1/* $NetBSD: krb5-protos.h,v 1.2 2019/12/15 22:50:50 christos Exp $ */ 2 3/* This is a generated file */ 4#ifndef __krb5_protos_h__ 5#define __krb5_protos_h__ 6#ifndef DOXY 7 8#include <stdarg.h> 9 10#if !defined(__GNUC__) && !defined(__attribute__) 11#define __attribute__(x) 12#endif 13 14#ifndef KRB5_DEPRECATED_FUNCTION 15#ifndef __has_extension 16#define __has_extension(x) 0 17#define KRB5_DEPRECATED_FUNCTIONhas_extension 1 18#endif 19#if __has_extension(attribute_deprecated_with_message) 20#define KRB5_DEPRECATED_FUNCTION(x) __attribute__((__deprecated__(x))) 21#elif defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 22#define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__)) 23#else 24#define KRB5_DEPRECATED_FUNCTION(X) 25#endif 26#ifdef KRB5_DEPRECATED_FUNCTIONhas_extension 27#undef __has_extension 28#undef KRB5_DEPRECATED_FUNCTIONhas_extension 29#endif 30#endif /* KRB5_DEPRECATED_FUNCTION */ 31 32 33#ifdef __cplusplus 34extern "C" { 35#endif 36 37#ifndef KRB5_LIB 38#ifndef KRB5_LIB_FUNCTION 39#if defined(_WIN32) 40#define KRB5_LIB_FUNCTION __declspec(dllimport) 41#define KRB5_LIB_CALL __stdcall 42#define KRB5_LIB_VARIABLE __declspec(dllimport) 43#else 44#define KRB5_LIB_FUNCTION 45#define KRB5_LIB_CALL 46#define KRB5_LIB_VARIABLE 47#endif 48#endif 49#endif 50/** 51 * Convert the v5 credentials in in_cred to v4-dito in v4creds. This 52 * is done by sending them to the 524 function in the KDC. If 53 * `in_cred' doesn't contain a DES session key, then a new one is 54 * gotten from the KDC and stored in the cred cache `ccache'. 55 * 56 * @param context Kerberos 5 context. 57 * @param in_cred the credential to convert 58 * @param v4creds the converted credential 59 * 60 * @return Returns 0 to indicate success. Otherwise an kerberos et 61 * error code is returned, see krb5_get_error_message(). 62 * 63 * @ingroup krb5_v4compat 64 */ 65 66KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 67krb524_convert_creds_kdc ( 68 krb5_context /*context*/, 69 krb5_creds */*in_cred*/, 70 struct credentials */*v4creds*/) 71 KRB5_DEPRECATED_FUNCTION("Use X instead"); 72 73/** 74 * Convert the v5 credentials in in_cred to v4-dito in v4creds, 75 * check the credential cache ccache before checking with the KDC. 76 * 77 * @param context Kerberos 5 context. 78 * @param ccache credential cache used to check for des-ticket. 79 * @param in_cred the credential to convert 80 * @param v4creds the converted credential 81 * 82 * @return Returns 0 to indicate success. Otherwise an kerberos et 83 * error code is returned, see krb5_get_error_message(). 84 * 85 * @ingroup krb5_v4compat 86 */ 87 88KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 89krb524_convert_creds_kdc_ccache ( 90 krb5_context /*context*/, 91 krb5_ccache /*ccache*/, 92 krb5_creds */*in_cred*/, 93 struct credentials */*v4creds*/) 94 KRB5_DEPRECATED_FUNCTION("Use X instead"); 95 96/** 97 * Log a warning to the log, default stderr, include the error from 98 * the last failure and then abort. 99 * 100 * @param context A Kerberos 5 context 101 * @param code error code of the last error 102 * @param fmt message to print 103 * @param ... arguments for format string 104 * 105 * @ingroup krb5_error 106 */ 107 108KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 109krb5_abort ( 110 krb5_context /*context*/, 111 krb5_error_code /*code*/, 112 const char */*fmt*/, 113 ...) 114 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 4))); 115 116/** 117 * Log a warning to the log, default stderr, and then abort. 118 * 119 * @param context A Kerberos 5 context 120 * @param fmt printf format string of message to print 121 * @param ... arguments for format string 122 * 123 * @ingroup krb5_error 124 */ 125 126KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 127krb5_abortx ( 128 krb5_context /*context*/, 129 const char */*fmt*/, 130 ...) 131 __attribute__ ((__noreturn__, __format__ (__printf__, 2, 3))); 132 133/** 134 * krb5_acl_match_file matches ACL format against each line in a file 135 * using krb5_acl_match_string(). Lines starting with # are treated 136 * like comments and ignored. 137 * 138 * @param context Kerberos 5 context. 139 * @param file file with acl listed in the file. 140 * @param format format to match. 141 * @param ... parameter to format string. 142 * 143 * @return Return an error code or 0. 144 * 145 * @sa krb5_acl_match_string 146 * @ingroup krb5_support 147 */ 148 149KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 150krb5_acl_match_file ( 151 krb5_context /*context*/, 152 const char */*file*/, 153 const char */*format*/, 154 ...); 155 156/** 157 * krb5_acl_match_string matches ACL format against a string. 158 * 159 * The ACL format has three format specifiers: s, f, and r. Each 160 * specifier will retrieve one argument from the variable arguments 161 * for either matching or storing data. The input string is split up 162 * using " " (space) and "\t" (tab) as a delimiter; multiple and "\t" 163 * in a row are considered to be the same. 164 * 165 * List of format specifiers: 166 * - s Matches a string using strcmp(3) (case sensitive). 167 * - f Matches the string with fnmatch(3). Theflags 168 * argument (the last argument) passed to the fnmatch function is 0. 169 * - r Returns a copy of the string in the char ** passed in; the copy 170 * must be freed with free(3). There is no need to free(3) the 171 * string on error: the function will clean up and set the pointer 172 * to NULL. 173 * 174 * @param context Kerberos 5 context 175 * @param string string to match with 176 * @param format format to match 177 * @param ... parameter to format string 178 * 179 * @return Return an error code or 0. 180 * 181 * 182 * @code 183 * char *s; 184 * 185 * ret = krb5_acl_match_string(context, "foo", "s", "foo"); 186 * if (ret) 187 * krb5_errx(context, 1, "acl didn't match"); 188 * ret = krb5_acl_match_string(context, "foo foo baz/kaka", 189 * "ss", "foo", &s, "foo/\\*"); 190 * if (ret) { 191 * // no need to free(s) on error 192 * assert(s == NULL); 193 * krb5_errx(context, 1, "acl didn't match"); 194 * } 195 * free(s); 196 * @endcode 197 * 198 * @sa krb5_acl_match_file 199 * @ingroup krb5_support 200 */ 201 202KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 203krb5_acl_match_string ( 204 krb5_context /*context*/, 205 const char */*string*/, 206 const char */*format*/, 207 ...); 208 209/** 210 * Add a specified list of error messages to the et list in context. 211 * Call func (probably a comerr-generated function) with a pointer to 212 * the current et_list. 213 * 214 * @param context A kerberos context. 215 * @param func The generated com_err et function. 216 * 217 * @return Returns 0 to indicate success. Otherwise an kerberos et 218 * error code is returned, see krb5_get_error_message(). 219 * 220 * @ingroup krb5 221 */ 222 223KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 224krb5_add_et_list ( 225 krb5_context /*context*/, 226 void (*/*func*/)(struct et_list **)); 227 228/** 229 * Add extra address to the address list that the library will add to 230 * the client's address list when communicating with the KDC. 231 * 232 * @param context Kerberos 5 context. 233 * @param addresses addreses to add 234 * 235 * @return Returns 0 to indicate success. Otherwise an kerberos et 236 * error code is returned, see krb5_get_error_message(). 237 * 238 * @ingroup krb5 239 */ 240 241KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 242krb5_add_extra_addresses ( 243 krb5_context /*context*/, 244 krb5_addresses */*addresses*/); 245 246/** 247 * Add extra addresses to ignore when fetching addresses from the 248 * underlaying operating system. 249 * 250 * @param context Kerberos 5 context. 251 * @param addresses addreses to ignore 252 * 253 * @return Returns 0 to indicate success. Otherwise an kerberos et 254 * error code is returned, see krb5_get_error_message(). 255 * 256 * @ingroup krb5 257 */ 258 259KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 260krb5_add_ignore_addresses ( 261 krb5_context /*context*/, 262 krb5_addresses */*addresses*/); 263 264KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 265krb5_addlog_dest ( 266 krb5_context /*context*/, 267 krb5_log_facility */*f*/, 268 const char */*orig*/); 269 270KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 271krb5_addlog_func ( 272 krb5_context /*context*/, 273 krb5_log_facility */*fac*/, 274 int /*min*/, 275 int /*max*/, 276 krb5_log_log_func_t /*log_func*/, 277 krb5_log_close_func_t /*close_func*/, 278 void */*data*/); 279 280/** 281 * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr 282 * and port. The argument sa_size should initially contain the size of 283 * the sa and after the call, it will contain the actual length of the 284 * address. In case of the sa is too small to fit the whole address, 285 * the up to *sa_size will be stored, and then *sa_size will be set to 286 * the required length. 287 * 288 * @param context a Keberos context 289 * @param addr the address to copy the from 290 * @param sa the struct sockaddr that will be filled in 291 * @param sa_size pointer to length of sa, and after the call, it will 292 * contain the actual length of the address. 293 * @param port set port in sa. 294 * 295 * @return Return an error code or 0. Will return 296 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 297 * 298 * @ingroup krb5_address 299 */ 300 301KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 302krb5_addr2sockaddr ( 303 krb5_context /*context*/, 304 const krb5_address */*addr*/, 305 struct sockaddr */*sa*/, 306 krb5_socklen_t */*sa_size*/, 307 int /*port*/); 308 309/** 310 * krb5_address_compare compares the addresses addr1 and addr2. 311 * Returns TRUE if the two addresses are the same. 312 * 313 * @param context a Keberos context 314 * @param addr1 address to compare 315 * @param addr2 address to compare 316 * 317 * @return Return an TRUE is the address are the same FALSE if not 318 * 319 * @ingroup krb5_address 320 */ 321 322KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 323krb5_address_compare ( 324 krb5_context /*context*/, 325 const krb5_address */*addr1*/, 326 const krb5_address */*addr2*/); 327 328/** 329 * krb5_address_order compares the addresses addr1 and addr2 so that 330 * it can be used for sorting addresses. If the addresses are the same 331 * address krb5_address_order will return 0. Behavies like memcmp(2). 332 * 333 * @param context a Keberos context 334 * @param addr1 krb5_address to compare 335 * @param addr2 krb5_address to compare 336 * 337 * @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and 338 * addr2 is the same address, > 0 if addr2 is "less" then addr1. 339 * 340 * @ingroup krb5_address 341 */ 342 343KRB5_LIB_FUNCTION int KRB5_LIB_CALL 344krb5_address_order ( 345 krb5_context /*context*/, 346 const krb5_address */*addr1*/, 347 const krb5_address */*addr2*/); 348 349/** 350 * Calculate the boundary addresses of `inaddr'/`prefixlen' and store 351 * them in `low' and `high'. 352 * 353 * @param context a Keberos context 354 * @param inaddr address in prefixlen that the bondery searched 355 * @param prefixlen width of boundery 356 * @param low lowest address 357 * @param high highest address 358 * 359 * @return Return an error code or 0. 360 * 361 * @ingroup krb5_address 362 */ 363 364KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 365krb5_address_prefixlen_boundary ( 366 krb5_context /*context*/, 367 const krb5_address */*inaddr*/, 368 unsigned long /*prefixlen*/, 369 krb5_address */*low*/, 370 krb5_address */*high*/); 371 372/** 373 * krb5_address_search checks if the address addr is a member of the 374 * address set list addrlist . 375 * 376 * @param context a Keberos context. 377 * @param addr address to search for. 378 * @param addrlist list of addresses to look in for addr. 379 * 380 * @return Return an error code or 0. 381 * 382 * @ingroup krb5_address 383 */ 384 385KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 386krb5_address_search ( 387 krb5_context /*context*/, 388 const krb5_address */*addr*/, 389 const krb5_addresses */*addrlist*/); 390 391/** 392 * Enable or disable all weak encryption types 393 * 394 * @param context Kerberos 5 context 395 * @param enable true to enable, false to disable 396 * 397 * @return Return an error code or 0. 398 * 399 * @ingroup krb5_crypto 400 */ 401 402KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 403krb5_allow_weak_crypto ( 404 krb5_context /*context*/, 405 krb5_boolean /*enable*/); 406 407/** 408 * Map a principal name to a local username. 409 * 410 * Returns 0 on success, KRB5_NO_LOCALNAME if no mapping was found, or 411 * some Kerberos or system error. 412 * 413 * Inputs: 414 * 415 * @param context A krb5_context 416 * @param aname A principal name 417 * @param lnsize The size of the buffer into which the username will be written 418 * @param lname The buffer into which the username will be written 419 * 420 * @ingroup krb5_support 421 */ 422 423KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 424krb5_aname_to_localname ( 425 krb5_context /*context*/, 426 krb5_const_principal /*aname*/, 427 size_t /*lnsize*/, 428 char */*lname*/); 429 430/** 431 * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to 432 * bind(2) to. The argument sa_size should initially contain the size 433 * of the sa, and after the call, it will contain the actual length 434 * of the address. 435 * 436 * @param context a Keberos context 437 * @param af address family 438 * @param sa sockaddr 439 * @param sa_size lenght of sa. 440 * @param port for to fill into sa. 441 * 442 * @return Return an error code or 0. 443 * 444 * @ingroup krb5_address 445 */ 446 447KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 448krb5_anyaddr ( 449 krb5_context /*context*/, 450 int /*af*/, 451 struct sockaddr */*sa*/, 452 krb5_socklen_t */*sa_size*/, 453 int /*port*/); 454 455KRB5_LIB_FUNCTION void KRB5_LIB_CALL 456krb5_appdefault_boolean ( 457 krb5_context /*context*/, 458 const char */*appname*/, 459 krb5_const_realm /*realm*/, 460 const char */*option*/, 461 krb5_boolean /*def_val*/, 462 krb5_boolean */*ret_val*/); 463 464KRB5_LIB_FUNCTION void KRB5_LIB_CALL 465krb5_appdefault_string ( 466 krb5_context /*context*/, 467 const char */*appname*/, 468 krb5_const_realm /*realm*/, 469 const char */*option*/, 470 const char */*def_val*/, 471 char **/*ret_val*/); 472 473KRB5_LIB_FUNCTION void KRB5_LIB_CALL 474krb5_appdefault_time ( 475 krb5_context /*context*/, 476 const char */*appname*/, 477 krb5_const_realm /*realm*/, 478 const char */*option*/, 479 time_t /*def_val*/, 480 time_t */*ret_val*/); 481 482/** 483 * krb5_append_addresses adds the set of addresses in source to 484 * dest. While copying the addresses, duplicates are also sorted out. 485 * 486 * @param context a Keberos context 487 * @param dest destination of copy operation 488 * @param source adresses that are going to be added to dest 489 * 490 * @return Return an error code or 0. 491 * 492 * @ingroup krb5_address 493 */ 494 495KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 496krb5_append_addresses ( 497 krb5_context /*context*/, 498 krb5_addresses */*dest*/, 499 const krb5_addresses */*source*/); 500 501KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 502krb5_auth_con_add_AuthorizationData ( 503 krb5_context /*context*/, 504 krb5_auth_context /*auth_context*/, 505 int /*type*/, 506 krb5_data */*data*/); 507 508KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 509krb5_auth_con_addflags ( 510 krb5_context /*context*/, 511 krb5_auth_context /*auth_context*/, 512 int32_t /*addflags*/, 513 int32_t */*flags*/); 514 515/** 516 * Deallocate an authentication context previously initialized with 517 * krb5_auth_con_init(). 518 * 519 * @param context A kerberos context. 520 * @param auth_context The authentication context to be deallocated. 521 * 522 * @return An krb5 error code, see krb5_get_error_message(). 523 */ 524 525KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 526krb5_auth_con_free ( 527 krb5_context /*context*/, 528 krb5_auth_context /*auth_context*/); 529 530/** 531 * Update the authentication context \a auth_context with the local 532 * and remote addresses from socket \a fd, according to \a flags. 533 * 534 * @return An krb5 error code, see krb5_get_error_message(). 535 */ 536 537KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 538krb5_auth_con_genaddrs ( 539 krb5_context /*context*/, 540 krb5_auth_context /*auth_context*/, 541 krb5_socket_t /*fd*/, 542 int /*flags*/); 543 544KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 545krb5_auth_con_generatelocalsubkey ( 546 krb5_context /*context*/, 547 krb5_auth_context /*auth_context*/, 548 krb5_keyblock */*key*/); 549 550KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 551krb5_auth_con_getaddrs ( 552 krb5_context /*context*/, 553 krb5_auth_context /*auth_context*/, 554 krb5_address **/*local_addr*/, 555 krb5_address **/*remote_addr*/); 556 557KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 558krb5_auth_con_getauthenticator ( 559 krb5_context /*context*/, 560 krb5_auth_context /*auth_context*/, 561 krb5_authenticator */*authenticator*/); 562 563KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 564krb5_auth_con_getcksumtype ( 565 krb5_context /*context*/, 566 krb5_auth_context /*auth_context*/, 567 krb5_cksumtype */*cksumtype*/); 568 569KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 570krb5_auth_con_getflags ( 571 krb5_context /*context*/, 572 krb5_auth_context /*auth_context*/, 573 int32_t */*flags*/); 574 575KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 576krb5_auth_con_getkey ( 577 krb5_context /*context*/, 578 krb5_auth_context /*auth_context*/, 579 krb5_keyblock **/*keyblock*/); 580 581KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 582krb5_auth_con_getkeytype ( 583 krb5_context /*context*/, 584 krb5_auth_context /*auth_context*/, 585 krb5_keytype */*keytype*/); 586 587KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 588krb5_auth_con_getlocalseqnumber ( 589 krb5_context /*context*/, 590 krb5_auth_context /*auth_context*/, 591 int32_t */*seqnumber*/); 592 593KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 594krb5_auth_con_getlocalsubkey ( 595 krb5_context /*context*/, 596 krb5_auth_context /*auth_context*/, 597 krb5_keyblock **/*keyblock*/); 598 599KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 600krb5_auth_con_getrcache ( 601 krb5_context /*context*/, 602 krb5_auth_context /*auth_context*/, 603 krb5_rcache */*rcache*/); 604 605KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 606krb5_auth_con_getrecvsubkey ( 607 krb5_context /*context*/, 608 krb5_auth_context /*auth_context*/, 609 krb5_keyblock **/*keyblock*/); 610 611KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 612krb5_auth_con_getremoteseqnumber ( 613 krb5_context /*context*/, 614 krb5_auth_context /*auth_context*/, 615 int32_t */*seqnumber*/); 616 617KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 618krb5_auth_con_getremotesubkey ( 619 krb5_context /*context*/, 620 krb5_auth_context /*auth_context*/, 621 krb5_keyblock **/*keyblock*/); 622 623KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 624krb5_auth_con_getsendsubkey ( 625 krb5_context /*context*/, 626 krb5_auth_context /*auth_context*/, 627 krb5_keyblock **/*keyblock*/); 628 629/** 630 * Allocate and initialize an autentication context. 631 * 632 * @param context A kerberos context. 633 * @param auth_context The authentication context to be initialized. 634 * 635 * Use krb5_auth_con_free() to release the memory when done using the context. 636 * 637 * @return An krb5 error code, see krb5_get_error_message(). 638 */ 639 640KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 641krb5_auth_con_init ( 642 krb5_context /*context*/, 643 krb5_auth_context */*auth_context*/); 644 645KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 646krb5_auth_con_removeflags ( 647 krb5_context /*context*/, 648 krb5_auth_context /*auth_context*/, 649 int32_t /*removeflags*/, 650 int32_t */*flags*/); 651 652KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 653krb5_auth_con_setaddrs ( 654 krb5_context /*context*/, 655 krb5_auth_context /*auth_context*/, 656 krb5_address */*local_addr*/, 657 krb5_address */*remote_addr*/); 658 659KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 660krb5_auth_con_setaddrs_from_fd ( 661 krb5_context /*context*/, 662 krb5_auth_context /*auth_context*/, 663 void */*p_fd*/); 664 665KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 666krb5_auth_con_setcksumtype ( 667 krb5_context /*context*/, 668 krb5_auth_context /*auth_context*/, 669 krb5_cksumtype /*cksumtype*/); 670 671KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 672krb5_auth_con_setflags ( 673 krb5_context /*context*/, 674 krb5_auth_context /*auth_context*/, 675 int32_t /*flags*/); 676 677KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 678krb5_auth_con_setkey ( 679 krb5_context /*context*/, 680 krb5_auth_context /*auth_context*/, 681 krb5_keyblock */*keyblock*/); 682 683KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 684krb5_auth_con_setkeytype ( 685 krb5_context /*context*/, 686 krb5_auth_context /*auth_context*/, 687 krb5_keytype /*keytype*/); 688 689KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 690krb5_auth_con_setlocalseqnumber ( 691 krb5_context /*context*/, 692 krb5_auth_context /*auth_context*/, 693 int32_t /*seqnumber*/); 694 695KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 696krb5_auth_con_setlocalsubkey ( 697 krb5_context /*context*/, 698 krb5_auth_context /*auth_context*/, 699 krb5_keyblock */*keyblock*/); 700 701KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 702krb5_auth_con_setrcache ( 703 krb5_context /*context*/, 704 krb5_auth_context /*auth_context*/, 705 krb5_rcache /*rcache*/); 706 707KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 708krb5_auth_con_setrecvsubkey ( 709 krb5_context /*context*/, 710 krb5_auth_context /*auth_context*/, 711 krb5_keyblock */*keyblock*/); 712 713KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 714krb5_auth_con_setremoteseqnumber ( 715 krb5_context /*context*/, 716 krb5_auth_context /*auth_context*/, 717 int32_t /*seqnumber*/); 718 719KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 720krb5_auth_con_setremotesubkey ( 721 krb5_context /*context*/, 722 krb5_auth_context /*auth_context*/, 723 krb5_keyblock */*keyblock*/); 724 725KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 726krb5_auth_con_setsendsubkey ( 727 krb5_context /*context*/, 728 krb5_auth_context /*auth_context*/, 729 krb5_keyblock */*keyblock*/); 730 731KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 732krb5_auth_con_setuserkey ( 733 krb5_context /*context*/, 734 krb5_auth_context /*auth_context*/, 735 krb5_keyblock */*keyblock*/); 736 737/** 738 * Deprecated: use krb5_auth_con_getremoteseqnumber() 739 * 740 * @ingroup krb5_deprecated 741 */ 742 743KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 744krb5_auth_getremoteseqnumber ( 745 krb5_context /*context*/, 746 krb5_auth_context /*auth_context*/, 747 int32_t */*seqnumber*/) 748 KRB5_DEPRECATED_FUNCTION("Use X instead"); 749 750KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 751krb5_build_ap_req ( 752 krb5_context /*context*/, 753 krb5_enctype /*enctype*/, 754 krb5_creds */*cred*/, 755 krb5_flags /*ap_options*/, 756 krb5_data /*authenticator*/, 757 krb5_data */*retdata*/); 758 759/** 760 * Build a principal using vararg style building 761 * 762 * @param context A Kerberos context. 763 * @param principal returned principal 764 * @param rlen length of realm 765 * @param realm realm name 766 * @param ... a list of components ended with NULL. 767 * 768 * @return An krb5 error code, see krb5_get_error_message(). 769 * 770 * @ingroup krb5_principal 771 */ 772 773KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 774krb5_build_principal ( 775 krb5_context /*context*/, 776 krb5_principal */*principal*/, 777 int /*rlen*/, 778 krb5_const_realm /*realm*/, 779 ...); 780 781KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 782krb5_build_principal_ext ( 783 krb5_context /*context*/, 784 krb5_principal */*principal*/, 785 int /*rlen*/, 786 krb5_const_realm /*realm*/, 787 ...); 788 789KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 790krb5_build_principal_va ( 791 krb5_context /*context*/, 792 krb5_principal */*principal*/, 793 int /*rlen*/, 794 krb5_const_realm /*realm*/, 795 va_list /*ap*/); 796 797KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 798krb5_build_principal_va_ext ( 799 krb5_context /*context*/, 800 krb5_principal */*principal*/, 801 int /*rlen*/, 802 krb5_const_realm /*realm*/, 803 va_list /*ap*/); 804 805KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 806krb5_c_block_size ( 807 krb5_context /*context*/, 808 krb5_enctype /*enctype*/, 809 size_t */*blocksize*/); 810 811KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 812krb5_c_checksum_length ( 813 krb5_context /*context*/, 814 krb5_cksumtype /*cksumtype*/, 815 size_t */*length*/); 816 817KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 818krb5_c_decrypt ( 819 krb5_context /*context*/, 820 const krb5_keyblock /*key*/, 821 krb5_keyusage /*usage*/, 822 const krb5_data */*ivec*/, 823 krb5_enc_data */*input*/, 824 krb5_data */*output*/); 825 826KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 827krb5_c_encrypt ( 828 krb5_context /*context*/, 829 const krb5_keyblock */*key*/, 830 krb5_keyusage /*usage*/, 831 const krb5_data */*ivec*/, 832 const krb5_data */*input*/, 833 krb5_enc_data */*output*/); 834 835KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 836krb5_c_encrypt_length ( 837 krb5_context /*context*/, 838 krb5_enctype /*enctype*/, 839 size_t /*inputlen*/, 840 size_t */*length*/); 841 842/** 843 * Deprecated: keytypes doesn't exists, they are really enctypes. 844 * 845 * @ingroup krb5_deprecated 846 */ 847 848KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 849krb5_c_enctype_compare ( 850 krb5_context /*context*/, 851 krb5_enctype /*e1*/, 852 krb5_enctype /*e2*/, 853 krb5_boolean */*similar*/) 854 KRB5_DEPRECATED_FUNCTION("Use X instead"); 855 856KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 857krb5_c_get_checksum ( 858 krb5_context /*context*/, 859 const krb5_checksum */*cksum*/, 860 krb5_cksumtype */*type*/, 861 krb5_data **/*data*/); 862 863KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 864krb5_c_is_coll_proof_cksum (krb5_cksumtype /*ctype*/); 865 866KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 867krb5_c_is_keyed_cksum (krb5_cksumtype /*ctype*/); 868 869KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 870krb5_c_keylengths ( 871 krb5_context /*context*/, 872 krb5_enctype /*enctype*/, 873 size_t */*ilen*/, 874 size_t */*keylen*/); 875 876KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 877krb5_c_make_checksum ( 878 krb5_context /*context*/, 879 krb5_cksumtype /*cksumtype*/, 880 const krb5_keyblock */*key*/, 881 krb5_keyusage /*usage*/, 882 const krb5_data */*input*/, 883 krb5_checksum */*cksum*/); 884 885KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 886krb5_c_make_random_key ( 887 krb5_context /*context*/, 888 krb5_enctype /*enctype*/, 889 krb5_keyblock */*random_key*/); 890 891KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 892krb5_c_prf ( 893 krb5_context /*context*/, 894 const krb5_keyblock */*key*/, 895 const krb5_data */*input*/, 896 krb5_data */*output*/); 897 898KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 899krb5_c_prf_length ( 900 krb5_context /*context*/, 901 krb5_enctype /*type*/, 902 size_t */*length*/); 903 904KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 905krb5_c_random_make_octets ( 906 krb5_context /*context*/, 907 krb5_data * /*data*/); 908 909KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 910krb5_c_set_checksum ( 911 krb5_context /*context*/, 912 krb5_checksum */*cksum*/, 913 krb5_cksumtype /*type*/, 914 const krb5_data */*data*/); 915 916KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 917krb5_c_valid_cksumtype (krb5_cksumtype /*ctype*/); 918 919KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 920krb5_c_valid_enctype (krb5_enctype /*etype*/); 921 922KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 923krb5_c_verify_checksum ( 924 krb5_context /*context*/, 925 const krb5_keyblock */*key*/, 926 krb5_keyusage /*usage*/, 927 const krb5_data */*data*/, 928 const krb5_checksum */*cksum*/, 929 krb5_boolean */*valid*/); 930 931/** 932 * Destroy the cursor `cursor'. 933 * 934 * @return Return an error code or 0, see krb5_get_error_message(). 935 * 936 * @ingroup krb5_ccache 937 */ 938 939KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 940krb5_cc_cache_end_seq_get ( 941 krb5_context /*context*/, 942 krb5_cc_cache_cursor /*cursor*/); 943 944/** 945 * Start iterating over all caches of specified type. See also 946 * krb5_cccol_cursor_new(). 947 948 * @param context A Kerberos 5 context 949 * @param type optional type to iterate over, if NULL, the default cache is used. 950 * @param cursor cursor should be freed with krb5_cc_cache_end_seq_get(). 951 * 952 * @return Return an error code or 0, see krb5_get_error_message(). 953 * 954 * @ingroup krb5_ccache 955 */ 956 957KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 958krb5_cc_cache_get_first ( 959 krb5_context /*context*/, 960 const char */*type*/, 961 krb5_cc_cache_cursor */*cursor*/); 962 963/** 964 * Search for a matching credential cache that have the 965 * `principal' as the default principal. On success, `id' needs to be 966 * freed with krb5_cc_close() or krb5_cc_destroy(). 967 * 968 * @param context A Kerberos 5 context 969 * @param client The principal to search for 970 * @param id the returned credential cache 971 * 972 * @return On failure, error code is returned and `id' is set to NULL. 973 * 974 * @ingroup krb5_ccache 975 */ 976 977KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 978krb5_cc_cache_match ( 979 krb5_context /*context*/, 980 krb5_principal /*client*/, 981 krb5_ccache */*id*/); 982 983/** 984 * Retrieve the next cache pointed to by (`cursor') in `id' 985 * and advance `cursor'. 986 * 987 * @param context A Kerberos 5 context 988 * @param cursor the iterator cursor, returned by krb5_cc_cache_get_first() 989 * @param id next ccache 990 * 991 * @return Return 0 or an error code. Returns KRB5_CC_END when the end 992 * of caches is reached, see krb5_get_error_message(). 993 * 994 * @ingroup krb5_ccache 995 */ 996 997KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 998krb5_cc_cache_next ( 999 krb5_context /*context*/, 1000 krb5_cc_cache_cursor /*cursor*/, 1001 krb5_ccache */*id*/); 1002 1003/** 1004 * Clear `mcreds' so it can be used with krb5_cc_retrieve_cred 1005 * 1006 * @ingroup krb5_ccache 1007 */ 1008 1009KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1010krb5_cc_clear_mcred (krb5_creds */*mcred*/); 1011 1012/** 1013 * Stop using the ccache `id' and free the related resources. 1014 * 1015 * @return Return an error code or 0, see krb5_get_error_message(). 1016 * 1017 * @ingroup krb5_ccache 1018 */ 1019 1020KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1021krb5_cc_close ( 1022 krb5_context /*context*/, 1023 krb5_ccache /*id*/); 1024 1025/** 1026 * Just like krb5_cc_copy_match_f(), but copy everything. 1027 * 1028 * @ingroup @krb5_ccache 1029 */ 1030 1031KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1032krb5_cc_copy_cache ( 1033 krb5_context /*context*/, 1034 const krb5_ccache /*from*/, 1035 krb5_ccache /*to*/); 1036 1037/** 1038 * MIT compat glue 1039 * 1040 * @ingroup krb5_ccache 1041 */ 1042 1043KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1044krb5_cc_copy_creds ( 1045 krb5_context /*context*/, 1046 const krb5_ccache /*from*/, 1047 krb5_ccache /*to*/); 1048 1049/** 1050 * Copy the contents of `from' to `to' if the given match function 1051 * return true. 1052 * 1053 * @param context A Kerberos 5 context. 1054 * @param from the cache to copy data from. 1055 * @param to the cache to copy data to. 1056 * @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied. 1057 * @param matchctx context passed to match function. 1058 * @param matched set to true if there was a credential that matched, may be NULL. 1059 * 1060 * @return Return an error code or 0, see krb5_get_error_message(). 1061 * 1062 * @ingroup krb5_ccache 1063 */ 1064 1065KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1066krb5_cc_copy_match_f ( 1067 krb5_context /*context*/, 1068 const krb5_ccache /*from*/, 1069 krb5_ccache /*to*/, 1070 krb5_boolean (*/*match*/)(krb5_context, void *, const krb5_creds *), 1071 void */*matchctx*/, 1072 unsigned int */*matched*/); 1073 1074/** 1075 * Open the default ccache in `id'. 1076 * 1077 * @return Return an error code or 0, see krb5_get_error_message(). 1078 * 1079 * @ingroup krb5_ccache 1080 */ 1081 1082KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1083krb5_cc_default ( 1084 krb5_context /*context*/, 1085 krb5_ccache */*id*/); 1086 1087/** 1088 * Return a pointer to a context static string containing the default 1089 * ccache name. 1090 * 1091 * @return String to the default credential cache name. 1092 * 1093 * @ingroup krb5_ccache 1094 */ 1095 1096KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1097krb5_cc_default_name (krb5_context /*context*/); 1098 1099/** 1100 * Remove the ccache `id'. 1101 * 1102 * @return Return an error code or 0, see krb5_get_error_message(). 1103 * 1104 * @ingroup krb5_ccache 1105 */ 1106 1107KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1108krb5_cc_destroy ( 1109 krb5_context /*context*/, 1110 krb5_ccache /*id*/); 1111 1112/** 1113 * Destroy the cursor `cursor'. 1114 * 1115 * @ingroup krb5_ccache 1116 */ 1117 1118KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1119krb5_cc_end_seq_get ( 1120 krb5_context /*context*/, 1121 const krb5_ccache /*id*/, 1122 krb5_cc_cursor */*cursor*/); 1123 1124/** 1125 * Generate a new ccache of type `ops' in `id'. 1126 * 1127 * Deprecated: use krb5_cc_new_unique() instead. 1128 * 1129 * @return Return an error code or 0, see krb5_get_error_message(). 1130 * 1131 * @ingroup krb5_ccache 1132 */ 1133 1134KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1135krb5_cc_gen_new ( 1136 krb5_context /*context*/, 1137 const krb5_cc_ops */*ops*/, 1138 krb5_ccache */*id*/) 1139 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1140 1141/** 1142 * Get some configuration for the credential cache in the cache. 1143 * 1144 * @param context a Keberos context 1145 * @param id the credential cache to store the data for 1146 * @param principal configuration for a specific principal, if 1147 * NULL, global for the whole cache. 1148 * @param name name under which the configuraion is stored. 1149 * @param data data to fetched, free with krb5_data_free() 1150 * 1151 * @ingroup krb5_ccache 1152 */ 1153 1154KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1155krb5_cc_get_config ( 1156 krb5_context /*context*/, 1157 krb5_ccache /*id*/, 1158 krb5_const_principal /*principal*/, 1159 const char */*name*/, 1160 krb5_data */*data*/); 1161 1162/** 1163 * Get the flags of `id', store them in `flags'. 1164 * 1165 * @ingroup krb5_ccache 1166 */ 1167 1168KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1169krb5_cc_get_flags ( 1170 krb5_context /*context*/, 1171 krb5_ccache /*id*/, 1172 krb5_flags */*flags*/); 1173 1174/** 1175 * Return a friendly name on credential cache. Free the result with krb5_xfree(). 1176 * 1177 * @return Return an error code or 0, see krb5_get_error_message(). 1178 * 1179 * @ingroup krb5_ccache 1180 */ 1181 1182KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1183krb5_cc_get_friendly_name ( 1184 krb5_context /*context*/, 1185 krb5_ccache /*id*/, 1186 char **/*name*/); 1187 1188/** 1189 * Return the complete resolvable name the cache 1190 1191 * @param context a Keberos context 1192 * @param id return pointer to a found credential cache 1193 * @param str the returned name of a credential cache, free with krb5_xfree() 1194 * 1195 * @return Returns 0 or an error (and then *str is set to NULL). 1196 * 1197 * @ingroup krb5_ccache 1198 */ 1199 1200KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1201krb5_cc_get_full_name ( 1202 krb5_context /*context*/, 1203 krb5_ccache /*id*/, 1204 char **/*str*/); 1205 1206/** 1207 * Get the time offset betwen the client and the KDC 1208 * 1209 * If the backend doesn't support KDC offset, use the context global setting. 1210 * 1211 * @param context A Kerberos 5 context. 1212 * @param id a credential cache 1213 * @param offset the offset in seconds 1214 * 1215 * @return Return an error code or 0, see krb5_get_error_message(). 1216 * 1217 * @ingroup krb5_ccache 1218 */ 1219 1220KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1221krb5_cc_get_kdc_offset ( 1222 krb5_context /*context*/, 1223 krb5_ccache /*id*/, 1224 krb5_deltat */*offset*/); 1225 1226/** 1227 * Get the lifetime of the initial ticket in the cache 1228 * 1229 * Get the lifetime of the initial ticket in the cache, if the initial 1230 * ticket was not found, the error code KRB5_CC_END is returned. 1231 * 1232 * @param context A Kerberos 5 context. 1233 * @param id a credential cache 1234 * @param t the relative lifetime of the initial ticket 1235 * 1236 * @return Return an error code or 0, see krb5_get_error_message(). 1237 * 1238 * @ingroup krb5_ccache 1239 */ 1240 1241KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1242krb5_cc_get_lifetime ( 1243 krb5_context /*context*/, 1244 krb5_ccache /*id*/, 1245 time_t */*t*/); 1246 1247/** 1248 * Return the name of the ccache `id' 1249 * 1250 * @ingroup krb5_ccache 1251 */ 1252 1253KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1254krb5_cc_get_name ( 1255 krb5_context /*context*/, 1256 krb5_ccache /*id*/); 1257 1258/** 1259 * Return krb5_cc_ops of a the ccache `id'. 1260 * 1261 * @ingroup krb5_ccache 1262 */ 1263 1264KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1265krb5_cc_get_ops ( 1266 krb5_context /*context*/, 1267 krb5_ccache /*id*/); 1268 1269/** 1270 * Get the cc ops that is registered in `context' to handle the 1271 * prefix. prefix can be a complete credential cache name or a 1272 * prefix, the function will only use part up to the first colon (:) 1273 * if there is one. If prefix the argument is NULL, the default ccache 1274 * implemtation is returned. 1275 * 1276 * @return Returns NULL if ops not found. 1277 * 1278 * @ingroup krb5_ccache 1279 */ 1280 1281KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1282krb5_cc_get_prefix_ops ( 1283 krb5_context /*context*/, 1284 const char */*prefix*/); 1285 1286/** 1287 * Return the principal of `id' in `principal'. 1288 * 1289 * @return Return an error code or 0, see krb5_get_error_message(). 1290 * 1291 * @ingroup krb5_ccache 1292 */ 1293 1294KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1295krb5_cc_get_principal ( 1296 krb5_context /*context*/, 1297 krb5_ccache /*id*/, 1298 krb5_principal */*principal*/); 1299 1300/** 1301 * Return the type of the ccache `id'. 1302 * 1303 * @ingroup krb5_ccache 1304 */ 1305 1306KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1307krb5_cc_get_type ( 1308 krb5_context /*context*/, 1309 krb5_ccache /*id*/); 1310 1311/** 1312 * Return the version of `id'. 1313 * 1314 * @ingroup krb5_ccache 1315 */ 1316 1317KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1318krb5_cc_get_version ( 1319 krb5_context /*context*/, 1320 const krb5_ccache /*id*/); 1321 1322/** 1323 * Create a new ccache in `id' for `primary_principal'. 1324 * 1325 * @return Return an error code or 0, see krb5_get_error_message(). 1326 * 1327 * @ingroup krb5_ccache 1328 */ 1329 1330KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1331krb5_cc_initialize ( 1332 krb5_context /*context*/, 1333 krb5_ccache /*id*/, 1334 krb5_principal /*primary_principal*/); 1335 1336/** 1337 * Return the last time the credential cache was modified. 1338 * 1339 * @param context A Kerberos 5 context 1340 * @param id The credential cache to probe 1341 * @param mtime the last modification time, set to 0 on error. 1342 1343 * @return Return 0 or and error. See krb5_get_error_message(). 1344 * 1345 * @ingroup krb5_ccache 1346 */ 1347 1348KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1349krb5_cc_last_change_time ( 1350 krb5_context /*context*/, 1351 krb5_ccache /*id*/, 1352 krb5_timestamp */*mtime*/); 1353 1354/** 1355 * Move the content from one credential cache to another. The 1356 * operation is an atomic switch. 1357 * 1358 * @param context a Keberos context 1359 * @param from the credential cache to move the content from 1360 * @param to the credential cache to move the content to 1361 1362 * @return On sucess, from is freed. On failure, error code is 1363 * returned and from and to are both still allocated, see krb5_get_error_message(). 1364 * 1365 * @ingroup krb5_ccache 1366 */ 1367 1368KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1369krb5_cc_move ( 1370 krb5_context /*context*/, 1371 krb5_ccache /*from*/, 1372 krb5_ccache /*to*/); 1373 1374/** 1375 * Generates a new unique ccache of `type` in `id'. If `type' is NULL, 1376 * the library chooses the default credential cache type. The supplied 1377 * `hint' (that can be NULL) is a string that the credential cache 1378 * type can use to base the name of the credential on, this is to make 1379 * it easier for the user to differentiate the credentials. 1380 * 1381 * @return Return an error code or 0, see krb5_get_error_message(). 1382 * 1383 * @ingroup krb5_ccache 1384 */ 1385 1386KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1387krb5_cc_new_unique ( 1388 krb5_context /*context*/, 1389 const char */*type*/, 1390 const char */*hint*/, 1391 krb5_ccache */*id*/); 1392 1393/** 1394 * Retrieve the next cred pointed to by (`id', `cursor') in `creds' 1395 * and advance `cursor'. 1396 * 1397 * @return Return an error code or 0, see krb5_get_error_message(). 1398 * 1399 * @ingroup krb5_ccache 1400 */ 1401 1402KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1403krb5_cc_next_cred ( 1404 krb5_context /*context*/, 1405 const krb5_ccache /*id*/, 1406 krb5_cc_cursor */*cursor*/, 1407 krb5_creds */*creds*/); 1408 1409/** 1410 * Add a new ccache type with operations `ops', overwriting any 1411 * existing one if `override'. 1412 * 1413 * @param context a Keberos context 1414 * @param ops type of plugin symbol 1415 * @param override flag to select if the registration is to overide 1416 * an existing ops with the same name. 1417 * 1418 * @return Return an error code or 0, see krb5_get_error_message(). 1419 * 1420 * @ingroup krb5_ccache 1421 */ 1422 1423KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1424krb5_cc_register ( 1425 krb5_context /*context*/, 1426 const krb5_cc_ops */*ops*/, 1427 krb5_boolean /*override*/); 1428 1429/** 1430 * Remove the credential identified by `cred', `which' from `id'. 1431 * 1432 * @ingroup krb5_ccache 1433 */ 1434 1435KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1436krb5_cc_remove_cred ( 1437 krb5_context /*context*/, 1438 krb5_ccache /*id*/, 1439 krb5_flags /*which*/, 1440 krb5_creds */*cred*/); 1441 1442/** 1443 * Find and allocate a ccache in `id' from the specification in `residual'. 1444 * If the ccache name doesn't contain any colon, interpret it as a file name. 1445 * 1446 * @param context a Keberos context. 1447 * @param name string name of a credential cache. 1448 * @param id return pointer to a found credential cache. 1449 * 1450 * @return Return 0 or an error code. In case of an error, id is set 1451 * to NULL, see krb5_get_error_message(). 1452 * 1453 * @ingroup krb5_ccache 1454 */ 1455 1456KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1457krb5_cc_resolve ( 1458 krb5_context /*context*/, 1459 const char */*name*/, 1460 krb5_ccache */*id*/); 1461 1462/** 1463 * Retrieve the credential identified by `mcreds' (and `whichfields') 1464 * from `id' in `creds'. 'creds' must be free by the caller using 1465 * krb5_free_cred_contents. 1466 * 1467 * @param context A Kerberos 5 context 1468 * @param id a Kerberos 5 credential cache 1469 * @param whichfields what fields to use for matching credentials, same 1470 * flags as whichfields in krb5_compare_creds() 1471 * @param mcreds template credential to use for comparing 1472 * @param creds returned credential, free with krb5_free_cred_contents() 1473 * 1474 * @return Return an error code or 0, see krb5_get_error_message(). 1475 * 1476 * @ingroup krb5_ccache 1477 */ 1478 1479KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1480krb5_cc_retrieve_cred ( 1481 krb5_context /*context*/, 1482 krb5_ccache /*id*/, 1483 krb5_flags /*whichfields*/, 1484 const krb5_creds */*mcreds*/, 1485 krb5_creds */*creds*/); 1486 1487/** 1488 * Store some configuration for the credential cache in the cache. 1489 * Existing configuration under the same name is over-written. 1490 * 1491 * @param context a Keberos context 1492 * @param id the credential cache to store the data for 1493 * @param principal configuration for a specific principal, if 1494 * NULL, global for the whole cache. 1495 * @param name name under which the configuraion is stored. 1496 * @param data data to store, if NULL, configure is removed. 1497 * 1498 * @ingroup krb5_ccache 1499 */ 1500 1501KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1502krb5_cc_set_config ( 1503 krb5_context /*context*/, 1504 krb5_ccache /*id*/, 1505 krb5_const_principal /*principal*/, 1506 const char */*name*/, 1507 krb5_data */*data*/); 1508 1509/** 1510 * Set the default cc name for `context' to `name'. 1511 * 1512 * @ingroup krb5_ccache 1513 */ 1514 1515KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1516krb5_cc_set_default_name ( 1517 krb5_context /*context*/, 1518 const char */*name*/); 1519 1520/** 1521 * Set the flags of `id' to `flags'. 1522 * 1523 * @ingroup krb5_ccache 1524 */ 1525 1526KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1527krb5_cc_set_flags ( 1528 krb5_context /*context*/, 1529 krb5_ccache /*id*/, 1530 krb5_flags /*flags*/); 1531 1532/** 1533 * Set the friendly name on credential cache. 1534 * 1535 * @return Return an error code or 0, see krb5_get_error_message(). 1536 * 1537 * @ingroup krb5_ccache 1538 */ 1539 1540KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1541krb5_cc_set_friendly_name ( 1542 krb5_context /*context*/, 1543 krb5_ccache /*id*/, 1544 const char */*name*/); 1545 1546/** 1547 * Set the time offset betwen the client and the KDC 1548 * 1549 * If the backend doesn't support KDC offset, use the context global setting. 1550 * 1551 * @param context A Kerberos 5 context. 1552 * @param id a credential cache 1553 * @param offset the offset in seconds 1554 * 1555 * @return Return an error code or 0, see krb5_get_error_message(). 1556 * 1557 * @ingroup krb5_ccache 1558 */ 1559 1560KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1561krb5_cc_set_kdc_offset ( 1562 krb5_context /*context*/, 1563 krb5_ccache /*id*/, 1564 krb5_deltat /*offset*/); 1565 1566/** 1567 * Start iterating over `id', `cursor' is initialized to the 1568 * beginning. Caller must free the cursor with krb5_cc_end_seq_get(). 1569 * 1570 * @return Return an error code or 0, see krb5_get_error_message(). 1571 * 1572 * @ingroup krb5_ccache 1573 */ 1574 1575KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1576krb5_cc_start_seq_get ( 1577 krb5_context /*context*/, 1578 const krb5_ccache /*id*/, 1579 krb5_cc_cursor */*cursor*/); 1580 1581/** 1582 * Store `creds' in the ccache `id'. 1583 * 1584 * @return Return an error code or 0, see krb5_get_error_message(). 1585 * 1586 * @ingroup krb5_ccache 1587 */ 1588 1589KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1590krb5_cc_store_cred ( 1591 krb5_context /*context*/, 1592 krb5_ccache /*id*/, 1593 krb5_creds */*creds*/); 1594 1595/** 1596 * Return true if the default credential cache support switch 1597 * 1598 * @ingroup krb5_ccache 1599 */ 1600 1601KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1602krb5_cc_support_switch ( 1603 krb5_context /*context*/, 1604 const char */*type*/); 1605 1606/** 1607 * Switch the default default credential cache for a specific 1608 * credcache type (and name for some implementations). 1609 * 1610 * @return Return an error code or 0, see krb5_get_error_message(). 1611 * 1612 * @ingroup krb5_ccache 1613 */ 1614 1615KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1616krb5_cc_switch ( 1617 krb5_context /*context*/, 1618 krb5_ccache /*id*/); 1619 1620/** 1621 * End an iteration and free all resources, can be done before end is reached. 1622 * 1623 * @param context A Kerberos 5 context 1624 * @param cursor the iteration cursor to be freed. 1625 * 1626 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1627 * of iteration. See krb5_get_error_message(). 1628 * 1629 * @ingroup krb5_ccache 1630 */ 1631 1632KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1633krb5_cccol_cursor_free ( 1634 krb5_context /*context*/, 1635 krb5_cccol_cursor */*cursor*/); 1636 1637/** 1638 * Get a new cache interation cursor that will interate over all 1639 * credentials caches independent of type. 1640 * 1641 * @param context a Keberos context 1642 * @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free(). 1643 * 1644 * @return Returns 0 or and error code, see krb5_get_error_message(). 1645 * 1646 * @ingroup krb5_ccache 1647 */ 1648 1649KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1650krb5_cccol_cursor_new ( 1651 krb5_context /*context*/, 1652 krb5_cccol_cursor */*cursor*/); 1653 1654/** 1655 * Get next credential cache from the iteration. 1656 * 1657 * @param context A Kerberos 5 context 1658 * @param cursor the iteration cursor 1659 * @param cache the returned cursor, pointer is set to NULL on failure 1660 * and a cache on success. The returned cache needs to be freed 1661 * with krb5_cc_close() or destroyed with krb5_cc_destroy(). 1662 * MIT Kerberos behavies slightly diffrent and sets cache to NULL 1663 * when all caches are iterated over and return 0. 1664 * 1665 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1666 * of iteration. See krb5_get_error_message(). 1667 * 1668 * @ingroup krb5_ccache 1669 */ 1670 1671KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1672krb5_cccol_cursor_next ( 1673 krb5_context /*context*/, 1674 krb5_cccol_cursor /*cursor*/, 1675 krb5_ccache */*cache*/); 1676 1677/** 1678 * Return the last modfication time for a cache collection. The query 1679 * can be limited to a specific cache type. If the function return 0 1680 * and mtime is 0, there was no credentials in the caches. 1681 * 1682 * @param context A Kerberos 5 context 1683 * @param type The credential cache to probe, if NULL, all type are traversed. 1684 * @param mtime the last modification time, set to 0 on error. 1685 1686 * @return Return 0 or and error. See krb5_get_error_message(). 1687 * 1688 * @ingroup krb5_ccache 1689 */ 1690 1691KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1692krb5_cccol_last_change_time ( 1693 krb5_context /*context*/, 1694 const char */*type*/, 1695 krb5_timestamp */*mtime*/); 1696 1697/** 1698 * Deprecated: krb5_change_password() is deprecated, use krb5_set_password(). 1699 * 1700 * @param context a Keberos context 1701 * @param creds 1702 * @param newpw 1703 * @param result_code 1704 * @param result_code_string 1705 * @param result_string 1706 * 1707 * @return On sucess password is changed. 1708 1709 * @ingroup @krb5_deprecated 1710 */ 1711 1712KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1713krb5_change_password ( 1714 krb5_context /*context*/, 1715 krb5_creds */*creds*/, 1716 const char */*newpw*/, 1717 int */*result_code*/, 1718 krb5_data */*result_code_string*/, 1719 krb5_data */*result_string*/) 1720 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1721 1722KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1723krb5_check_transited ( 1724 krb5_context /*context*/, 1725 krb5_const_realm /*client_realm*/, 1726 krb5_const_realm /*server_realm*/, 1727 krb5_realm */*realms*/, 1728 unsigned int /*num_realms*/, 1729 int */*bad_realm*/); 1730 1731KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1732krb5_check_transited_realms ( 1733 krb5_context /*context*/, 1734 const char *const */*realms*/, 1735 unsigned int /*num_realms*/, 1736 int */*bad_realm*/); 1737 1738KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1739krb5_checksum_disable ( 1740 krb5_context /*context*/, 1741 krb5_cksumtype /*type*/); 1742 1743KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1744krb5_checksum_free ( 1745 krb5_context /*context*/, 1746 krb5_checksum */*cksum*/); 1747 1748KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1749krb5_checksum_is_collision_proof ( 1750 krb5_context /*context*/, 1751 krb5_cksumtype /*type*/); 1752 1753KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1754krb5_checksum_is_keyed ( 1755 krb5_context /*context*/, 1756 krb5_cksumtype /*type*/); 1757 1758KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1759krb5_checksumsize ( 1760 krb5_context /*context*/, 1761 krb5_cksumtype /*type*/, 1762 size_t */*size*/); 1763 1764/** 1765 * Return the coresponding encryption type for a checksum type. 1766 * 1767 * @param context Kerberos context 1768 * @param ctype The checksum type to get the result enctype for 1769 * @param etype The returned encryption, when the matching etype is 1770 * not found, etype is set to ETYPE_NULL. 1771 * 1772 * @return Return an error code for an failure or 0 on success. 1773 * @ingroup krb5_crypto 1774 */ 1775 1776KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1777krb5_cksumtype_to_enctype ( 1778 krb5_context /*context*/, 1779 krb5_cksumtype /*ctype*/, 1780 krb5_enctype */*etype*/); 1781 1782KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1783krb5_cksumtype_valid ( 1784 krb5_context /*context*/, 1785 krb5_cksumtype /*ctype*/); 1786 1787/** 1788 * Clears the error message from the Kerberos 5 context. 1789 * 1790 * @param context The Kerberos 5 context to clear 1791 * 1792 * @ingroup krb5_error 1793 */ 1794 1795KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1796krb5_clear_error_message (krb5_context /*context*/); 1797 1798/** 1799 * Clear the error message returned by krb5_get_error_string(). 1800 * 1801 * Deprecated: use krb5_clear_error_message() 1802 * 1803 * @param context Kerberos context 1804 * 1805 * @ingroup krb5_deprecated 1806 */ 1807 1808KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1809krb5_clear_error_string (krb5_context /*context*/) 1810 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1811 1812KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1813krb5_closelog ( 1814 krb5_context /*context*/, 1815 krb5_log_facility */*fac*/); 1816 1817/** 1818 * Return TRUE if `mcreds' and `creds' are equal (`whichfields' 1819 * determines what equal means). 1820 * 1821 * 1822 * The following flags, set in whichfields affects the comparison: 1823 * - KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal. 1824 * - KRB5_TC_MATCH_KEYTYPE Compare enctypes. 1825 * - KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical. 1826 * - KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds . 1827 * - KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly. 1828 * - KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds. 1829 * - KRB5_TC_MATCH_AUTHDATA Compares the authdata fields. 1830 * - KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication). 1831 * - KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket. 1832 * 1833 * @param context Kerberos 5 context. 1834 * @param whichfields which fields to compare. 1835 * @param mcreds cred to compare with. 1836 * @param creds cred to compare with. 1837 * 1838 * @return return TRUE if mcred and creds are equal, FALSE if not. 1839 * 1840 * @ingroup krb5 1841 */ 1842 1843KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1844krb5_compare_creds ( 1845 krb5_context /*context*/, 1846 krb5_flags /*whichfields*/, 1847 const krb5_creds * /*mcreds*/, 1848 const krb5_creds * /*creds*/); 1849 1850/** 1851 * Free configuration file section, the result of 1852 * krb5_config_parse_file() and krb5_config_parse_file_multi(). 1853 * 1854 * @param context A Kerberos 5 context 1855 * @param s the configuration section to free 1856 * 1857 * @return returns 0 on successes, otherwise an error code, see 1858 * krb5_get_error_message() 1859 * 1860 * @ingroup krb5_support 1861 */ 1862 1863KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1864krb5_config_file_free ( 1865 krb5_context /*context*/, 1866 krb5_config_section */*s*/); 1867 1868/** 1869 * Free the resulting strings from krb5_config-get_strings() and 1870 * krb5_config_vget_strings(). 1871 * 1872 * @param strings strings to free 1873 * 1874 * @ingroup krb5_support 1875 */ 1876 1877KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1878krb5_config_free_strings (char **/*strings*/); 1879 1880/** 1881 * Like krb5_config_get_bool() but with a va_list list of 1882 * configuration selection. 1883 * 1884 * Configuration value to a boolean value, where yes/true and any 1885 * non-zero number means TRUE and other value is FALSE. 1886 * 1887 * @param context A Kerberos 5 context. 1888 * @param c a configuration section, or NULL to use the section from context 1889 * @param ... a list of names, terminated with NULL. 1890 * 1891 * @return TRUE or FALSE 1892 * 1893 * @ingroup krb5_support 1894 */ 1895 1896KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1897krb5_config_get_bool ( 1898 krb5_context /*context*/, 1899 const krb5_config_section */*c*/, 1900 ...); 1901 1902/** 1903 * krb5_config_get_bool_default() will convert the configuration 1904 * option value to a boolean value, where yes/true and any non-zero 1905 * number means TRUE and other value is FALSE. 1906 * 1907 * @param context A Kerberos 5 context. 1908 * @param c a configuration section, or NULL to use the section from context 1909 * @param def_value the default value to return if no configuration 1910 * found in the database. 1911 * @param ... a list of names, terminated with NULL. 1912 * 1913 * @return TRUE or FALSE 1914 * 1915 * @ingroup krb5_support 1916 */ 1917 1918KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1919krb5_config_get_bool_default ( 1920 krb5_context /*context*/, 1921 const krb5_config_section */*c*/, 1922 krb5_boolean /*def_value*/, 1923 ...); 1924 1925KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1926krb5_config_get_int ( 1927 krb5_context /*context*/, 1928 const krb5_config_section */*c*/, 1929 ...); 1930 1931KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1932krb5_config_get_int_default ( 1933 krb5_context /*context*/, 1934 const krb5_config_section */*c*/, 1935 int /*def_value*/, 1936 ...); 1937 1938/** 1939 * Get a list of configuration binding list for more processing 1940 * 1941 * @param context A Kerberos 5 context. 1942 * @param c a configuration section, or NULL to use the section from context 1943 * @param ... a list of names, terminated with NULL. 1944 * 1945 * @return NULL if configuration list is not found, a list otherwise 1946 * 1947 * @ingroup krb5_support 1948 */ 1949 1950KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 1951krb5_config_get_list ( 1952 krb5_context /*context*/, 1953 const krb5_config_section */*c*/, 1954 ...); 1955 1956/** 1957 * Returns a "const char *" to a string in the configuration database. 1958 * The string may not be valid after a reload of the configuration 1959 * database so a caller should make a local copy if it needs to keep 1960 * the string. 1961 * 1962 * @param context A Kerberos 5 context. 1963 * @param c a configuration section, or NULL to use the section from context 1964 * @param ... a list of names, terminated with NULL. 1965 * 1966 * @return NULL if configuration string not found, a string otherwise 1967 * 1968 * @ingroup krb5_support 1969 */ 1970 1971KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1972krb5_config_get_string ( 1973 krb5_context /*context*/, 1974 const krb5_config_section */*c*/, 1975 ...); 1976 1977/** 1978 * Like krb5_config_get_string(), but instead of returning NULL, 1979 * instead return a default value. 1980 * 1981 * @param context A Kerberos 5 context. 1982 * @param c a configuration section, or NULL to use the section from context 1983 * @param def_value the default value to return if no configuration 1984 * found in the database. 1985 * @param ... a list of names, terminated with NULL. 1986 * 1987 * @return a configuration string 1988 * 1989 * @ingroup krb5_support 1990 */ 1991 1992KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1993krb5_config_get_string_default ( 1994 krb5_context /*context*/, 1995 const krb5_config_section */*c*/, 1996 const char */*def_value*/, 1997 ...); 1998 1999/** 2000 * Get a list of configuration strings, free the result with 2001 * krb5_config_free_strings(). 2002 * 2003 * @param context A Kerberos 5 context. 2004 * @param c a configuration section, or NULL to use the section from context 2005 * @param ... a list of names, terminated with NULL. 2006 * 2007 * @return TRUE or FALSE 2008 * 2009 * @ingroup krb5_support 2010 */ 2011 2012KRB5_LIB_FUNCTION char** KRB5_LIB_CALL 2013krb5_config_get_strings ( 2014 krb5_context /*context*/, 2015 const krb5_config_section */*c*/, 2016 ...); 2017 2018/** 2019 * Get the time from the configuration file using a relative time, for example: 1h30s 2020 * 2021 * @param context A Kerberos 5 context. 2022 * @param c a configuration section, or NULL to use the section from context 2023 * @param ... a list of names, terminated with NULL. 2024 * 2025 * @return parsed the time or -1 on error 2026 * 2027 * @ingroup krb5_support 2028 */ 2029 2030KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2031krb5_config_get_time ( 2032 krb5_context /*context*/, 2033 const krb5_config_section */*c*/, 2034 ...); 2035 2036/** 2037 * Get the time from the configuration file using a relative time, for example: 1h30s 2038 * 2039 * @param context A Kerberos 5 context. 2040 * @param c a configuration section, or NULL to use the section from context 2041 * @param def_value the default value to return if no configuration 2042 * found in the database. 2043 * @param ... a list of names, terminated with NULL. 2044 * 2045 * @return parsed the time (or def_value on parse error) 2046 * 2047 * @ingroup krb5_support 2048 */ 2049 2050KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2051krb5_config_get_time_default ( 2052 krb5_context /*context*/, 2053 const krb5_config_section */*c*/, 2054 int /*def_value*/, 2055 ...); 2056 2057/** 2058 * If the fname starts with "~/" parse configuration file in the 2059 * current users home directory. The behavior can be disabled and 2060 * enabled by calling krb5_set_home_dir_access(). 2061 */ 2062 2063KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2064krb5_config_parse_file ( 2065 krb5_context /*context*/, 2066 const char */*fname*/, 2067 krb5_config_section **/*res*/); 2068 2069/** 2070 * Parse a configuration file and add the result into res. This 2071 * interface can be used to parse several configuration files into one 2072 * resulting krb5_config_section by calling it repeatably. 2073 * 2074 * @param context a Kerberos 5 context. 2075 * @param fname a file name to a Kerberos configuration file 2076 * @param res the returned result, must be free with krb5_free_config_files(). 2077 * @return Return an error code or 0, see krb5_get_error_message(). 2078 * 2079 * @ingroup krb5_support 2080 */ 2081 2082KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2083krb5_config_parse_file_multi ( 2084 krb5_context /*context*/, 2085 const char */*fname*/, 2086 krb5_config_section **/*res*/); 2087 2088/** 2089 * Deprecated: configuration files are not strings 2090 * 2091 * @ingroup krb5_deprecated 2092 */ 2093 2094KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2095krb5_config_parse_string_multi ( 2096 krb5_context /*context*/, 2097 const char */*string*/, 2098 krb5_config_section **/*res*/) 2099 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2100 2101/** 2102 * krb5_config_get_bool() will convert the configuration 2103 * option value to a boolean value, where yes/true and any non-zero 2104 * number means TRUE and other value is FALSE. 2105 * 2106 * @param context A Kerberos 5 context. 2107 * @param c a configuration section, or NULL to use the section from context 2108 * @param args a va_list of arguments 2109 * 2110 * @return TRUE or FALSE 2111 * 2112 * @ingroup krb5_support 2113 */ 2114 2115KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2116krb5_config_vget_bool ( 2117 krb5_context /*context*/, 2118 const krb5_config_section */*c*/, 2119 va_list /*args*/); 2120 2121/** 2122 * Like krb5_config_get_bool_default() but with a va_list list of 2123 * configuration selection. 2124 * 2125 * Configuration value to a boolean value, where yes/true and any 2126 * non-zero number means TRUE and other value is FALSE. 2127 * 2128 * @param context A Kerberos 5 context. 2129 * @param c a configuration section, or NULL to use the section from context 2130 * @param def_value the default value to return if no configuration 2131 * found in the database. 2132 * @param args a va_list of arguments 2133 * 2134 * @return TRUE or FALSE 2135 * 2136 * @ingroup krb5_support 2137 */ 2138 2139KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2140krb5_config_vget_bool_default ( 2141 krb5_context /*context*/, 2142 const krb5_config_section */*c*/, 2143 krb5_boolean /*def_value*/, 2144 va_list /*args*/); 2145 2146KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2147krb5_config_vget_int ( 2148 krb5_context /*context*/, 2149 const krb5_config_section */*c*/, 2150 va_list /*args*/); 2151 2152KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2153krb5_config_vget_int_default ( 2154 krb5_context /*context*/, 2155 const krb5_config_section */*c*/, 2156 int /*def_value*/, 2157 va_list /*args*/); 2158 2159/** 2160 * Get a list of configuration binding list for more processing 2161 * 2162 * @param context A Kerberos 5 context. 2163 * @param c a configuration section, or NULL to use the section from context 2164 * @param args a va_list of arguments 2165 * 2166 * @return NULL if configuration list is not found, a list otherwise 2167 * 2168 * @ingroup krb5_support 2169 */ 2170 2171KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 2172krb5_config_vget_list ( 2173 krb5_context /*context*/, 2174 const krb5_config_section */*c*/, 2175 va_list /*args*/); 2176 2177/** 2178 * Like krb5_config_get_string(), but uses a va_list instead of ... 2179 * 2180 * @param context A Kerberos 5 context. 2181 * @param c a configuration section, or NULL to use the section from context 2182 * @param args a va_list of arguments 2183 * 2184 * @return NULL if configuration string not found, a string otherwise 2185 * 2186 * @ingroup krb5_support 2187 */ 2188 2189KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2190krb5_config_vget_string ( 2191 krb5_context /*context*/, 2192 const krb5_config_section */*c*/, 2193 va_list /*args*/); 2194 2195/** 2196 * Like krb5_config_vget_string(), but instead of returning NULL, 2197 * instead return a default value. 2198 * 2199 * @param context A Kerberos 5 context. 2200 * @param c a configuration section, or NULL to use the section from context 2201 * @param def_value the default value to return if no configuration 2202 * found in the database. 2203 * @param args a va_list of arguments 2204 * 2205 * @return a configuration string 2206 * 2207 * @ingroup krb5_support 2208 */ 2209 2210KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2211krb5_config_vget_string_default ( 2212 krb5_context /*context*/, 2213 const krb5_config_section */*c*/, 2214 const char */*def_value*/, 2215 va_list /*args*/); 2216 2217/** 2218 * Get a list of configuration strings, free the result with 2219 * krb5_config_free_strings(). 2220 * 2221 * @param context A Kerberos 5 context. 2222 * @param c a configuration section, or NULL to use the section from context 2223 * @param args a va_list of arguments 2224 * 2225 * @return TRUE or FALSE 2226 * 2227 * @ingroup krb5_support 2228 */ 2229 2230KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL 2231krb5_config_vget_strings ( 2232 krb5_context /*context*/, 2233 const krb5_config_section */*c*/, 2234 va_list /*args*/); 2235 2236/** 2237 * Get the time from the configuration file using a relative time, for example: 1h30s 2238 * 2239 * @param context A Kerberos 5 context. 2240 * @param c a configuration section, or NULL to use the section from context 2241 * @param args a va_list of arguments 2242 * 2243 * @return parsed the time or -1 on error 2244 * 2245 * @ingroup krb5_support 2246 */ 2247 2248KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2249krb5_config_vget_time ( 2250 krb5_context /*context*/, 2251 const krb5_config_section */*c*/, 2252 va_list /*args*/); 2253 2254/** 2255 * Get the time from the configuration file using a relative time. 2256 * 2257 * Like krb5_config_get_time_default() but with a va_list list of 2258 * configuration selection. 2259 * 2260 * @param context A Kerberos 5 context. 2261 * @param c a configuration section, or NULL to use the section from context 2262 * @param def_value the default value to return if no configuration 2263 * found in the database. 2264 * @param args a va_list of arguments 2265 * 2266 * @return parsed the time (or def_value on parse error) 2267 * 2268 * @ingroup krb5_support 2269 */ 2270 2271KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2272krb5_config_vget_time_default ( 2273 krb5_context /*context*/, 2274 const krb5_config_section */*c*/, 2275 int /*def_value*/, 2276 va_list /*args*/); 2277 2278/** 2279 * krb5_copy_address copies the content of address 2280 * inaddr to outaddr. 2281 * 2282 * @param context a Keberos context 2283 * @param inaddr pointer to source address 2284 * @param outaddr pointer to destination address 2285 * 2286 * @return Return an error code or 0. 2287 * 2288 * @ingroup krb5_address 2289 */ 2290 2291KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2292krb5_copy_address ( 2293 krb5_context /*context*/, 2294 const krb5_address */*inaddr*/, 2295 krb5_address */*outaddr*/); 2296 2297/** 2298 * krb5_copy_addresses copies the content of addresses 2299 * inaddr to outaddr. 2300 * 2301 * @param context a Keberos context 2302 * @param inaddr pointer to source addresses 2303 * @param outaddr pointer to destination addresses 2304 * 2305 * @return Return an error code or 0. 2306 * 2307 * @ingroup krb5_address 2308 */ 2309 2310KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2311krb5_copy_addresses ( 2312 krb5_context /*context*/, 2313 const krb5_addresses */*inaddr*/, 2314 krb5_addresses */*outaddr*/); 2315 2316KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2317krb5_copy_checksum ( 2318 krb5_context /*context*/, 2319 const krb5_checksum */*old*/, 2320 krb5_checksum **/*new*/); 2321 2322/** 2323 * Make a copy for the Kerberos 5 context, the new krb5_context shoud 2324 * be freed with krb5_free_context(). 2325 * 2326 * @param context the Kerberos context to copy 2327 * @param out the copy of the Kerberos, set to NULL error. 2328 * 2329 * @return Returns 0 to indicate success. Otherwise an kerberos et 2330 * error code is returned, see krb5_get_error_message(). 2331 * 2332 * @ingroup krb5 2333 */ 2334 2335KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2336krb5_copy_context ( 2337 krb5_context /*context*/, 2338 krb5_context */*out*/); 2339 2340/** 2341 * Copy krb5_creds. 2342 * 2343 * @param context Kerberos 5 context. 2344 * @param incred source credential 2345 * @param outcred destination credential, free with krb5_free_creds(). 2346 * 2347 * @return Returns 0 to indicate success. Otherwise an kerberos et 2348 * error code is returned, see krb5_get_error_message(). 2349 * 2350 * @ingroup krb5 2351 */ 2352 2353KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2354krb5_copy_creds ( 2355 krb5_context /*context*/, 2356 const krb5_creds */*incred*/, 2357 krb5_creds **/*outcred*/); 2358 2359/** 2360 * Copy content of krb5_creds. 2361 * 2362 * @param context Kerberos 5 context. 2363 * @param incred source credential 2364 * @param c destination credential, free with krb5_free_cred_contents(). 2365 * 2366 * @return Returns 0 to indicate success. Otherwise an kerberos et 2367 * error code is returned, see krb5_get_error_message(). 2368 * 2369 * @ingroup krb5 2370 */ 2371 2372KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2373krb5_copy_creds_contents ( 2374 krb5_context /*context*/, 2375 const krb5_creds */*incred*/, 2376 krb5_creds */*c*/); 2377 2378/** 2379 * Copy the data into a newly allocated krb5_data. 2380 * 2381 * @param context Kerberos 5 context. 2382 * @param indata the krb5_data data to copy 2383 * @param outdata new krb5_date to copy too. Free with krb5_free_data(). 2384 * 2385 * @return Returns 0 to indicate success. Otherwise an kerberos et 2386 * error code is returned. 2387 * 2388 * @ingroup krb5 2389 */ 2390 2391KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2392krb5_copy_data ( 2393 krb5_context /*context*/, 2394 const krb5_data */*indata*/, 2395 krb5_data **/*outdata*/); 2396 2397/** 2398 * Copy the list of realms from `from' to `to'. 2399 * 2400 * @param context Kerberos 5 context. 2401 * @param from list of realms to copy from. 2402 * @param to list of realms to copy to, free list of krb5_free_host_realm(). 2403 * 2404 * @return Returns 0 to indicate success. Otherwise an kerberos et 2405 * error code is returned, see krb5_get_error_message(). 2406 * 2407 * @ingroup krb5 2408 */ 2409 2410KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2411krb5_copy_host_realm ( 2412 krb5_context /*context*/, 2413 const krb5_realm */*from*/, 2414 krb5_realm **/*to*/); 2415 2416/** 2417 * Copy a keyblock, free the output keyblock with 2418 * krb5_free_keyblock(). 2419 * 2420 * @param context a Kerberos 5 context 2421 * @param inblock the key to copy 2422 * @param to the output key. 2423 * 2424 * @return 0 on success or a Kerberos 5 error code 2425 * 2426 * @ingroup krb5_crypto 2427 */ 2428 2429KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2430krb5_copy_keyblock ( 2431 krb5_context /*context*/, 2432 const krb5_keyblock */*inblock*/, 2433 krb5_keyblock **/*to*/); 2434 2435/** 2436 * Copy a keyblock, free the output keyblock with 2437 * krb5_free_keyblock_contents(). 2438 * 2439 * @param context a Kerberos 5 context 2440 * @param inblock the key to copy 2441 * @param to the output key. 2442 * 2443 * @return 0 on success or a Kerberos 5 error code 2444 * 2445 * @ingroup krb5_crypto 2446 */ 2447 2448KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2449krb5_copy_keyblock_contents ( 2450 krb5_context /*context*/, 2451 const krb5_keyblock */*inblock*/, 2452 krb5_keyblock */*to*/); 2453 2454/** 2455 * Copy a principal 2456 * 2457 * @param context A Kerberos context. 2458 * @param inprinc principal to copy 2459 * @param outprinc copied principal, free with krb5_free_principal() 2460 * 2461 * @return An krb5 error code, see krb5_get_error_message(). 2462 * 2463 * @ingroup krb5_principal 2464 */ 2465 2466KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2467krb5_copy_principal ( 2468 krb5_context /*context*/, 2469 krb5_const_principal /*inprinc*/, 2470 krb5_principal */*outprinc*/); 2471 2472/** 2473 * Copy ticket and content 2474 * 2475 * @param context a Kerberos 5 context 2476 * @param from ticket to copy 2477 * @param to new copy of ticket, free with krb5_free_ticket() 2478 * 2479 * @return Returns 0 to indicate success. Otherwise an kerberos et 2480 * error code is returned, see krb5_get_error_message(). 2481 * 2482 * @ingroup krb5 2483 */ 2484 2485KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2486krb5_copy_ticket ( 2487 krb5_context /*context*/, 2488 const krb5_ticket */*from*/, 2489 krb5_ticket **/*to*/); 2490 2491KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2492krb5_create_checksum ( 2493 krb5_context /*context*/, 2494 krb5_crypto /*crypto*/, 2495 krb5_key_usage /*usage*/, 2496 int /*type*/, 2497 void */*data*/, 2498 size_t /*len*/, 2499 Checksum */*result*/); 2500 2501/** 2502 * Create a Kerberos message checksum. 2503 * 2504 * @param context Kerberos context 2505 * @param crypto Kerberos crypto context 2506 * @param usage Key usage for this buffer 2507 * @param data array of buffers to process 2508 * @param num_data length of array 2509 * @param type output data 2510 * 2511 * @return Return an error code or 0. 2512 * @ingroup krb5_crypto 2513 */ 2514 2515KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2516krb5_create_checksum_iov ( 2517 krb5_context /*context*/, 2518 krb5_crypto /*crypto*/, 2519 unsigned /*usage*/, 2520 krb5_crypto_iov */*data*/, 2521 unsigned int /*num_data*/, 2522 krb5_cksumtype */*type*/); 2523 2524/** 2525 * Returns the ticket flags for the credentials in creds. 2526 * See also krb5_ticket_get_flags(). 2527 * 2528 * @param creds credential to get ticket flags from 2529 * 2530 * @return ticket flags 2531 * 2532 * @ingroup krb5 2533 */ 2534 2535KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 2536krb5_creds_get_ticket_flags (krb5_creds */*creds*/); 2537 2538/** 2539 * Free a crypto context created by krb5_crypto_init(). 2540 * 2541 * @param context Kerberos context 2542 * @param crypto crypto context to free 2543 * 2544 * @return Return an error code or 0. 2545 * 2546 * @ingroup krb5_crypto 2547 */ 2548 2549KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2550krb5_crypto_destroy ( 2551 krb5_context /*context*/, 2552 krb5_crypto /*crypto*/); 2553 2554/** 2555 * The FX-CF2 key derivation function, used in FAST and preauth framework. 2556 * 2557 * @param context Kerberos 5 context 2558 * @param crypto1 first key to combine 2559 * @param crypto2 second key to combine 2560 * @param pepper1 factor to combine with first key to garante uniqueness 2561 * @param pepper2 factor to combine with second key to garante uniqueness 2562 * @param enctype the encryption type of the resulting key 2563 * @param res allocated key, free with krb5_free_keyblock_contents() 2564 * 2565 * @return Return an error code or 0. 2566 * 2567 * @ingroup krb5_crypto 2568 */ 2569 2570KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2571krb5_crypto_fx_cf2 ( 2572 krb5_context /*context*/, 2573 const krb5_crypto /*crypto1*/, 2574 const krb5_crypto /*crypto2*/, 2575 krb5_data */*pepper1*/, 2576 krb5_data */*pepper2*/, 2577 krb5_enctype /*enctype*/, 2578 krb5_keyblock */*res*/); 2579 2580KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2581krb5_crypto_get_checksum_type ( 2582 krb5_context /*context*/, 2583 krb5_crypto /*crypto*/, 2584 krb5_cksumtype */*type*/); 2585 2586/** 2587 * Return the blocksize used algorithm referenced by the crypto context 2588 * 2589 * @param context Kerberos context 2590 * @param crypto crypto context to query 2591 * @param blocksize the resulting blocksize 2592 * 2593 * @return Return an error code or 0. 2594 * 2595 * @ingroup krb5_crypto 2596 */ 2597 2598KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2599krb5_crypto_getblocksize ( 2600 krb5_context /*context*/, 2601 krb5_crypto /*crypto*/, 2602 size_t */*blocksize*/); 2603 2604/** 2605 * Return the confounder size used by the crypto context 2606 * 2607 * @param context Kerberos context 2608 * @param crypto crypto context to query 2609 * @param confoundersize the returned confounder size 2610 * 2611 * @return Return an error code or 0. 2612 * 2613 * @ingroup krb5_crypto 2614 */ 2615 2616KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2617krb5_crypto_getconfoundersize ( 2618 krb5_context /*context*/, 2619 krb5_crypto /*crypto*/, 2620 size_t */*confoundersize*/); 2621 2622/** 2623 * Return the encryption type used by the crypto context 2624 * 2625 * @param context Kerberos context 2626 * @param crypto crypto context to query 2627 * @param enctype the resulting encryption type 2628 * 2629 * @return Return an error code or 0. 2630 * 2631 * @ingroup krb5_crypto 2632 */ 2633 2634KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2635krb5_crypto_getenctype ( 2636 krb5_context /*context*/, 2637 krb5_crypto /*crypto*/, 2638 krb5_enctype */*enctype*/); 2639 2640/** 2641 * Return the padding size used by the crypto context 2642 * 2643 * @param context Kerberos context 2644 * @param crypto crypto context to query 2645 * @param padsize the return padding size 2646 * 2647 * @return Return an error code or 0. 2648 * 2649 * @ingroup krb5_crypto 2650 */ 2651 2652KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2653krb5_crypto_getpadsize ( 2654 krb5_context /*context*/, 2655 krb5_crypto /*crypto*/, 2656 size_t */*padsize*/); 2657 2658/** 2659 * Create a crypto context used for all encryption and signature 2660 * operation. The encryption type to use is taken from the key, but 2661 * can be overridden with the enctype parameter. This can be useful 2662 * for encryptions types which is compatiable (DES for example). 2663 * 2664 * To free the crypto context, use krb5_crypto_destroy(). 2665 * 2666 * @param context Kerberos context 2667 * @param key the key block information with all key data 2668 * @param etype the encryption type 2669 * @param crypto the resulting crypto context 2670 * 2671 * @return Return an error code or 0. 2672 * 2673 * @ingroup krb5_crypto 2674 */ 2675 2676KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2677krb5_crypto_init ( 2678 krb5_context /*context*/, 2679 const krb5_keyblock */*key*/, 2680 krb5_enctype /*etype*/, 2681 krb5_crypto */*crypto*/); 2682 2683KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2684krb5_crypto_length ( 2685 krb5_context /*context*/, 2686 krb5_crypto /*crypto*/, 2687 int /*type*/, 2688 size_t */*len*/); 2689 2690KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2691krb5_crypto_length_iov ( 2692 krb5_context /*context*/, 2693 krb5_crypto /*crypto*/, 2694 krb5_crypto_iov */*data*/, 2695 unsigned int /*num_data*/); 2696 2697KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 2698krb5_crypto_overhead ( 2699 krb5_context /*context*/, 2700 krb5_crypto /*crypto*/); 2701 2702KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2703krb5_crypto_prf ( 2704 krb5_context /*context*/, 2705 const krb5_crypto /*crypto*/, 2706 const krb5_data */*input*/, 2707 krb5_data */*output*/); 2708 2709KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2710krb5_crypto_prf_length ( 2711 krb5_context /*context*/, 2712 krb5_enctype /*type*/, 2713 size_t */*length*/); 2714 2715/** 2716 * Allocate data of and krb5_data. 2717 * 2718 * @param p krb5_data to allocate. 2719 * @param len size to allocate. 2720 * 2721 * @return Returns 0 to indicate success. Otherwise an kerberos et 2722 * error code is returned. 2723 * 2724 * @ingroup krb5 2725 */ 2726 2727KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2728krb5_data_alloc ( 2729 krb5_data */*p*/, 2730 int /*len*/); 2731 2732/** 2733 * Compare to data. 2734 * 2735 * @param data1 krb5_data to compare 2736 * @param data2 krb5_data to compare 2737 * 2738 * @return return the same way as memcmp(), useful when sorting. 2739 * 2740 * @ingroup krb5 2741 */ 2742 2743KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2744krb5_data_cmp ( 2745 const krb5_data */*data1*/, 2746 const krb5_data */*data2*/); 2747 2748/** 2749 * Copy the data of len into the krb5_data. 2750 * 2751 * @param p krb5_data to copy into. 2752 * @param data data to copy.. 2753 * @param len new size. 2754 * 2755 * @return Returns 0 to indicate success. Otherwise an kerberos et 2756 * error code is returned. 2757 * 2758 * @ingroup krb5 2759 */ 2760 2761KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2762krb5_data_copy ( 2763 krb5_data */*p*/, 2764 const void */*data*/, 2765 size_t /*len*/); 2766 2767/** 2768 * Compare to data not exposing timing information from the checksum data 2769 * 2770 * @param data1 krb5_data to compare 2771 * @param data2 krb5_data to compare 2772 * 2773 * @return returns zero for same data, otherwise non zero. 2774 * 2775 * @ingroup krb5 2776 */ 2777 2778KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2779krb5_data_ct_cmp ( 2780 const krb5_data */*data1*/, 2781 const krb5_data */*data2*/); 2782 2783/** 2784 * Free the content of krb5_data structure, its ok to free a zeroed 2785 * structure (with memset() or krb5_data_zero()). When done, the 2786 * structure will be zeroed. The same function is called 2787 * krb5_free_data_contents() in MIT Kerberos. 2788 * 2789 * @param p krb5_data to free. 2790 * 2791 * @ingroup krb5 2792 */ 2793 2794KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2795krb5_data_free (krb5_data */*p*/); 2796 2797/** 2798 * Grow (or shrink) the content of krb5_data to a new size. 2799 * 2800 * @param p krb5_data to free. 2801 * @param len new size. 2802 * 2803 * @return Returns 0 to indicate success. Otherwise an kerberos et 2804 * error code is returned. 2805 * 2806 * @ingroup krb5 2807 */ 2808 2809KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2810krb5_data_realloc ( 2811 krb5_data */*p*/, 2812 int /*len*/); 2813 2814/** 2815 * Reset the (potentially uninitalized) krb5_data structure. 2816 * 2817 * @param p krb5_data to reset. 2818 * 2819 * @ingroup krb5 2820 */ 2821 2822KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2823krb5_data_zero (krb5_data */*p*/); 2824 2825KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2826krb5_decode_Authenticator ( 2827 krb5_context /*context*/, 2828 const void */*data*/, 2829 size_t /*length*/, 2830 Authenticator */*t*/, 2831 size_t */*len*/) 2832 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2833 2834KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2835krb5_decode_ETYPE_INFO ( 2836 krb5_context /*context*/, 2837 const void */*data*/, 2838 size_t /*length*/, 2839 ETYPE_INFO */*t*/, 2840 size_t */*len*/) 2841 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2842 2843KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2844krb5_decode_ETYPE_INFO2 ( 2845 krb5_context /*context*/, 2846 const void */*data*/, 2847 size_t /*length*/, 2848 ETYPE_INFO2 */*t*/, 2849 size_t */*len*/) 2850 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2851 2852KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2853krb5_decode_EncAPRepPart ( 2854 krb5_context /*context*/, 2855 const void */*data*/, 2856 size_t /*length*/, 2857 EncAPRepPart */*t*/, 2858 size_t */*len*/) 2859 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2860 2861KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2862krb5_decode_EncASRepPart ( 2863 krb5_context /*context*/, 2864 const void */*data*/, 2865 size_t /*length*/, 2866 EncASRepPart */*t*/, 2867 size_t */*len*/) 2868 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2869 2870KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2871krb5_decode_EncKrbCredPart ( 2872 krb5_context /*context*/, 2873 const void */*data*/, 2874 size_t /*length*/, 2875 EncKrbCredPart */*t*/, 2876 size_t */*len*/) 2877 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2878 2879KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2880krb5_decode_EncTGSRepPart ( 2881 krb5_context /*context*/, 2882 const void */*data*/, 2883 size_t /*length*/, 2884 EncTGSRepPart */*t*/, 2885 size_t */*len*/) 2886 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2887 2888KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2889krb5_decode_EncTicketPart ( 2890 krb5_context /*context*/, 2891 const void */*data*/, 2892 size_t /*length*/, 2893 EncTicketPart */*t*/, 2894 size_t */*len*/) 2895 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2896 2897KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2898krb5_decode_ap_req ( 2899 krb5_context /*context*/, 2900 const krb5_data */*inbuf*/, 2901 krb5_ap_req */*ap_req*/); 2902 2903KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2904krb5_decrypt ( 2905 krb5_context /*context*/, 2906 krb5_crypto /*crypto*/, 2907 unsigned /*usage*/, 2908 void */*data*/, 2909 size_t /*len*/, 2910 krb5_data */*result*/); 2911 2912KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2913krb5_decrypt_EncryptedData ( 2914 krb5_context /*context*/, 2915 krb5_crypto /*crypto*/, 2916 unsigned /*usage*/, 2917 const EncryptedData */*e*/, 2918 krb5_data */*result*/); 2919 2920/** 2921 * Inline decrypt a Kerberos message. 2922 * 2923 * @param context Kerberos context 2924 * @param crypto Kerberos crypto context 2925 * @param usage Key usage for this buffer 2926 * @param data array of buffers to process 2927 * @param num_data length of array 2928 * @param ivec initial cbc/cts vector 2929 * 2930 * @return Return an error code or 0. 2931 * @ingroup krb5_crypto 2932 * 2933 * 1. KRB5_CRYPTO_TYPE_HEADER 2934 * 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in 2935 * any order, however the receiver have to aware of the 2936 * order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted 2937 * protocol headers and trailers. The output data will be of same 2938 * size as the input data or shorter. 2939 */ 2940 2941KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2942krb5_decrypt_iov_ivec ( 2943 krb5_context /*context*/, 2944 krb5_crypto /*crypto*/, 2945 unsigned /*usage*/, 2946 krb5_crypto_iov */*data*/, 2947 unsigned int /*num_data*/, 2948 void */*ivec*/); 2949 2950KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2951krb5_decrypt_ivec ( 2952 krb5_context /*context*/, 2953 krb5_crypto /*crypto*/, 2954 unsigned /*usage*/, 2955 void */*data*/, 2956 size_t /*len*/, 2957 krb5_data */*result*/, 2958 void */*ivec*/); 2959 2960KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2961krb5_decrypt_ticket ( 2962 krb5_context /*context*/, 2963 Ticket */*ticket*/, 2964 krb5_keyblock */*key*/, 2965 EncTicketPart */*out*/, 2966 krb5_flags /*flags*/); 2967 2968KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2969krb5_derive_key ( 2970 krb5_context /*context*/, 2971 const krb5_keyblock */*key*/, 2972 krb5_enctype /*etype*/, 2973 const void */*constant*/, 2974 size_t /*constant_len*/, 2975 krb5_keyblock **/*derived_key*/); 2976 2977KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2978krb5_digest_alloc ( 2979 krb5_context /*context*/, 2980 krb5_digest */*digest*/); 2981 2982KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2983krb5_digest_free (krb5_digest /*digest*/); 2984 2985KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2986krb5_digest_get_client_binding ( 2987 krb5_context /*context*/, 2988 krb5_digest /*digest*/, 2989 char **/*type*/, 2990 char **/*binding*/); 2991 2992KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2993krb5_digest_get_identifier ( 2994 krb5_context /*context*/, 2995 krb5_digest /*digest*/); 2996 2997KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2998krb5_digest_get_opaque ( 2999 krb5_context /*context*/, 3000 krb5_digest /*digest*/); 3001 3002KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3003krb5_digest_get_rsp ( 3004 krb5_context /*context*/, 3005 krb5_digest /*digest*/); 3006 3007KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3008krb5_digest_get_server_nonce ( 3009 krb5_context /*context*/, 3010 krb5_digest /*digest*/); 3011 3012KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3013krb5_digest_get_session_key ( 3014 krb5_context /*context*/, 3015 krb5_digest /*digest*/, 3016 krb5_data */*data*/); 3017 3018KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3019krb5_digest_get_tickets ( 3020 krb5_context /*context*/, 3021 krb5_digest /*digest*/, 3022 Ticket **/*tickets*/); 3023 3024KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3025krb5_digest_init_request ( 3026 krb5_context /*context*/, 3027 krb5_digest /*digest*/, 3028 krb5_realm /*realm*/, 3029 krb5_ccache /*ccache*/); 3030 3031/** 3032 * Get the supported/allowed mechanism for this principal. 3033 * 3034 * @param context A Keberos context. 3035 * @param realm The realm of the KDC. 3036 * @param ccache The credential cache to use when talking to the KDC. 3037 * @param flags The supported mechanism. 3038 * 3039 * @return Return an error code or 0. 3040 * 3041 * @ingroup krb5_digest 3042 */ 3043 3044KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3045krb5_digest_probe ( 3046 krb5_context /*context*/, 3047 krb5_realm /*realm*/, 3048 krb5_ccache /*ccache*/, 3049 unsigned */*flags*/); 3050 3051KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3052krb5_digest_rep_get_status ( 3053 krb5_context /*context*/, 3054 krb5_digest /*digest*/); 3055 3056KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3057krb5_digest_request ( 3058 krb5_context /*context*/, 3059 krb5_digest /*digest*/, 3060 krb5_realm /*realm*/, 3061 krb5_ccache /*ccache*/); 3062 3063KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3064krb5_digest_set_authentication_user ( 3065 krb5_context /*context*/, 3066 krb5_digest /*digest*/, 3067 krb5_principal /*authentication_user*/); 3068 3069KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3070krb5_digest_set_authid ( 3071 krb5_context /*context*/, 3072 krb5_digest /*digest*/, 3073 const char */*authid*/); 3074 3075KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3076krb5_digest_set_client_nonce ( 3077 krb5_context /*context*/, 3078 krb5_digest /*digest*/, 3079 const char */*nonce*/); 3080 3081KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3082krb5_digest_set_digest ( 3083 krb5_context /*context*/, 3084 krb5_digest /*digest*/, 3085 const char */*dgst*/); 3086 3087KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3088krb5_digest_set_hostname ( 3089 krb5_context /*context*/, 3090 krb5_digest /*digest*/, 3091 const char */*hostname*/); 3092 3093KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3094krb5_digest_set_identifier ( 3095 krb5_context /*context*/, 3096 krb5_digest /*digest*/, 3097 const char */*id*/); 3098 3099KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3100krb5_digest_set_method ( 3101 krb5_context /*context*/, 3102 krb5_digest /*digest*/, 3103 const char */*method*/); 3104 3105KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3106krb5_digest_set_nonceCount ( 3107 krb5_context /*context*/, 3108 krb5_digest /*digest*/, 3109 const char */*nonce_count*/); 3110 3111KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3112krb5_digest_set_opaque ( 3113 krb5_context /*context*/, 3114 krb5_digest /*digest*/, 3115 const char */*opaque*/); 3116 3117KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3118krb5_digest_set_qop ( 3119 krb5_context /*context*/, 3120 krb5_digest /*digest*/, 3121 const char */*qop*/); 3122 3123KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3124krb5_digest_set_realm ( 3125 krb5_context /*context*/, 3126 krb5_digest /*digest*/, 3127 const char */*realm*/); 3128 3129KRB5_LIB_FUNCTION int KRB5_LIB_CALL 3130krb5_digest_set_responseData ( 3131 krb5_context /*context*/, 3132 krb5_digest /*digest*/, 3133 const char */*response*/); 3134 3135KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3136krb5_digest_set_server_cb ( 3137 krb5_context /*context*/, 3138 krb5_digest /*digest*/, 3139 const char */*type*/, 3140 const char */*binding*/); 3141 3142KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3143krb5_digest_set_server_nonce ( 3144 krb5_context /*context*/, 3145 krb5_digest /*digest*/, 3146 const char */*nonce*/); 3147 3148KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3149krb5_digest_set_type ( 3150 krb5_context /*context*/, 3151 krb5_digest /*digest*/, 3152 const char */*type*/); 3153 3154KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3155krb5_digest_set_uri ( 3156 krb5_context /*context*/, 3157 krb5_digest /*digest*/, 3158 const char */*uri*/); 3159 3160KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3161krb5_digest_set_username ( 3162 krb5_context /*context*/, 3163 krb5_digest /*digest*/, 3164 const char */*username*/); 3165 3166KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3167krb5_domain_x500_decode ( 3168 krb5_context /*context*/, 3169 krb5_data /*tr*/, 3170 char ***/*realms*/, 3171 unsigned int */*num_realms*/, 3172 const char */*client_realm*/, 3173 const char */*server_realm*/); 3174 3175KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3176krb5_domain_x500_encode ( 3177 char **/*realms*/, 3178 unsigned int /*num_realms*/, 3179 krb5_data */*encoding*/); 3180 3181/** 3182 * Convert the getaddrinfo() error code to a Kerberos et error code. 3183 * 3184 * @param eai_errno contains the error code from getaddrinfo(). 3185 * @param system_error should have the value of errno after the failed getaddrinfo(). 3186 * 3187 * @return Kerberos error code representing the EAI errors. 3188 * 3189 * @ingroup krb5_error 3190 */ 3191 3192KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3193krb5_eai_to_heim_errno ( 3194 int /*eai_errno*/, 3195 int /*system_error*/); 3196 3197KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3198krb5_encode_Authenticator ( 3199 krb5_context /*context*/, 3200 void */*data*/, 3201 size_t /*length*/, 3202 Authenticator */*t*/, 3203 size_t */*len*/) 3204 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3205 3206KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3207krb5_encode_ETYPE_INFO ( 3208 krb5_context /*context*/, 3209 void */*data*/, 3210 size_t /*length*/, 3211 ETYPE_INFO */*t*/, 3212 size_t */*len*/) 3213 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3214 3215KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3216krb5_encode_ETYPE_INFO2 ( 3217 krb5_context /*context*/, 3218 void */*data*/, 3219 size_t /*length*/, 3220 ETYPE_INFO2 */*t*/, 3221 size_t */*len*/) 3222 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3223 3224KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3225krb5_encode_EncAPRepPart ( 3226 krb5_context /*context*/, 3227 void */*data*/, 3228 size_t /*length*/, 3229 EncAPRepPart */*t*/, 3230 size_t */*len*/) 3231 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3232 3233KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3234krb5_encode_EncASRepPart ( 3235 krb5_context /*context*/, 3236 void */*data*/, 3237 size_t /*length*/, 3238 EncASRepPart */*t*/, 3239 size_t */*len*/) 3240 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3241 3242KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3243krb5_encode_EncKrbCredPart ( 3244 krb5_context /*context*/, 3245 void */*data*/, 3246 size_t /*length*/, 3247 EncKrbCredPart */*t*/, 3248 size_t */*len*/) 3249 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3250 3251KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3252krb5_encode_EncTGSRepPart ( 3253 krb5_context /*context*/, 3254 void */*data*/, 3255 size_t /*length*/, 3256 EncTGSRepPart */*t*/, 3257 size_t */*len*/) 3258 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3259 3260KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3261krb5_encode_EncTicketPart ( 3262 krb5_context /*context*/, 3263 void */*data*/, 3264 size_t /*length*/, 3265 EncTicketPart */*t*/, 3266 size_t */*len*/) 3267 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3268 3269KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3270krb5_encrypt ( 3271 krb5_context /*context*/, 3272 krb5_crypto /*crypto*/, 3273 unsigned /*usage*/, 3274 const void */*data*/, 3275 size_t /*len*/, 3276 krb5_data */*result*/); 3277 3278KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3279krb5_encrypt_EncryptedData ( 3280 krb5_context /*context*/, 3281 krb5_crypto /*crypto*/, 3282 unsigned /*usage*/, 3283 void */*data*/, 3284 size_t /*len*/, 3285 int /*kvno*/, 3286 EncryptedData */*result*/); 3287 3288/** 3289 * Inline encrypt a kerberos message 3290 * 3291 * @param context Kerberos context 3292 * @param crypto Kerberos crypto context 3293 * @param usage Key usage for this buffer 3294 * @param data array of buffers to process 3295 * @param num_data length of array 3296 * @param ivec initial cbc/cts vector 3297 * 3298 * @return Return an error code or 0. 3299 * @ingroup krb5_crypto 3300 * 3301 * Kerberos encrypted data look like this: 3302 * 3303 * 1. KRB5_CRYPTO_TYPE_HEADER 3304 * 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] 3305 * KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver 3306 * have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is 3307 * commonly used headers and trailers. 3308 * 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 3309 * 4. KRB5_CRYPTO_TYPE_TRAILER 3310 */ 3311 3312KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3313krb5_encrypt_iov_ivec ( 3314 krb5_context /*context*/, 3315 krb5_crypto /*crypto*/, 3316 unsigned /*usage*/, 3317 krb5_crypto_iov */*data*/, 3318 int /*num_data*/, 3319 void */*ivec*/); 3320 3321KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3322krb5_encrypt_ivec ( 3323 krb5_context /*context*/, 3324 krb5_crypto /*crypto*/, 3325 unsigned /*usage*/, 3326 const void */*data*/, 3327 size_t /*len*/, 3328 krb5_data */*result*/, 3329 void */*ivec*/); 3330 3331/** 3332 * Disable encryption type 3333 * 3334 * @param context Kerberos 5 context 3335 * @param enctype encryption type to disable 3336 * 3337 * @return Return an error code or 0. 3338 * 3339 * @ingroup krb5_crypto 3340 */ 3341 3342KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3343krb5_enctype_disable ( 3344 krb5_context /*context*/, 3345 krb5_enctype /*enctype*/); 3346 3347/** 3348 * Enable encryption type 3349 * 3350 * @param context Kerberos 5 context 3351 * @param enctype encryption type to enable 3352 * 3353 * @return Return an error code or 0. 3354 * 3355 * @ingroup krb5_crypto 3356 */ 3357 3358KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3359krb5_enctype_enable ( 3360 krb5_context /*context*/, 3361 krb5_enctype /*enctype*/); 3362 3363KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3364krb5_enctype_keybits ( 3365 krb5_context /*context*/, 3366 krb5_enctype /*type*/, 3367 size_t */*keybits*/); 3368 3369KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3370krb5_enctype_keysize ( 3371 krb5_context /*context*/, 3372 krb5_enctype /*type*/, 3373 size_t */*keysize*/); 3374 3375KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3376krb5_enctype_to_keytype ( 3377 krb5_context /*context*/, 3378 krb5_enctype /*etype*/, 3379 krb5_keytype */*keytype*/); 3380 3381KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3382krb5_enctype_to_string ( 3383 krb5_context /*context*/, 3384 krb5_enctype /*etype*/, 3385 char **/*string*/); 3386 3387/** 3388 * Check if a enctype is valid, return 0 if it is. 3389 * 3390 * @param context Kerberos context 3391 * @param etype enctype to check if its valid or not 3392 * 3393 * @return Return an error code for an failure or 0 on success (enctype valid). 3394 * @ingroup krb5_crypto 3395 */ 3396 3397KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3398krb5_enctype_valid ( 3399 krb5_context /*context*/, 3400 krb5_enctype /*etype*/); 3401 3402/** 3403 * Deprecated: keytypes doesn't exists, they are really enctypes. 3404 * 3405 * @ingroup krb5_deprecated 3406 */ 3407 3408KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3409krb5_enctypes_compatible_keys ( 3410 krb5_context /*context*/, 3411 krb5_enctype /*etype1*/, 3412 krb5_enctype /*etype2*/) 3413 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3414 3415krb5_error_code 3416krb5_enomem (krb5_context /*context*/); 3417 3418/** 3419 * Log a warning to the log, default stderr, include bthe error from 3420 * the last failure and then exit. 3421 * 3422 * @param context A Kerberos 5 context 3423 * @param eval the exit code to exit with 3424 * @param code error code of the last error 3425 * @param fmt message to print 3426 * 3427 * @ingroup krb5_error 3428 */ 3429 3430KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3431krb5_err ( 3432 krb5_context /*context*/, 3433 int /*eval*/, 3434 krb5_error_code /*code*/, 3435 const char */*fmt*/, 3436 ...) 3437 __attribute__ ((__noreturn__, __format__ (__printf__, 4, 5))); 3438 3439KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3440krb5_error_from_rd_error ( 3441 krb5_context /*context*/, 3442 const krb5_error */*error*/, 3443 const krb5_creds */*creds*/); 3444 3445/** 3446 * Log a warning to the log, default stderr, and then exit. 3447 * 3448 * @param context A Kerberos 5 context 3449 * @param eval the exit code to exit with 3450 * @param fmt message to print 3451 * 3452 * @ingroup krb5_error 3453 */ 3454 3455KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3456krb5_errx ( 3457 krb5_context /*context*/, 3458 int /*eval*/, 3459 const char */*fmt*/, 3460 ...) 3461 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 4))); 3462 3463/** 3464 * krb5_expand_hostname() tries to make orig_hostname into a more 3465 * canonical one in the newly allocated space returned in 3466 * new_hostname. 3467 3468 * @param context a Keberos context 3469 * @param orig_hostname hostname to canonicalise. 3470 * @param new_hostname output hostname, caller must free hostname with 3471 * krb5_xfree(). 3472 * 3473 * @return Return an error code or 0, see krb5_get_error_message(). 3474 * 3475 * @ingroup krb5_support 3476 */ 3477 3478KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3479krb5_expand_hostname ( 3480 krb5_context /*context*/, 3481 const char */*orig_hostname*/, 3482 char **/*new_hostname*/); 3483 3484/** 3485 * krb5_expand_hostname_realms() expands orig_hostname to a name we 3486 * believe to be a hostname in newly allocated space in new_hostname 3487 * and return the realms new_hostname is believed to belong to in 3488 * realms. 3489 * 3490 * @param context a Keberos context 3491 * @param orig_hostname hostname to canonicalise. 3492 * @param new_hostname output hostname, caller must free hostname with 3493 * krb5_xfree(). 3494 * @param realms output possible realms, is an array that is terminated 3495 * with NULL. Caller must free with krb5_free_host_realm(). 3496 * 3497 * @return Return an error code or 0, see krb5_get_error_message(). 3498 * 3499 * @ingroup krb5_support 3500 */ 3501 3502KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3503krb5_expand_hostname_realms ( 3504 krb5_context /*context*/, 3505 const char */*orig_hostname*/, 3506 char **/*new_hostname*/, 3507 char ***/*realms*/); 3508 3509KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL 3510krb5_find_padata ( 3511 PA_DATA */*val*/, 3512 unsigned /*len*/, 3513 int /*type*/, 3514 int */*idx*/); 3515 3516KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3517krb5_format_time ( 3518 krb5_context /*context*/, 3519 time_t /*t*/, 3520 char */*s*/, 3521 size_t /*len*/, 3522 krb5_boolean /*include_time*/); 3523 3524/** 3525 * krb5_free_address frees the data stored in the address that is 3526 * alloced with any of the krb5_address functions. 3527 * 3528 * @param context a Keberos context 3529 * @param address addresss to be freed. 3530 * 3531 * @return Return an error code or 0. 3532 * 3533 * @ingroup krb5_address 3534 */ 3535 3536KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3537krb5_free_address ( 3538 krb5_context /*context*/, 3539 krb5_address */*address*/); 3540 3541/** 3542 * krb5_free_addresses frees the data stored in the address that is 3543 * alloced with any of the krb5_address functions. 3544 * 3545 * @param context a Keberos context 3546 * @param addresses addressses to be freed. 3547 * 3548 * @return Return an error code or 0. 3549 * 3550 * @ingroup krb5_address 3551 */ 3552 3553KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3554krb5_free_addresses ( 3555 krb5_context /*context*/, 3556 krb5_addresses */*addresses*/); 3557 3558KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3559krb5_free_ap_rep_enc_part ( 3560 krb5_context /*context*/, 3561 krb5_ap_rep_enc_part */*val*/); 3562 3563KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3564krb5_free_authenticator ( 3565 krb5_context /*context*/, 3566 krb5_authenticator */*authenticator*/); 3567 3568KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3569krb5_free_checksum ( 3570 krb5_context /*context*/, 3571 krb5_checksum */*cksum*/); 3572 3573KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3574krb5_free_checksum_contents ( 3575 krb5_context /*context*/, 3576 krb5_checksum */*cksum*/); 3577 3578/** 3579 * Free a list of configuration files. 3580 * 3581 * @param filenames list, terminated with a NULL pointer, to be 3582 * freed. NULL is an valid argument. 3583 * 3584 * @return Returns 0 to indicate success. Otherwise an kerberos et 3585 * error code is returned, see krb5_get_error_message(). 3586 * 3587 * @ingroup krb5 3588 */ 3589 3590KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3591krb5_free_config_files (char **/*filenames*/); 3592 3593/** 3594 * Frees the krb5_context allocated by krb5_init_context(). 3595 * 3596 * @param context context to be freed. 3597 * 3598 * @ingroup krb5 3599 */ 3600 3601KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3602krb5_free_context (krb5_context /*context*/); 3603 3604/** 3605 * Free content of krb5_creds. 3606 * 3607 * @param context Kerberos 5 context. 3608 * @param c krb5_creds to free. 3609 * 3610 * @return Returns 0 to indicate success. Otherwise an kerberos et 3611 * error code is returned, see krb5_get_error_message(). 3612 * 3613 * @ingroup krb5 3614 */ 3615 3616KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3617krb5_free_cred_contents ( 3618 krb5_context /*context*/, 3619 krb5_creds */*c*/); 3620 3621/** 3622 * Free krb5_creds. 3623 * 3624 * @param context Kerberos 5 context. 3625 * @param c krb5_creds to free. 3626 * 3627 * @return Returns 0 to indicate success. Otherwise an kerberos et 3628 * error code is returned, see krb5_get_error_message(). 3629 * 3630 * @ingroup krb5 3631 */ 3632 3633KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3634krb5_free_creds ( 3635 krb5_context /*context*/, 3636 krb5_creds */*c*/); 3637 3638/** 3639 * Deprecated: use krb5_free_cred_contents() 3640 * 3641 * @ingroup krb5_deprecated 3642 */ 3643 3644KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3645krb5_free_creds_contents ( 3646 krb5_context /*context*/, 3647 krb5_creds */*c*/) 3648 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3649 3650/** 3651 * Free krb5_data (and its content). 3652 * 3653 * @param context Kerberos 5 context. 3654 * @param p krb5_data to free. 3655 * 3656 * @ingroup krb5 3657 */ 3658 3659KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3660krb5_free_data ( 3661 krb5_context /*context*/, 3662 krb5_data */*p*/); 3663 3664/** 3665 * Same as krb5_data_free(). MIT compat. 3666 * 3667 * Deprecated: use krb5_data_free(). 3668 * 3669 * @param context Kerberos 5 context. 3670 * @param data krb5_data to free. 3671 * 3672 * @ingroup krb5_deprecated 3673 */ 3674 3675KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3676krb5_free_data_contents ( 3677 krb5_context /*context*/, 3678 krb5_data */*data*/) 3679 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3680 3681KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3682krb5_free_default_realm ( 3683 krb5_context /*context*/, 3684 krb5_realm /*realm*/); 3685 3686KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3687krb5_free_error ( 3688 krb5_context /*context*/, 3689 krb5_error */*error*/); 3690 3691KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3692krb5_free_error_contents ( 3693 krb5_context /*context*/, 3694 krb5_error */*error*/); 3695 3696/** 3697 * Free the error message returned by krb5_get_error_message(). 3698 * 3699 * @param context Kerberos context 3700 * @param msg error message to free, returned byg 3701 * krb5_get_error_message(). 3702 * 3703 * @ingroup krb5_error 3704 */ 3705 3706KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3707krb5_free_error_message ( 3708 krb5_context /*context*/, 3709 const char */*msg*/); 3710 3711/** 3712 * Free the error message returned by krb5_get_error_string(). 3713 * 3714 * Deprecated: use krb5_free_error_message() 3715 * 3716 * @param context Kerberos context 3717 * @param str error message to free 3718 * 3719 * @ingroup krb5_deprecated 3720 */ 3721 3722KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3723krb5_free_error_string ( 3724 krb5_context /*context*/, 3725 char */*str*/) 3726 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3727 3728/** 3729 * Free all memory allocated by `realmlist' 3730 * 3731 * @param context A Kerberos 5 context. 3732 * @param realmlist realmlist to free, NULL is ok 3733 * 3734 * @return a Kerberos error code, always 0. 3735 * 3736 * @ingroup krb5_support 3737 */ 3738 3739KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3740krb5_free_host_realm ( 3741 krb5_context /*context*/, 3742 krb5_realm */*realmlist*/); 3743 3744/** 3745 * Variable containing the FILE based credential cache implemention. 3746 * 3747 * @ingroup krb5_ccache 3748 */ 3749 3750KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3751krb5_free_kdc_rep ( 3752 krb5_context /*context*/, 3753 krb5_kdc_rep */*rep*/); 3754 3755/** 3756 * Free a keyblock, also zero out the content of the keyblock, uses 3757 * krb5_free_keyblock_contents() to free the content. 3758 * 3759 * @param context a Kerberos 5 context 3760 * @param keyblock keyblock to free, NULL is valid argument 3761 * 3762 * @ingroup krb5_crypto 3763 */ 3764 3765KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3766krb5_free_keyblock ( 3767 krb5_context /*context*/, 3768 krb5_keyblock */*keyblock*/); 3769 3770/** 3771 * Free a keyblock's content, also zero out the content of the keyblock. 3772 * 3773 * @param context a Kerberos 5 context 3774 * @param keyblock keyblock content to free, NULL is valid argument 3775 * 3776 * @ingroup krb5_crypto 3777 */ 3778 3779KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3780krb5_free_keyblock_contents ( 3781 krb5_context /*context*/, 3782 krb5_keyblock */*keyblock*/); 3783 3784KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3785krb5_free_krbhst ( 3786 krb5_context /*context*/, 3787 char **/*hostlist*/); 3788 3789/** 3790 * Free a name canonicalization rule iterator. 3791 */ 3792 3793KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3794krb5_free_name_canon_iterator ( 3795 krb5_context /*context*/, 3796 krb5_name_canon_iterator /*iter*/); 3797 3798/** 3799 * Frees a Kerberos principal allocated by the library with 3800 * krb5_parse_name(), krb5_make_principal() or any other related 3801 * principal functions. 3802 * 3803 * @param context A Kerberos context. 3804 * @param p a principal to free. 3805 * 3806 * @return An krb5 error code, see krb5_get_error_message(). 3807 * 3808 * @ingroup krb5_principal 3809 */ 3810 3811KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3812krb5_free_principal ( 3813 krb5_context /*context*/, 3814 krb5_principal /*p*/); 3815 3816KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3817krb5_free_salt ( 3818 krb5_context /*context*/, 3819 krb5_salt /*salt*/); 3820 3821/** 3822 * Free ticket and content 3823 * 3824 * @param context a Kerberos 5 context 3825 * @param ticket ticket to free 3826 * 3827 * @return Returns 0 to indicate success. Otherwise an kerberos et 3828 * error code is returned, see krb5_get_error_message(). 3829 * 3830 * @ingroup krb5 3831 */ 3832 3833KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3834krb5_free_ticket ( 3835 krb5_context /*context*/, 3836 krb5_ticket */*ticket*/); 3837 3838/** 3839 * Deprecated: use krb5_xfree(). 3840 * 3841 * @ingroup krb5_deprecated 3842 */ 3843 3844KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3845krb5_free_unparsed_name ( 3846 krb5_context /*context*/, 3847 char */*str*/) 3848 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3849 3850/** 3851 * Forward credentials for client to host hostname , making them 3852 * forwardable if forwardable, and returning the blob of data to sent 3853 * in out_data. If hostname == NULL, pick it from server. 3854 * 3855 * @param context A kerberos 5 context. 3856 * @param auth_context the auth context with the key to encrypt the out_data. 3857 * @param hostname the host to forward the tickets too. 3858 * @param client the client to delegate from. 3859 * @param server the server to delegate the credential too. 3860 * @param ccache credential cache to use. 3861 * @param forwardable make the forwarded ticket forwabledable. 3862 * @param out_data the resulting credential. 3863 * 3864 * @return Return an error code or 0. 3865 * 3866 * @ingroup krb5_credential 3867 */ 3868 3869KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3870krb5_fwd_tgt_creds ( 3871 krb5_context /*context*/, 3872 krb5_auth_context /*auth_context*/, 3873 const char */*hostname*/, 3874 krb5_principal /*client*/, 3875 krb5_principal /*server*/, 3876 krb5_ccache /*ccache*/, 3877 int /*forwardable*/, 3878 krb5_data */*out_data*/); 3879 3880/** 3881 * Fill buffer buf with len bytes of PRNG randomness that is ok to use 3882 * for key generation, padding and public diclosing the randomness w/o 3883 * disclosing the randomness source. 3884 * 3885 * This function can fail, and callers must check the return value. 3886 * 3887 * @param buf a buffer to fill with randomness 3888 * @param len length of memory that buf points to. 3889 * 3890 * @return return 0 on success or HEIM_ERR_RANDOM_OFFLINE if the 3891 * funcation failed to initialize the randomness source. 3892 * 3893 * @ingroup krb5_crypto 3894 */ 3895 3896HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3897krb5_generate_random ( 3898 void */*buf*/, 3899 size_t /*len*/); 3900 3901/** 3902 * Fill buffer buf with len bytes of PRNG randomness that is ok to use 3903 * for key generation, padding and public diclosing the randomness w/o 3904 * disclosing the randomness source. 3905 * 3906 * This function can NOT fail, instead it will abort() and program will crash. 3907 * 3908 * If this function is called after a successful krb5_init_context(), 3909 * the chance of it failing is low due to that krb5_init_context() 3910 * pulls out some random, and quite commonly the randomness sources 3911 * will not fail once it have started to produce good output, 3912 * /dev/urandom behavies that way. 3913 * 3914 * @param buf a buffer to fill with randomness 3915 * @param len length of memory that buf points to. 3916 * 3917 * @ingroup krb5_crypto 3918 */ 3919 3920KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3921krb5_generate_random_block ( 3922 void */*buf*/, 3923 size_t /*len*/); 3924 3925KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3926krb5_generate_random_keyblock ( 3927 krb5_context /*context*/, 3928 krb5_enctype /*type*/, 3929 krb5_keyblock */*key*/); 3930 3931KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3932krb5_generate_seq_number ( 3933 krb5_context /*context*/, 3934 const krb5_keyblock */*key*/, 3935 uint32_t */*seqno*/); 3936 3937/** 3938 * Deprecated: use krb5_generate_subkey_extended() 3939 * 3940 * @ingroup krb5_deprecated 3941 */ 3942 3943KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3944krb5_generate_subkey ( 3945 krb5_context /*context*/, 3946 const krb5_keyblock */*key*/, 3947 krb5_keyblock **/*subkey*/) 3948 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3949 3950/** 3951 * Generate subkey, from keyblock 3952 * 3953 * @param context kerberos context 3954 * @param key session key 3955 * @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype 3956 * @param subkey returned new, free with krb5_free_keyblock(). 3957 * 3958 * @return 0 on success or a Kerberos 5 error code 3959 * 3960* @ingroup krb5_crypto 3961 */ 3962 3963KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3964krb5_generate_subkey_extended ( 3965 krb5_context /*context*/, 3966 const krb5_keyblock */*key*/, 3967 krb5_enctype /*etype*/, 3968 krb5_keyblock **/*subkey*/); 3969 3970KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3971krb5_get_all_client_addrs ( 3972 krb5_context /*context*/, 3973 krb5_addresses */*res*/); 3974 3975KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3976krb5_get_all_server_addrs ( 3977 krb5_context /*context*/, 3978 krb5_addresses */*res*/); 3979 3980/** 3981 * Deprecated: use krb5_get_credentials_with_flags(). 3982 * 3983 * @ingroup krb5_deprecated 3984 */ 3985 3986KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3987krb5_get_cred_from_kdc ( 3988 krb5_context /*context*/, 3989 krb5_ccache /*ccache*/, 3990 krb5_creds */*in_creds*/, 3991 krb5_creds **/*out_creds*/, 3992 krb5_creds ***/*ret_tgts*/) 3993 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3994 3995/** 3996 * Deprecated: use krb5_get_credentials_with_flags(). 3997 * 3998 * @ingroup krb5_deprecated 3999 */ 4000 4001KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4002krb5_get_cred_from_kdc_opt ( 4003 krb5_context /*context*/, 4004 krb5_ccache /*ccache*/, 4005 krb5_creds */*in_creds*/, 4006 krb5_creds **/*out_creds*/, 4007 krb5_creds ***/*ret_tgts*/, 4008 krb5_flags /*flags*/) 4009 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4010 4011KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4012krb5_get_credentials ( 4013 krb5_context /*context*/, 4014 krb5_flags /*options*/, 4015 krb5_ccache /*ccache*/, 4016 krb5_creds */*in_creds*/, 4017 krb5_creds **/*out_creds*/); 4018 4019KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4020krb5_get_credentials_with_flags ( 4021 krb5_context /*context*/, 4022 krb5_flags /*options*/, 4023 krb5_kdc_flags /*flags*/, 4024 krb5_ccache /*ccache*/, 4025 krb5_creds */*in_creds*/, 4026 krb5_creds **/*out_creds*/); 4027 4028KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4029krb5_get_creds ( 4030 krb5_context /*context*/, 4031 krb5_get_creds_opt /*opt*/, 4032 krb5_ccache /*ccache*/, 4033 krb5_const_principal /*inprinc*/, 4034 krb5_creds **/*out_creds*/); 4035 4036KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4037krb5_get_creds_opt_add_options ( 4038 krb5_context /*context*/, 4039 krb5_get_creds_opt /*opt*/, 4040 krb5_flags /*options*/); 4041 4042KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4043krb5_get_creds_opt_alloc ( 4044 krb5_context /*context*/, 4045 krb5_get_creds_opt */*opt*/); 4046 4047KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4048krb5_get_creds_opt_free ( 4049 krb5_context /*context*/, 4050 krb5_get_creds_opt /*opt*/); 4051 4052KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4053krb5_get_creds_opt_set_enctype ( 4054 krb5_context /*context*/, 4055 krb5_get_creds_opt /*opt*/, 4056 krb5_enctype /*enctype*/); 4057 4058KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4059krb5_get_creds_opt_set_impersonate ( 4060 krb5_context /*context*/, 4061 krb5_get_creds_opt /*opt*/, 4062 krb5_const_principal /*self*/); 4063 4064KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4065krb5_get_creds_opt_set_options ( 4066 krb5_context /*context*/, 4067 krb5_get_creds_opt /*opt*/, 4068 krb5_flags /*options*/); 4069 4070KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4071krb5_get_creds_opt_set_ticket ( 4072 krb5_context /*context*/, 4073 krb5_get_creds_opt /*opt*/, 4074 const Ticket */*ticket*/); 4075 4076/** 4077 * Get the global configuration list. 4078 * 4079 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 4080 * 4081 * @return Returns 0 to indicate success. Otherwise an kerberos et 4082 * error code is returned, see krb5_get_error_message(). 4083 * 4084 * @ingroup krb5 4085 */ 4086 4087KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4088krb5_get_default_config_files (char ***/*pfilenames*/); 4089 4090/** 4091 * Get the default encryption types that will be use in communcation 4092 * with the KDC, clients and servers. 4093 * 4094 * @param context Kerberos 5 context. 4095 * @param pdu_type request type (AS, TGS or none) 4096 * @param etypes Encryption types, array terminated with 4097 * ETYPE_NULL(0), caller should free array with krb5_xfree(): 4098 * 4099 * @return Returns 0 to indicate success. Otherwise an kerberos et 4100 * error code is returned, see krb5_get_error_message(). 4101 * 4102 * @ingroup krb5 4103 */ 4104 4105KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4106krb5_get_default_in_tkt_etypes ( 4107 krb5_context /*context*/, 4108 krb5_pdu /*pdu_type*/, 4109 krb5_enctype **/*etypes*/); 4110 4111KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4112krb5_get_default_principal ( 4113 krb5_context /*context*/, 4114 krb5_principal */*princ*/); 4115 4116KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4117krb5_get_default_realm ( 4118 krb5_context /*context*/, 4119 krb5_realm */*realm*/); 4120 4121KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4122krb5_get_default_realms ( 4123 krb5_context /*context*/, 4124 krb5_realm **/*realms*/); 4125 4126/** 4127 * Get if the library uses DNS to canonicalize hostnames. 4128 * 4129 * @param context Kerberos 5 context. 4130 * 4131 * @return return non zero if the library uses DNS to canonicalize hostnames. 4132 * 4133 * @ingroup krb5 4134 */ 4135 4136KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4137krb5_get_dns_canonicalize_hostname (krb5_context /*context*/); 4138 4139/** 4140 * Return the error string for the error code. The caller must not 4141 * free the string. 4142 * 4143 * This function is deprecated since its not threadsafe. 4144 * 4145 * @param context Kerberos 5 context. 4146 * @param code Kerberos error code. 4147 * 4148 * @return the error message matching code 4149 * 4150 * @ingroup krb5 4151 */ 4152 4153KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 4154krb5_get_err_text ( 4155 krb5_context /*context*/, 4156 krb5_error_code /*code*/) 4157 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4158 4159/** 4160 * Return the error message for `code' in context. On memory 4161 * allocation error the function returns NULL. 4162 * 4163 * @param context Kerberos 5 context 4164 * @param code Error code related to the error 4165 * 4166 * @return an error string, needs to be freed with 4167 * krb5_free_error_message(). The functions return NULL on error. 4168 * 4169 * @ingroup krb5_error 4170 */ 4171 4172KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 4173krb5_get_error_message ( 4174 krb5_context /*context*/, 4175 krb5_error_code /*code*/); 4176 4177/** 4178 * Return the error message in context. On error or no error string, 4179 * the function returns NULL. 4180 * 4181 * @param context Kerberos 5 context 4182 * 4183 * @return an error string, needs to be freed with 4184 * krb5_free_error_message(). The functions return NULL on error. 4185 * 4186 * @ingroup krb5_error 4187 */ 4188 4189KRB5_LIB_FUNCTION char * KRB5_LIB_CALL 4190krb5_get_error_string (krb5_context /*context*/) 4191 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4192 4193/** 4194 * Get extra address to the address list that the library will add to 4195 * the client's address list when communicating with the KDC. 4196 * 4197 * @param context Kerberos 5 context. 4198 * @param addresses addreses to set 4199 * 4200 * @return Returns 0 to indicate success. Otherwise an kerberos et 4201 * error code is returned, see krb5_get_error_message(). 4202 * 4203 * @ingroup krb5 4204 */ 4205 4206KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4207krb5_get_extra_addresses ( 4208 krb5_context /*context*/, 4209 krb5_addresses */*addresses*/); 4210 4211/** 4212 * Get version of fcache that the library should use. 4213 * 4214 * @param context Kerberos 5 context. 4215 * @param version version number. 4216 * 4217 * @return Returns 0 to indicate success. Otherwise an kerberos et 4218 * error code is returned, see krb5_get_error_message(). 4219 * 4220 * @ingroup krb5 4221 */ 4222 4223KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4224krb5_get_fcache_version ( 4225 krb5_context /*context*/, 4226 int */*version*/); 4227 4228/** 4229 * Gets tickets forwarded to hostname. If the tickets that are 4230 * forwarded are address-less, the forwarded tickets will also be 4231 * address-less. 4232 * 4233 * If the ticket have any address, hostname will be used for figure 4234 * out the address to forward the ticket too. This since this might 4235 * use DNS, its insecure and also doesn't represent configured all 4236 * addresses of the host. For example, the host might have two 4237 * adresses, one IPv4 and one IPv6 address where the later is not 4238 * published in DNS. This IPv6 address might be used communications 4239 * and thus the resulting ticket useless. 4240 * 4241 * @param context A kerberos 5 context. 4242 * @param auth_context the auth context with the key to encrypt the out_data. 4243 * @param ccache credential cache to use 4244 * @param flags the flags to control the resulting ticket flags 4245 * @param hostname the host to forward the tickets too. 4246 * @param in_creds the in client and server ticket names. The client 4247 * and server components forwarded to the remote host. 4248 * @param out_data the resulting credential. 4249 * 4250 * @return Return an error code or 0. 4251 * 4252 * @ingroup krb5_credential 4253 */ 4254 4255KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4256krb5_get_forwarded_creds ( 4257 krb5_context /*context*/, 4258 krb5_auth_context /*auth_context*/, 4259 krb5_ccache /*ccache*/, 4260 krb5_flags /*flags*/, 4261 const char */*hostname*/, 4262 krb5_creds */*in_creds*/, 4263 krb5_data */*out_data*/); 4264 4265KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4266krb5_get_host_realm ( 4267 krb5_context /*context*/, 4268 const char */*targethost*/, 4269 krb5_realm **/*realms*/); 4270 4271/** 4272 * Get extra addresses to ignore when fetching addresses from the 4273 * underlaying operating system. 4274 * 4275 * @param context Kerberos 5 context. 4276 * @param addresses list addreses ignored 4277 * 4278 * @return Returns 0 to indicate success. Otherwise an kerberos et 4279 * error code is returned, see krb5_get_error_message(). 4280 * 4281 * @ingroup krb5 4282 */ 4283 4284KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4285krb5_get_ignore_addresses ( 4286 krb5_context /*context*/, 4287 krb5_addresses */*addresses*/); 4288 4289KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4290krb5_get_in_cred ( 4291 krb5_context /*context*/, 4292 krb5_flags /*options*/, 4293 const krb5_addresses */*addrs*/, 4294 const krb5_enctype */*etypes*/, 4295 const krb5_preauthtype */*ptypes*/, 4296 const krb5_preauthdata */*preauth*/, 4297 krb5_key_proc /*key_proc*/, 4298 krb5_const_pointer /*keyseed*/, 4299 krb5_decrypt_proc /*decrypt_proc*/, 4300 krb5_const_pointer /*decryptarg*/, 4301 krb5_creds */*creds*/, 4302 krb5_kdc_rep */*ret_as_reply*/) 4303 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4304 4305KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4306krb5_get_in_tkt ( 4307 krb5_context /*context*/, 4308 krb5_flags /*options*/, 4309 const krb5_addresses */*addrs*/, 4310 const krb5_enctype */*etypes*/, 4311 const krb5_preauthtype */*ptypes*/, 4312 krb5_key_proc /*key_proc*/, 4313 krb5_const_pointer /*keyseed*/, 4314 krb5_decrypt_proc /*decrypt_proc*/, 4315 krb5_const_pointer /*decryptarg*/, 4316 krb5_creds */*creds*/, 4317 krb5_ccache /*ccache*/, 4318 krb5_kdc_rep */*ret_as_reply*/) 4319 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4320 4321/** 4322 * Deprecated: use krb5_get_init_creds() and friends. 4323 * 4324 * @ingroup krb5_deprecated 4325 */ 4326 4327KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4328krb5_get_in_tkt_with_keytab ( 4329 krb5_context /*context*/, 4330 krb5_flags /*options*/, 4331 krb5_addresses */*addrs*/, 4332 const krb5_enctype */*etypes*/, 4333 const krb5_preauthtype */*pre_auth_types*/, 4334 krb5_keytab /*keytab*/, 4335 krb5_ccache /*ccache*/, 4336 krb5_creds */*creds*/, 4337 krb5_kdc_rep */*ret_as_reply*/) 4338 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4339 4340/** 4341 * Deprecated: use krb5_get_init_creds() and friends. 4342 * 4343 * @ingroup krb5_deprecated 4344 */ 4345 4346KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4347krb5_get_in_tkt_with_password ( 4348 krb5_context /*context*/, 4349 krb5_flags /*options*/, 4350 krb5_addresses */*addrs*/, 4351 const krb5_enctype */*etypes*/, 4352 const krb5_preauthtype */*pre_auth_types*/, 4353 const char */*password*/, 4354 krb5_ccache /*ccache*/, 4355 krb5_creds */*creds*/, 4356 krb5_kdc_rep */*ret_as_reply*/) 4357 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4358 4359/** 4360 * Deprecated: use krb5_get_init_creds() and friends. 4361 * 4362 * @ingroup krb5_deprecated 4363 */ 4364 4365KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4366krb5_get_in_tkt_with_skey ( 4367 krb5_context /*context*/, 4368 krb5_flags /*options*/, 4369 krb5_addresses */*addrs*/, 4370 const krb5_enctype */*etypes*/, 4371 const krb5_preauthtype */*pre_auth_types*/, 4372 const krb5_keyblock */*key*/, 4373 krb5_ccache /*ccache*/, 4374 krb5_creds */*creds*/, 4375 krb5_kdc_rep */*ret_as_reply*/) 4376 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4377 4378/** 4379 * Get new credentials using keyblock. 4380 * 4381 * @ingroup krb5_credential 4382 */ 4383 4384KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4385krb5_get_init_creds_keyblock ( 4386 krb5_context /*context*/, 4387 krb5_creds */*creds*/, 4388 krb5_principal /*client*/, 4389 krb5_keyblock */*keyblock*/, 4390 krb5_deltat /*start_time*/, 4391 const char */*in_tkt_service*/, 4392 krb5_get_init_creds_opt */*options*/); 4393 4394/** 4395 * Get new credentials using keytab. 4396 * 4397 * @ingroup krb5_credential 4398 */ 4399 4400KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4401krb5_get_init_creds_keytab ( 4402 krb5_context /*context*/, 4403 krb5_creds */*creds*/, 4404 krb5_principal /*client*/, 4405 krb5_keytab /*keytab*/, 4406 krb5_deltat /*start_time*/, 4407 const char */*in_tkt_service*/, 4408 krb5_get_init_creds_opt */*options*/); 4409 4410/** 4411 * Allocate a new krb5_get_init_creds_opt structure, free with 4412 * krb5_get_init_creds_opt_free(). 4413 * 4414 * @ingroup krb5_credential 4415 */ 4416 4417KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4418krb5_get_init_creds_opt_alloc ( 4419 krb5_context /*context*/, 4420 krb5_get_init_creds_opt **/*opt*/); 4421 4422/** 4423 * Free krb5_get_init_creds_opt structure. 4424 * 4425 * @ingroup krb5_credential 4426 */ 4427 4428KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4429krb5_get_init_creds_opt_free ( 4430 krb5_context /*context*/, 4431 krb5_get_init_creds_opt */*opt*/); 4432 4433/** 4434 * Deprecated: use the new krb5_init_creds_init() and 4435 * krb5_init_creds_get_error(). 4436 * 4437 * @ingroup krb5_deprecated 4438 */ 4439 4440KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4441krb5_get_init_creds_opt_get_error ( 4442 krb5_context /*context*/, 4443 krb5_get_init_creds_opt */*opt*/, 4444 KRB_ERROR **/*error*/) 4445 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4446 4447/** 4448 * Deprecated: use krb5_get_init_creds_opt_alloc(). 4449 * 4450 * The reason krb5_get_init_creds_opt_init() is deprecated is that 4451 * krb5_get_init_creds_opt is a static structure and for ABI reason it 4452 * can't grow, ie can't add new functionality. 4453 * 4454 * @ingroup krb5_deprecated 4455 */ 4456 4457KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4458krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */*opt*/) 4459 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4460 4461KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4462krb5_get_init_creds_opt_set_address_list ( 4463 krb5_get_init_creds_opt */*opt*/, 4464 krb5_addresses */*addresses*/); 4465 4466KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4467krb5_get_init_creds_opt_set_addressless ( 4468 krb5_context /*context*/, 4469 krb5_get_init_creds_opt */*opt*/, 4470 krb5_boolean /*addressless*/); 4471 4472KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4473krb5_get_init_creds_opt_set_anonymous ( 4474 krb5_get_init_creds_opt */*opt*/, 4475 int /*anonymous*/); 4476 4477KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4478krb5_get_init_creds_opt_set_canonicalize ( 4479 krb5_context /*context*/, 4480 krb5_get_init_creds_opt */*opt*/, 4481 krb5_boolean /*req*/); 4482 4483KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4484krb5_get_init_creds_opt_set_change_password_prompt ( 4485 krb5_get_init_creds_opt */*opt*/, 4486 int /*change_password_prompt*/); 4487 4488KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4489krb5_get_init_creds_opt_set_default_flags ( 4490 krb5_context /*context*/, 4491 const char */*appname*/, 4492 krb5_const_realm /*realm*/, 4493 krb5_get_init_creds_opt */*opt*/); 4494 4495KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4496krb5_get_init_creds_opt_set_etype_list ( 4497 krb5_get_init_creds_opt */*opt*/, 4498 krb5_enctype */*etype_list*/, 4499 int /*etype_list_length*/); 4500 4501KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4502krb5_get_init_creds_opt_set_forwardable ( 4503 krb5_get_init_creds_opt */*opt*/, 4504 int /*forwardable*/); 4505 4506KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4507krb5_get_init_creds_opt_set_pa_password ( 4508 krb5_context /*context*/, 4509 krb5_get_init_creds_opt */*opt*/, 4510 const char */*password*/, 4511 krb5_s2k_proc /*key_proc*/); 4512 4513KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4514krb5_get_init_creds_opt_set_pac_request ( 4515 krb5_context /*context*/, 4516 krb5_get_init_creds_opt */*opt*/, 4517 krb5_boolean /*req_pac*/); 4518 4519KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4520krb5_get_init_creds_opt_set_pkinit ( 4521 krb5_context /*context*/, 4522 krb5_get_init_creds_opt */*opt*/, 4523 krb5_principal /*principal*/, 4524 const char */*user_id*/, 4525 const char */*x509_anchors*/, 4526 char * const * /*pool*/, 4527 char * const * /*pki_revoke*/, 4528 int /*flags*/, 4529 krb5_prompter_fct /*prompter*/, 4530 void */*prompter_data*/, 4531 char */*password*/); 4532 4533krb5_error_code KRB5_LIB_FUNCTION 4534krb5_get_init_creds_opt_set_pkinit_user_certs ( 4535 krb5_context /*context*/, 4536 krb5_get_init_creds_opt */*opt*/, 4537 struct hx509_certs_data */*certs*/); 4538 4539KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4540krb5_get_init_creds_opt_set_preauth_list ( 4541 krb5_get_init_creds_opt */*opt*/, 4542 krb5_preauthtype */*preauth_list*/, 4543 int /*preauth_list_length*/); 4544 4545KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4546krb5_get_init_creds_opt_set_process_last_req ( 4547 krb5_context /*context*/, 4548 krb5_get_init_creds_opt */*opt*/, 4549 krb5_gic_process_last_req /*func*/, 4550 void */*ctx*/); 4551 4552KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4553krb5_get_init_creds_opt_set_proxiable ( 4554 krb5_get_init_creds_opt */*opt*/, 4555 int /*proxiable*/); 4556 4557KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4558krb5_get_init_creds_opt_set_renew_life ( 4559 krb5_get_init_creds_opt */*opt*/, 4560 krb5_deltat /*renew_life*/); 4561 4562KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4563krb5_get_init_creds_opt_set_salt ( 4564 krb5_get_init_creds_opt */*opt*/, 4565 krb5_data */*salt*/); 4566 4567KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4568krb5_get_init_creds_opt_set_tkt_life ( 4569 krb5_get_init_creds_opt */*opt*/, 4570 krb5_deltat /*tkt_life*/); 4571 4572KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4573krb5_get_init_creds_opt_set_win2k ( 4574 krb5_context /*context*/, 4575 krb5_get_init_creds_opt */*opt*/, 4576 krb5_boolean /*req*/); 4577 4578/** 4579 * Get new credentials using password. 4580 * 4581 * @ingroup krb5_credential 4582 */ 4583 4584KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4585krb5_get_init_creds_password ( 4586 krb5_context /*context*/, 4587 krb5_creds */*creds*/, 4588 krb5_principal /*client*/, 4589 const char */*password*/, 4590 krb5_prompter_fct /*prompter*/, 4591 void */*data*/, 4592 krb5_deltat /*start_time*/, 4593 const char */*in_tkt_service*/, 4594 krb5_get_init_creds_opt */*options*/); 4595 4596KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4597krb5_get_kdc_cred ( 4598 krb5_context /*context*/, 4599 krb5_ccache /*id*/, 4600 krb5_kdc_flags /*flags*/, 4601 krb5_addresses */*addresses*/, 4602 Ticket */*second_ticket*/, 4603 krb5_creds */*in_creds*/, 4604 krb5_creds **out_creds ); 4605 4606/** 4607 * Get current offset in time to the KDC. 4608 * 4609 * @param context Kerberos 5 context. 4610 * @param sec seconds part of offset. 4611 * @param usec micro seconds part of offset. 4612 * 4613 * @return returns zero 4614 * 4615 * @ingroup krb5 4616 */ 4617 4618KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4619krb5_get_kdc_sec_offset ( 4620 krb5_context /*context*/, 4621 int32_t */*sec*/, 4622 int32_t */*usec*/); 4623 4624KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4625krb5_get_krb524hst ( 4626 krb5_context /*context*/, 4627 const krb5_realm */*realm*/, 4628 char ***/*hostlist*/); 4629 4630KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4631krb5_get_krb_admin_hst ( 4632 krb5_context /*context*/, 4633 const krb5_realm */*realm*/, 4634 char ***/*hostlist*/); 4635 4636KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4637krb5_get_krb_changepw_hst ( 4638 krb5_context /*context*/, 4639 const krb5_realm */*realm*/, 4640 char ***/*hostlist*/); 4641 4642KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4643krb5_get_krbhst ( 4644 krb5_context /*context*/, 4645 const krb5_realm */*realm*/, 4646 char ***/*hostlist*/); 4647 4648/** 4649 * Get max time skew allowed. 4650 * 4651 * @param context Kerberos 5 context. 4652 * 4653 * @return timeskew in seconds. 4654 * 4655 * @ingroup krb5 4656 */ 4657 4658KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 4659krb5_get_max_time_skew (krb5_context /*context*/); 4660 4661/** 4662 * krb5_init_context() will get one random byte to make sure our 4663 * random is alive. Assumption is that once the non blocking 4664 * source allows us to pull bytes, its all seeded and allows us to 4665 * pull more bytes. 4666 * 4667 * Most Kerberos users calls krb5_init_context(), so this is 4668 * useful point where we can do the checking. 4669 */ 4670 4671KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4672krb5_get_permitted_enctypes ( 4673 krb5_context /*context*/, 4674 krb5_enctype **/*etypes*/); 4675 4676KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4677krb5_get_pw_salt ( 4678 krb5_context /*context*/, 4679 krb5_const_principal /*principal*/, 4680 krb5_salt */*salt*/); 4681 4682KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4683krb5_get_renewed_creds ( 4684 krb5_context /*context*/, 4685 krb5_creds */*creds*/, 4686 krb5_const_principal /*client*/, 4687 krb5_ccache /*ccache*/, 4688 const char */*in_tkt_service*/); 4689 4690KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4691krb5_get_server_rcache ( 4692 krb5_context /*context*/, 4693 const krb5_data */*piece*/, 4694 krb5_rcache */*id*/); 4695 4696/** 4697 * Make the kerberos library default to the admin KDC. 4698 * 4699 * @param context Kerberos 5 context. 4700 * 4701 * @return boolean flag to telling the context will use admin KDC as the default KDC. 4702 * 4703 * @ingroup krb5 4704 */ 4705 4706KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4707krb5_get_use_admin_kdc (krb5_context /*context*/); 4708 4709/** 4710 * Validate the newly fetch credential, see also krb5_verify_init_creds(). 4711 * 4712 * @param context a Kerberos 5 context 4713 * @param creds the credentials to verify 4714 * @param client the client name to match up 4715 * @param ccache the credential cache to use 4716 * @param service a service name to use, used with 4717 * krb5_sname_to_principal() to build a hostname to use to 4718 * verify. 4719 * 4720 * @ingroup krb5_ccache 4721 */ 4722 4723KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4724krb5_get_validated_creds ( 4725 krb5_context /*context*/, 4726 krb5_creds */*creds*/, 4727 krb5_principal /*client*/, 4728 krb5_ccache /*ccache*/, 4729 char */*service*/); 4730 4731/** 4732 * Get the default logging facility. 4733 * 4734 * @param context A Kerberos 5 context 4735 * 4736 * @ingroup krb5_error 4737 */ 4738 4739KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL 4740krb5_get_warn_dest (krb5_context /*context*/); 4741 4742KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 4743krb5_get_wrapped_length ( 4744 krb5_context /*context*/, 4745 krb5_crypto /*crypto*/, 4746 size_t /*data_len*/); 4747 4748KRB5_LIB_FUNCTION int KRB5_LIB_CALL 4749krb5_getportbyname ( 4750 krb5_context /*context*/, 4751 const char */*service*/, 4752 const char */*proto*/, 4753 int /*default_port*/); 4754 4755/** 4756 * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception 4757 * that it operates on a krb5_address instead of a struct sockaddr. 4758 * 4759 * @param context a Keberos context 4760 * @param af address family 4761 * @param haddr host address from struct hostent. 4762 * @param addr returned krb5_address. 4763 * 4764 * @return Return an error code or 0. 4765 * 4766 * @ingroup krb5_address 4767 */ 4768 4769KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4770krb5_h_addr2addr ( 4771 krb5_context /*context*/, 4772 int /*af*/, 4773 const char */*haddr*/, 4774 krb5_address */*addr*/); 4775 4776/** 4777 * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and 4778 * the "struct hostent" (see gethostbyname(3) ) h_addr_list 4779 * component. The argument sa_size should initially contain the size 4780 * of the sa, and after the call, it will contain the actual length of 4781 * the address. 4782 * 4783 * @param context a Keberos context 4784 * @param af addresses 4785 * @param addr address 4786 * @param sa returned struct sockaddr 4787 * @param sa_size size of sa 4788 * @param port port to set in sa. 4789 * 4790 * @return Return an error code or 0. 4791 * 4792 * @ingroup krb5_address 4793 */ 4794 4795KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4796krb5_h_addr2sockaddr ( 4797 krb5_context /*context*/, 4798 int /*af*/, 4799 const char */*addr*/, 4800 struct sockaddr */*sa*/, 4801 krb5_socklen_t */*sa_size*/, 4802 int /*port*/); 4803 4804/** 4805 * Convert the gethostname() error code (h_error) to a Kerberos et 4806 * error code. 4807 * 4808 * @param eai_errno contains the error code from gethostname(). 4809 * 4810 * @return Kerberos error code representing the gethostname errors. 4811 * 4812 * @ingroup krb5_error 4813 */ 4814 4815KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4816krb5_h_errno_to_heim_errno (int /*eai_errno*/); 4817 4818KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4819krb5_have_error_string (krb5_context /*context*/) 4820 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4821 4822KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4823krb5_hmac ( 4824 krb5_context /*context*/, 4825 krb5_cksumtype /*cktype*/, 4826 const void */*data*/, 4827 size_t /*len*/, 4828 unsigned /*usage*/, 4829 krb5_keyblock */*key*/, 4830 Checksum */*result*/); 4831 4832/** 4833 * Initializes the context structure and reads the configuration file 4834 * /etc/krb5.conf. The structure should be freed by calling 4835 * krb5_free_context() when it is no longer being used. 4836 * 4837 * @param context pointer to returned context 4838 * 4839 * @return Returns 0 to indicate success. Otherwise an errno code is 4840 * returned. Failure means either that something bad happened during 4841 * initialization (typically ENOMEM) or that Kerberos should not be 4842 * used ENXIO. If the function returns HEIM_ERR_RANDOM_OFFLINE, the 4843 * random source is not available and later Kerberos calls might fail. 4844 * 4845 * @ingroup krb5 4846 */ 4847 4848KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4849krb5_init_context (krb5_context */*context*/); 4850 4851/** 4852 * Free the krb5_init_creds_context allocated by krb5_init_creds_init(). 4853 * 4854 * @param context A Kerberos 5 context. 4855 * @param ctx The krb5_init_creds_context to free. 4856 * 4857 * @ingroup krb5_credential 4858 */ 4859 4860KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4861krb5_init_creds_free ( 4862 krb5_context /*context*/, 4863 krb5_init_creds_context /*ctx*/); 4864 4865/** 4866 * Get new credentials as setup by the krb5_init_creds_context. 4867 * 4868 * @param context A Kerberos 5 context. 4869 * @param ctx The krb5_init_creds_context to process. 4870 * 4871 * @ingroup krb5_credential 4872 */ 4873 4874KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4875krb5_init_creds_get ( 4876 krb5_context /*context*/, 4877 krb5_init_creds_context /*ctx*/); 4878 4879/** 4880 * Extract the newly acquired credentials from krb5_init_creds_context 4881 * context. 4882 * 4883 * @param context A Kerberos 5 context. 4884 * @param ctx 4885 * @param cred credentials, free with krb5_free_cred_contents(). 4886 * 4887 * @return 0 for sucess or An Kerberos error code, see krb5_get_error_message(). 4888 */ 4889 4890KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4891krb5_init_creds_get_creds ( 4892 krb5_context /*context*/, 4893 krb5_init_creds_context /*ctx*/, 4894 krb5_creds */*cred*/); 4895 4896/** 4897 * Get the last error from the transaction. 4898 * 4899 * @return Returns 0 or an error code 4900 * 4901 * @ingroup krb5_credential 4902 */ 4903 4904KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4905krb5_init_creds_get_error ( 4906 krb5_context /*context*/, 4907 krb5_init_creds_context /*ctx*/, 4908 KRB_ERROR */*error*/); 4909 4910/** 4911 * Start a new context to get a new initial credential. 4912 * 4913 * @param context A Kerberos 5 context. 4914 * @param client The Kerberos principal to get the credential for, if 4915 * NULL is given, the default principal is used as determined by 4916 * krb5_get_default_principal(). 4917 * @param prompter 4918 * @param prompter_data 4919 * @param start_time the time the ticket should start to be valid or 0 for now. 4920 * @param options a options structure, can be NULL for default options. 4921 * @param rctx A new allocated free with krb5_init_creds_free(). 4922 * 4923 * @return 0 for success or an Kerberos 5 error code, see krb5_get_error_message(). 4924 * 4925 * @ingroup krb5_credential 4926 */ 4927 4928KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4929krb5_init_creds_init ( 4930 krb5_context /*context*/, 4931 krb5_principal /*client*/, 4932 krb5_prompter_fct /*prompter*/, 4933 void */*prompter_data*/, 4934 krb5_deltat /*start_time*/, 4935 krb5_get_init_creds_opt */*options*/, 4936 krb5_init_creds_context */*rctx*/); 4937 4938KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4939krb5_init_creds_set_fast_ap_armor_service ( 4940 krb5_context /*context*/, 4941 krb5_init_creds_context /*ctx*/, 4942 krb5_const_principal /*armor_service*/); 4943 4944KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4945krb5_init_creds_set_fast_ccache ( 4946 krb5_context /*context*/, 4947 krb5_init_creds_context /*ctx*/, 4948 krb5_ccache /*fast_ccache*/); 4949 4950KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4951krb5_init_creds_set_keyblock ( 4952 krb5_context /*context*/, 4953 krb5_init_creds_context /*ctx*/, 4954 krb5_keyblock */*keyblock*/); 4955 4956/** 4957 * Set the keytab to use for authentication. 4958 * 4959 * @param context a Kerberos 5 context. 4960 * @param ctx ctx krb5_init_creds_context context. 4961 * @param keytab the keytab to read the key from. 4962 * 4963 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4964 * @ingroup krb5_credential 4965 */ 4966 4967KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4968krb5_init_creds_set_keytab ( 4969 krb5_context /*context*/, 4970 krb5_init_creds_context /*ctx*/, 4971 krb5_keytab /*keytab*/); 4972 4973/** 4974 * Sets the password that will use for the request. 4975 * 4976 * @param context a Kerberos 5 context. 4977 * @param ctx ctx krb5_init_creds_context context. 4978 * @param password the password to use. 4979 * 4980 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4981 * @ingroup krb5_credential 4982 */ 4983 4984KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4985krb5_init_creds_set_password ( 4986 krb5_context /*context*/, 4987 krb5_init_creds_context /*ctx*/, 4988 const char */*password*/); 4989 4990/** 4991 * Sets the service that the is requested. This call is only neede for 4992 * special initial tickets, by default the a krbtgt is fetched in the default realm. 4993 * 4994 * @param context a Kerberos 5 context. 4995 * @param ctx a krb5_init_creds_context context. 4996 * @param service the service given as a string, for example 4997 * "kadmind/admin". If NULL, the default krbtgt in the clients 4998 * realm is set. 4999 * 5000 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 5001 * @ingroup krb5_credential 5002 */ 5003 5004KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5005krb5_init_creds_set_service ( 5006 krb5_context /*context*/, 5007 krb5_init_creds_context /*ctx*/, 5008 const char */*service*/); 5009 5010/** 5011 * The core loop if krb5_get_init_creds() function family. Create the 5012 * packets and have the caller send them off to the KDC. 5013 * 5014 * If the caller want all work been done for them, use 5015 * krb5_init_creds_get() instead. 5016 * 5017 * @param context a Kerberos 5 context. 5018 * @param ctx ctx krb5_init_creds_context context. 5019 * @param in input data from KDC, first round it should be reset by krb5_data_zer(). 5020 * @param out reply to KDC. 5021 * @param hostinfo KDC address info, first round it can be NULL. 5022 * @param flags status of the round, if 5023 * KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round. 5024 * 5025 * @return 0 for success, or an Kerberos 5 error code, see 5026 * krb5_get_error_message(). 5027 * 5028 * @ingroup krb5_credential 5029 */ 5030 5031KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5032krb5_init_creds_step ( 5033 krb5_context /*context*/, 5034 krb5_init_creds_context /*ctx*/, 5035 krb5_data */*in*/, 5036 krb5_data */*out*/, 5037 krb5_krbhst_info */*hostinfo*/, 5038 unsigned int */*flags*/); 5039 5040/** 5041 * 5042 * @ingroup krb5_credential 5043 */ 5044 5045krb5_error_code 5046krb5_init_creds_store ( 5047 krb5_context /*context*/, 5048 krb5_init_creds_context /*ctx*/, 5049 krb5_ccache /*id*/); 5050 5051/** 5052 * Init the built-in ets in the Kerberos library. 5053 * 5054 * @param context kerberos context to add the ets too 5055 * 5056 * @ingroup krb5 5057 */ 5058 5059KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5060krb5_init_ets (krb5_context /*context*/); 5061 5062/** 5063 @struct krb5plugin_kuserok_ftable_desc * 5064 * @brief Description of the krb5_kuserok(3) plugin facility. 5065 * 5066 * The krb5_kuserok(3) function is pluggable. The plugin is named 5067 * KRB5_PLUGIN_KUSEROK ("krb5_plugin_kuserok"), with a single minor 5068 * version, KRB5_PLUGIN_KUSEROK_VERSION_0 (0). 5069 * 5070 * The plugin for krb5_kuserok(3) consists of a data symbol referencing 5071 * a structure of type krb5plugin_kuserok_ftable, with four fields: 5072 * 5073 * @param init Plugin initialization function (see krb5-plugin(7)) 5074 * 5075 * @param minor_version The plugin minor version number (0) 5076 * 5077 * @param fini Plugin finalization function 5078 * 5079 * @param kuserok Plugin kuserok function 5080 * 5081 * The kuserok field is the plugin entry point that performs the 5082 * traditional kuserok operation however the plugin desires. It is 5083 * invoked in no particular order relative to other kuserok plugins, but 5084 * it has a 'rule' argument that indicates which plugin is intended to 5085 * act on the rule. The plugin kuserok function must return 5086 * KRB5_PLUGIN_NO_HANDLE if the rule is not applicable to it. 5087 * 5088 * The plugin kuserok function has the following arguments, in this 5089 * order: 5090 * 5091 * -# plug_ctx, the context value output by the plugin's init function 5092 * -# context, a krb5_context 5093 * -# rule, the kuserok rule being evaluated (from krb5.conf(5)) 5094 * -# flags 5095 * -# k5login_dir, configured location of k5login per-user files if any 5096 * -# luser, name of the local user account to which principal is attempting to access. 5097 * -# principal, the krb5_principal trying to access the luser account 5098 * -# result, a krb5_boolean pointer where the plugin will output its result 5099 * 5100 * @ingroup krb5_support 5101 */ 5102 5103KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5104krb5_initlog ( 5105 krb5_context /*context*/, 5106 const char */*program*/, 5107 krb5_log_facility **/*fac*/); 5108 5109/** 5110 * Return TRUE (non zero) if the principal is a configuration 5111 * principal (generated part of krb5_cc_set_config()). Returns FALSE 5112 * (zero) if not a configuration principal. 5113 * 5114 * @param context a Keberos context 5115 * @param principal principal to check if it a configuration principal 5116 * 5117 * @ingroup krb5_ccache 5118 */ 5119 5120KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5121krb5_is_config_principal ( 5122 krb5_context /*context*/, 5123 krb5_const_principal /*principal*/); 5124 5125/** 5126 * Returns is the encryption is strong or weak 5127 * 5128 * @param context Kerberos 5 context 5129 * @param enctype encryption type to probe 5130 * 5131 * @return Returns true if encryption type is weak or is not supported. 5132 * 5133 * @ingroup krb5_crypto 5134 */ 5135 5136KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5137krb5_is_enctype_weak ( 5138 krb5_context /*context*/, 5139 krb5_enctype /*enctype*/); 5140 5141/** 5142 * Runtime check if the Kerberos library was complied with thread support. 5143 * 5144 * @return TRUE if the library was compiled with thread support, FALSE if not. 5145 * 5146 * @ingroup krb5 5147 */ 5148 5149KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5150krb5_is_thread_safe (void); 5151 5152KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5153krb5_kcm_call ( 5154 krb5_context /*context*/, 5155 krb5_storage */*request*/, 5156 krb5_storage **/*response_p*/, 5157 krb5_data */*response_data_p*/); 5158 5159KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5160krb5_kcm_storage_request ( 5161 krb5_context /*context*/, 5162 uint16_t /*opcode*/, 5163 krb5_storage **/*storage_p*/); 5164 5165/** 5166 * Returns the list of Kerberos encryption types sorted in order of 5167 * most preferred to least preferred encryption type. Note that some 5168 * encryption types might be disabled, so you need to check with 5169 * krb5_enctype_valid() before using the encryption type. 5170 * 5171 * @return list of enctypes, terminated with ETYPE_NULL. Its a static 5172 * array completed into the Kerberos library so the content doesn't 5173 * need to be freed. 5174 * 5175 * @ingroup krb5 5176 */ 5177 5178KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL 5179krb5_kerberos_enctypes (krb5_context /*context*/); 5180 5181/** 5182 * Get encryption type of a keyblock. 5183 * 5184 * @ingroup krb5_crypto 5185 */ 5186 5187KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 5188krb5_keyblock_get_enctype (const krb5_keyblock */*block*/); 5189 5190/** 5191 * Fill in `key' with key data of type `enctype' from `data' of length 5192 * `size'. Key should be freed using krb5_free_keyblock_contents(). 5193 * 5194 * @return 0 on success or a Kerberos 5 error code 5195 * 5196 * @ingroup krb5_crypto 5197 */ 5198 5199KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5200krb5_keyblock_init ( 5201 krb5_context /*context*/, 5202 krb5_enctype /*type*/, 5203 const void */*data*/, 5204 size_t /*size*/, 5205 krb5_keyblock */*key*/); 5206 5207KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5208krb5_keyblock_key_proc ( 5209 krb5_context /*context*/, 5210 krb5_keytype /*type*/, 5211 krb5_data */*salt*/, 5212 krb5_const_pointer /*keyseed*/, 5213 krb5_keyblock **/*key*/); 5214 5215/** 5216 * Zero out a keyblock 5217 * 5218 * @param keyblock keyblock to zero out 5219 * 5220 * @ingroup krb5_crypto 5221 */ 5222 5223KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5224krb5_keyblock_zero (krb5_keyblock */*keyblock*/); 5225 5226/** 5227 * Deprecated: use krb5_get_init_creds() and friends. 5228 * 5229 * @ingroup krb5_deprecated 5230 */ 5231 5232KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 5233krb5_keytab_key_proc ( 5234 krb5_context /*context*/, 5235 krb5_enctype /*enctype*/, 5236 krb5_salt /*salt*/, 5237 krb5_const_pointer /*keyseed*/, 5238 krb5_keyblock **/*key*/) 5239 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5240 5241/** 5242 * Deprecated: keytypes doesn't exists, they are really enctypes. 5243 * 5244 * @ingroup krb5_deprecated 5245 */ 5246 5247KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5248krb5_keytype_to_enctypes ( 5249 krb5_context /*context*/, 5250 krb5_keytype /*keytype*/, 5251 unsigned */*len*/, 5252 krb5_enctype **/*val*/) 5253 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5254 5255/** 5256 * Deprecated: keytypes doesn't exists, they are really enctypes. 5257 * 5258 * @ingroup krb5_deprecated 5259 */ 5260 5261KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5262krb5_keytype_to_enctypes_default ( 5263 krb5_context /*context*/, 5264 krb5_keytype /*keytype*/, 5265 unsigned */*len*/, 5266 krb5_enctype **/*val*/) 5267 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5268 5269/** 5270 * Deprecated: keytypes doesn't exists, they are really enctypes in 5271 * most cases, use krb5_enctype_to_string(). 5272 * 5273 * @ingroup krb5_deprecated 5274 */ 5275 5276KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5277krb5_keytype_to_string ( 5278 krb5_context /*context*/, 5279 krb5_keytype /*keytype*/, 5280 char **/*string*/) 5281 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5282 5283KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5284krb5_krbhst_format_string ( 5285 krb5_context /*context*/, 5286 const krb5_krbhst_info */*host*/, 5287 char */*hostname*/, 5288 size_t /*hostlen*/); 5289 5290KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5291krb5_krbhst_free ( 5292 krb5_context /*context*/, 5293 krb5_krbhst_handle /*handle*/); 5294 5295/** 5296 * Return an `struct addrinfo *' for a KDC host. 5297 * 5298 * Returns an the struct addrinfo in in that corresponds to the 5299 * information in `host'. free:ing is handled by krb5_krbhst_free, so 5300 * the returned ai must not be released. 5301 * 5302 * @ingroup krb5 5303 */ 5304 5305KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5306krb5_krbhst_get_addrinfo ( 5307 krb5_context /*context*/, 5308 krb5_krbhst_info */*host*/, 5309 struct addrinfo **/*ai*/); 5310 5311KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5312krb5_krbhst_init ( 5313 krb5_context /*context*/, 5314 const char */*realm*/, 5315 unsigned int /*type*/, 5316 krb5_krbhst_handle */*handle*/); 5317 5318KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5319krb5_krbhst_init_flags ( 5320 krb5_context /*context*/, 5321 const char */*realm*/, 5322 unsigned int /*type*/, 5323 int /*flags*/, 5324 krb5_krbhst_handle */*handle*/); 5325 5326KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5327krb5_krbhst_next ( 5328 krb5_context /*context*/, 5329 krb5_krbhst_handle /*handle*/, 5330 krb5_krbhst_info **/*host*/); 5331 5332KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5333krb5_krbhst_next_as_string ( 5334 krb5_context /*context*/, 5335 krb5_krbhst_handle /*handle*/, 5336 char */*hostname*/, 5337 size_t /*hostlen*/); 5338 5339KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5340krb5_krbhst_reset ( 5341 krb5_context /*context*/, 5342 krb5_krbhst_handle /*handle*/); 5343 5344KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5345krb5_krbhst_set_hostname ( 5346 krb5_context /*context*/, 5347 krb5_krbhst_handle /*handle*/, 5348 const char */*hostname*/); 5349 5350/** 5351 * Add the entry in `entry' to the keytab `id'. 5352 * 5353 * @param context a Keberos context. 5354 * @param id a keytab. 5355 * @param entry the entry to add 5356 * 5357 * @return Return an error code or 0, see krb5_get_error_message(). 5358 * 5359 * @ingroup krb5_keytab 5360 */ 5361 5362KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5363krb5_kt_add_entry ( 5364 krb5_context /*context*/, 5365 krb5_keytab /*id*/, 5366 krb5_keytab_entry */*entry*/); 5367 5368/** 5369 * Finish using the keytab in `id'. All resources will be released, 5370 * even on errors. 5371 * 5372 * @param context a Keberos context. 5373 * @param id keytab to close. 5374 * 5375 * @return Return an error code or 0, see krb5_get_error_message(). 5376 * 5377 * @ingroup krb5_keytab 5378 */ 5379 5380KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5381krb5_kt_close ( 5382 krb5_context /*context*/, 5383 krb5_keytab /*id*/); 5384 5385/** 5386 * Compare `entry' against `principal, vno, enctype'. 5387 * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. 5388 * Return TRUE if they compare the same, FALSE otherwise. 5389 * 5390 * @param context a Keberos context. 5391 * @param entry an entry to match with. 5392 * @param principal principal to match, NULL matches all principals. 5393 * @param vno key version to match, 0 matches all key version numbers. 5394 * @param enctype encryption type to match, 0 matches all encryption types. 5395 * 5396 * @return Return TRUE or match, FALSE if not matched. 5397 * 5398 * @ingroup krb5_keytab 5399 */ 5400 5401KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5402krb5_kt_compare ( 5403 krb5_context /*context*/, 5404 krb5_keytab_entry */*entry*/, 5405 krb5_const_principal /*principal*/, 5406 krb5_kvno /*vno*/, 5407 krb5_enctype /*enctype*/); 5408 5409/** 5410 * Copy the contents of `in' into `out'. 5411 * 5412 * @param context a Keberos context. 5413 * @param in the keytab entry to copy. 5414 * @param out the copy of the keytab entry, free with krb5_kt_free_entry(). 5415 * 5416 * @return Return an error code or 0, see krb5_get_error_message(). 5417 * 5418 * @ingroup krb5_keytab 5419 */ 5420 5421KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5422krb5_kt_copy_entry_contents ( 5423 krb5_context /*context*/, 5424 const krb5_keytab_entry */*in*/, 5425 krb5_keytab_entry */*out*/); 5426 5427/** 5428 * Set `id' to the default keytab. 5429 * 5430 * @param context a Keberos context. 5431 * @param id the new default keytab. 5432 * 5433 * @return Return an error code or 0, see krb5_get_error_message(). 5434 * 5435 * @ingroup krb5_keytab 5436 */ 5437 5438KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5439krb5_kt_default ( 5440 krb5_context /*context*/, 5441 krb5_keytab */*id*/); 5442 5443/** 5444 * Copy the name of the default modify keytab into `name'. 5445 * 5446 * @param context a Keberos context. 5447 * @param name buffer where the name will be written 5448 * @param namesize length of name 5449 * 5450 * @return Return an error code or 0, see krb5_get_error_message(). 5451 * 5452 * @ingroup krb5_keytab 5453 */ 5454 5455KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5456krb5_kt_default_modify_name ( 5457 krb5_context /*context*/, 5458 char */*name*/, 5459 size_t /*namesize*/); 5460 5461/** 5462 * copy the name of the default keytab into `name'. 5463 * 5464 * @param context a Keberos context. 5465 * @param name buffer where the name will be written 5466 * @param namesize length of name 5467 * 5468 * @return Return an error code or 0, see krb5_get_error_message(). 5469 * 5470 * @ingroup krb5_keytab 5471 */ 5472 5473KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5474krb5_kt_default_name ( 5475 krb5_context /*context*/, 5476 char */*name*/, 5477 size_t /*namesize*/); 5478 5479/** 5480 * Destroy (remove) the keytab in `id'. All resources will be released, 5481 * even on errors, does the equvalment of krb5_kt_close() on the resources. 5482 * 5483 * @param context a Keberos context. 5484 * @param id keytab to destroy. 5485 * 5486 * @return Return an error code or 0, see krb5_get_error_message(). 5487 * 5488 * @ingroup krb5_keytab 5489 */ 5490 5491KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5492krb5_kt_destroy ( 5493 krb5_context /*context*/, 5494 krb5_keytab /*id*/); 5495 5496/** 5497 * Release all resources associated with `cursor'. 5498 * 5499 * @param context a Keberos context. 5500 * @param id a keytab. 5501 * @param cursor the cursor to free. 5502 * 5503 * @return Return an error code or 0, see krb5_get_error_message(). 5504 * 5505 * @ingroup krb5_keytab 5506 */ 5507 5508KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5509krb5_kt_end_seq_get ( 5510 krb5_context /*context*/, 5511 krb5_keytab /*id*/, 5512 krb5_kt_cursor */*cursor*/); 5513 5514/** 5515 * Free the contents of `entry'. 5516 * 5517 * @param context a Keberos context. 5518 * @param entry the entry to free 5519 * 5520 * @return Return an error code or 0, see krb5_get_error_message(). 5521 * 5522 * @ingroup krb5_keytab 5523 */ 5524 5525KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5526krb5_kt_free_entry ( 5527 krb5_context /*context*/, 5528 krb5_keytab_entry */*entry*/); 5529 5530/** 5531 * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' 5532 * from the keytab `id'. Matching is done like krb5_kt_compare(). 5533 * 5534 * @param context a Keberos context. 5535 * @param id a keytab. 5536 * @param principal principal to match, NULL matches all principals. 5537 * @param kvno key version to match, 0 matches all key version numbers. 5538 * @param enctype encryption type to match, 0 matches all encryption types. 5539 * @param entry the returned entry, free with krb5_kt_free_entry(). 5540 * 5541 * @return Return an error code or 0, see krb5_get_error_message(). 5542 * 5543 * @ingroup krb5_keytab 5544 */ 5545 5546KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5547krb5_kt_get_entry ( 5548 krb5_context /*context*/, 5549 krb5_keytab /*id*/, 5550 krb5_const_principal /*principal*/, 5551 krb5_kvno /*kvno*/, 5552 krb5_enctype /*enctype*/, 5553 krb5_keytab_entry */*entry*/); 5554 5555/** 5556 * Retrieve the full name of the keytab `keytab' and store the name in 5557 * `str'. 5558 * 5559 * @param context a Keberos context. 5560 * @param keytab keytab to get name for. 5561 * @param str the name of the keytab name, usee krb5_xfree() to free 5562 * the string. On error, *str is set to NULL. 5563 * 5564 * @return Return an error code or 0, see krb5_get_error_message(). 5565 * 5566 * @ingroup krb5_keytab 5567 */ 5568 5569KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5570krb5_kt_get_full_name ( 5571 krb5_context /*context*/, 5572 krb5_keytab /*keytab*/, 5573 char **/*str*/); 5574 5575/** 5576 * Retrieve the name of the keytab `keytab' into `name', `namesize' 5577 * 5578 * @param context a Keberos context. 5579 * @param keytab the keytab to get the name for. 5580 * @param name name buffer. 5581 * @param namesize size of name buffer. 5582 * 5583 * @return Return an error code or 0, see krb5_get_error_message(). 5584 * 5585 * @ingroup krb5_keytab 5586 */ 5587 5588KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5589krb5_kt_get_name ( 5590 krb5_context /*context*/, 5591 krb5_keytab /*keytab*/, 5592 char */*name*/, 5593 size_t /*namesize*/); 5594 5595/** 5596 * Return the type of the `keytab' in the string `prefix of length 5597 * `prefixsize'. 5598 * 5599 * @param context a Keberos context. 5600 * @param keytab the keytab to get the prefix for 5601 * @param prefix prefix buffer 5602 * @param prefixsize length of prefix buffer 5603 * 5604 * @return Return an error code or 0, see krb5_get_error_message(). 5605 * 5606 * @ingroup krb5_keytab 5607 */ 5608 5609KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5610krb5_kt_get_type ( 5611 krb5_context /*context*/, 5612 krb5_keytab /*keytab*/, 5613 char */*prefix*/, 5614 size_t /*prefixsize*/); 5615 5616/** 5617 * Return true if the keytab exists and have entries 5618 * 5619 * @param context a Keberos context. 5620 * @param id a keytab. 5621 * 5622 * @return Return an error code or 0, see krb5_get_error_message(). 5623 * 5624 * @ingroup krb5_keytab 5625 */ 5626 5627KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5628krb5_kt_have_content ( 5629 krb5_context /*context*/, 5630 krb5_keytab /*id*/); 5631 5632/** 5633 * Get the next entry from keytab, advance the cursor. On last entry 5634 * the function will return KRB5_KT_END. 5635 * 5636 * @param context a Keberos context. 5637 * @param id a keytab. 5638 * @param entry the returned entry, free with krb5_kt_free_entry(). 5639 * @param cursor the cursor of the iteration. 5640 * 5641 * @return Return an error code or 0, see krb5_get_error_message(). 5642 * 5643 * @ingroup krb5_keytab 5644 */ 5645 5646KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5647krb5_kt_next_entry ( 5648 krb5_context /*context*/, 5649 krb5_keytab /*id*/, 5650 krb5_keytab_entry */*entry*/, 5651 krb5_kt_cursor */*cursor*/); 5652 5653/** 5654 * Read the key identified by `(principal, vno, enctype)' from the 5655 * keytab in `keyprocarg' (the default if == NULL) into `*key'. 5656 * 5657 * @param context a Keberos context. 5658 * @param keyprocarg 5659 * @param principal 5660 * @param vno 5661 * @param enctype 5662 * @param key 5663 * 5664 * @return Return an error code or 0, see krb5_get_error_message(). 5665 * 5666 * @ingroup krb5_keytab 5667 */ 5668 5669KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5670krb5_kt_read_service_key ( 5671 krb5_context /*context*/, 5672 krb5_pointer /*keyprocarg*/, 5673 krb5_principal /*principal*/, 5674 krb5_kvno /*vno*/, 5675 krb5_enctype /*enctype*/, 5676 krb5_keyblock **/*key*/); 5677 5678/** 5679 * Register a new keytab backend. 5680 * 5681 * @param context a Keberos context. 5682 * @param ops a backend to register. 5683 * 5684 * @return Return an error code or 0, see krb5_get_error_message(). 5685 * 5686 * @ingroup krb5_keytab 5687 */ 5688 5689KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5690krb5_kt_register ( 5691 krb5_context /*context*/, 5692 const krb5_kt_ops */*ops*/); 5693 5694/** 5695 * Remove an entry from the keytab, matching is done using 5696 * krb5_kt_compare(). 5697 5698 * @param context a Keberos context. 5699 * @param id a keytab. 5700 * @param entry the entry to remove 5701 * 5702 * @return Return an error code or 0, see krb5_get_error_message(). 5703 * 5704 * @ingroup krb5_keytab 5705 */ 5706 5707KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5708krb5_kt_remove_entry ( 5709 krb5_context /*context*/, 5710 krb5_keytab /*id*/, 5711 krb5_keytab_entry */*entry*/); 5712 5713/** 5714 * Resolve the keytab name (of the form `type:residual') in `name' 5715 * into a keytab in `id'. 5716 * 5717 * @param context a Keberos context. 5718 * @param name name to resolve 5719 * @param id resulting keytab, free with krb5_kt_close(). 5720 * 5721 * @return Return an error code or 0, see krb5_get_error_message(). 5722 * 5723 * @ingroup krb5_keytab 5724 */ 5725 5726KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5727krb5_kt_resolve ( 5728 krb5_context /*context*/, 5729 const char */*name*/, 5730 krb5_keytab */*id*/); 5731 5732/** 5733 * Set `cursor' to point at the beginning of `id'. 5734 * 5735 * @param context a Keberos context. 5736 * @param id a keytab. 5737 * @param cursor a newly allocated cursor, free with krb5_kt_end_seq_get(). 5738 * 5739 * @return Return an error code or 0, see krb5_get_error_message(). 5740 * 5741 * @ingroup krb5_keytab 5742 */ 5743 5744KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5745krb5_kt_start_seq_get ( 5746 krb5_context /*context*/, 5747 krb5_keytab /*id*/, 5748 krb5_kt_cursor */*cursor*/); 5749 5750/** 5751 * This function takes the name of a local user and checks if 5752 * principal is allowed to log in as that user. 5753 * 5754 * The user may have a ~/.k5login file listing principals that are 5755 * allowed to login as that user. If that file does not exist, all 5756 * principals with a only one component that is identical to the 5757 * username, and a realm considered local, are allowed access. 5758 * 5759 * The .k5login file must contain one principal per line, be owned by 5760 * user and not be writable by group or other (but must be readable by 5761 * anyone). 5762 * 5763 * Note that if the file exists, no implicit access rights are given 5764 * to user@@LOCALREALM. 5765 * 5766 * Optionally, a set of files may be put in ~/.k5login.d (a 5767 * directory), in which case they will all be checked in the same 5768 * manner as .k5login. The files may be called anything, but files 5769 * starting with a hash (#) , or ending with a tilde (~) are 5770 * ignored. Subdirectories are not traversed. Note that this directory 5771 * may not be checked by other Kerberos implementations. 5772 * 5773 * If no configuration file exists, match user against local domains, 5774 * ie luser@@LOCAL-REALMS-IN-CONFIGURATION-FILES. 5775 * 5776 * @param context Kerberos 5 context. 5777 * @param principal principal to check if allowed to login 5778 * @param luser local user id 5779 * 5780 * @return returns TRUE if access should be granted, FALSE otherwise. 5781 * 5782 * @ingroup krb5_support 5783 */ 5784 5785KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5786krb5_kuserok ( 5787 krb5_context /*context*/, 5788 krb5_principal /*principal*/, 5789 const char */*luser*/); 5790 5791KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5792krb5_log ( 5793 krb5_context /*context*/, 5794 krb5_log_facility */*fac*/, 5795 int /*level*/, 5796 const char */*fmt*/, 5797 ...) 5798 __attribute__ ((__format__ (__printf__, 4, 5))); 5799 5800KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5801krb5_log_msg ( 5802 krb5_context /*context*/, 5803 krb5_log_facility */*fac*/, 5804 int /*level*/, 5805 char **/*reply*/, 5806 const char */*fmt*/, 5807 ...) 5808 __attribute__ ((__format__ (__printf__, 5, 6))); 5809 5810/** 5811 * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) 5812 * 5813 * @param context a Keberos context 5814 * @param res built address from addr/port 5815 * @param addr address to use 5816 * @param port port to use 5817 * 5818 * @return Return an error code or 0. 5819 * 5820 * @ingroup krb5_address 5821 */ 5822 5823KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5824krb5_make_addrport ( 5825 krb5_context /*context*/, 5826 krb5_address **/*res*/, 5827 const krb5_address */*addr*/, 5828 int16_t /*port*/); 5829 5830/** 5831 * Build a principal using vararg style building 5832 * 5833 * @param context A Kerberos context. 5834 * @param principal returned principal 5835 * @param realm realm name 5836 * @param ... a list of components ended with NULL. 5837 * 5838 * @return An krb5 error code, see krb5_get_error_message(). 5839 * 5840 * @ingroup krb5_principal 5841 */ 5842 5843KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5844krb5_make_principal ( 5845 krb5_context /*context*/, 5846 krb5_principal */*principal*/, 5847 krb5_const_realm /*realm*/, 5848 ...); 5849 5850/** 5851 * krb5_max_sockaddr_size returns the max size of the .Li struct 5852 * sockaddr that the Kerberos library will return. 5853 * 5854 * @return Return an size_t of the maximum struct sockaddr. 5855 * 5856 * @ingroup krb5_address 5857 */ 5858 5859KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 5860krb5_max_sockaddr_size (void); 5861 5862KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5863krb5_mk_error ( 5864 krb5_context /*context*/, 5865 krb5_error_code /*error_code*/, 5866 const char */*e_text*/, 5867 const krb5_data */*e_data*/, 5868 const krb5_principal /*client*/, 5869 const krb5_principal /*server*/, 5870 time_t */*client_time*/, 5871 int */*client_usec*/, 5872 krb5_data */*reply*/); 5873 5874KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5875krb5_mk_error_ext ( 5876 krb5_context /*context*/, 5877 krb5_error_code /*error_code*/, 5878 const char */*e_text*/, 5879 const krb5_data */*e_data*/, 5880 const krb5_principal /*server*/, 5881 const PrincipalName */*client_name*/, 5882 const Realm */*client_realm*/, 5883 time_t */*client_time*/, 5884 int */*client_usec*/, 5885 krb5_data */*reply*/); 5886 5887KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5888krb5_mk_priv ( 5889 krb5_context /*context*/, 5890 krb5_auth_context /*auth_context*/, 5891 const krb5_data */*userdata*/, 5892 krb5_data */*outbuf*/, 5893 krb5_replay_data */*outdata*/); 5894 5895KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5896krb5_mk_rep ( 5897 krb5_context /*context*/, 5898 krb5_auth_context /*auth_context*/, 5899 krb5_data */*outbuf*/); 5900 5901KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5902krb5_mk_req ( 5903 krb5_context /*context*/, 5904 krb5_auth_context */*auth_context*/, 5905 const krb5_flags /*ap_req_options*/, 5906 const char */*service*/, 5907 const char */*hostname*/, 5908 krb5_data */*in_data*/, 5909 krb5_ccache /*ccache*/, 5910 krb5_data */*outbuf*/); 5911 5912KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5913krb5_mk_req_exact ( 5914 krb5_context /*context*/, 5915 krb5_auth_context */*auth_context*/, 5916 const krb5_flags /*ap_req_options*/, 5917 const krb5_principal /*server*/, 5918 krb5_data */*in_data*/, 5919 krb5_ccache /*ccache*/, 5920 krb5_data */*outbuf*/); 5921 5922KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5923krb5_mk_req_extended ( 5924 krb5_context /*context*/, 5925 krb5_auth_context */*auth_context*/, 5926 const krb5_flags /*ap_req_options*/, 5927 krb5_data */*in_data*/, 5928 krb5_creds */*in_creds*/, 5929 krb5_data */*outbuf*/); 5930 5931KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5932krb5_mk_safe ( 5933 krb5_context /*context*/, 5934 krb5_auth_context /*auth_context*/, 5935 const krb5_data */*userdata*/, 5936 krb5_data */*outbuf*/, 5937 krb5_replay_data */*outdata*/); 5938 5939/** 5940 * Iteratively apply name canon rules, outputing a principal and rule 5941 * options each time. Iteration completes when the @iter is NULL on 5942 * return or when an error is returned. Callers must free the iterator 5943 * if they abandon it mid-way. 5944 * 5945 * @param context Kerberos context 5946 * @param iter name canon rule iterator (input/output) 5947 * @param try_princ output principal name 5948 * @param rule_opts output rule options 5949 */ 5950 5951KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5952krb5_name_canon_iterate ( 5953 krb5_context /*context*/, 5954 krb5_name_canon_iterator */*iter*/, 5955 krb5_const_principal */*try_princ*/, 5956 krb5_name_canon_rule_options */*rule_opts*/); 5957 5958/** 5959 * Initialize name canonicalization iterator. 5960 * 5961 * @param context Kerberos context 5962 * @param in_princ principal name to be canonicalized OR 5963 * @param iter output iterator object 5964 */ 5965 5966KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5967krb5_name_canon_iterator_start ( 5968 krb5_context /*context*/, 5969 krb5_const_principal /*in_princ*/, 5970 krb5_name_canon_iterator */*iter*/); 5971 5972/** 5973 * Read \a len bytes from socket \a p_fd into buffer \a buf. 5974 * Block until \a len bytes are read or until an error. 5975 * 5976 * @return If successful, the number of bytes read: \a len. 5977 * On end-of-file, 0. 5978 * On error, less than 0 (if single-threaded, the error can be found 5979 * in the errno global variable). 5980 */ 5981 5982KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5983krb5_net_read ( 5984 krb5_context /*context*/, 5985 void */*p_fd*/, 5986 void */*buf*/, 5987 size_t /*len*/); 5988 5989KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5990krb5_net_write ( 5991 krb5_context /*context*/, 5992 void */*p_fd*/, 5993 const void */*buf*/, 5994 size_t /*len*/); 5995 5996KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5997krb5_net_write_block ( 5998 krb5_context /*context*/, 5999 void */*p_fd*/, 6000 const void */*buf*/, 6001 size_t /*len*/, 6002 time_t /*timeout*/); 6003 6004KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6005krb5_ntlm_alloc ( 6006 krb5_context /*context*/, 6007 krb5_ntlm */*ntlm*/); 6008 6009KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6010krb5_ntlm_free ( 6011 krb5_context /*context*/, 6012 krb5_ntlm /*ntlm*/); 6013 6014KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6015krb5_ntlm_init_get_challenge ( 6016 krb5_context /*context*/, 6017 krb5_ntlm /*ntlm*/, 6018 krb5_data */*challenge*/); 6019 6020KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6021krb5_ntlm_init_get_flags ( 6022 krb5_context /*context*/, 6023 krb5_ntlm /*ntlm*/, 6024 uint32_t */*flags*/); 6025 6026KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6027krb5_ntlm_init_get_opaque ( 6028 krb5_context /*context*/, 6029 krb5_ntlm /*ntlm*/, 6030 krb5_data */*opaque*/); 6031 6032KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6033krb5_ntlm_init_get_targetinfo ( 6034 krb5_context /*context*/, 6035 krb5_ntlm /*ntlm*/, 6036 krb5_data */*data*/); 6037 6038KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6039krb5_ntlm_init_get_targetname ( 6040 krb5_context /*context*/, 6041 krb5_ntlm /*ntlm*/, 6042 char **/*name*/); 6043 6044KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6045krb5_ntlm_init_request ( 6046 krb5_context /*context*/, 6047 krb5_ntlm /*ntlm*/, 6048 krb5_realm /*realm*/, 6049 krb5_ccache /*ccache*/, 6050 uint32_t /*flags*/, 6051 const char */*hostname*/, 6052 const char */*domainname*/); 6053 6054KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6055krb5_ntlm_rep_get_sessionkey ( 6056 krb5_context /*context*/, 6057 krb5_ntlm /*ntlm*/, 6058 krb5_data */*data*/); 6059 6060KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6061krb5_ntlm_rep_get_status ( 6062 krb5_context /*context*/, 6063 krb5_ntlm /*ntlm*/); 6064 6065KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6066krb5_ntlm_req_set_flags ( 6067 krb5_context /*context*/, 6068 krb5_ntlm /*ntlm*/, 6069 uint32_t /*flags*/); 6070 6071KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6072krb5_ntlm_req_set_lm ( 6073 krb5_context /*context*/, 6074 krb5_ntlm /*ntlm*/, 6075 void */*hash*/, 6076 size_t /*len*/); 6077 6078KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6079krb5_ntlm_req_set_ntlm ( 6080 krb5_context /*context*/, 6081 krb5_ntlm /*ntlm*/, 6082 void */*hash*/, 6083 size_t /*len*/); 6084 6085KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6086krb5_ntlm_req_set_opaque ( 6087 krb5_context /*context*/, 6088 krb5_ntlm /*ntlm*/, 6089 krb5_data */*opaque*/); 6090 6091KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6092krb5_ntlm_req_set_session ( 6093 krb5_context /*context*/, 6094 krb5_ntlm /*ntlm*/, 6095 void */*sessionkey*/, 6096 size_t /*length*/); 6097 6098KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6099krb5_ntlm_req_set_targetname ( 6100 krb5_context /*context*/, 6101 krb5_ntlm /*ntlm*/, 6102 const char */*targetname*/); 6103 6104KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6105krb5_ntlm_req_set_username ( 6106 krb5_context /*context*/, 6107 krb5_ntlm /*ntlm*/, 6108 const char */*username*/); 6109 6110KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6111krb5_ntlm_request ( 6112 krb5_context /*context*/, 6113 krb5_ntlm /*ntlm*/, 6114 krb5_realm /*realm*/, 6115 krb5_ccache /*ccache*/); 6116 6117KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6118krb5_openlog ( 6119 krb5_context /*context*/, 6120 const char */*program*/, 6121 krb5_log_facility **/*fac*/); 6122 6123KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6124krb5_pac_add_buffer ( 6125 krb5_context /*context*/, 6126 krb5_pac /*p*/, 6127 uint32_t /*type*/, 6128 const krb5_data */*data*/); 6129 6130KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6131krb5_pac_free ( 6132 krb5_context /*context*/, 6133 krb5_pac /*pac*/); 6134 6135/** 6136 * Get the PAC buffer of specific type from the pac. 6137 * 6138 * @param context Kerberos 5 context. 6139 * @param p the pac structure returned by krb5_pac_parse(). 6140 * @param type type of buffer to get 6141 * @param data return data, free with krb5_data_free(). 6142 * 6143 * @return Returns 0 to indicate success. Otherwise an kerberos et 6144 * error code is returned, see krb5_get_error_message(). 6145 * 6146 * @ingroup krb5_pac 6147 */ 6148 6149KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6150krb5_pac_get_buffer ( 6151 krb5_context /*context*/, 6152 krb5_pac /*p*/, 6153 uint32_t /*type*/, 6154 krb5_data */*data*/); 6155 6156KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6157krb5_pac_get_types ( 6158 krb5_context /*context*/, 6159 krb5_pac /*p*/, 6160 size_t */*len*/, 6161 uint32_t **/*types*/); 6162 6163KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6164krb5_pac_init ( 6165 krb5_context /*context*/, 6166 krb5_pac */*pac*/); 6167 6168KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6169krb5_pac_parse ( 6170 krb5_context /*context*/, 6171 const void */*ptr*/, 6172 size_t /*len*/, 6173 krb5_pac */*pac*/); 6174 6175/** 6176 * Verify the PAC. 6177 * 6178 * @param context Kerberos 5 context. 6179 * @param pac the pac structure returned by krb5_pac_parse(). 6180 * @param authtime The time of the ticket the PAC belongs to. 6181 * @param principal the principal to verify. 6182 * @param server The service key, most always be given. 6183 * @param privsvr The KDC key, may be given. 6184 6185 * @return Returns 0 to indicate success. Otherwise an kerberos et 6186 * error code is returned, see krb5_get_error_message(). 6187 * 6188 * @ingroup krb5_pac 6189 */ 6190 6191KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6192krb5_pac_verify ( 6193 krb5_context /*context*/, 6194 const krb5_pac /*pac*/, 6195 time_t /*authtime*/, 6196 krb5_const_principal /*principal*/, 6197 const krb5_keyblock */*server*/, 6198 const krb5_keyblock */*privsvr*/); 6199 6200KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6201krb5_padata_add ( 6202 krb5_context /*context*/, 6203 METHOD_DATA */*md*/, 6204 int /*type*/, 6205 void */*buf*/, 6206 size_t /*len*/); 6207 6208/** 6209 * krb5_parse_address returns the resolved hostname in string to the 6210 * krb5_addresses addresses . 6211 * 6212 * @param context a Keberos context 6213 * @param string 6214 * @param addresses 6215 * 6216 * @return Return an error code or 0. 6217 * 6218 * @ingroup krb5_address 6219 */ 6220 6221KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6222krb5_parse_address ( 6223 krb5_context /*context*/, 6224 const char */*string*/, 6225 krb5_addresses */*addresses*/); 6226 6227/** 6228 * Parse a name into a krb5_principal structure 6229 * 6230 * @param context Kerberos 5 context 6231 * @param name name to parse into a Kerberos principal 6232 * @param principal returned principal, free with krb5_free_principal(). 6233 * 6234 * @return An krb5 error code, see krb5_get_error_message(). 6235 * 6236 * @ingroup krb5_principal 6237 */ 6238 6239KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6240krb5_parse_name ( 6241 krb5_context /*context*/, 6242 const char */*name*/, 6243 krb5_principal */*principal*/); 6244 6245/** 6246 * Parse a name into a krb5_principal structure, flags controls the behavior. 6247 * 6248 * @param context Kerberos 5 context 6249 * @param name name to parse into a Kerberos principal 6250 * @param flags flags to control the behavior 6251 * @param principal returned principal, free with krb5_free_principal(). 6252 * 6253 * @return An krb5 error code, see krb5_get_error_message(). 6254 * 6255 * @ingroup krb5_principal 6256 */ 6257 6258KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6259krb5_parse_name_flags ( 6260 krb5_context /*context*/, 6261 const char */*name*/, 6262 int /*flags*/, 6263 krb5_principal */*principal*/); 6264 6265/** 6266 * Parse nametype string and return a nametype integer 6267 * 6268 * @ingroup krb5_principal 6269 */ 6270 6271KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6272krb5_parse_nametype ( 6273 krb5_context /*context*/, 6274 const char */*str*/, 6275 int32_t */*nametype*/); 6276 6277KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6278krb5_passwd_result_to_string ( 6279 krb5_context /*context*/, 6280 int /*result*/); 6281 6282/** 6283 * Deprecated: use krb5_get_init_creds() and friends. 6284 * 6285 * @ingroup krb5_deprecated 6286 */ 6287 6288KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 6289krb5_password_key_proc ( 6290 krb5_context /*context*/, 6291 krb5_enctype /*type*/, 6292 krb5_salt /*salt*/, 6293 krb5_const_pointer /*keyseed*/, 6294 krb5_keyblock **/*key*/) 6295 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6296 6297KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6298krb5_pk_enterprise_cert ( 6299 krb5_context /*context*/, 6300 const char */*user_id*/, 6301 krb5_const_realm /*realm*/, 6302 krb5_principal */*principal*/, 6303 struct hx509_certs_data **/*res*/); 6304 6305/** 6306 * Register a plugin symbol name of specific type. 6307 * @param context a Keberos context 6308 * @param type type of plugin symbol 6309 * @param name name of plugin symbol 6310 * @param symbol a pointer to the named symbol 6311 * @return In case of error a non zero error com_err error is returned 6312 * and the Kerberos error string is set. 6313 * 6314 * @ingroup krb5_support 6315 */ 6316 6317KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6318krb5_plugin_register ( 6319 krb5_context /*context*/, 6320 enum krb5_plugin_type /*type*/, 6321 const char */*name*/, 6322 void */*symbol*/); 6323 6324KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6325krb5_prepend_config_files ( 6326 const char */*filelist*/, 6327 char **/*pq*/, 6328 char ***/*ret_pp*/); 6329 6330/** 6331 * Prepend the filename to the global configuration list. 6332 * 6333 * @param filelist a filename to add to the default list of filename 6334 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 6335 * 6336 * @return Returns 0 to indicate success. Otherwise an kerberos et 6337 * error code is returned, see krb5_get_error_message(). 6338 * 6339 * @ingroup krb5 6340 */ 6341 6342KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6343krb5_prepend_config_files_default ( 6344 const char */*filelist*/, 6345 char ***/*pfilenames*/); 6346 6347/** 6348 * Prepend the context full error string for a specific error code. 6349 * The error that is stored should be internationalized. 6350 * 6351 * The if context is NULL, no error string is stored. 6352 * 6353 * @param context Kerberos 5 context 6354 * @param ret The error code 6355 * @param fmt Error string for the error code 6356 * @param ... printf(3) style parameters. 6357 * 6358 * @ingroup krb5_error 6359 */ 6360 6361KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6362krb5_prepend_error_message ( 6363 krb5_context /*context*/, 6364 krb5_error_code /*ret*/, 6365 const char */*fmt*/, 6366 ...) 6367 __attribute__ ((__format__ (__printf__, 3, 4))); 6368 6369/** 6370 * Deprecated: use krb5_principal_get_realm() 6371 * 6372 * @ingroup krb5_deprecated 6373 */ 6374 6375KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL 6376krb5_princ_realm ( 6377 krb5_context /*context*/, 6378 krb5_principal /*principal*/) 6379 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6380 6381/** 6382 * Deprecated: use krb5_principal_set_realm() 6383 * 6384 * @ingroup krb5_deprecated 6385 */ 6386 6387KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6388krb5_princ_set_realm ( 6389 krb5_context /*context*/, 6390 krb5_principal /*principal*/, 6391 krb5_realm */*realm*/) 6392 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6393 6394/** 6395 * Compares the two principals, including realm of the principals and returns 6396 * TRUE if they are the same and FALSE if not. 6397 * 6398 * @param context Kerberos 5 context 6399 * @param princ1 first principal to compare 6400 * @param princ2 second principal to compare 6401 * 6402 * @ingroup krb5_principal 6403 * @see krb5_principal_compare_any_realm() 6404 * @see krb5_realm_compare() 6405 */ 6406 6407KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6408krb5_principal_compare ( 6409 krb5_context /*context*/, 6410 krb5_const_principal /*princ1*/, 6411 krb5_const_principal /*princ2*/); 6412 6413/** 6414 * Return TRUE iff princ1 == princ2 (without considering the realm) 6415 * 6416 * @param context Kerberos 5 context 6417 * @param princ1 first principal to compare 6418 * @param princ2 second principal to compare 6419 * 6420 * @return non zero if equal, 0 if not 6421 * 6422 * @ingroup krb5_principal 6423 * @see krb5_principal_compare() 6424 * @see krb5_realm_compare() 6425 */ 6426 6427KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6428krb5_principal_compare_any_realm ( 6429 krb5_context /*context*/, 6430 krb5_const_principal /*princ1*/, 6431 krb5_const_principal /*princ2*/); 6432 6433KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6434krb5_principal_get_comp_string ( 6435 krb5_context /*context*/, 6436 krb5_const_principal /*principal*/, 6437 unsigned int /*component*/); 6438 6439/** 6440 * Get number of component is principal. 6441 * 6442 * @param context Kerberos 5 context 6443 * @param principal principal to query 6444 * 6445 * @return number of components in string 6446 * 6447 * @ingroup krb5_principal 6448 */ 6449 6450KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL 6451krb5_principal_get_num_comp ( 6452 krb5_context /*context*/, 6453 krb5_const_principal /*principal*/); 6454 6455/** 6456 * Get the realm of the principal 6457 * 6458 * @param context A Kerberos context. 6459 * @param principal principal to get the realm for 6460 * 6461 * @return realm of the principal, don't free or use after krb5_principal is freed 6462 * 6463 * @ingroup krb5_principal 6464 */ 6465 6466KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6467krb5_principal_get_realm ( 6468 krb5_context /*context*/, 6469 krb5_const_principal /*principal*/); 6470 6471/** 6472 * Get the type of the principal 6473 * 6474 * @param context A Kerberos context. 6475 * @param principal principal to get the type for 6476 * 6477 * @return the type of principal 6478 * 6479 * @ingroup krb5_principal 6480 */ 6481 6482KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6483krb5_principal_get_type ( 6484 krb5_context /*context*/, 6485 krb5_const_principal /*principal*/); 6486 6487/** 6488 * Returns true iff name is WELLKNOWN/ANONYMOUS 6489 * 6490 * @ingroup krb5_principal 6491 */ 6492 6493KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6494krb5_principal_is_anonymous ( 6495 krb5_context /*context*/, 6496 krb5_const_principal /*p*/, 6497 unsigned int /*flags*/); 6498 6499/** 6500 * Returns true iff name is an WELLKNOWN:ORG.H5L.HOSTBASED-SERVICE 6501 * 6502 * @ingroup krb5_principal 6503 */ 6504 6505krb5_boolean KRB5_LIB_FUNCTION 6506krb5_principal_is_gss_hostbased_service ( 6507 krb5_context /*context*/, 6508 krb5_const_principal /*principal*/); 6509 6510/** 6511 * Check if the cname part of the principal is a krbtgt principal 6512 * 6513 * @ingroup krb5_principal 6514 */ 6515 6516KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6517krb5_principal_is_krbtgt ( 6518 krb5_context /*context*/, 6519 krb5_const_principal /*p*/); 6520 6521/** 6522 * Returns true if name is Kerberos an LKDC realm 6523 * 6524 * @ingroup krb5_principal 6525 */ 6526 6527krb5_boolean KRB5_LIB_FUNCTION 6528krb5_principal_is_lkdc ( 6529 krb5_context /*context*/, 6530 krb5_const_principal /*principal*/); 6531 6532/** 6533 * Returns true if name is Kerberos NULL name 6534 * 6535 * @ingroup krb5_principal 6536 */ 6537 6538krb5_boolean KRB5_LIB_FUNCTION 6539krb5_principal_is_null ( 6540 krb5_context /*context*/, 6541 krb5_const_principal /*principal*/); 6542 6543/** 6544 * Returns true if name is Kerberos an LKDC realm 6545 * 6546 * @ingroup krb5_principal 6547 */ 6548 6549krb5_boolean KRB5_LIB_FUNCTION 6550krb5_principal_is_pku2u ( 6551 krb5_context /*context*/, 6552 krb5_const_principal /*principal*/); 6553 6554/** 6555 * Check if the cname part of the principal is a initial or renewed krbtgt principal 6556 * 6557 * @ingroup krb5_principal 6558 */ 6559 6560krb5_boolean KRB5_LIB_FUNCTION 6561krb5_principal_is_root_krbtgt ( 6562 krb5_context /*context*/, 6563 krb5_const_principal /*p*/); 6564 6565/** 6566 * return TRUE iff princ matches pattern 6567 * 6568 * @ingroup krb5_principal 6569 */ 6570 6571KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6572krb5_principal_match ( 6573 krb5_context /*context*/, 6574 krb5_const_principal /*princ*/, 6575 krb5_const_principal /*pattern*/); 6576 6577KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6578krb5_principal_set_comp_string ( 6579 krb5_context /*context*/, 6580 krb5_principal /*principal*/, 6581 unsigned int /*k*/, 6582 const char */*component*/); 6583 6584/** 6585 * Set a new realm for a principal, and as a side-effect free the 6586 * previous realm. 6587 * 6588 * @param context A Kerberos context. 6589 * @param principal principal set the realm for 6590 * @param realm the new realm to set 6591 * 6592 * @return An krb5 error code, see krb5_get_error_message(). 6593 * 6594 * @ingroup krb5_principal 6595 */ 6596 6597KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6598krb5_principal_set_realm ( 6599 krb5_context /*context*/, 6600 krb5_principal /*principal*/, 6601 krb5_const_realm /*realm*/); 6602 6603/** 6604 * Set the type of the principal 6605 * 6606 * @param context A Kerberos context. 6607 * @param principal principal to set the type for 6608 * @param type the new type 6609 * 6610 * @return An krb5 error code, see krb5_get_error_message(). 6611 * 6612 * @ingroup krb5_principal 6613 */ 6614 6615KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6616krb5_principal_set_type ( 6617 krb5_context /*context*/, 6618 krb5_principal /*principal*/, 6619 int /*type*/); 6620 6621/** 6622 * krb5_print_address prints the address in addr to the string string 6623 * that have the length len. If ret_len is not NULL, it will be filled 6624 * with the length of the string if size were unlimited (not including 6625 * the final NUL) . 6626 * 6627 * @param addr address to be printed 6628 * @param str pointer string to print the address into 6629 * @param len length that will fit into area pointed to by "str". 6630 * @param ret_len return length the str. 6631 * 6632 * @return Return an error code or 0. 6633 * 6634 * @ingroup krb5_address 6635 */ 6636 6637KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6638krb5_print_address ( 6639 const krb5_address */*addr*/, 6640 char */*str*/, 6641 size_t /*len*/, 6642 size_t */*ret_len*/); 6643 6644krb5_error_code 6645krb5_process_last_request ( 6646 krb5_context /*context*/, 6647 krb5_get_init_creds_opt */*options*/, 6648 krb5_init_creds_context /*ctx*/); 6649 6650KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6651krb5_program_setup ( 6652 krb5_context */*context*/, 6653 int /*argc*/, 6654 char **/*argv*/, 6655 struct getargs */*args*/, 6656 int /*num_args*/, 6657 void (KRB5_LIB_CALL *usage)(int, struct getargs*, int)); 6658 6659KRB5_LIB_FUNCTION int KRB5_CALLCONV 6660krb5_prompter_posix ( 6661 krb5_context /*context*/, 6662 void */*data*/, 6663 const char */*name*/, 6664 const char */*banner*/, 6665 int /*num_prompts*/, 6666 krb5_prompt prompts[]); 6667 6668/** 6669 * Converts the random bytestring to a protocol key according to 6670 * Kerberos crypto frame work. It may be assumed that all the bits of 6671 * the input string are equally random, even though the entropy 6672 * present in the random source may be limited. 6673 * 6674 * @param context Kerberos 5 context 6675 * @param type the enctype resulting key will be of 6676 * @param data input random data to convert to a key 6677 * @param size size of input random data, at least krb5_enctype_keysize() long 6678 * @param key key, output key, free with krb5_free_keyblock_contents() 6679 * 6680 * @return Return an error code or 0. 6681 * 6682 * @ingroup krb5_crypto 6683 */ 6684 6685KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6686krb5_random_to_key ( 6687 krb5_context /*context*/, 6688 krb5_enctype /*type*/, 6689 const void */*data*/, 6690 size_t /*size*/, 6691 krb5_keyblock */*key*/); 6692 6693KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6694krb5_rc_close ( 6695 krb5_context /*context*/, 6696 krb5_rcache /*id*/); 6697 6698KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6699krb5_rc_default ( 6700 krb5_context /*context*/, 6701 krb5_rcache */*id*/); 6702 6703KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6704krb5_rc_default_name (krb5_context /*context*/); 6705 6706KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6707krb5_rc_default_type (krb5_context /*context*/); 6708 6709KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6710krb5_rc_destroy ( 6711 krb5_context /*context*/, 6712 krb5_rcache /*id*/); 6713 6714KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6715krb5_rc_expunge ( 6716 krb5_context /*context*/, 6717 krb5_rcache /*id*/); 6718 6719KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6720krb5_rc_get_lifespan ( 6721 krb5_context /*context*/, 6722 krb5_rcache /*id*/, 6723 krb5_deltat */*auth_lifespan*/); 6724 6725KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6726krb5_rc_get_name ( 6727 krb5_context /*context*/, 6728 krb5_rcache /*id*/); 6729 6730KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6731krb5_rc_get_type ( 6732 krb5_context /*context*/, 6733 krb5_rcache /*id*/); 6734 6735KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6736krb5_rc_initialize ( 6737 krb5_context /*context*/, 6738 krb5_rcache /*id*/, 6739 krb5_deltat /*auth_lifespan*/); 6740 6741KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6742krb5_rc_recover ( 6743 krb5_context /*context*/, 6744 krb5_rcache /*id*/); 6745 6746KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6747krb5_rc_resolve ( 6748 krb5_context /*context*/, 6749 krb5_rcache /*id*/, 6750 const char */*name*/); 6751 6752KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6753krb5_rc_resolve_full ( 6754 krb5_context /*context*/, 6755 krb5_rcache */*id*/, 6756 const char */*string_name*/); 6757 6758KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6759krb5_rc_resolve_type ( 6760 krb5_context /*context*/, 6761 krb5_rcache */*id*/, 6762 const char */*type*/); 6763 6764KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6765krb5_rc_store ( 6766 krb5_context /*context*/, 6767 krb5_rcache /*id*/, 6768 krb5_donot_replay */*rep*/); 6769 6770KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6771krb5_rd_cred ( 6772 krb5_context /*context*/, 6773 krb5_auth_context /*auth_context*/, 6774 krb5_data */*in_data*/, 6775 krb5_creds ***/*ret_creds*/, 6776 krb5_replay_data */*outdata*/); 6777 6778KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6779krb5_rd_cred2 ( 6780 krb5_context /*context*/, 6781 krb5_auth_context /*auth_context*/, 6782 krb5_ccache /*ccache*/, 6783 krb5_data */*in_data*/); 6784 6785KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6786krb5_rd_error ( 6787 krb5_context /*context*/, 6788 const krb5_data */*msg*/, 6789 KRB_ERROR */*result*/); 6790 6791KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6792krb5_rd_priv ( 6793 krb5_context /*context*/, 6794 krb5_auth_context /*auth_context*/, 6795 const krb5_data */*inbuf*/, 6796 krb5_data */*outbuf*/, 6797 krb5_replay_data */*outdata*/); 6798 6799KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6800krb5_rd_rep ( 6801 krb5_context /*context*/, 6802 krb5_auth_context /*auth_context*/, 6803 const krb5_data */*inbuf*/, 6804 krb5_ap_rep_enc_part **/*repl*/); 6805 6806/** 6807 * Process an AP_REQ message. 6808 * 6809 * @param context Kerberos 5 context. 6810 * @param auth_context authentication context of the peer. 6811 * @param inbuf the AP_REQ message, obtained for example with krb5_read_message(). 6812 * @param server server principal. 6813 * @param keytab server keytab. 6814 * @param ap_req_options set to the AP_REQ options. See the AP_OPTS_* defines. 6815 * @param ticket on success, set to the authenticated client credentials. 6816 * Must be deallocated with krb5_free_ticket(). If not 6817 * interested, pass a NULL value. 6818 * 6819 * @return 0 to indicate success. Otherwise a Kerberos error code is 6820 * returned, see krb5_get_error_message(). 6821 */ 6822 6823KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6824krb5_rd_req ( 6825 krb5_context /*context*/, 6826 krb5_auth_context */*auth_context*/, 6827 const krb5_data */*inbuf*/, 6828 krb5_const_principal /*server*/, 6829 krb5_keytab /*keytab*/, 6830 krb5_flags */*ap_req_options*/, 6831 krb5_ticket **/*ticket*/); 6832 6833/** 6834 * The core server function that verify application authentication 6835 * requests from clients. 6836 * 6837 * @param context Keberos 5 context. 6838 * @param auth_context the authentication context, can be NULL, then 6839 * default values for the authentication context will used. 6840 * @param inbuf the (AP-REQ) authentication buffer 6841 * 6842 * @param server the server to authenticate to. If NULL the function 6843 * will try to find any available credential in the keytab 6844 * that will verify the reply. The function will prefer the 6845 * server specified in the AP-REQ, but if 6846 * there is no mach, it will try all keytab entries for a 6847 * match. This has serious performance issues for large keytabs. 6848 * 6849 * @param inctx control the behavior of the function, if NULL, the 6850 * default behavior is used. 6851 * @param outctx the return outctx, free with krb5_rd_req_out_ctx_free(). 6852 * @return Kerberos 5 error code, see krb5_get_error_message(). 6853 * 6854 * @ingroup krb5_auth 6855 */ 6856 6857KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6858krb5_rd_req_ctx ( 6859 krb5_context /*context*/, 6860 krb5_auth_context */*auth_context*/, 6861 const krb5_data */*inbuf*/, 6862 krb5_const_principal /*server*/, 6863 krb5_rd_req_in_ctx /*inctx*/, 6864 krb5_rd_req_out_ctx */*outctx*/); 6865 6866/** 6867 * Allocate a krb5_rd_req_in_ctx as an input parameter to 6868 * krb5_rd_req_ctx(). The caller should free the context with 6869 * krb5_rd_req_in_ctx_free() when done with the context. 6870 * 6871 * @param context Keberos 5 context. 6872 * @param ctx in ctx to krb5_rd_req_ctx(). 6873 * 6874 * @return Kerberos 5 error code, see krb5_get_error_message(). 6875 * 6876 * @ingroup krb5_auth 6877 */ 6878 6879KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6880krb5_rd_req_in_ctx_alloc ( 6881 krb5_context /*context*/, 6882 krb5_rd_req_in_ctx */*ctx*/); 6883 6884KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6885krb5_rd_req_in_ctx_free ( 6886 krb5_context /*context*/, 6887 krb5_rd_req_in_ctx /*ctx*/); 6888 6889KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6890krb5_rd_req_in_set_keyblock ( 6891 krb5_context /*context*/, 6892 krb5_rd_req_in_ctx /*in*/, 6893 krb5_keyblock */*keyblock*/); 6894 6895/** 6896 * Set the keytab that krb5_rd_req_ctx() will use. 6897 * 6898 * @param context Keberos 5 context. 6899 * @param in in ctx to krb5_rd_req_ctx(). 6900 * @param keytab keytab that krb5_rd_req_ctx() will use, only copy the 6901 * pointer, so the caller must free they keytab after 6902 * krb5_rd_req_in_ctx_free() is called. 6903 * 6904 * @return Kerberos 5 error code, see krb5_get_error_message(). 6905 * 6906 * @ingroup krb5_auth 6907 */ 6908 6909KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6910krb5_rd_req_in_set_keytab ( 6911 krb5_context /*context*/, 6912 krb5_rd_req_in_ctx /*in*/, 6913 krb5_keytab /*keytab*/); 6914 6915/** 6916 * Set if krb5_rq_red() is going to check the Windows PAC or not 6917 * 6918 * @param context Keberos 5 context. 6919 * @param in krb5_rd_req_in_ctx to check the option on. 6920 * @param flag flag to select if to check the pac (TRUE) or not (FALSE). 6921 * 6922 * @return Kerberos 5 error code, see krb5_get_error_message(). 6923 * 6924 * @ingroup krb5_auth 6925 */ 6926 6927KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6928krb5_rd_req_in_set_pac_check ( 6929 krb5_context /*context*/, 6930 krb5_rd_req_in_ctx /*in*/, 6931 krb5_boolean /*flag*/); 6932 6933/** 6934 * Free the krb5_rd_req_out_ctx. 6935 * 6936 * @param context Keberos 5 context. 6937 * @param ctx krb5_rd_req_out_ctx context to free. 6938 * 6939 * @ingroup krb5_auth 6940 */ 6941 6942KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6943krb5_rd_req_out_ctx_free ( 6944 krb5_context /*context*/, 6945 krb5_rd_req_out_ctx /*ctx*/); 6946 6947KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6948krb5_rd_req_out_get_ap_req_options ( 6949 krb5_context /*context*/, 6950 krb5_rd_req_out_ctx /*out*/, 6951 krb5_flags */*ap_req_options*/); 6952 6953KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6954krb5_rd_req_out_get_keyblock ( 6955 krb5_context /*context*/, 6956 krb5_rd_req_out_ctx /*out*/, 6957 krb5_keyblock **/*keyblock*/); 6958 6959/** 6960 * Get the principal that was used in the request from the 6961 * client. Might not match whats in the ticket if krb5_rd_req_ctx() 6962 * searched in the keytab for a matching key. 6963 * 6964 * @param context a Kerberos 5 context. 6965 * @param out a krb5_rd_req_out_ctx from krb5_rd_req_ctx(). 6966 * @param principal return principal, free with krb5_free_principal(). 6967 * 6968 * @ingroup krb5_auth 6969 */ 6970 6971KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6972krb5_rd_req_out_get_server ( 6973 krb5_context /*context*/, 6974 krb5_rd_req_out_ctx /*out*/, 6975 krb5_principal */*principal*/); 6976 6977KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6978krb5_rd_req_out_get_ticket ( 6979 krb5_context /*context*/, 6980 krb5_rd_req_out_ctx /*out*/, 6981 krb5_ticket **/*ticket*/); 6982 6983KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6984krb5_rd_req_with_keyblock ( 6985 krb5_context /*context*/, 6986 krb5_auth_context */*auth_context*/, 6987 const krb5_data */*inbuf*/, 6988 krb5_const_principal /*server*/, 6989 krb5_keyblock */*keyblock*/, 6990 krb5_flags */*ap_req_options*/, 6991 krb5_ticket **/*ticket*/); 6992 6993KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6994krb5_rd_safe ( 6995 krb5_context /*context*/, 6996 krb5_auth_context /*auth_context*/, 6997 const krb5_data */*inbuf*/, 6998 krb5_data */*outbuf*/, 6999 krb5_replay_data */*outdata*/); 7000 7001KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7002krb5_read_message ( 7003 krb5_context /*context*/, 7004 krb5_pointer /*p_fd*/, 7005 krb5_data */*data*/); 7006 7007KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7008krb5_read_priv_message ( 7009 krb5_context /*context*/, 7010 krb5_auth_context /*ac*/, 7011 krb5_pointer /*p_fd*/, 7012 krb5_data */*data*/); 7013 7014KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7015krb5_read_safe_message ( 7016 krb5_context /*context*/, 7017 krb5_auth_context /*ac*/, 7018 krb5_pointer /*p_fd*/, 7019 krb5_data */*data*/); 7020 7021/** 7022 * return TRUE iff realm(princ1) == realm(princ2) 7023 * 7024 * @param context Kerberos 5 context 7025 * @param princ1 first principal to compare 7026 * @param princ2 second principal to compare 7027 * 7028 * @ingroup krb5_principal 7029 * @see krb5_principal_compare_any_realm() 7030 * @see krb5_principal_compare() 7031 */ 7032 7033KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7034krb5_realm_compare ( 7035 krb5_context /*context*/, 7036 krb5_const_principal /*princ1*/, 7037 krb5_const_principal /*princ2*/); 7038 7039/** 7040 * Returns true if name is Kerberos an LKDC realm 7041 * 7042 * @ingroup krb5_principal 7043 */ 7044 7045krb5_boolean KRB5_LIB_FUNCTION 7046krb5_realm_is_lkdc (const char */*realm*/); 7047 7048/** 7049 * Perform the server side of the sendauth protocol. 7050 * 7051 * @param context Kerberos 5 context. 7052 * @param auth_context authentication context of the peer. 7053 * @param p_fd socket associated to the connection. 7054 * @param appl_version server-specific string. 7055 * @param server server principal. 7056 * @param flags if KRB5_RECVAUTH_IGNORE_VERSION is set, skip the sendauth version 7057 * part of the protocol. 7058 * @param keytab server keytab. 7059 * @param ticket on success, set to the authenticated client credentials. 7060 * Must be deallocated with krb5_free_ticket(). If not 7061 * interested, pass a NULL value. 7062 * 7063 * @return 0 to indicate success. Otherwise a Kerberos error code is 7064 * returned, see krb5_get_error_message(). 7065 */ 7066 7067KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7068krb5_recvauth ( 7069 krb5_context /*context*/, 7070 krb5_auth_context */*auth_context*/, 7071 krb5_pointer /*p_fd*/, 7072 const char */*appl_version*/, 7073 krb5_principal /*server*/, 7074 int32_t /*flags*/, 7075 krb5_keytab /*keytab*/, 7076 krb5_ticket **/*ticket*/); 7077 7078/** 7079 * Perform the server side of the sendauth protocol like krb5_recvauth(), but support 7080 * a user-specified callback, \a match_appl_version, to perform the match of the application 7081 * version \a match_data. 7082 */ 7083 7084KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7085krb5_recvauth_match_version ( 7086 krb5_context /*context*/, 7087 krb5_auth_context */*auth_context*/, 7088 krb5_pointer /*p_fd*/, 7089 krb5_boolean (*/*match_appl_version*/)(const void *, const char*), 7090 const void */*match_data*/, 7091 krb5_principal /*server*/, 7092 int32_t /*flags*/, 7093 krb5_keytab /*keytab*/, 7094 krb5_ticket **/*ticket*/); 7095 7096/** 7097 * Read a address block from the storage. 7098 * 7099 * @param sp the storage buffer to write to 7100 * @param adr the address block read from storage 7101 * 7102 * @return 0 on success, a Kerberos 5 error code on failure. 7103 * 7104 * @ingroup krb5_storage 7105 */ 7106 7107KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7108krb5_ret_address ( 7109 krb5_storage */*sp*/, 7110 krb5_address */*adr*/); 7111 7112/** 7113 * Read a addresses block from the storage. 7114 * 7115 * @param sp the storage buffer to write to 7116 * @param adr the addresses block read from storage 7117 * 7118 * @return 0 on success, a Kerberos 5 error code on failure. 7119 * 7120 * @ingroup krb5_storage 7121 */ 7122 7123KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7124krb5_ret_addrs ( 7125 krb5_storage */*sp*/, 7126 krb5_addresses */*adr*/); 7127 7128/** 7129 * Read a auth data from the storage. 7130 * 7131 * @param sp the storage buffer to write to 7132 * @param auth the auth data block read from storage 7133 * 7134 * @return 0 on success, a Kerberos 5 error code on failure. 7135 * 7136 * @ingroup krb5_storage 7137 */ 7138 7139KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7140krb5_ret_authdata ( 7141 krb5_storage */*sp*/, 7142 krb5_authdata */*auth*/); 7143 7144/** 7145 * Read a credentials block from the storage. 7146 * 7147 * @param sp the storage buffer to write to 7148 * @param creds the credentials block read from storage 7149 * 7150 * @return 0 on success, a Kerberos 5 error code on failure. 7151 * 7152 * @ingroup krb5_storage 7153 */ 7154 7155KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7156krb5_ret_creds ( 7157 krb5_storage */*sp*/, 7158 krb5_creds */*creds*/); 7159 7160/** 7161 * Read a tagged credentials block from the storage. 7162 * 7163 * @param sp the storage buffer to write to 7164 * @param creds the credentials block read from storage 7165 * 7166 * @return 0 on success, a Kerberos 5 error code on failure. 7167 * 7168 * @ingroup krb5_storage 7169 */ 7170 7171KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7172krb5_ret_creds_tag ( 7173 krb5_storage */*sp*/, 7174 krb5_creds */*creds*/); 7175 7176/** 7177 * Parse a data from the storage. 7178 * 7179 * @param sp the storage buffer to read from 7180 * @param data the parsed data 7181 * 7182 * @return 0 on success, a Kerberos 5 error code on failure. 7183 * 7184 * @ingroup krb5_storage 7185 */ 7186 7187KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7188krb5_ret_data ( 7189 krb5_storage */*sp*/, 7190 krb5_data */*data*/); 7191 7192/** 7193 * Read a int16 from storage, byte order is controlled by the settings 7194 * on the storage, see krb5_storage_set_byteorder(). 7195 * 7196 * @param sp the storage to write too 7197 * @param value the value read from the buffer 7198 * 7199 * @return 0 for success, or a Kerberos 5 error code on failure. 7200 * 7201 * @ingroup krb5_storage 7202 */ 7203 7204KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7205krb5_ret_int16 ( 7206 krb5_storage */*sp*/, 7207 int16_t */*value*/); 7208 7209/** 7210 * Read a int32 from storage, byte order is controlled by the settings 7211 * on the storage, see krb5_storage_set_byteorder(). 7212 * 7213 * @param sp the storage to write too 7214 * @param value the value read from the buffer 7215 * 7216 * @return 0 for success, or a Kerberos 5 error code on failure. 7217 * 7218 * @ingroup krb5_storage 7219 */ 7220 7221KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7222krb5_ret_int32 ( 7223 krb5_storage */*sp*/, 7224 int32_t */*value*/); 7225 7226/** 7227 * Read a int64 from storage, byte order is controlled by the settings 7228 * on the storage, see krb5_storage_set_byteorder(). 7229 * 7230 * @param sp the storage to write too 7231 * @param value the value read from the buffer 7232 * 7233 * @return 0 for success, or a Kerberos 5 error code on failure. 7234 * 7235 * @ingroup krb5_storage 7236 */ 7237 7238KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7239krb5_ret_int64 ( 7240 krb5_storage */*sp*/, 7241 int64_t */*value*/); 7242 7243/** 7244 * Read a int8 from storage 7245 * 7246 * @param sp the storage to write too 7247 * @param value the value read from the buffer 7248 * 7249 * @return 0 for success, or a Kerberos 5 error code on failure. 7250 * 7251 * @ingroup krb5_storage 7252 */ 7253 7254KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7255krb5_ret_int8 ( 7256 krb5_storage */*sp*/, 7257 int8_t */*value*/); 7258 7259/** 7260 * Read a keyblock from the storage. 7261 * 7262 * @param sp the storage buffer to write to 7263 * @param p the keyblock read from storage, free using krb5_free_keyblock() 7264 * 7265 * @return 0 on success, a Kerberos 5 error code on failure. 7266 * 7267 * @ingroup krb5_storage 7268 */ 7269 7270KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7271krb5_ret_keyblock ( 7272 krb5_storage */*sp*/, 7273 krb5_keyblock */*p*/); 7274 7275/** 7276 * Parse principal from the storage. 7277 * 7278 * @param sp the storage buffer to read from 7279 * @param princ the parsed principal 7280 * 7281 * @return 0 on success, a Kerberos 5 error code on failure. 7282 * 7283 * @ingroup krb5_storage 7284 */ 7285 7286KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7287krb5_ret_principal ( 7288 krb5_storage */*sp*/, 7289 krb5_principal */*princ*/); 7290 7291/** 7292 * Parse a string from the storage. 7293 * 7294 * @param sp the storage buffer to read from 7295 * @param string the parsed string 7296 * 7297 * @return 0 on success, a Kerberos 5 error code on failure. 7298 * 7299 * @ingroup krb5_storage 7300 */ 7301 7302KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7303krb5_ret_string ( 7304 krb5_storage */*sp*/, 7305 char **/*string*/); 7306 7307KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7308krb5_ret_stringnl ( 7309 krb5_storage */*sp*/, 7310 char **/*string*/); 7311 7312/** 7313 * Parse zero terminated string from the storage. 7314 * 7315 * @param sp the storage buffer to read from 7316 * @param string the parsed string 7317 * 7318 * @return 0 on success, a Kerberos 5 error code on failure. 7319 * 7320 * @ingroup krb5_storage 7321 */ 7322 7323KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7324krb5_ret_stringz ( 7325 krb5_storage */*sp*/, 7326 char **/*string*/); 7327 7328/** 7329 * Read a times block from the storage. 7330 * 7331 * @param sp the storage buffer to write to 7332 * @param times the times block read from storage 7333 * 7334 * @return 0 on success, a Kerberos 5 error code on failure. 7335 * 7336 * @ingroup krb5_storage 7337 */ 7338 7339KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7340krb5_ret_times ( 7341 krb5_storage */*sp*/, 7342 krb5_times */*times*/); 7343 7344/** 7345 * Read a int16 from storage, byte order is controlled by the settings 7346 * on the storage, see krb5_storage_set_byteorder(). 7347 * 7348 * @param sp the storage to write too 7349 * @param value the value read from the buffer 7350 * 7351 * @return 0 for success, or a Kerberos 5 error code on failure. 7352 * 7353 * @ingroup krb5_storage 7354 */ 7355 7356KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7357krb5_ret_uint16 ( 7358 krb5_storage */*sp*/, 7359 uint16_t */*value*/); 7360 7361/** 7362 * Read a uint32 from storage, byte order is controlled by the settings 7363 * on the storage, see krb5_storage_set_byteorder(). 7364 * 7365 * @param sp the storage to write too 7366 * @param value the value read from the buffer 7367 * 7368 * @return 0 for success, or a Kerberos 5 error code on failure. 7369 * 7370 * @ingroup krb5_storage 7371 */ 7372 7373KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7374krb5_ret_uint32 ( 7375 krb5_storage */*sp*/, 7376 uint32_t */*value*/); 7377 7378/** 7379 * Read a uint64 from storage, byte order is controlled by the settings 7380 * on the storage, see krb5_storage_set_byteorder(). 7381 * 7382 * @param sp the storage to write too 7383 * @param value the value read from the buffer 7384 * 7385 * @return 0 for success, or a Kerberos 5 error code on failure. 7386 * 7387 * @ingroup krb5_storage 7388 */ 7389 7390KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7391krb5_ret_uint64 ( 7392 krb5_storage */*sp*/, 7393 uint64_t */*value*/); 7394 7395/** 7396 * Read a uint8 from storage 7397 * 7398 * @param sp the storage to write too 7399 * @param value the value read from the buffer 7400 * 7401 * @return 0 for success, or a Kerberos 5 error code on failure. 7402 * 7403 * @ingroup krb5_storage 7404 */ 7405 7406KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7407krb5_ret_uint8 ( 7408 krb5_storage */*sp*/, 7409 uint8_t */*value*/); 7410 7411KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7412krb5_salttype_to_string ( 7413 krb5_context /*context*/, 7414 krb5_enctype /*etype*/, 7415 krb5_salttype /*stype*/, 7416 char **/*string*/); 7417 7418/** 7419 * Perform the client side of the sendauth protocol. 7420 * 7421 * @param context Kerberos 5 context. 7422 * @param auth_context Authentication context of the peer. 7423 * @param p_fd Socket associated to the connection. 7424 * @param appl_version Server-specific string. 7425 * @param client Client principal. If NULL, use the credentials in \a ccache. 7426 * @param server Server principal. 7427 * @param ap_req_options Options for the AP_REQ message. See the AP_OPTS_* defines in krb5.h. 7428 * @param in_data FIXME 7429 * @param in_creds FIXME 7430 * @param ccache Credentials cache. If NULL, use the default credentials cache. 7431 * @param ret_error If not NULL, will be set to the error reported by server, if any. 7432 * Must be deallocated with krb5_free_error_contents(). 7433 * @param rep_result If not NULL, will be set to the EncApRepPart of the AP_REP message. 7434 * Must be deallocated with krb5_free_ap_rep_enc_part(). 7435 * @param out_creds FIXME If not NULL, will be set to FIXME. Must be deallocated with 7436 * krb5_free_creds(). 7437 * 7438 * @return 0 to indicate success. Otherwise a Kerberos error code is 7439 * returned, see krb5_get_error_message(). 7440 */ 7441 7442KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7443krb5_sendauth ( 7444 krb5_context /*context*/, 7445 krb5_auth_context */*auth_context*/, 7446 krb5_pointer /*p_fd*/, 7447 const char */*appl_version*/, 7448 krb5_principal /*client*/, 7449 krb5_principal /*server*/, 7450 krb5_flags /*ap_req_options*/, 7451 krb5_data */*in_data*/, 7452 krb5_creds */*in_creds*/, 7453 krb5_ccache /*ccache*/, 7454 krb5_error **/*ret_error*/, 7455 krb5_ap_rep_enc_part **/*rep_result*/, 7456 krb5_creds **/*out_creds*/); 7457 7458KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7459krb5_sendto ( 7460 krb5_context /*context*/, 7461 const krb5_data */*send_data*/, 7462 krb5_krbhst_handle /*handle*/, 7463 krb5_data */*receive*/); 7464 7465KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7466krb5_sendto_context ( 7467 krb5_context /*context*/, 7468 krb5_sendto_ctx /*ctx*/, 7469 const krb5_data */*send_data*/, 7470 krb5_const_realm /*realm*/, 7471 krb5_data */*receive*/); 7472 7473KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7474krb5_sendto_ctx_add_flags ( 7475 krb5_sendto_ctx /*ctx*/, 7476 int /*flags*/); 7477 7478/** 7479 * @section send_to_kdc Locating and sending packets to the KDC 7480 * 7481 * The send to kdc code is responsible to request the list of KDC from 7482 * the locate-kdc subsystem and then send requests to each of them. 7483 * 7484 * - Each second a new hostname is tried. 7485 * - If the hostname have several addresses, the first will be tried 7486 * directly then in turn the other will be tried every 3 seconds 7487 * (host_timeout). 7488 * - UDP requests are tried 3 times, and it tried with a individual timeout of kdc_timeout / 3. 7489 * - TCP and HTTP requests are tried 1 time. 7490 * 7491 * Total wait time shorter then (number of addresses * 3) + kdc_timeout seconds. 7492 * 7493 */ 7494 7495KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7496krb5_sendto_ctx_alloc ( 7497 krb5_context /*context*/, 7498 krb5_sendto_ctx */*ctx*/); 7499 7500KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7501krb5_sendto_ctx_free ( 7502 krb5_context /*context*/, 7503 krb5_sendto_ctx /*ctx*/); 7504 7505KRB5_LIB_FUNCTION int KRB5_LIB_CALL 7506krb5_sendto_ctx_get_flags (krb5_sendto_ctx /*ctx*/); 7507 7508KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7509krb5_sendto_ctx_set_func ( 7510 krb5_sendto_ctx /*ctx*/, 7511 krb5_sendto_ctx_func /*func*/, 7512 void */*data*/); 7513 7514KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7515krb5_sendto_ctx_set_type ( 7516 krb5_sendto_ctx /*ctx*/, 7517 int /*type*/); 7518 7519KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7520krb5_sendto_kdc ( 7521 krb5_context /*context*/, 7522 const krb5_data */*send_data*/, 7523 const krb5_realm */*realm*/, 7524 krb5_data */*receive*/); 7525 7526KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7527krb5_sendto_kdc_flags ( 7528 krb5_context /*context*/, 7529 const krb5_data */*send_data*/, 7530 const krb5_realm */*realm*/, 7531 krb5_data */*receive*/, 7532 int /*flags*/); 7533 7534KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7535krb5_sendto_set_hostname ( 7536 krb5_context /*context*/, 7537 krb5_sendto_ctx /*ctx*/, 7538 const char */*hostname*/); 7539 7540/** 7541 * Reinit the context from a new set of filenames. 7542 * 7543 * @param context context to add configuration too. 7544 * @param filenames array of filenames, end of list is indicated with a NULL filename. 7545 * 7546 * @return Returns 0 to indicate success. Otherwise an kerberos et 7547 * error code is returned, see krb5_get_error_message(). 7548 * 7549 * @ingroup krb5 7550 */ 7551 7552KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7553krb5_set_config_files ( 7554 krb5_context /*context*/, 7555 char **/*filenames*/); 7556 7557KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7558krb5_set_debug_dest ( 7559 krb5_context /*context*/, 7560 const char */*program*/, 7561 const char */*log_spec*/); 7562 7563/** 7564 * Set the default encryption types that will be use in communcation 7565 * with the KDC, clients and servers. 7566 * 7567 * @param context Kerberos 5 context. 7568 * @param etypes Encryption types, array terminated with ETYPE_NULL (0). 7569 * A value of NULL resets the encryption types to the defaults set in the 7570 * configuration file. 7571 * 7572 * @return Returns 0 to indicate success. Otherwise an kerberos et 7573 * error code is returned, see krb5_get_error_message(). 7574 * 7575 * @ingroup krb5 7576 */ 7577 7578KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7579krb5_set_default_in_tkt_etypes ( 7580 krb5_context /*context*/, 7581 const krb5_enctype */*etypes*/); 7582 7583KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7584krb5_set_default_realm ( 7585 krb5_context /*context*/, 7586 const char */*realm*/); 7587 7588/** 7589 * Set if the library should use DNS to canonicalize hostnames. 7590 * 7591 * @param context Kerberos 5 context. 7592 * @param flag if its dns canonicalizion is used or not. 7593 * 7594 * @ingroup krb5 7595 */ 7596 7597KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7598krb5_set_dns_canonicalize_hostname ( 7599 krb5_context /*context*/, 7600 krb5_boolean /*flag*/); 7601 7602/** 7603 * Set the context full error string for a specific error code. 7604 * The error that is stored should be internationalized. 7605 * 7606 * The if context is NULL, no error string is stored. 7607 * 7608 * @param context Kerberos 5 context 7609 * @param ret The error code 7610 * @param fmt Error string for the error code 7611 * @param ... printf(3) style parameters. 7612 * 7613 * @ingroup krb5_error 7614 */ 7615 7616KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7617krb5_set_error_message ( 7618 krb5_context /*context*/, 7619 krb5_error_code /*ret*/, 7620 const char */*fmt*/, 7621 ...) 7622 __attribute__ ((__format__ (__printf__, 3, 4))); 7623 7624/** 7625 * Set the error message returned by krb5_get_error_string(). 7626 * 7627 * Deprecated: use krb5_get_error_message() 7628 * 7629 * @param context Kerberos context 7630 * @param fmt error message to free 7631 * 7632 * @return Return an error code or 0. 7633 * 7634 * @ingroup krb5_deprecated 7635 */ 7636 7637KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7638krb5_set_error_string ( 7639 krb5_context /*context*/, 7640 const char */*fmt*/, 7641 ...) 7642 __attribute__ ((__format__ (__printf__, 2, 3))) KRB5_DEPRECATED_FUNCTION("Use X instead"); 7643 7644/** 7645 * Set extra address to the address list that the library will add to 7646 * the client's address list when communicating with the KDC. 7647 * 7648 * @param context Kerberos 5 context. 7649 * @param addresses addreses to set 7650 * 7651 * @return Returns 0 to indicate success. Otherwise an kerberos et 7652 * error code is returned, see krb5_get_error_message(). 7653 * 7654 * @ingroup krb5 7655 */ 7656 7657KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7658krb5_set_extra_addresses ( 7659 krb5_context /*context*/, 7660 const krb5_addresses */*addresses*/); 7661 7662/** 7663 * Set version of fcache that the library should use. 7664 * 7665 * @param context Kerberos 5 context. 7666 * @param version version number. 7667 * 7668 * @return Returns 0 to indicate success. Otherwise an kerberos et 7669 * error code is returned, see krb5_get_error_message(). 7670 * 7671 * @ingroup krb5 7672 */ 7673 7674KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7675krb5_set_fcache_version ( 7676 krb5_context /*context*/, 7677 int /*version*/); 7678 7679/** 7680 * Enable and disable home directory access on either the global state 7681 * or the krb5_context state. By calling krb5_set_home_dir_access() 7682 * with context set to NULL, the global state is configured otherwise 7683 * the state for the krb5_context is modified. 7684 * 7685 * For home directory access to be allowed, both the global state and 7686 * the krb5_context state have to be allowed. 7687 * 7688 * @param context a Kerberos 5 context or NULL 7689 * @param allow allow if TRUE home directory 7690 * @return the old value 7691 * 7692 * @ingroup krb5 7693 */ 7694 7695KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7696krb5_set_home_dir_access ( 7697 krb5_context /*context*/, 7698 krb5_boolean /*allow*/); 7699 7700/** 7701 * Set extra addresses to ignore when fetching addresses from the 7702 * underlaying operating system. 7703 * 7704 * @param context Kerberos 5 context. 7705 * @param addresses addreses to ignore 7706 * 7707 * @return Returns 0 to indicate success. Otherwise an kerberos et 7708 * error code is returned, see krb5_get_error_message(). 7709 * 7710 * @ingroup krb5 7711 */ 7712 7713KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7714krb5_set_ignore_addresses ( 7715 krb5_context /*context*/, 7716 const krb5_addresses */*addresses*/); 7717 7718/** 7719 * Set current offset in time to the KDC. 7720 * 7721 * @param context Kerberos 5 context. 7722 * @param sec seconds part of offset. 7723 * @param usec micro seconds part of offset. 7724 * 7725 * @return returns zero 7726 * 7727 * @ingroup krb5 7728 */ 7729 7730KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7731krb5_set_kdc_sec_offset ( 7732 krb5_context /*context*/, 7733 int32_t /*sec*/, 7734 int32_t /*usec*/); 7735 7736/** 7737 * Set max time skew allowed. 7738 * 7739 * @param context Kerberos 5 context. 7740 * @param t timeskew in seconds. 7741 * 7742 * @ingroup krb5 7743 */ 7744 7745KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7746krb5_set_max_time_skew ( 7747 krb5_context /*context*/, 7748 time_t /*t*/); 7749 7750/** 7751 * Change password using creds. 7752 * 7753 * @param context a Keberos context 7754 * @param creds The initial kadmin/passwd for the principal or an admin principal 7755 * @param newpw The new password to set 7756 * @param targprinc if unset, the default principal is used. 7757 * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. 7758 * @param result_code_string binary message from the server, contains 7759 * at least the result_code. 7760 * @param result_string A message from the kpasswd service or the 7761 * library in human printable form. The string is NUL terminated. 7762 * 7763 * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. 7764 7765 * @ingroup @krb5 7766 */ 7767 7768KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7769krb5_set_password ( 7770 krb5_context /*context*/, 7771 krb5_creds */*creds*/, 7772 const char */*newpw*/, 7773 krb5_principal /*targprinc*/, 7774 int */*result_code*/, 7775 krb5_data */*result_code_string*/, 7776 krb5_data */*result_string*/); 7777 7778KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7779krb5_set_password_using_ccache ( 7780 krb5_context /*context*/, 7781 krb5_ccache /*ccache*/, 7782 const char */*newpw*/, 7783 krb5_principal /*targprinc*/, 7784 int */*result_code*/, 7785 krb5_data */*result_code_string*/, 7786 krb5_data */*result_string*/); 7787 7788/** 7789 * Set the absolute time that the caller knows the kdc has so the 7790 * kerberos library can calculate the relative diffrence beteen the 7791 * KDC time and local system time. 7792 * 7793 * @param context Keberos 5 context. 7794 * @param sec The applications new of "now" in seconds 7795 * @param usec The applications new of "now" in micro seconds 7796 7797 * @return Kerberos 5 error code, see krb5_get_error_message(). 7798 * 7799 * @ingroup krb5 7800 */ 7801 7802KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7803krb5_set_real_time ( 7804 krb5_context /*context*/, 7805 krb5_timestamp /*sec*/, 7806 int32_t /*usec*/); 7807 7808KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7809krb5_set_send_to_kdc_func ( 7810 krb5_context /*context*/, 7811 krb5_send_to_kdc_func /*func*/, 7812 void */*data*/); 7813 7814/** 7815 * Make the kerberos library default to the admin KDC. 7816 * 7817 * @param context Kerberos 5 context. 7818 * @param flag boolean flag to select if the use the admin KDC or not. 7819 * 7820 * @ingroup krb5 7821 */ 7822 7823KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7824krb5_set_use_admin_kdc ( 7825 krb5_context /*context*/, 7826 krb5_boolean /*flag*/); 7827 7828/** 7829 * Set the default logging facility. 7830 * 7831 * @param context A Kerberos 5 context 7832 * @param fac Facility to use for logging. 7833 * 7834 * @ingroup krb5_error 7835 */ 7836 7837KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7838krb5_set_warn_dest ( 7839 krb5_context /*context*/, 7840 krb5_log_facility */*fac*/); 7841 7842/** 7843 * Create a principal for the given service running on the given 7844 * hostname. If KRB5_NT_SRV_HST is used, the hostname is canonicalized 7845 * according the configured name canonicalization rules, with 7846 * canonicalization delayed in some cases. One rule involves DNS, which 7847 * is insecure unless DNSSEC is used, but we don't use DNSSEC-capable 7848 * resolver APIs here, so that if DNSSEC is used we wouldn't know it. 7849 * 7850 * Canonicalization is immediate (not delayed) only when there is only 7851 * one canonicalization rule and that rule indicates that we should do a 7852 * host lookup by name (i.e., DNS). 7853 * 7854 * @param context A Kerberos context. 7855 * @param hostname hostname to use 7856 * @param sname Service name to use 7857 * @param type name type of principal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN. 7858 * @param ret_princ return principal, free with krb5_free_principal(). 7859 * 7860 * @return An krb5 error code, see krb5_get_error_message(). 7861 * 7862 * @ingroup krb5_principal 7863 */ 7864 7865KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7866krb5_sname_to_principal ( 7867 krb5_context /*context*/, 7868 const char */*hostname*/, 7869 const char */*sname*/, 7870 int32_t /*type*/, 7871 krb5_principal */*ret_princ*/); 7872 7873KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7874krb5_sock_to_principal ( 7875 krb5_context /*context*/, 7876 int /*sock*/, 7877 const char */*sname*/, 7878 int32_t /*type*/, 7879 krb5_principal */*ret_princ*/); 7880 7881/** 7882 * krb5_sockaddr2address stores a address a "struct sockaddr" sa in 7883 * the krb5_address addr. 7884 * 7885 * @param context a Keberos context 7886 * @param sa a struct sockaddr to extract the address from 7887 * @param addr an Kerberos 5 address to store the address in. 7888 * 7889 * @return Return an error code or 0. 7890 * 7891 * @ingroup krb5_address 7892 */ 7893 7894KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7895krb5_sockaddr2address ( 7896 krb5_context /*context*/, 7897 const struct sockaddr */*sa*/, 7898 krb5_address */*addr*/); 7899 7900/** 7901 * krb5_sockaddr2port extracts a port (if possible) from a "struct 7902 * sockaddr. 7903 * 7904 * @param context a Keberos context 7905 * @param sa a struct sockaddr to extract the port from 7906 * @param port a pointer to an int16_t store the port in. 7907 * 7908 * @return Return an error code or 0. Will return 7909 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 7910 * 7911 * @ingroup krb5_address 7912 */ 7913 7914KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7915krb5_sockaddr2port ( 7916 krb5_context /*context*/, 7917 const struct sockaddr */*sa*/, 7918 int16_t */*port*/); 7919 7920KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7921krb5_sockaddr_is_loopback (const struct sockaddr */*sa*/); 7922 7923/** 7924 * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the 7925 * kerberos library thinks are uninteresting. One example are link 7926 * local addresses. 7927 * 7928 * @param sa pointer to struct sockaddr that might be interesting. 7929 * 7930 * @return Return a non zero for uninteresting addresses. 7931 * 7932 * @ingroup krb5_address 7933 */ 7934 7935KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7936krb5_sockaddr_uninteresting (const struct sockaddr */*sa*/); 7937 7938KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7939krb5_std_usage ( 7940 int /*code*/, 7941 struct getargs */*args*/, 7942 int /*num_args*/); 7943 7944/** 7945 * Clear the flags on a storage buffer 7946 * 7947 * @param sp the storage buffer to clear the flags on 7948 * @param flags the flags to clear 7949 * 7950 * @ingroup krb5_storage 7951 */ 7952 7953KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7954krb5_storage_clear_flags ( 7955 krb5_storage */*sp*/, 7956 krb5_flags /*flags*/); 7957 7958/** 7959 * Create a elastic (allocating) memory storage backend. Memory is 7960 * allocated on demand. Free returned krb5_storage with 7961 * krb5_storage_free(). 7962 * 7963 * @return A krb5_storage on success, or NULL on out of memory error. 7964 * 7965 * @ingroup krb5_storage 7966 * 7967 * @sa krb5_storage_from_mem() 7968 * @sa krb5_storage_from_readonly_mem() 7969 * @sa krb5_storage_from_fd() 7970 * @sa krb5_storage_from_data() 7971 * @sa krb5_storage_from_socket() 7972 */ 7973 7974KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7975krb5_storage_emem (void); 7976 7977/** 7978 * Free a krb5 storage. 7979 * 7980 * @param sp the storage to free. 7981 * 7982 * @return An Kerberos 5 error code. 7983 * 7984 * @ingroup krb5_storage 7985 */ 7986 7987KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7988krb5_storage_free (krb5_storage */*sp*/); 7989 7990/** 7991 * Create a fixed size memory storage block 7992 * 7993 * @return A krb5_storage on success, or NULL on out of memory error. 7994 * 7995 * @ingroup krb5_storage 7996 * 7997 * @sa krb5_storage_mem() 7998 * @sa krb5_storage_from_mem() 7999 * @sa krb5_storage_from_readonly_mem() 8000 * @sa krb5_storage_from_fd() 8001 */ 8002 8003KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8004krb5_storage_from_data (krb5_data */*data*/); 8005 8006/** 8007 * 8008 * 8009 * @return A krb5_storage on success, or NULL on out of memory error. 8010 * 8011 * @ingroup krb5_storage 8012 * 8013 * @sa krb5_storage_emem() 8014 * @sa krb5_storage_from_mem() 8015 * @sa krb5_storage_from_readonly_mem() 8016 * @sa krb5_storage_from_data() 8017 * @sa krb5_storage_from_socket() 8018 */ 8019 8020KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8021krb5_storage_from_fd (int /*fd_in*/); 8022 8023/** 8024 * Create a fixed size memory storage block 8025 * 8026 * @return A krb5_storage on success, or NULL on out of memory error. 8027 * 8028 * @ingroup krb5_storage 8029 * 8030 * @sa krb5_storage_mem() 8031 * @sa krb5_storage_from_readonly_mem() 8032 * @sa krb5_storage_from_data() 8033 * @sa krb5_storage_from_fd() 8034 * @sa krb5_storage_from_socket() 8035 */ 8036 8037KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8038krb5_storage_from_mem ( 8039 void */*buf*/, 8040 size_t /*len*/); 8041 8042/** 8043 * Create a fixed size memory storage block that is read only 8044 * 8045 * @return A krb5_storage on success, or NULL on out of memory error. 8046 * 8047 * @ingroup krb5_storage 8048 * 8049 * @sa krb5_storage_mem() 8050 * @sa krb5_storage_from_mem() 8051 * @sa krb5_storage_from_data() 8052 * @sa krb5_storage_from_fd() 8053 */ 8054 8055KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8056krb5_storage_from_readonly_mem ( 8057 const void */*buf*/, 8058 size_t /*len*/); 8059 8060/** 8061 * 8062 * 8063 * @return A krb5_storage on success, or NULL on out of memory error. 8064 * 8065 * @ingroup krb5_storage 8066 * 8067 * @sa krb5_storage_emem() 8068 * @sa krb5_storage_from_mem() 8069 * @sa krb5_storage_from_readonly_mem() 8070 * @sa krb5_storage_from_data() 8071 * @sa krb5_storage_from_fd() 8072 */ 8073 8074KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8075krb5_storage_from_socket (krb5_socket_t /*sock_in*/); 8076 8077/** 8078 * Sync the storage buffer to its backing store. If there is no 8079 * backing store this function will return success. 8080 * 8081 * @param sp the storage buffer to sync 8082 * 8083 * @return A Kerberos 5 error code 8084 * 8085 * @ingroup krb5_storage 8086 */ 8087 8088KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8089krb5_storage_fsync (krb5_storage */*sp*/); 8090 8091/** 8092 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants. 8093 * 8094 * @ingroup krb5_storage 8095 */ 8096 8097KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL 8098krb5_storage_get_byteorder (krb5_storage */*sp*/); 8099 8100/** 8101 * Get the return code that will be used when end of storage is reached. 8102 * 8103 * @param sp the storage 8104 * 8105 * @return storage error code 8106 * 8107 * @ingroup krb5_storage 8108 */ 8109 8110KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8111krb5_storage_get_eof_code (krb5_storage */*sp*/); 8112 8113/** 8114 * Return true or false depending on if the storage flags is set or 8115 * not. NB testing for the flag 0 always return true. 8116 * 8117 * @param sp the storage buffer to check flags on 8118 * @param flags The flags to test for 8119 * 8120 * @return true if all the flags are set, false if not. 8121 * 8122 * @ingroup krb5_storage 8123 */ 8124 8125KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 8126krb5_storage_is_flags ( 8127 krb5_storage */*sp*/, 8128 krb5_flags /*flags*/); 8129 8130/** 8131 * Read to the storage buffer. 8132 * 8133 * @param sp the storage buffer to read from 8134 * @param buf the buffer to store the data in 8135 * @param len the length to read 8136 * 8137 * @return The length of data read (can be shorter then len), or negative on error. 8138 * 8139 * @ingroup krb5_storage 8140 */ 8141 8142KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 8143krb5_storage_read ( 8144 krb5_storage */*sp*/, 8145 void */*buf*/, 8146 size_t /*len*/); 8147 8148/** 8149 * Seek to a new offset. 8150 * 8151 * @param sp the storage buffer to seek in. 8152 * @param offset the offset to seek 8153 * @param whence relateive searching, SEEK_CUR from the current 8154 * position, SEEK_END from the end, SEEK_SET absolute from the start. 8155 * 8156 * @return The new current offset 8157 * 8158 * @ingroup krb5_storage 8159 */ 8160 8161KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL 8162krb5_storage_seek ( 8163 krb5_storage */*sp*/, 8164 off_t /*offset*/, 8165 int /*whence*/); 8166 8167/** 8168 * Set the new byte order of the storage buffer. 8169 * 8170 * @param sp the storage buffer to set the byte order for. 8171 * @param byteorder the new byte order. 8172 * 8173 * The byte order are: KRB5_STORAGE_BYTEORDER_BE, 8174 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. 8175 * 8176 * @ingroup krb5_storage 8177 */ 8178 8179KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8180krb5_storage_set_byteorder ( 8181 krb5_storage */*sp*/, 8182 krb5_flags /*byteorder*/); 8183 8184/** 8185 * Set the return code that will be used when end of storage is reached. 8186 * 8187 * @param sp the storage 8188 * @param code the error code to return on end of storage 8189 * 8190 * @ingroup krb5_storage 8191 */ 8192 8193KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8194krb5_storage_set_eof_code ( 8195 krb5_storage */*sp*/, 8196 int /*code*/); 8197 8198/** 8199 * Add the flags on a storage buffer by or-ing in the flags to the buffer. 8200 * 8201 * @param sp the storage buffer to set the flags on 8202 * @param flags the flags to set 8203 * 8204 * @ingroup krb5_storage 8205 */ 8206 8207KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8208krb5_storage_set_flags ( 8209 krb5_storage */*sp*/, 8210 krb5_flags /*flags*/); 8211 8212/** 8213 * Set the max alloc value 8214 * 8215 * @param sp the storage buffer set the max allow for 8216 * @param size maximum size to allocate, use 0 to remove limit 8217 * 8218 * @ingroup krb5_storage 8219 */ 8220 8221KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8222krb5_storage_set_max_alloc ( 8223 krb5_storage */*sp*/, 8224 size_t /*size*/); 8225 8226/** 8227 * Copy the contnent of storage 8228 * 8229 * @param sp the storage to copy to a data 8230 * @param data the copied data, free with krb5_data_free() 8231 * 8232 * @return 0 for success, or a Kerberos 5 error code on failure. 8233 * 8234 * @ingroup krb5_storage 8235 */ 8236 8237KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8238krb5_storage_to_data ( 8239 krb5_storage */*sp*/, 8240 krb5_data */*data*/); 8241 8242/** 8243 * Truncate the storage buffer in sp to offset. 8244 * 8245 * @param sp the storage buffer to truncate. 8246 * @param offset the offset to truncate too. 8247 * 8248 * @return An Kerberos 5 error code. 8249 * 8250 * @ingroup krb5_storage 8251 */ 8252 8253KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8254krb5_storage_truncate ( 8255 krb5_storage */*sp*/, 8256 off_t /*offset*/); 8257 8258/** 8259 * Write to the storage buffer. 8260 * 8261 * @param sp the storage buffer to write to 8262 * @param buf the buffer to write to the storage buffer 8263 * @param len the length to write 8264 * 8265 * @return The length of data written (can be shorter then len), or negative on error. 8266 * 8267 * @ingroup krb5_storage 8268 */ 8269 8270KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 8271krb5_storage_write ( 8272 krb5_storage */*sp*/, 8273 const void */*buf*/, 8274 size_t /*len*/); 8275 8276/** 8277 * Write a address block to storage. 8278 * 8279 * @param sp the storage buffer to write to 8280 * @param p the address block to write. 8281 * 8282 * @return 0 on success, a Kerberos 5 error code on failure. 8283 * 8284 * @ingroup krb5_storage 8285 */ 8286 8287KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8288krb5_store_address ( 8289 krb5_storage */*sp*/, 8290 krb5_address /*p*/); 8291 8292/** 8293 * Write a addresses block to storage. 8294 * 8295 * @param sp the storage buffer to write to 8296 * @param p the addresses block to write. 8297 * 8298 * @return 0 on success, a Kerberos 5 error code on failure. 8299 * 8300 * @ingroup krb5_storage 8301 */ 8302 8303KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8304krb5_store_addrs ( 8305 krb5_storage */*sp*/, 8306 krb5_addresses /*p*/); 8307 8308/** 8309 * Write a auth data block to storage. 8310 * 8311 * @param sp the storage buffer to write to 8312 * @param auth the auth data block to write. 8313 * 8314 * @return 0 on success, a Kerberos 5 error code on failure. 8315 * 8316 * @ingroup krb5_storage 8317 */ 8318 8319KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8320krb5_store_authdata ( 8321 krb5_storage */*sp*/, 8322 krb5_authdata /*auth*/); 8323 8324/** 8325 * Write a credentials block to storage. 8326 * 8327 * @param sp the storage buffer to write to 8328 * @param creds the creds block to write. 8329 * 8330 * @return 0 on success, a Kerberos 5 error code on failure. 8331 * 8332 * @ingroup krb5_storage 8333 */ 8334 8335KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8336krb5_store_creds ( 8337 krb5_storage */*sp*/, 8338 krb5_creds */*creds*/); 8339 8340/** 8341 * Write a tagged credentials block to storage. 8342 * 8343 * @param sp the storage buffer to write to 8344 * @param creds the creds block to write. 8345 * 8346 * @return 0 on success, a Kerberos 5 error code on failure. 8347 * 8348 * @ingroup krb5_storage 8349 */ 8350 8351KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8352krb5_store_creds_tag ( 8353 krb5_storage */*sp*/, 8354 krb5_creds */*creds*/); 8355 8356/** 8357 * Store a data to the storage. The data is stored with an int32 as 8358 * lenght plus the data (not padded). 8359 * 8360 * @param sp the storage buffer to write to 8361 * @param data the buffer to store. 8362 * 8363 * @return 0 on success, a Kerberos 5 error code on failure. 8364 * 8365 * @ingroup krb5_storage 8366 */ 8367 8368KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8369krb5_store_data ( 8370 krb5_storage */*sp*/, 8371 krb5_data /*data*/); 8372 8373/** 8374 * Store a int16 to storage, byte order is controlled by the settings 8375 * on the storage, see krb5_storage_set_byteorder(). 8376 * 8377 * @param sp the storage to write too 8378 * @param value the value to store 8379 * 8380 * @return 0 for success, or a Kerberos 5 error code on failure. 8381 * 8382 * @ingroup krb5_storage 8383 */ 8384 8385KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8386krb5_store_int16 ( 8387 krb5_storage */*sp*/, 8388 int16_t /*value*/); 8389 8390/** 8391 * Store a int32 to storage, byte order is controlled by the settings 8392 * on the storage, see krb5_storage_set_byteorder(). 8393 * 8394 * @param sp the storage to write too 8395 * @param value the value to store 8396 * 8397 * @return 0 for success, or a Kerberos 5 error code on failure. 8398 * 8399 * @ingroup krb5_storage 8400 */ 8401 8402KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8403krb5_store_int32 ( 8404 krb5_storage */*sp*/, 8405 int32_t /*value*/); 8406 8407/** 8408 * Store a int64 to storage, byte order is controlled by the settings 8409 * on the storage, see krb5_storage_set_byteorder(). 8410 * 8411 * @param sp the storage to write too 8412 * @param value the value to store 8413 * 8414 * @return 0 for success, or a Kerberos 5 error code on failure. 8415 * 8416 * @ingroup krb5_storage 8417 */ 8418 8419KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8420krb5_store_int64 ( 8421 krb5_storage */*sp*/, 8422 int64_t /*value*/); 8423 8424/** 8425 * Store a int8 to storage. 8426 * 8427 * @param sp the storage to write too 8428 * @param value the value to store 8429 * 8430 * @return 0 for success, or a Kerberos 5 error code on failure. 8431 * 8432 * @ingroup krb5_storage 8433 */ 8434 8435KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8436krb5_store_int8 ( 8437 krb5_storage */*sp*/, 8438 int8_t /*value*/); 8439 8440/** 8441 * Store a keyblock to the storage. 8442 * 8443 * @param sp the storage buffer to write to 8444 * @param p the keyblock to write 8445 * 8446 * @return 0 on success, a Kerberos 5 error code on failure. 8447 * 8448 * @ingroup krb5_storage 8449 */ 8450 8451KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8452krb5_store_keyblock ( 8453 krb5_storage */*sp*/, 8454 krb5_keyblock /*p*/); 8455 8456/** 8457 * Write a principal block to storage. 8458 * 8459 * @param sp the storage buffer to write to 8460 * @param p the principal block to write. 8461 * 8462 * @return 0 on success, a Kerberos 5 error code on failure. 8463 * 8464 * @ingroup krb5_storage 8465 */ 8466 8467KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8468krb5_store_principal ( 8469 krb5_storage */*sp*/, 8470 krb5_const_principal /*p*/); 8471 8472/** 8473 * Store a string to the buffer. The data is formated as an len:uint32 8474 * plus the string itself (not padded). 8475 * 8476 * @param sp the storage buffer to write to 8477 * @param s the string to store. 8478 * 8479 * @return 0 on success, a Kerberos 5 error code on failure. 8480 * 8481 * @ingroup krb5_storage 8482 */ 8483 8484KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8485krb5_store_string ( 8486 krb5_storage */*sp*/, 8487 const char */*s*/); 8488 8489KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8490krb5_store_stringnl ( 8491 krb5_storage */*sp*/, 8492 const char */*s*/); 8493 8494/** 8495 * Store a zero terminated string to the buffer. The data is stored 8496 * one character at a time until a NUL is stored. 8497 * 8498 * @param sp the storage buffer to write to 8499 * @param s the string to store. 8500 * 8501 * @return 0 on success, a Kerberos 5 error code on failure. 8502 * 8503 * @ingroup krb5_storage 8504 */ 8505 8506KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8507krb5_store_stringz ( 8508 krb5_storage */*sp*/, 8509 const char */*s*/); 8510 8511/** 8512 * Write a times block to storage. 8513 * 8514 * @param sp the storage buffer to write to 8515 * @param times the times block to write. 8516 * 8517 * @return 0 on success, a Kerberos 5 error code on failure. 8518 * 8519 * @ingroup krb5_storage 8520 */ 8521 8522KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8523krb5_store_times ( 8524 krb5_storage */*sp*/, 8525 krb5_times /*times*/); 8526 8527/** 8528 * Store a uint16 to storage, byte order is controlled by the settings 8529 * on the storage, see krb5_storage_set_byteorder(). 8530 * 8531 * @param sp the storage to write too 8532 * @param value the value to store 8533 * 8534 * @return 0 for success, or a Kerberos 5 error code on failure. 8535 * 8536 * @ingroup krb5_storage 8537 */ 8538 8539KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8540krb5_store_uint16 ( 8541 krb5_storage */*sp*/, 8542 uint16_t /*value*/); 8543 8544/** 8545 * Store a uint32 to storage, byte order is controlled by the settings 8546 * on the storage, see krb5_storage_set_byteorder(). 8547 * 8548 * @param sp the storage to write too 8549 * @param value the value to store 8550 * 8551 * @return 0 for success, or a Kerberos 5 error code on failure. 8552 * 8553 * @ingroup krb5_storage 8554 */ 8555 8556KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8557krb5_store_uint32 ( 8558 krb5_storage */*sp*/, 8559 uint32_t /*value*/); 8560 8561/** 8562 * Store a uint64 to storage, byte order is controlled by the settings 8563 * on the storage, see krb5_storage_set_byteorder(). 8564 * 8565 * @param sp the storage to write too 8566 * @param value the value to store 8567 * 8568 * @return 0 for success, or a Kerberos 5 error code on failure. 8569 * 8570 * @ingroup krb5_storage 8571 */ 8572 8573KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8574krb5_store_uint64 ( 8575 krb5_storage */*sp*/, 8576 uint64_t /*value*/); 8577 8578/** 8579 * Store a uint8 to storage. 8580 * 8581 * @param sp the storage to write too 8582 * @param value the value to store 8583 * 8584 * @return 0 for success, or a Kerberos 5 error code on failure. 8585 * 8586 * @ingroup krb5_storage 8587 */ 8588 8589KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8590krb5_store_uint8 ( 8591 krb5_storage */*sp*/, 8592 uint8_t /*value*/); 8593 8594KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8595krb5_string_to_deltat ( 8596 const char */*string*/, 8597 krb5_deltat */*deltat*/); 8598 8599KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8600krb5_string_to_enctype ( 8601 krb5_context /*context*/, 8602 const char */*string*/, 8603 krb5_enctype */*etype*/); 8604 8605KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8606krb5_string_to_key ( 8607 krb5_context /*context*/, 8608 krb5_enctype /*enctype*/, 8609 const char */*password*/, 8610 krb5_principal /*principal*/, 8611 krb5_keyblock */*key*/); 8612 8613KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8614krb5_string_to_key_data ( 8615 krb5_context /*context*/, 8616 krb5_enctype /*enctype*/, 8617 krb5_data /*password*/, 8618 krb5_principal /*principal*/, 8619 krb5_keyblock */*key*/); 8620 8621KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8622krb5_string_to_key_data_salt ( 8623 krb5_context /*context*/, 8624 krb5_enctype /*enctype*/, 8625 krb5_data /*password*/, 8626 krb5_salt /*salt*/, 8627 krb5_keyblock */*key*/); 8628 8629KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8630krb5_string_to_key_data_salt_opaque ( 8631 krb5_context /*context*/, 8632 krb5_enctype /*enctype*/, 8633 krb5_data /*password*/, 8634 krb5_salt /*salt*/, 8635 krb5_data /*opaque*/, 8636 krb5_keyblock */*key*/); 8637 8638KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8639krb5_string_to_key_derived ( 8640 krb5_context /*context*/, 8641 const void */*str*/, 8642 size_t /*len*/, 8643 krb5_enctype /*etype*/, 8644 krb5_keyblock */*key*/); 8645 8646KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8647krb5_string_to_key_salt ( 8648 krb5_context /*context*/, 8649 krb5_enctype /*enctype*/, 8650 const char */*password*/, 8651 krb5_salt /*salt*/, 8652 krb5_keyblock */*key*/); 8653 8654KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8655krb5_string_to_key_salt_opaque ( 8656 krb5_context /*context*/, 8657 krb5_enctype /*enctype*/, 8658 const char */*password*/, 8659 krb5_salt /*salt*/, 8660 krb5_data /*opaque*/, 8661 krb5_keyblock */*key*/); 8662 8663/** 8664 * Deprecated: keytypes doesn't exists, they are really enctypes in 8665 * most cases, use krb5_string_to_enctype(). 8666 * 8667 * @ingroup krb5_deprecated 8668 */ 8669 8670KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8671krb5_string_to_keytype ( 8672 krb5_context /*context*/, 8673 const char */*string*/, 8674 krb5_keytype */*keytype*/) 8675 KRB5_DEPRECATED_FUNCTION("Use X instead"); 8676 8677KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8678krb5_string_to_salttype ( 8679 krb5_context /*context*/, 8680 krb5_enctype /*etype*/, 8681 const char */*string*/, 8682 krb5_salttype */*salttype*/); 8683 8684/** 8685 * Extract the authorization data type of type from the ticket. Store 8686 * the field in data. This function is to use for kerberos 8687 * applications. 8688 * 8689 * @param context a Kerberos 5 context 8690 * @param ticket Kerberos ticket 8691 * @param type type to fetch 8692 * @param data returned data, free with krb5_data_free() 8693 * 8694 * @ingroup krb5 8695 */ 8696 8697KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8698krb5_ticket_get_authorization_data_type ( 8699 krb5_context /*context*/, 8700 krb5_ticket */*ticket*/, 8701 int /*type*/, 8702 krb5_data */*data*/); 8703 8704/** 8705 * Return client principal in ticket 8706 * 8707 * @param context a Kerberos 5 context 8708 * @param ticket ticket to copy 8709 * @param client client principal, free with krb5_free_principal() 8710 * 8711 * @return Returns 0 to indicate success. Otherwise an kerberos et 8712 * error code is returned, see krb5_get_error_message(). 8713 * 8714 * @ingroup krb5 8715 */ 8716 8717KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8718krb5_ticket_get_client ( 8719 krb5_context /*context*/, 8720 const krb5_ticket */*ticket*/, 8721 krb5_principal */*client*/); 8722 8723/** 8724 * Return end time of ticket 8725 * 8726 * @param context a Kerberos 5 context 8727 * @param ticket ticket to copy 8728 * 8729 * @return end time of ticket 8730 * 8731 * @ingroup krb5 8732 */ 8733 8734KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 8735krb5_ticket_get_endtime ( 8736 krb5_context /*context*/, 8737 const krb5_ticket */*ticket*/); 8738 8739/** 8740 * Get the flags from the Kerberos ticket 8741 * 8742 * @param context Kerberos context 8743 * @param ticket Kerberos ticket 8744 * 8745 * @return ticket flags 8746 * 8747 * @ingroup krb5_ticket 8748 */ 8749 8750KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 8751krb5_ticket_get_flags ( 8752 krb5_context /*context*/, 8753 const krb5_ticket */*ticket*/); 8754 8755/** 8756 * Return server principal in ticket 8757 * 8758 * @param context a Kerberos 5 context 8759 * @param ticket ticket to copy 8760 * @param server server principal, free with krb5_free_principal() 8761 * 8762 * @return Returns 0 to indicate success. Otherwise an kerberos et 8763 * error code is returned, see krb5_get_error_message(). 8764 * 8765 * @ingroup krb5 8766 */ 8767 8768KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8769krb5_ticket_get_server ( 8770 krb5_context /*context*/, 8771 const krb5_ticket */*ticket*/, 8772 krb5_principal */*server*/); 8773 8774/** 8775 * If the caller passes in a negative usec, its assumed to be 8776 * unknown and the function will use the current time usec. 8777 */ 8778 8779KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8780krb5_timeofday ( 8781 krb5_context /*context*/, 8782 krb5_timestamp */*timeret*/); 8783 8784/** 8785 * Unparse the Kerberos name into a string 8786 * 8787 * @param context Kerberos 5 context 8788 * @param principal principal to query 8789 * @param name resulting string, free with krb5_xfree() 8790 * 8791 * @return An krb5 error code, see krb5_get_error_message(). 8792 * 8793 * @ingroup krb5_principal 8794 */ 8795 8796KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8797krb5_unparse_name ( 8798 krb5_context /*context*/, 8799 krb5_const_principal /*principal*/, 8800 char **/*name*/); 8801 8802/** 8803 * Unparse the principal name to a fixed buffer 8804 * 8805 * @param context A Kerberos context. 8806 * @param principal principal to unparse 8807 * @param name buffer to write name to 8808 * @param len length of buffer 8809 * 8810 * @return An krb5 error code, see krb5_get_error_message(). 8811 * 8812 * @ingroup krb5_principal 8813 */ 8814 8815KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8816krb5_unparse_name_fixed ( 8817 krb5_context /*context*/, 8818 krb5_const_principal /*principal*/, 8819 char */*name*/, 8820 size_t /*len*/); 8821 8822/** 8823 * Unparse the principal name with unparse flags to a fixed buffer. 8824 * 8825 * @param context A Kerberos context. 8826 * @param principal principal to unparse 8827 * @param flags unparse flags 8828 * @param name buffer to write name to 8829 * @param len length of buffer 8830 * 8831 * @return An krb5 error code, see krb5_get_error_message(). 8832 * 8833 * @ingroup krb5_principal 8834 */ 8835 8836KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8837krb5_unparse_name_fixed_flags ( 8838 krb5_context /*context*/, 8839 krb5_const_principal /*principal*/, 8840 int /*flags*/, 8841 char */*name*/, 8842 size_t /*len*/); 8843 8844/** 8845 * Unparse the principal name to a fixed buffer. The realm is skipped 8846 * if its a default realm. 8847 * 8848 * @param context A Kerberos context. 8849 * @param principal principal to unparse 8850 * @param name buffer to write name to 8851 * @param len length of buffer 8852 * 8853 * @return An krb5 error code, see krb5_get_error_message(). 8854 * 8855 * @ingroup krb5_principal 8856 */ 8857 8858KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8859krb5_unparse_name_fixed_short ( 8860 krb5_context /*context*/, 8861 krb5_const_principal /*principal*/, 8862 char */*name*/, 8863 size_t /*len*/); 8864 8865/** 8866 * Unparse the Kerberos name into a string 8867 * 8868 * @param context Kerberos 5 context 8869 * @param principal principal to query 8870 * @param flags flag to determine the behavior 8871 * @param name resulting string, free with krb5_xfree() 8872 * 8873 * @return An krb5 error code, see krb5_get_error_message(). 8874 * 8875 * @ingroup krb5_principal 8876 */ 8877 8878KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8879krb5_unparse_name_flags ( 8880 krb5_context /*context*/, 8881 krb5_const_principal /*principal*/, 8882 int /*flags*/, 8883 char **/*name*/); 8884 8885/** 8886 * Unparse the principal name to a allocated buffer. The realm is 8887 * skipped if its a default realm. 8888 * 8889 * @param context A Kerberos context. 8890 * @param principal principal to unparse 8891 * @param name returned buffer, free with krb5_xfree() 8892 * 8893 * @return An krb5 error code, see krb5_get_error_message(). 8894 * 8895 * @ingroup krb5_principal 8896 */ 8897 8898KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8899krb5_unparse_name_short ( 8900 krb5_context /*context*/, 8901 krb5_const_principal /*principal*/, 8902 char **/*name*/); 8903 8904KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8905krb5_us_timeofday ( 8906 krb5_context /*context*/, 8907 krb5_timestamp */*sec*/, 8908 int32_t */*usec*/); 8909 8910/** 8911 * Log a warning to the log, default stderr, include bthe error from 8912 * the last failure and then abort. 8913 * 8914 * @param context A Kerberos 5 context 8915 * @param code error code of the last error 8916 * @param fmt message to print 8917 * @param ap arguments 8918 * 8919 * @ingroup krb5_error 8920 */ 8921 8922KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8923krb5_vabort ( 8924 krb5_context /*context*/, 8925 krb5_error_code /*code*/, 8926 const char */*fmt*/, 8927 va_list /*ap*/) 8928 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 0))); 8929 8930KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8931krb5_vabortx ( 8932 krb5_context /*context*/, 8933 const char */*fmt*/, 8934 va_list /*ap*/) 8935 __attribute__ ((__noreturn__, __format__ (__printf__, 2, 0))); 8936 8937KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8938krb5_verify_ap_req ( 8939 krb5_context /*context*/, 8940 krb5_auth_context */*auth_context*/, 8941 krb5_ap_req */*ap_req*/, 8942 krb5_const_principal /*server*/, 8943 krb5_keyblock */*keyblock*/, 8944 krb5_flags /*flags*/, 8945 krb5_flags */*ap_req_options*/, 8946 krb5_ticket **/*ticket*/); 8947 8948KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8949krb5_verify_ap_req2 ( 8950 krb5_context /*context*/, 8951 krb5_auth_context */*auth_context*/, 8952 krb5_ap_req */*ap_req*/, 8953 krb5_const_principal /*server*/, 8954 krb5_keyblock */*keyblock*/, 8955 krb5_flags /*flags*/, 8956 krb5_flags */*ap_req_options*/, 8957 krb5_ticket **/*ticket*/, 8958 krb5_key_usage /*usage*/); 8959 8960KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8961krb5_verify_authenticator_checksum ( 8962 krb5_context /*context*/, 8963 krb5_auth_context /*ac*/, 8964 void */*data*/, 8965 size_t /*len*/); 8966 8967KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8968krb5_verify_checksum ( 8969 krb5_context /*context*/, 8970 krb5_crypto /*crypto*/, 8971 krb5_key_usage /*usage*/, 8972 void */*data*/, 8973 size_t /*len*/, 8974 Checksum */*cksum*/); 8975 8976/** 8977 * Verify a Kerberos message checksum. 8978 * 8979 * @param context Kerberos context 8980 * @param crypto Kerberos crypto context 8981 * @param usage Key usage for this buffer 8982 * @param data array of buffers to process 8983 * @param num_data length of array 8984 * @param type return checksum type if not NULL 8985 * 8986 * @return Return an error code or 0. 8987 * @ingroup krb5_crypto 8988 */ 8989 8990KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8991krb5_verify_checksum_iov ( 8992 krb5_context /*context*/, 8993 krb5_crypto /*crypto*/, 8994 unsigned /*usage*/, 8995 krb5_crypto_iov */*data*/, 8996 unsigned int /*num_data*/, 8997 krb5_cksumtype */*type*/); 8998 8999KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9000krb5_verify_init_creds ( 9001 krb5_context /*context*/, 9002 krb5_creds */*creds*/, 9003 krb5_principal /*ap_req_server*/, 9004 krb5_keytab /*ap_req_keytab*/, 9005 krb5_ccache */*ccache*/, 9006 krb5_verify_init_creds_opt */*options*/); 9007 9008KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9009krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt */*options*/); 9010 9011KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9012krb5_verify_init_creds_opt_set_ap_req_nofail ( 9013 krb5_verify_init_creds_opt */*options*/, 9014 int /*ap_req_nofail*/); 9015 9016KRB5_LIB_FUNCTION int KRB5_LIB_CALL 9017krb5_verify_opt_alloc ( 9018 krb5_context /*context*/, 9019 krb5_verify_opt **/*opt*/); 9020 9021KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9022krb5_verify_opt_free (krb5_verify_opt */*opt*/); 9023 9024KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9025krb5_verify_opt_init (krb5_verify_opt */*opt*/); 9026 9027KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9028krb5_verify_opt_set_ccache ( 9029 krb5_verify_opt */*opt*/, 9030 krb5_ccache /*ccache*/); 9031 9032KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9033krb5_verify_opt_set_flags ( 9034 krb5_verify_opt */*opt*/, 9035 unsigned int /*flags*/); 9036 9037KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9038krb5_verify_opt_set_keytab ( 9039 krb5_verify_opt */*opt*/, 9040 krb5_keytab /*keytab*/); 9041 9042KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9043krb5_verify_opt_set_secure ( 9044 krb5_verify_opt */*opt*/, 9045 krb5_boolean /*secure*/); 9046 9047KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9048krb5_verify_opt_set_service ( 9049 krb5_verify_opt */*opt*/, 9050 const char */*service*/); 9051 9052KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9053krb5_verify_user ( 9054 krb5_context /*context*/, 9055 krb5_principal /*principal*/, 9056 krb5_ccache /*ccache*/, 9057 const char */*password*/, 9058 krb5_boolean /*secure*/, 9059 const char */*service*/); 9060 9061KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9062krb5_verify_user_lrealm ( 9063 krb5_context /*context*/, 9064 krb5_principal /*principal*/, 9065 krb5_ccache /*ccache*/, 9066 const char */*password*/, 9067 krb5_boolean /*secure*/, 9068 const char */*service*/); 9069 9070KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9071krb5_verify_user_opt ( 9072 krb5_context /*context*/, 9073 krb5_principal /*principal*/, 9074 const char */*password*/, 9075 krb5_verify_opt */*opt*/); 9076 9077/** 9078 * Log a warning to the log, default stderr, include bthe error from 9079 * the last failure and then exit. 9080 * 9081 * @param context A Kerberos 5 context 9082 * @param eval the exit code to exit with 9083 * @param code error code of the last error 9084 * @param fmt message to print 9085 * @param ap arguments 9086 * 9087 * @ingroup krb5_error 9088 */ 9089 9090KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9091krb5_verr ( 9092 krb5_context /*context*/, 9093 int /*eval*/, 9094 krb5_error_code /*code*/, 9095 const char */*fmt*/, 9096 va_list /*ap*/) 9097 __attribute__ ((__noreturn__, __format__ (__printf__, 4, 0))); 9098 9099/** 9100 * Log a warning to the log, default stderr, and then exit. 9101 * 9102 * @param context A Kerberos 5 context 9103 * @param eval the exit code to exit with 9104 * @param fmt message to print 9105 * @param ap arguments 9106 * 9107 * @ingroup krb5_error 9108 */ 9109 9110KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9111krb5_verrx ( 9112 krb5_context /*context*/, 9113 int /*eval*/, 9114 const char */*fmt*/, 9115 va_list /*ap*/) 9116 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 0))); 9117 9118KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9119krb5_vlog ( 9120 krb5_context /*context*/, 9121 krb5_log_facility */*fac*/, 9122 int /*level*/, 9123 const char */*fmt*/, 9124 va_list /*ap*/) 9125 __attribute__ ((__format__ (__printf__, 4, 0))); 9126 9127KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9128krb5_vlog_msg ( 9129 krb5_context /*context*/, 9130 krb5_log_facility */*fac*/, 9131 char **/*reply*/, 9132 int /*level*/, 9133 const char */*fmt*/, 9134 va_list /*ap*/) 9135 __attribute__ ((__format__ (__printf__, 5, 0))); 9136 9137/** 9138 * Prepend the contexts's full error string for a specific error code. 9139 * 9140 * The if context is NULL, no error string is stored. 9141 * 9142 * @param context Kerberos 5 context 9143 * @param ret The error code 9144 * @param fmt Error string for the error code 9145 * @param args printf(3) style parameters. 9146 * 9147 * @ingroup krb5_error 9148 */ 9149 9150KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9151krb5_vprepend_error_message ( 9152 krb5_context /*context*/, 9153 krb5_error_code /*ret*/, 9154 const char */*fmt*/, 9155 va_list /*args*/) 9156 __attribute__ ((__format__ (__printf__, 3, 0))); 9157 9158/** 9159 * Set the context full error string for a specific error code. 9160 * 9161 * The if context is NULL, no error string is stored. 9162 * 9163 * @param context Kerberos 5 context 9164 * @param ret The error code 9165 * @param fmt Error string for the error code 9166 * @param args printf(3) style parameters. 9167 * 9168 * @ingroup krb5_error 9169 */ 9170 9171KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9172krb5_vset_error_message ( 9173 krb5_context /*context*/, 9174 krb5_error_code /*ret*/, 9175 const char */*fmt*/, 9176 va_list /*args*/) 9177 __attribute__ ((__format__ (__printf__, 3, 0))); 9178 9179/** 9180 * Set the error message returned by krb5_get_error_string(), 9181 * deprecated, use krb5_set_error_message(). 9182 * 9183 * Deprecated: use krb5_vset_error_message() 9184 * 9185 * @param context Kerberos context 9186 * @param fmt error message to free 9187 * @param args variable argument list vector 9188 * 9189 * @return Return an error code or 0. 9190 * 9191 * @ingroup krb5_deprecated 9192 */ 9193 9194KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9195krb5_vset_error_string ( 9196 krb5_context /*context*/, 9197 const char */*fmt*/, 9198 va_list /*args*/) 9199 __attribute__ ((__format__ (__printf__, 2, 0))) KRB5_DEPRECATED_FUNCTION("Use X instead"); 9200 9201/** 9202 * Log a warning to the log, default stderr, include the error from 9203 * the last failure. 9204 * 9205 * @param context A Kerberos 5 context. 9206 * @param code error code of the last error 9207 * @param fmt message to print 9208 * @param ap arguments 9209 * 9210 * @ingroup krb5_error 9211 */ 9212 9213KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9214krb5_vwarn ( 9215 krb5_context /*context*/, 9216 krb5_error_code /*code*/, 9217 const char */*fmt*/, 9218 va_list /*ap*/) 9219 __attribute__ ((__format__ (__printf__, 3, 0))); 9220 9221/** 9222 * Log a warning to the log, default stderr. 9223 * 9224 * @param context A Kerberos 5 context. 9225 * @param fmt message to print 9226 * @param ap arguments 9227 * 9228 * @ingroup krb5_error 9229 */ 9230 9231KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9232krb5_vwarnx ( 9233 krb5_context /*context*/, 9234 const char */*fmt*/, 9235 va_list /*ap*/) 9236 __attribute__ ((__format__ (__printf__, 2, 0))); 9237 9238/** 9239 * Log a warning to the log, default stderr, include the error from 9240 * the last failure. 9241 * 9242 * @param context A Kerberos 5 context. 9243 * @param code error code of the last error 9244 * @param fmt message to print 9245 * 9246 * @ingroup krb5_error 9247 */ 9248 9249KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9250krb5_warn ( 9251 krb5_context /*context*/, 9252 krb5_error_code /*code*/, 9253 const char */*fmt*/, 9254 ...) 9255 __attribute__ ((__format__ (__printf__, 3, 4))); 9256 9257/** 9258 * Log a warning to the log, default stderr. 9259 * 9260 * @param context A Kerberos 5 context. 9261 * @param fmt message to print 9262 * 9263 * @ingroup krb5_error 9264 */ 9265 9266KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9267krb5_warnx ( 9268 krb5_context /*context*/, 9269 const char */*fmt*/, 9270 ...) 9271 __attribute__ ((__format__ (__printf__, 2, 3))); 9272 9273KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9274krb5_write_message ( 9275 krb5_context /*context*/, 9276 krb5_pointer /*p_fd*/, 9277 krb5_data */*data*/); 9278 9279KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9280krb5_write_priv_message ( 9281 krb5_context /*context*/, 9282 krb5_auth_context /*ac*/, 9283 krb5_pointer /*p_fd*/, 9284 krb5_data */*data*/); 9285 9286KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9287krb5_write_safe_message ( 9288 krb5_context /*context*/, 9289 krb5_auth_context /*ac*/, 9290 krb5_pointer /*p_fd*/, 9291 krb5_data */*data*/); 9292 9293KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9294krb5_xfree (void */*ptr*/); 9295 9296#ifdef __cplusplus 9297} 9298#endif 9299 9300#undef KRB5_DEPRECATED_FUNCTION 9301 9302#endif /* DOXY */ 9303#endif /* __krb5_protos_h__ */ 9304