*ap_req*/, 8556 krb5_const_principal /*server*/, 8557 krb5_keyblock */*keyblock*/, 8558 krb5_flags /*flags*/, 8559 krb5_flags */*ap_req_options*/, 8560 krb5_ticket **/*ticket*/, 8561 krb5_key_usage /*usage*/); 8562 8563KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8564krb5_verify_authenticator_checksum ( 8565 krb5_context /*context*/, 8566 krb5_auth_context /*ac*/, 8567 void */*data*/, 8568 size_t /*len*/); 8569 8570KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8571krb5_verify_checksum ( 8572 krb5_context /*context*/, 8573 krb5_crypto /*crypto*/, 8574 krb5_key_usage /*usage*/, 8575 void */*data*/, 8576 size_t /*len*/, 8577 Checksum */*cksum*/); 8578 8579/** 8580 * Verify a Kerberos message checksum. 8581 * 8582 * @param context Kerberos context 8583 * @param crypto Kerberos crypto context 8584 * @param usage Key usage for this buffer 8585 * @param data array of buffers to process 8586 * @param num_data length of array 8587 * @param type return checksum type if not NULL 8588 * 8589 * @return Return an error code or 0. 8590 * @ingroup krb5_crypto 8591 */ 8592KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8593krb5_verify_checksum_iov ( 8594 krb5_context /*context*/, 8595 krb5_crypto /*crypto*/, 8596 unsigned /*usage*/, 8597 krb5_crypto_iov */*data*/, 8598 unsigned int /*num_data*/, 8599 krb5_cksumtype */*type*/); 8600 8601KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8602krb5_verify_init_creds ( 8603 krb5_context /*context*/, 8604 krb5_creds */*creds*/, 8605 krb5_principal /*ap_req_server*/, 8606 krb5_keytab /*ap_req_keytab*/, 8607 krb5_ccache */*ccache*/, 8608 krb5_verify_init_creds_opt */*options*/); 8609 8610KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8611krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt */*options*/); 8612 8613KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8614krb5_verify_init_creds_opt_set_ap_req_nofail ( 8615 krb5_verify_init_creds_opt */*options*/, 8616 int /*ap_req_nofail*/); 8617 8618KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8619krb5_verify_init_creds_opt_set_service ( 8620 krb5_verify_init_creds_opt */*options*/, 8621 const char */*service*/); 8622 8623KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8624krb5_verify_opt_alloc ( 8625 krb5_context /*context*/, 8626 krb5_verify_opt **/*opt*/); 8627 8628KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8629krb5_verify_opt_free (krb5_verify_opt */*opt*/); 8630 8631KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8632krb5_verify_opt_init (krb5_verify_opt */*opt*/); 8633 8634KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8635krb5_verify_opt_set_ccache ( 8636 krb5_verify_opt */*opt*/, 8637 krb5_ccache /*ccache*/); 8638 8639KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8640krb5_verify_opt_set_flags ( 8641 krb5_verify_opt */*opt*/, 8642 unsigned int /*flags*/); 8643 8644KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8645krb5_verify_opt_set_keytab ( 8646 krb5_verify_opt */*opt*/, 8647 krb5_keytab /*keytab*/); 8648 8649KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8650krb5_verify_opt_set_prompter ( 8651 krb5_verify_opt */*opt*/, 8652 krb5_prompter_fct /*prompter*/, 8653 void */*prompter_data*/); 8654 8655KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8656krb5_verify_opt_set_secure ( 8657 krb5_verify_opt */*opt*/, 8658 krb5_boolean /*secure*/); 8659 8660KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8661krb5_verify_opt_set_server ( 8662 krb5_verify_opt */*opt*/, 8663 krb5_principal /*server*/); 8664 8665KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8666krb5_verify_opt_set_service ( 8667 krb5_verify_opt */*opt*/, 8668 const char */*service*/); 8669 8670KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8671krb5_verify_user ( 8672 krb5_context /*context*/, 8673 krb5_principal /*principal*/, 8674 krb5_ccache /*ccache*/, 8675 const char */*password*/, 8676 krb5_boolean /*secure*/, 8677 const char */*service*/); 8678 8679KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8680krb5_verify_user_lrealm ( 8681 krb5_context /*context*/, 8682 krb5_principal /*principal*/, 8683 krb5_ccache /*ccache*/, 8684 const char */*password*/, 8685 krb5_boolean /*secure*/, 8686 const char */*service*/); 8687 8688KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8689krb5_verify_user_opt ( 8690 krb5_context /*context*/, 8691 krb5_principal /*principal*/, 8692 const char */*password*/, 8693 krb5_verify_opt */*opt*/); 8694 8695/** 8696 * Log a warning to the log, default stderr, include bthe error from 8697 * the last failure and then exit. 8698 * 8699 * @param context A Kerberos 5 context 8700 * @param eval the exit code to exit with 8701 * @param code error code of the last error 8702 * @param fmt message to print 8703 * @param ap arguments 8704 * 8705 * @ingroup krb5_error 8706 */ 8707KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8708krb5_verr ( 8709 krb5_context /*context*/, 8710 int /*eval*/, 8711 krb5_error_code /*code*/, 8712 const char */*fmt*/, 8713 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 0)) 8714 HEIMDAL_NORETURN_ATTRIBUTE; 8715 8716/** 8717 * Log a warning to the log, default stderr, and then exit. 8718 * 8719 * @param context A Kerberos 5 context 8720 * @param eval the exit code to exit with 8721 * @param fmt message to print 8722 * @param ap arguments 8723 * 8724 * @ingroup krb5_error 8725 */ 8726KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8727krb5_verrx ( 8728 krb5_context /*context*/, 8729 int /*eval*/, 8730 const char */*fmt*/, 8731 va_list ap) HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)) 8732 HEIMDAL_NORETURN_ATTRIBUTE; 8733 8734KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8735krb5_vlog ( 8736 krb5_context /*context*/, 8737 krb5_log_facility */*fac*/, 8738 int /*level*/, 8739 const char */*fmt*/, 8740 va_list /*ap*/) 8741 HEIMDAL_PRINTF_ATTRIBUTE((printf, 4, 0)); 8742 8743KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8744krb5_vlog_msg ( 8745 krb5_context /*context*/, 8746 krb5_log_facility */*fac*/, 8747 char **/*reply*/, 8748 int /*level*/, 8749 const char */*fmt*/, 8750 va_list /*ap*/) 8751 HEIMDAL_PRINTF_ATTRIBUTE((printf, 5, 0)); 8752 8753/** 8754 * Prepend the contexts's full error string for a specific error code. 8755 * 8756 * The if context is NULL, no error string is stored. 8757 * 8758 * @param context Kerberos 5 context 8759 * @param ret The error code 8760 * @param fmt Error string for the error code 8761 * @param args printf(3) style parameters. 8762 * 8763 * @ingroup krb5_error 8764 */ 8765KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8766krb5_vprepend_error_message ( 8767 krb5_context /*context*/, 8768 krb5_error_code /*ret*/, 8769 const char */*fmt*/, 8770 va_list /*args*/) 8771 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)); 8772 8773/** 8774 * Set the context full error string for a specific error code. 8775 * 8776 * The if context is NULL, no error string is stored. 8777 * 8778 * @param context Kerberos 5 context 8779 * @param ret The error code 8780 * @param fmt Error string for the error code 8781 * @param args printf(3) style parameters. 8782 * 8783 * @ingroup krb5_error 8784 */ 8785KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8786krb5_vset_error_message ( 8787 krb5_context /*context*/, 8788 krb5_error_code /*ret*/, 8789 const char */*fmt*/, 8790 va_list /*args*/) 8791 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)); 8792 8793/** 8794 * Set the error message returned by krb5_get_error_string(), 8795 * deprecated, use krb5_set_error_message(). 8796 * 8797 * Deprecated: use krb5_vset_error_message() 8798 * 8799 * @param context Kerberos context 8800 * @param msg error message to free 8801 * 8802 * @return Return an error code or 0. 8803 * 8804 * @ingroup krb5_deprecated 8805 */ 8806KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8807krb5_vset_error_string ( 8808 krb5_context /*context*/, 8809 const char */*fmt*/, 8810 va_list args) 8811 KRB5_DEPRECATED_FUNCTION("Use X instead") HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0)); 8812 8813/** 8814 * Log a warning to the log, default stderr, include the error from 8815 * the last failure. 8816 * 8817 * @param context A Kerberos 5 context. 8818 * @param code error code of the last error 8819 * @param fmt message to print 8820 * @param ap arguments 8821 * 8822 * @ingroup krb5_error 8823 */ 8824KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8825krb5_vwarn ( 8826 krb5_context /*context*/, 8827 krb5_error_code /*code*/, 8828 const char */*fmt*/, 8829 va_list /*ap*/) 8830 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 0)); 8831 8832/** 8833 * Log a warning to the log, default stderr. 8834 * 8835 * @param context A Kerberos 5 context. 8836 * @param fmt message to print 8837 * @param ap arguments 8838 * 8839 * @ingroup krb5_error 8840 */ 8841KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8842krb5_vwarnx ( 8843 krb5_context /*context*/, 8844 const char */*fmt*/, 8845 va_list /*ap*/) 8846 HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 0)); 8847 8848/** 8849 * Log a warning to the log, default stderr, include the error from 8850 * the last failure. 8851 * 8852 * @param context A Kerberos 5 context. 8853 * @param code error code of the last error 8854 * @param fmt message to print 8855 * 8856 * @ingroup krb5_error 8857 */ 8858KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8859krb5_warn ( 8860 krb5_context /*context*/, 8861 krb5_error_code /*code*/, 8862 const char */*fmt*/, 8863 ...) 8864 HEIMDAL_PRINTF_ATTRIBUTE((printf, 3, 4)); 8865 8866/** 8867 * Log a warning to the log, default stderr. 8868 * 8869 * @param context A Kerberos 5 context. 8870 * @param fmt message to print 8871 * 8872 * @ingroup krb5_error 8873 */ 8874KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8875krb5_warnx ( 8876 krb5_context /*context*/, 8877 const char */*fmt*/, 8878 ...) 8879 HEIMDAL_PRINTF_ATTRIBUTE((printf, 2, 3)); 8880 8881KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8882krb5_write_message ( 8883 krb5_context /*context*/, 8884 krb5_pointer /*p_fd*/, 8885 krb5_data */*data*/); 8886 8887KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8888krb5_write_priv_message ( 8889 krb5_context /*context*/, 8890 krb5_auth_context /*ac*/, 8891 krb5_pointer /*p_fd*/, 8892 krb5_data */*data*/); 8893 8894KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8895krb5_write_safe_message ( 8896 krb5_context /*context*/, 8897 krb5_auth_context /*ac*/, 8898 krb5_pointer /*p_fd*/, 8899 krb5_data */*data*/); 8900 8901KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8902krb5_xfree (void */*ptr*/); 8903 8904#ifdef __cplusplus 8905} 8906#endif 8907 8908#undef KRB5_DEPRECATED_FUNCTION 8909 8910#endif /* __krb5_protos_h__ */ 8911