1 /* This is a generated file */ 2 #ifndef __krb5_protos_h__ 3 #define __krb5_protos_h__ 4 #ifndef DOXY 5 6 #include <stdarg.h> 7 8 #if !defined(__GNUC__) && !defined(__attribute__) 9 #define __attribute__(x) 10 #endif 11 12 #ifndef KRB5_DEPRECATED_FUNCTION 13 #ifndef __has_extension 14 #define __has_extension(x) 0 15 #define KRB5_DEPRECATED_FUNCTIONhas_extension 1 16 #endif 17 #if __has_extension(attribute_deprecated_with_message) 18 #define KRB5_DEPRECATED_FUNCTION(x) __attribute__((__deprecated__(x))) 19 #elif defined(__GNUC__) && ((__GNUC__ > 3) || ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 ))) 20 #define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__)) 21 #else 22 #define KRB5_DEPRECATED_FUNCTION(X) 23 #endif 24 #ifdef KRB5_DEPRECATED_FUNCTIONhas_extension 25 #undef __has_extension 26 #undef KRB5_DEPRECATED_FUNCTIONhas_extension 27 #endif 28 #endif /* KRB5_DEPRECATED_FUNCTION */ 29 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 #ifndef KRB5_LIB 36 #ifndef KRB5_LIB_FUNCTION 37 #if defined(_WIN32) 38 #define KRB5_LIB_FUNCTION __declspec(dllimport) 39 #define KRB5_LIB_CALL __stdcall 40 #define KRB5_LIB_VARIABLE __declspec(dllimport) 41 #else 42 #define KRB5_LIB_FUNCTION 43 #define KRB5_LIB_CALL 44 #define KRB5_LIB_VARIABLE 45 #endif 46 #endif 47 #endif 48 /** 49 * Convert the v5 credentials in in_cred to v4-dito in v4creds. This 50 * is done by sending them to the 524 function in the KDC. If 51 * `in_cred' doesn't contain a DES session key, then a new one is 52 * gotten from the KDC and stored in the cred cache `ccache'. 53 * 54 * @param context Kerberos 5 context. 55 * @param in_cred the credential to convert 56 * @param v4creds the converted credential 57 * 58 * @return Returns 0 to indicate success. Otherwise an kerberos et 59 * error code is returned, see krb5_get_error_message(). 60 * 61 * @ingroup krb5_v4compat 62 */ 63 64 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 65 krb524_convert_creds_kdc ( 66 krb5_context /*context*/, 67 krb5_creds */*in_cred*/, 68 struct credentials */*v4creds*/) 69 KRB5_DEPRECATED_FUNCTION("Use X instead"); 70 71 /** 72 * Convert the v5 credentials in in_cred to v4-dito in v4creds, 73 * check the credential cache ccache before checking with the KDC. 74 * 75 * @param context Kerberos 5 context. 76 * @param ccache credential cache used to check for des-ticket. 77 * @param in_cred the credential to convert 78 * @param v4creds the converted credential 79 * 80 * @return Returns 0 to indicate success. Otherwise an kerberos et 81 * error code is returned, see krb5_get_error_message(). 82 * 83 * @ingroup krb5_v4compat 84 */ 85 86 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 87 krb524_convert_creds_kdc_ccache ( 88 krb5_context /*context*/, 89 krb5_ccache /*ccache*/, 90 krb5_creds */*in_cred*/, 91 struct credentials */*v4creds*/) 92 KRB5_DEPRECATED_FUNCTION("Use X instead"); 93 94 /** 95 * Log a warning to the log, default stderr, include the error from 96 * the last failure and then abort. 97 * 98 * @param context A Kerberos 5 context 99 * @param code error code of the last error 100 * @param fmt message to print 101 * @param ... arguments for format string 102 * 103 * @ingroup krb5_error 104 */ 105 106 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 107 krb5_abort ( 108 krb5_context /*context*/, 109 krb5_error_code /*code*/, 110 const char */*fmt*/, 111 ...) 112 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 4))); 113 114 /** 115 * Log a warning to the log, default stderr, and then abort. 116 * 117 * @param context A Kerberos 5 context 118 * @param fmt printf format string of message to print 119 * @param ... arguments for format string 120 * 121 * @ingroup krb5_error 122 */ 123 124 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 125 krb5_abortx ( 126 krb5_context /*context*/, 127 const char */*fmt*/, 128 ...) 129 __attribute__ ((__noreturn__, __format__ (__printf__, 2, 3))); 130 131 /** 132 * krb5_acl_match_file matches ACL format against each line in a file 133 * using krb5_acl_match_string(). Lines starting with # are treated 134 * like comments and ignored. 135 * 136 * @param context Kerberos 5 context. 137 * @param file file with acl listed in the file. 138 * @param format format to match. 139 * @param ... parameter to format string. 140 * 141 * @return Return an error code or 0. 142 * 143 * @sa krb5_acl_match_string 144 * @ingroup krb5_support 145 */ 146 147 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 148 krb5_acl_match_file ( 149 krb5_context /*context*/, 150 const char */*file*/, 151 const char */*format*/, 152 ...); 153 154 /** 155 * krb5_acl_match_string matches ACL format against a string. 156 * 157 * The ACL format has three format specifiers: s, f, and r. Each 158 * specifier will retrieve one argument from the variable arguments 159 * for either matching or storing data. The input string is split up 160 * using " " (space) and "\t" (tab) as a delimiter; multiple and "\t" 161 * in a row are considered to be the same. 162 * 163 * List of format specifiers: 164 * - s Matches a string using strcmp(3) (case sensitive). 165 * - f Matches the string with fnmatch(3). Theflags 166 * argument (the last argument) passed to the fnmatch function is 0. 167 * - r Returns a copy of the string in the char ** passed in; the copy 168 * must be freed with free(3). There is no need to free(3) the 169 * string on error: the function will clean up and set the pointer 170 * to NULL. 171 * 172 * @param context Kerberos 5 context 173 * @param string string to match with 174 * @param format format to match 175 * @param ... parameter to format string 176 * 177 * @return Return an error code or 0. 178 * 179 * 180 * @code 181 * char *s; 182 * 183 * ret = krb5_acl_match_string(context, "foo", "s", "foo"); 184 * if (ret) 185 * krb5_errx(context, 1, "acl didn't match"); 186 * ret = krb5_acl_match_string(context, "foo foo baz/kaka", 187 * "ss", "foo", &s, "foo/\\*"); 188 * if (ret) { 189 * // no need to free(s) on error 190 * assert(s == NULL); 191 * krb5_errx(context, 1, "acl didn't match"); 192 * } 193 * free(s); 194 * @endcode 195 * 196 * @sa krb5_acl_match_file 197 * @ingroup krb5_support 198 */ 199 200 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 201 krb5_acl_match_string ( 202 krb5_context /*context*/, 203 const char */*string*/, 204 const char */*format*/, 205 ...); 206 207 /** 208 * Add a specified list of error messages to the et list in context. 209 * Call func (probably a comerr-generated function) with a pointer to 210 * the current et_list. 211 * 212 * @param context A kerberos context. 213 * @param func The generated com_err et function. 214 * 215 * @return Returns 0 to indicate success. Otherwise an kerberos et 216 * error code is returned, see krb5_get_error_message(). 217 * 218 * @ingroup krb5 219 */ 220 221 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 222 krb5_add_et_list ( 223 krb5_context /*context*/, 224 void (*/*func*/)(struct et_list **)); 225 226 /** 227 * Add extra address to the address list that the library will add to 228 * the client's address list when communicating with the KDC. 229 * 230 * @param context Kerberos 5 context. 231 * @param addresses addreses to add 232 * 233 * @return Returns 0 to indicate success. Otherwise an kerberos et 234 * error code is returned, see krb5_get_error_message(). 235 * 236 * @ingroup krb5 237 */ 238 239 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 240 krb5_add_extra_addresses ( 241 krb5_context /*context*/, 242 krb5_addresses */*addresses*/); 243 244 /** 245 * Add extra addresses to ignore when fetching addresses from the 246 * underlaying operating system. 247 * 248 * @param context Kerberos 5 context. 249 * @param addresses addreses to ignore 250 * 251 * @return Returns 0 to indicate success. Otherwise an kerberos et 252 * error code is returned, see krb5_get_error_message(). 253 * 254 * @ingroup krb5 255 */ 256 257 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 258 krb5_add_ignore_addresses ( 259 krb5_context /*context*/, 260 krb5_addresses */*addresses*/); 261 262 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 263 krb5_addlog_dest ( 264 krb5_context /*context*/, 265 krb5_log_facility */*f*/, 266 const char */*orig*/); 267 268 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 269 krb5_addlog_func ( 270 krb5_context /*context*/, 271 krb5_log_facility */*fac*/, 272 int /*min*/, 273 int /*max*/, 274 krb5_log_log_func_t /*log_func*/, 275 krb5_log_close_func_t /*close_func*/, 276 void */*data*/); 277 278 /** 279 * krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr 280 * and port. The argument sa_size should initially contain the size of 281 * the sa and after the call, it will contain the actual length of the 282 * address. In case of the sa is too small to fit the whole address, 283 * the up to *sa_size will be stored, and then *sa_size will be set to 284 * the required length. 285 * 286 * @param context a Keberos context 287 * @param addr the address to copy the from 288 * @param sa the struct sockaddr that will be filled in 289 * @param sa_size pointer to length of sa, and after the call, it will 290 * contain the actual length of the address. 291 * @param port set port in sa. 292 * 293 * @return Return an error code or 0. Will return 294 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 295 * 296 * @ingroup krb5_address 297 */ 298 299 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 300 krb5_addr2sockaddr ( 301 krb5_context /*context*/, 302 const krb5_address */*addr*/, 303 struct sockaddr */*sa*/, 304 krb5_socklen_t */*sa_size*/, 305 int /*port*/); 306 307 /** 308 * krb5_address_compare compares the addresses addr1 and addr2. 309 * Returns TRUE if the two addresses are the same. 310 * 311 * @param context a Keberos context 312 * @param addr1 address to compare 313 * @param addr2 address to compare 314 * 315 * @return Return an TRUE is the address are the same FALSE if not 316 * 317 * @ingroup krb5_address 318 */ 319 320 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 321 krb5_address_compare ( 322 krb5_context /*context*/, 323 const krb5_address */*addr1*/, 324 const krb5_address */*addr2*/); 325 326 /** 327 * krb5_address_order compares the addresses addr1 and addr2 so that 328 * it can be used for sorting addresses. If the addresses are the same 329 * address krb5_address_order will return 0. Behavies like memcmp(2). 330 * 331 * @param context a Keberos context 332 * @param addr1 krb5_address to compare 333 * @param addr2 krb5_address to compare 334 * 335 * @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and 336 * addr2 is the same address, > 0 if addr2 is "less" then addr1. 337 * 338 * @ingroup krb5_address 339 */ 340 341 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 342 krb5_address_order ( 343 krb5_context /*context*/, 344 const krb5_address */*addr1*/, 345 const krb5_address */*addr2*/); 346 347 /** 348 * Calculate the boundary addresses of `inaddr'/`prefixlen' and store 349 * them in `low' and `high'. 350 * 351 * @param context a Keberos context 352 * @param inaddr address in prefixlen that the bondery searched 353 * @param prefixlen width of boundery 354 * @param low lowest address 355 * @param high highest address 356 * 357 * @return Return an error code or 0. 358 * 359 * @ingroup krb5_address 360 */ 361 362 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 363 krb5_address_prefixlen_boundary ( 364 krb5_context /*context*/, 365 const krb5_address */*inaddr*/, 366 unsigned long /*prefixlen*/, 367 krb5_address */*low*/, 368 krb5_address */*high*/); 369 370 /** 371 * krb5_address_search checks if the address addr is a member of the 372 * address set list addrlist . 373 * 374 * @param context a Keberos context. 375 * @param addr address to search for. 376 * @param addrlist list of addresses to look in for addr. 377 * 378 * @return Return an error code or 0. 379 * 380 * @ingroup krb5_address 381 */ 382 383 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 384 krb5_address_search ( 385 krb5_context /*context*/, 386 const krb5_address */*addr*/, 387 const krb5_addresses */*addrlist*/); 388 389 /** 390 * Enable or disable all weak encryption types 391 * 392 * @param context Kerberos 5 context 393 * @param enable true to enable, false to disable 394 * 395 * @return Return an error code or 0. 396 * 397 * @ingroup krb5_crypto 398 */ 399 400 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 401 krb5_allow_weak_crypto ( 402 krb5_context /*context*/, 403 krb5_boolean /*enable*/); 404 405 /** 406 * Map a principal name to a local username. 407 * 408 * Returns 0 on success, KRB5_NO_LOCALNAME if no mapping was found, or 409 * some Kerberos or system error. 410 * 411 * Inputs: 412 * 413 * @param context A krb5_context 414 * @param aname A principal name 415 * @param lnsize The size of the buffer into which the username will be written 416 * @param lname The buffer into which the username will be written 417 * 418 * @ingroup krb5_support 419 */ 420 421 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 422 krb5_aname_to_localname ( 423 krb5_context /*context*/, 424 krb5_const_principal /*aname*/, 425 size_t /*lnsize*/, 426 char */*lname*/); 427 428 /** 429 * krb5_anyaddr fills in a "struct sockaddr sa" that can be used to 430 * bind(2) to. The argument sa_size should initially contain the size 431 * of the sa, and after the call, it will contain the actual length 432 * of the address. 433 * 434 * @param context a Keberos context 435 * @param af address family 436 * @param sa sockaddr 437 * @param sa_size lenght of sa. 438 * @param port for to fill into sa. 439 * 440 * @return Return an error code or 0. 441 * 442 * @ingroup krb5_address 443 */ 444 445 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 446 krb5_anyaddr ( 447 krb5_context /*context*/, 448 int /*af*/, 449 struct sockaddr */*sa*/, 450 krb5_socklen_t */*sa_size*/, 451 int /*port*/); 452 453 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 454 krb5_appdefault_boolean ( 455 krb5_context /*context*/, 456 const char */*appname*/, 457 krb5_const_realm /*realm*/, 458 const char */*option*/, 459 krb5_boolean /*def_val*/, 460 krb5_boolean */*ret_val*/); 461 462 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 463 krb5_appdefault_string ( 464 krb5_context /*context*/, 465 const char */*appname*/, 466 krb5_const_realm /*realm*/, 467 const char */*option*/, 468 const char */*def_val*/, 469 char **/*ret_val*/); 470 471 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 472 krb5_appdefault_time ( 473 krb5_context /*context*/, 474 const char */*appname*/, 475 krb5_const_realm /*realm*/, 476 const char */*option*/, 477 time_t /*def_val*/, 478 time_t */*ret_val*/); 479 480 /** 481 * krb5_append_addresses adds the set of addresses in source to 482 * dest. While copying the addresses, duplicates are also sorted out. 483 * 484 * @param context a Keberos context 485 * @param dest destination of copy operation 486 * @param source adresses that are going to be added to dest 487 * 488 * @return Return an error code or 0. 489 * 490 * @ingroup krb5_address 491 */ 492 493 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 494 krb5_append_addresses ( 495 krb5_context /*context*/, 496 krb5_addresses */*dest*/, 497 const krb5_addresses */*source*/); 498 499 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 500 krb5_auth_con_add_AuthorizationData ( 501 krb5_context /*context*/, 502 krb5_auth_context /*auth_context*/, 503 int /*type*/, 504 krb5_data */*data*/); 505 506 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 507 krb5_auth_con_addflags ( 508 krb5_context /*context*/, 509 krb5_auth_context /*auth_context*/, 510 int32_t /*addflags*/, 511 int32_t */*flags*/); 512 513 /** 514 * Deallocate an authentication context previously initialized with 515 * krb5_auth_con_init(). 516 * 517 * @param context A kerberos context. 518 * @param auth_context The authentication context to be deallocated. 519 * 520 * @return An krb5 error code, see krb5_get_error_message(). 521 */ 522 523 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 524 krb5_auth_con_free ( 525 krb5_context /*context*/, 526 krb5_auth_context /*auth_context*/); 527 528 /** 529 * Update the authentication context \a auth_context with the local 530 * and remote addresses from socket \a fd, according to \a flags. 531 * 532 * @return An krb5 error code, see krb5_get_error_message(). 533 */ 534 535 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 536 krb5_auth_con_genaddrs ( 537 krb5_context /*context*/, 538 krb5_auth_context /*auth_context*/, 539 krb5_socket_t /*fd*/, 540 int /*flags*/); 541 542 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 543 krb5_auth_con_generatelocalsubkey ( 544 krb5_context /*context*/, 545 krb5_auth_context /*auth_context*/, 546 krb5_keyblock */*key*/); 547 548 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 549 krb5_auth_con_getaddrs ( 550 krb5_context /*context*/, 551 krb5_auth_context /*auth_context*/, 552 krb5_address **/*local_addr*/, 553 krb5_address **/*remote_addr*/); 554 555 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 556 krb5_auth_con_getauthenticator ( 557 krb5_context /*context*/, 558 krb5_auth_context /*auth_context*/, 559 krb5_authenticator */*authenticator*/); 560 561 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 562 krb5_auth_con_getcksumtype ( 563 krb5_context /*context*/, 564 krb5_auth_context /*auth_context*/, 565 krb5_cksumtype */*cksumtype*/); 566 567 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 568 krb5_auth_con_getflags ( 569 krb5_context /*context*/, 570 krb5_auth_context /*auth_context*/, 571 int32_t */*flags*/); 572 573 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 574 krb5_auth_con_getkey ( 575 krb5_context /*context*/, 576 krb5_auth_context /*auth_context*/, 577 krb5_keyblock **/*keyblock*/); 578 579 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 580 krb5_auth_con_getkeytype ( 581 krb5_context /*context*/, 582 krb5_auth_context /*auth_context*/, 583 krb5_keytype */*keytype*/); 584 585 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 586 krb5_auth_con_getlocalseqnumber ( 587 krb5_context /*context*/, 588 krb5_auth_context /*auth_context*/, 589 int32_t */*seqnumber*/); 590 591 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 592 krb5_auth_con_getlocalsubkey ( 593 krb5_context /*context*/, 594 krb5_auth_context /*auth_context*/, 595 krb5_keyblock **/*keyblock*/); 596 597 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 598 krb5_auth_con_getrcache ( 599 krb5_context /*context*/, 600 krb5_auth_context /*auth_context*/, 601 krb5_rcache */*rcache*/); 602 603 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 604 krb5_auth_con_getrecvsubkey ( 605 krb5_context /*context*/, 606 krb5_auth_context /*auth_context*/, 607 krb5_keyblock **/*keyblock*/); 608 609 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 610 krb5_auth_con_getremoteseqnumber ( 611 krb5_context /*context*/, 612 krb5_auth_context /*auth_context*/, 613 int32_t */*seqnumber*/); 614 615 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 616 krb5_auth_con_getremotesubkey ( 617 krb5_context /*context*/, 618 krb5_auth_context /*auth_context*/, 619 krb5_keyblock **/*keyblock*/); 620 621 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 622 krb5_auth_con_getsendsubkey ( 623 krb5_context /*context*/, 624 krb5_auth_context /*auth_context*/, 625 krb5_keyblock **/*keyblock*/); 626 627 /** 628 * Allocate and initialize an autentication context. 629 * 630 * @param context A kerberos context. 631 * @param auth_context The authentication context to be initialized. 632 * 633 * Use krb5_auth_con_free() to release the memory when done using the context. 634 * 635 * @return An krb5 error code, see krb5_get_error_message(). 636 */ 637 638 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 639 krb5_auth_con_init ( 640 krb5_context /*context*/, 641 krb5_auth_context */*auth_context*/); 642 643 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 644 krb5_auth_con_removeflags ( 645 krb5_context /*context*/, 646 krb5_auth_context /*auth_context*/, 647 int32_t /*removeflags*/, 648 int32_t */*flags*/); 649 650 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 651 krb5_auth_con_setaddrs ( 652 krb5_context /*context*/, 653 krb5_auth_context /*auth_context*/, 654 krb5_address */*local_addr*/, 655 krb5_address */*remote_addr*/); 656 657 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 658 krb5_auth_con_setaddrs_from_fd ( 659 krb5_context /*context*/, 660 krb5_auth_context /*auth_context*/, 661 void */*p_fd*/); 662 663 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 664 krb5_auth_con_setcksumtype ( 665 krb5_context /*context*/, 666 krb5_auth_context /*auth_context*/, 667 krb5_cksumtype /*cksumtype*/); 668 669 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 670 krb5_auth_con_setflags ( 671 krb5_context /*context*/, 672 krb5_auth_context /*auth_context*/, 673 int32_t /*flags*/); 674 675 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 676 krb5_auth_con_setkey ( 677 krb5_context /*context*/, 678 krb5_auth_context /*auth_context*/, 679 krb5_keyblock */*keyblock*/); 680 681 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 682 krb5_auth_con_setkeytype ( 683 krb5_context /*context*/, 684 krb5_auth_context /*auth_context*/, 685 krb5_keytype /*keytype*/); 686 687 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 688 krb5_auth_con_setlocalseqnumber ( 689 krb5_context /*context*/, 690 krb5_auth_context /*auth_context*/, 691 int32_t /*seqnumber*/); 692 693 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 694 krb5_auth_con_setlocalsubkey ( 695 krb5_context /*context*/, 696 krb5_auth_context /*auth_context*/, 697 krb5_keyblock */*keyblock*/); 698 699 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 700 krb5_auth_con_setrcache ( 701 krb5_context /*context*/, 702 krb5_auth_context /*auth_context*/, 703 krb5_rcache /*rcache*/); 704 705 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 706 krb5_auth_con_setrecvsubkey ( 707 krb5_context /*context*/, 708 krb5_auth_context /*auth_context*/, 709 krb5_keyblock */*keyblock*/); 710 711 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 712 krb5_auth_con_setremoteseqnumber ( 713 krb5_context /*context*/, 714 krb5_auth_context /*auth_context*/, 715 int32_t /*seqnumber*/); 716 717 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 718 krb5_auth_con_setremotesubkey ( 719 krb5_context /*context*/, 720 krb5_auth_context /*auth_context*/, 721 krb5_keyblock */*keyblock*/); 722 723 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 724 krb5_auth_con_setsendsubkey ( 725 krb5_context /*context*/, 726 krb5_auth_context /*auth_context*/, 727 krb5_keyblock */*keyblock*/); 728 729 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 730 krb5_auth_con_setuserkey ( 731 krb5_context /*context*/, 732 krb5_auth_context /*auth_context*/, 733 krb5_keyblock */*keyblock*/); 734 735 /** 736 * Deprecated: use krb5_auth_con_getremoteseqnumber() 737 * 738 * @ingroup krb5_deprecated 739 */ 740 741 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 742 krb5_auth_getremoteseqnumber ( 743 krb5_context /*context*/, 744 krb5_auth_context /*auth_context*/, 745 int32_t */*seqnumber*/) 746 KRB5_DEPRECATED_FUNCTION("Use X instead"); 747 748 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 749 krb5_build_ap_req ( 750 krb5_context /*context*/, 751 krb5_enctype /*enctype*/, 752 krb5_creds */*cred*/, 753 krb5_flags /*ap_options*/, 754 krb5_data /*authenticator*/, 755 krb5_data */*retdata*/); 756 757 /** 758 * Build a principal using vararg style building 759 * 760 * @param context A Kerberos context. 761 * @param principal returned principal 762 * @param rlen length of realm 763 * @param realm realm name 764 * @param ... a list of components ended with NULL. 765 * 766 * @return An krb5 error code, see krb5_get_error_message(). 767 * 768 * @ingroup krb5_principal 769 */ 770 771 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 772 krb5_build_principal ( 773 krb5_context /*context*/, 774 krb5_principal */*principal*/, 775 int /*rlen*/, 776 krb5_const_realm /*realm*/, 777 ...); 778 779 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 780 krb5_build_principal_ext ( 781 krb5_context /*context*/, 782 krb5_principal */*principal*/, 783 int /*rlen*/, 784 krb5_const_realm /*realm*/, 785 ...); 786 787 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 788 krb5_build_principal_va ( 789 krb5_context /*context*/, 790 krb5_principal */*principal*/, 791 int /*rlen*/, 792 krb5_const_realm /*realm*/, 793 va_list /*ap*/); 794 795 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 796 krb5_build_principal_va_ext ( 797 krb5_context /*context*/, 798 krb5_principal */*principal*/, 799 int /*rlen*/, 800 krb5_const_realm /*realm*/, 801 va_list /*ap*/); 802 803 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 804 krb5_c_block_size ( 805 krb5_context /*context*/, 806 krb5_enctype /*enctype*/, 807 size_t */*blocksize*/); 808 809 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 810 krb5_c_checksum_length ( 811 krb5_context /*context*/, 812 krb5_cksumtype /*cksumtype*/, 813 size_t */*length*/); 814 815 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 816 krb5_c_decrypt ( 817 krb5_context /*context*/, 818 const krb5_keyblock /*key*/, 819 krb5_keyusage /*usage*/, 820 const krb5_data */*ivec*/, 821 krb5_enc_data */*input*/, 822 krb5_data */*output*/); 823 824 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 825 krb5_c_encrypt ( 826 krb5_context /*context*/, 827 const krb5_keyblock */*key*/, 828 krb5_keyusage /*usage*/, 829 const krb5_data */*ivec*/, 830 const krb5_data */*input*/, 831 krb5_enc_data */*output*/); 832 833 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 834 krb5_c_encrypt_length ( 835 krb5_context /*context*/, 836 krb5_enctype /*enctype*/, 837 size_t /*inputlen*/, 838 size_t */*length*/); 839 840 /** 841 * Deprecated: keytypes doesn't exists, they are really enctypes. 842 * 843 * @ingroup krb5_deprecated 844 */ 845 846 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 847 krb5_c_enctype_compare ( 848 krb5_context /*context*/, 849 krb5_enctype /*e1*/, 850 krb5_enctype /*e2*/, 851 krb5_boolean */*similar*/) 852 KRB5_DEPRECATED_FUNCTION("Use X instead"); 853 854 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 855 krb5_c_get_checksum ( 856 krb5_context /*context*/, 857 const krb5_checksum */*cksum*/, 858 krb5_cksumtype */*type*/, 859 krb5_data **/*data*/); 860 861 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 862 krb5_c_is_coll_proof_cksum (krb5_cksumtype /*ctype*/); 863 864 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 865 krb5_c_is_keyed_cksum (krb5_cksumtype /*ctype*/); 866 867 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 868 krb5_c_keylengths ( 869 krb5_context /*context*/, 870 krb5_enctype /*enctype*/, 871 size_t */*ilen*/, 872 size_t */*keylen*/); 873 874 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 875 krb5_c_make_checksum ( 876 krb5_context /*context*/, 877 krb5_cksumtype /*cksumtype*/, 878 const krb5_keyblock */*key*/, 879 krb5_keyusage /*usage*/, 880 const krb5_data */*input*/, 881 krb5_checksum */*cksum*/); 882 883 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 884 krb5_c_make_random_key ( 885 krb5_context /*context*/, 886 krb5_enctype /*enctype*/, 887 krb5_keyblock */*random_key*/); 888 889 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 890 krb5_c_prf ( 891 krb5_context /*context*/, 892 const krb5_keyblock */*key*/, 893 const krb5_data */*input*/, 894 krb5_data */*output*/); 895 896 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 897 krb5_c_prf_length ( 898 krb5_context /*context*/, 899 krb5_enctype /*type*/, 900 size_t */*length*/); 901 902 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 903 krb5_c_random_make_octets ( 904 krb5_context /*context*/, 905 krb5_data * /*data*/); 906 907 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 908 krb5_c_set_checksum ( 909 krb5_context /*context*/, 910 krb5_checksum */*cksum*/, 911 krb5_cksumtype /*type*/, 912 const krb5_data */*data*/); 913 914 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 915 krb5_c_valid_cksumtype (krb5_cksumtype /*ctype*/); 916 917 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 918 krb5_c_valid_enctype (krb5_enctype /*etype*/); 919 920 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 921 krb5_c_verify_checksum ( 922 krb5_context /*context*/, 923 const krb5_keyblock */*key*/, 924 krb5_keyusage /*usage*/, 925 const krb5_data */*data*/, 926 const krb5_checksum */*cksum*/, 927 krb5_boolean */*valid*/); 928 929 /** 930 * Destroy the cursor `cursor'. 931 * 932 * @return Return an error code or 0, see krb5_get_error_message(). 933 * 934 * @ingroup krb5_ccache 935 */ 936 937 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 938 krb5_cc_cache_end_seq_get ( 939 krb5_context /*context*/, 940 krb5_cc_cache_cursor /*cursor*/); 941 942 /** 943 * Start iterating over all caches of specified type. See also 944 * krb5_cccol_cursor_new(). 945 946 * @param context A Kerberos 5 context 947 * @param type optional type to iterate over, if NULL, the default cache is used. 948 * @param cursor cursor should be freed with krb5_cc_cache_end_seq_get(). 949 * 950 * @return Return an error code or 0, see krb5_get_error_message(). 951 * 952 * @ingroup krb5_ccache 953 */ 954 955 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 956 krb5_cc_cache_get_first ( 957 krb5_context /*context*/, 958 const char */*type*/, 959 krb5_cc_cache_cursor */*cursor*/); 960 961 /** 962 * Search for a matching credential cache that have the 963 * `principal' as the default principal. On success, `id' needs to be 964 * freed with krb5_cc_close() or krb5_cc_destroy(). 965 * 966 * @param context A Kerberos 5 context 967 * @param client The principal to search for 968 * @param id the returned credential cache 969 * 970 * @return On failure, error code is returned and `id' is set to NULL. 971 * 972 * @ingroup krb5_ccache 973 */ 974 975 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 976 krb5_cc_cache_match ( 977 krb5_context /*context*/, 978 krb5_principal /*client*/, 979 krb5_ccache */*id*/); 980 981 /** 982 * Retrieve the next cache pointed to by (`cursor') in `id' 983 * and advance `cursor'. 984 * 985 * @param context A Kerberos 5 context 986 * @param cursor the iterator cursor, returned by krb5_cc_cache_get_first() 987 * @param id next ccache 988 * 989 * @return Return 0 or an error code. Returns KRB5_CC_END when the end 990 * of caches is reached, see krb5_get_error_message(). 991 * 992 * @ingroup krb5_ccache 993 */ 994 995 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 996 krb5_cc_cache_next ( 997 krb5_context /*context*/, 998 krb5_cc_cache_cursor /*cursor*/, 999 krb5_ccache */*id*/); 1000 1001 /** 1002 * Clear `mcreds' so it can be used with krb5_cc_retrieve_cred 1003 * 1004 * @ingroup krb5_ccache 1005 */ 1006 1007 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1008 krb5_cc_clear_mcred (krb5_creds */*mcred*/); 1009 1010 /** 1011 * Stop using the ccache `id' and free the related resources. 1012 * 1013 * @return Return an error code or 0, see krb5_get_error_message(). 1014 * 1015 * @ingroup krb5_ccache 1016 */ 1017 1018 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1019 krb5_cc_close ( 1020 krb5_context /*context*/, 1021 krb5_ccache /*id*/); 1022 1023 /** 1024 * Just like krb5_cc_copy_match_f(), but copy everything. 1025 * 1026 * @ingroup @krb5_ccache 1027 */ 1028 1029 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1030 krb5_cc_copy_cache ( 1031 krb5_context /*context*/, 1032 const krb5_ccache /*from*/, 1033 krb5_ccache /*to*/); 1034 1035 /** 1036 * MIT compat glue 1037 * 1038 * @ingroup krb5_ccache 1039 */ 1040 1041 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1042 krb5_cc_copy_creds ( 1043 krb5_context /*context*/, 1044 const krb5_ccache /*from*/, 1045 krb5_ccache /*to*/); 1046 1047 /** 1048 * Copy the contents of `from' to `to' if the given match function 1049 * return true. 1050 * 1051 * @param context A Kerberos 5 context. 1052 * @param from the cache to copy data from. 1053 * @param to the cache to copy data to. 1054 * @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied. 1055 * @param matchctx context passed to match function. 1056 * @param matched set to true if there was a credential that matched, may be NULL. 1057 * 1058 * @return Return an error code or 0, see krb5_get_error_message(). 1059 * 1060 * @ingroup krb5_ccache 1061 */ 1062 1063 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1064 krb5_cc_copy_match_f ( 1065 krb5_context /*context*/, 1066 const krb5_ccache /*from*/, 1067 krb5_ccache /*to*/, 1068 krb5_boolean (*/*match*/)(krb5_context, void *, const krb5_creds *), 1069 void */*matchctx*/, 1070 unsigned int */*matched*/); 1071 1072 /** 1073 * Open the default ccache in `id'. 1074 * 1075 * @return Return an error code or 0, see krb5_get_error_message(). 1076 * 1077 * @ingroup krb5_ccache 1078 */ 1079 1080 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1081 krb5_cc_default ( 1082 krb5_context /*context*/, 1083 krb5_ccache */*id*/); 1084 1085 /** 1086 * Return a pointer to a context static string containing the default 1087 * ccache name. 1088 * 1089 * @return String to the default credential cache name. 1090 * 1091 * @ingroup krb5_ccache 1092 */ 1093 1094 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1095 krb5_cc_default_name (krb5_context /*context*/); 1096 1097 /** 1098 * Remove the ccache `id'. 1099 * 1100 * @return Return an error code or 0, see krb5_get_error_message(). 1101 * 1102 * @ingroup krb5_ccache 1103 */ 1104 1105 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1106 krb5_cc_destroy ( 1107 krb5_context /*context*/, 1108 krb5_ccache /*id*/); 1109 1110 /** 1111 * Destroy the cursor `cursor'. 1112 * 1113 * @ingroup krb5_ccache 1114 */ 1115 1116 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1117 krb5_cc_end_seq_get ( 1118 krb5_context /*context*/, 1119 const krb5_ccache /*id*/, 1120 krb5_cc_cursor */*cursor*/); 1121 1122 /** 1123 * Generate a new ccache of type `ops' in `id'. 1124 * 1125 * Deprecated: use krb5_cc_new_unique() instead. 1126 * 1127 * @return Return an error code or 0, see krb5_get_error_message(). 1128 * 1129 * @ingroup krb5_ccache 1130 */ 1131 1132 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1133 krb5_cc_gen_new ( 1134 krb5_context /*context*/, 1135 const krb5_cc_ops */*ops*/, 1136 krb5_ccache */*id*/) 1137 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1138 1139 /** 1140 * Get some configuration for the credential cache in the cache. 1141 * 1142 * @param context a Keberos context 1143 * @param id the credential cache to store the data for 1144 * @param principal configuration for a specific principal, if 1145 * NULL, global for the whole cache. 1146 * @param name name under which the configuraion is stored. 1147 * @param data data to fetched, free with krb5_data_free() 1148 * 1149 * @ingroup krb5_ccache 1150 */ 1151 1152 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1153 krb5_cc_get_config ( 1154 krb5_context /*context*/, 1155 krb5_ccache /*id*/, 1156 krb5_const_principal /*principal*/, 1157 const char */*name*/, 1158 krb5_data */*data*/); 1159 1160 /** 1161 * Get the flags of `id', store them in `flags'. 1162 * 1163 * @ingroup krb5_ccache 1164 */ 1165 1166 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1167 krb5_cc_get_flags ( 1168 krb5_context /*context*/, 1169 krb5_ccache /*id*/, 1170 krb5_flags */*flags*/); 1171 1172 /** 1173 * Return a friendly name on credential cache. Free the result with krb5_xfree(). 1174 * 1175 * @return Return an error code or 0, see krb5_get_error_message(). 1176 * 1177 * @ingroup krb5_ccache 1178 */ 1179 1180 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1181 krb5_cc_get_friendly_name ( 1182 krb5_context /*context*/, 1183 krb5_ccache /*id*/, 1184 char **/*name*/); 1185 1186 /** 1187 * Return the complete resolvable name the cache 1188 1189 * @param context a Keberos context 1190 * @param id return pointer to a found credential cache 1191 * @param str the returned name of a credential cache, free with krb5_xfree() 1192 * 1193 * @return Returns 0 or an error (and then *str is set to NULL). 1194 * 1195 * @ingroup krb5_ccache 1196 */ 1197 1198 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1199 krb5_cc_get_full_name ( 1200 krb5_context /*context*/, 1201 krb5_ccache /*id*/, 1202 char **/*str*/); 1203 1204 /** 1205 * Get the time offset betwen the client and the KDC 1206 * 1207 * If the backend doesn't support KDC offset, use the context global setting. 1208 * 1209 * @param context A Kerberos 5 context. 1210 * @param id a credential cache 1211 * @param offset the offset in seconds 1212 * 1213 * @return Return an error code or 0, see krb5_get_error_message(). 1214 * 1215 * @ingroup krb5_ccache 1216 */ 1217 1218 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1219 krb5_cc_get_kdc_offset ( 1220 krb5_context /*context*/, 1221 krb5_ccache /*id*/, 1222 krb5_deltat */*offset*/); 1223 1224 /** 1225 * Get the lifetime of the initial ticket in the cache 1226 * 1227 * Get the lifetime of the initial ticket in the cache, if the initial 1228 * ticket was not found, the error code KRB5_CC_END is returned. 1229 * 1230 * @param context A Kerberos 5 context. 1231 * @param id a credential cache 1232 * @param t the relative lifetime of the initial ticket 1233 * 1234 * @return Return an error code or 0, see krb5_get_error_message(). 1235 * 1236 * @ingroup krb5_ccache 1237 */ 1238 1239 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1240 krb5_cc_get_lifetime ( 1241 krb5_context /*context*/, 1242 krb5_ccache /*id*/, 1243 time_t */*t*/); 1244 1245 /** 1246 * Return the name of the ccache `id' 1247 * 1248 * @ingroup krb5_ccache 1249 */ 1250 1251 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1252 krb5_cc_get_name ( 1253 krb5_context /*context*/, 1254 krb5_ccache /*id*/); 1255 1256 /** 1257 * Return krb5_cc_ops of a the ccache `id'. 1258 * 1259 * @ingroup krb5_ccache 1260 */ 1261 1262 KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1263 krb5_cc_get_ops ( 1264 krb5_context /*context*/, 1265 krb5_ccache /*id*/); 1266 1267 /** 1268 * Get the cc ops that is registered in `context' to handle the 1269 * prefix. prefix can be a complete credential cache name or a 1270 * prefix, the function will only use part up to the first colon (:) 1271 * if there is one. If prefix the argument is NULL, the default ccache 1272 * implemtation is returned. 1273 * 1274 * @return Returns NULL if ops not found. 1275 * 1276 * @ingroup krb5_ccache 1277 */ 1278 1279 KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL 1280 krb5_cc_get_prefix_ops ( 1281 krb5_context /*context*/, 1282 const char */*prefix*/); 1283 1284 /** 1285 * Return the principal of `id' in `principal'. 1286 * 1287 * @return Return an error code or 0, see krb5_get_error_message(). 1288 * 1289 * @ingroup krb5_ccache 1290 */ 1291 1292 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1293 krb5_cc_get_principal ( 1294 krb5_context /*context*/, 1295 krb5_ccache /*id*/, 1296 krb5_principal */*principal*/); 1297 1298 /** 1299 * Return the type of the ccache `id'. 1300 * 1301 * @ingroup krb5_ccache 1302 */ 1303 1304 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1305 krb5_cc_get_type ( 1306 krb5_context /*context*/, 1307 krb5_ccache /*id*/); 1308 1309 /** 1310 * Return the version of `id'. 1311 * 1312 * @ingroup krb5_ccache 1313 */ 1314 1315 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1316 krb5_cc_get_version ( 1317 krb5_context /*context*/, 1318 const krb5_ccache /*id*/); 1319 1320 /** 1321 * Create a new ccache in `id' for `primary_principal'. 1322 * 1323 * @return Return an error code or 0, see krb5_get_error_message(). 1324 * 1325 * @ingroup krb5_ccache 1326 */ 1327 1328 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1329 krb5_cc_initialize ( 1330 krb5_context /*context*/, 1331 krb5_ccache /*id*/, 1332 krb5_principal /*primary_principal*/); 1333 1334 /** 1335 * Return the last time the credential cache was modified. 1336 * 1337 * @param context A Kerberos 5 context 1338 * @param id The credential cache to probe 1339 * @param mtime the last modification time, set to 0 on error. 1340 1341 * @return Return 0 or and error. See krb5_get_error_message(). 1342 * 1343 * @ingroup krb5_ccache 1344 */ 1345 1346 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1347 krb5_cc_last_change_time ( 1348 krb5_context /*context*/, 1349 krb5_ccache /*id*/, 1350 krb5_timestamp */*mtime*/); 1351 1352 /** 1353 * Move the content from one credential cache to another. The 1354 * operation is an atomic switch. 1355 * 1356 * @param context a Keberos context 1357 * @param from the credential cache to move the content from 1358 * @param to the credential cache to move the content to 1359 1360 * @return On sucess, from is freed. On failure, error code is 1361 * returned and from and to are both still allocated, see krb5_get_error_message(). 1362 * 1363 * @ingroup krb5_ccache 1364 */ 1365 1366 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1367 krb5_cc_move ( 1368 krb5_context /*context*/, 1369 krb5_ccache /*from*/, 1370 krb5_ccache /*to*/); 1371 1372 /** 1373 * Generates a new unique ccache of `type` in `id'. If `type' is NULL, 1374 * the library chooses the default credential cache type. The supplied 1375 * `hint' (that can be NULL) is a string that the credential cache 1376 * type can use to base the name of the credential on, this is to make 1377 * it easier for the user to differentiate the credentials. 1378 * 1379 * @return Return an error code or 0, see krb5_get_error_message(). 1380 * 1381 * @ingroup krb5_ccache 1382 */ 1383 1384 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1385 krb5_cc_new_unique ( 1386 krb5_context /*context*/, 1387 const char */*type*/, 1388 const char */*hint*/, 1389 krb5_ccache */*id*/); 1390 1391 /** 1392 * Retrieve the next cred pointed to by (`id', `cursor') in `creds' 1393 * and advance `cursor'. 1394 * 1395 * @return Return an error code or 0, see krb5_get_error_message(). 1396 * 1397 * @ingroup krb5_ccache 1398 */ 1399 1400 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1401 krb5_cc_next_cred ( 1402 krb5_context /*context*/, 1403 const krb5_ccache /*id*/, 1404 krb5_cc_cursor */*cursor*/, 1405 krb5_creds */*creds*/); 1406 1407 /** 1408 * Add a new ccache type with operations `ops', overwriting any 1409 * existing one if `override'. 1410 * 1411 * @param context a Keberos context 1412 * @param ops type of plugin symbol 1413 * @param override flag to select if the registration is to overide 1414 * an existing ops with the same name. 1415 * 1416 * @return Return an error code or 0, see krb5_get_error_message(). 1417 * 1418 * @ingroup krb5_ccache 1419 */ 1420 1421 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1422 krb5_cc_register ( 1423 krb5_context /*context*/, 1424 const krb5_cc_ops */*ops*/, 1425 krb5_boolean /*override*/); 1426 1427 /** 1428 * Remove the credential identified by `cred', `which' from `id'. 1429 * 1430 * @ingroup krb5_ccache 1431 */ 1432 1433 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1434 krb5_cc_remove_cred ( 1435 krb5_context /*context*/, 1436 krb5_ccache /*id*/, 1437 krb5_flags /*which*/, 1438 krb5_creds */*cred*/); 1439 1440 /** 1441 * Find and allocate a ccache in `id' from the specification in `residual'. 1442 * If the ccache name doesn't contain any colon, interpret it as a file name. 1443 * 1444 * @param context a Keberos context. 1445 * @param name string name of a credential cache. 1446 * @param id return pointer to a found credential cache. 1447 * 1448 * @return Return 0 or an error code. In case of an error, id is set 1449 * to NULL, see krb5_get_error_message(). 1450 * 1451 * @ingroup krb5_ccache 1452 */ 1453 1454 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1455 krb5_cc_resolve ( 1456 krb5_context /*context*/, 1457 const char */*name*/, 1458 krb5_ccache */*id*/); 1459 1460 /** 1461 * Retrieve the credential identified by `mcreds' (and `whichfields') 1462 * from `id' in `creds'. 'creds' must be free by the caller using 1463 * krb5_free_cred_contents. 1464 * 1465 * @param context A Kerberos 5 context 1466 * @param id a Kerberos 5 credential cache 1467 * @param whichfields what fields to use for matching credentials, same 1468 * flags as whichfields in krb5_compare_creds() 1469 * @param mcreds template credential to use for comparing 1470 * @param creds returned credential, free with krb5_free_cred_contents() 1471 * 1472 * @return Return an error code or 0, see krb5_get_error_message(). 1473 * 1474 * @ingroup krb5_ccache 1475 */ 1476 1477 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1478 krb5_cc_retrieve_cred ( 1479 krb5_context /*context*/, 1480 krb5_ccache /*id*/, 1481 krb5_flags /*whichfields*/, 1482 const krb5_creds */*mcreds*/, 1483 krb5_creds */*creds*/); 1484 1485 /** 1486 * Store some configuration for the credential cache in the cache. 1487 * Existing configuration under the same name is over-written. 1488 * 1489 * @param context a Keberos context 1490 * @param id the credential cache to store the data for 1491 * @param principal configuration for a specific principal, if 1492 * NULL, global for the whole cache. 1493 * @param name name under which the configuraion is stored. 1494 * @param data data to store, if NULL, configure is removed. 1495 * 1496 * @ingroup krb5_ccache 1497 */ 1498 1499 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1500 krb5_cc_set_config ( 1501 krb5_context /*context*/, 1502 krb5_ccache /*id*/, 1503 krb5_const_principal /*principal*/, 1504 const char */*name*/, 1505 krb5_data */*data*/); 1506 1507 /** 1508 * Set the default cc name for `context' to `name'. 1509 * 1510 * @ingroup krb5_ccache 1511 */ 1512 1513 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1514 krb5_cc_set_default_name ( 1515 krb5_context /*context*/, 1516 const char */*name*/); 1517 1518 /** 1519 * Set the flags of `id' to `flags'. 1520 * 1521 * @ingroup krb5_ccache 1522 */ 1523 1524 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1525 krb5_cc_set_flags ( 1526 krb5_context /*context*/, 1527 krb5_ccache /*id*/, 1528 krb5_flags /*flags*/); 1529 1530 /** 1531 * Set the friendly name on credential cache. 1532 * 1533 * @return Return an error code or 0, see krb5_get_error_message(). 1534 * 1535 * @ingroup krb5_ccache 1536 */ 1537 1538 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1539 krb5_cc_set_friendly_name ( 1540 krb5_context /*context*/, 1541 krb5_ccache /*id*/, 1542 const char */*name*/); 1543 1544 /** 1545 * Set the time offset betwen the client and the KDC 1546 * 1547 * If the backend doesn't support KDC offset, use the context global setting. 1548 * 1549 * @param context A Kerberos 5 context. 1550 * @param id a credential cache 1551 * @param offset the offset in seconds 1552 * 1553 * @return Return an error code or 0, see krb5_get_error_message(). 1554 * 1555 * @ingroup krb5_ccache 1556 */ 1557 1558 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1559 krb5_cc_set_kdc_offset ( 1560 krb5_context /*context*/, 1561 krb5_ccache /*id*/, 1562 krb5_deltat /*offset*/); 1563 1564 /** 1565 * Start iterating over `id', `cursor' is initialized to the 1566 * beginning. Caller must free the cursor with krb5_cc_end_seq_get(). 1567 * 1568 * @return Return an error code or 0, see krb5_get_error_message(). 1569 * 1570 * @ingroup krb5_ccache 1571 */ 1572 1573 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1574 krb5_cc_start_seq_get ( 1575 krb5_context /*context*/, 1576 const krb5_ccache /*id*/, 1577 krb5_cc_cursor */*cursor*/); 1578 1579 /** 1580 * Store `creds' in the ccache `id'. 1581 * 1582 * @return Return an error code or 0, see krb5_get_error_message(). 1583 * 1584 * @ingroup krb5_ccache 1585 */ 1586 1587 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1588 krb5_cc_store_cred ( 1589 krb5_context /*context*/, 1590 krb5_ccache /*id*/, 1591 krb5_creds */*creds*/); 1592 1593 /** 1594 * Return true if the default credential cache support switch 1595 * 1596 * @ingroup krb5_ccache 1597 */ 1598 1599 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1600 krb5_cc_support_switch ( 1601 krb5_context /*context*/, 1602 const char */*type*/); 1603 1604 /** 1605 * Switch the default default credential cache for a specific 1606 * credcache type (and name for some implementations). 1607 * 1608 * @return Return an error code or 0, see krb5_get_error_message(). 1609 * 1610 * @ingroup krb5_ccache 1611 */ 1612 1613 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1614 krb5_cc_switch ( 1615 krb5_context /*context*/, 1616 krb5_ccache /*id*/); 1617 1618 /** 1619 * End an iteration and free all resources, can be done before end is reached. 1620 * 1621 * @param context A Kerberos 5 context 1622 * @param cursor the iteration cursor to be freed. 1623 * 1624 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1625 * of iteration. See krb5_get_error_message(). 1626 * 1627 * @ingroup krb5_ccache 1628 */ 1629 1630 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1631 krb5_cccol_cursor_free ( 1632 krb5_context /*context*/, 1633 krb5_cccol_cursor */*cursor*/); 1634 1635 /** 1636 * Get a new cache interation cursor that will interate over all 1637 * credentials caches independent of type. 1638 * 1639 * @param context a Keberos context 1640 * @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free(). 1641 * 1642 * @return Returns 0 or and error code, see krb5_get_error_message(). 1643 * 1644 * @ingroup krb5_ccache 1645 */ 1646 1647 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1648 krb5_cccol_cursor_new ( 1649 krb5_context /*context*/, 1650 krb5_cccol_cursor */*cursor*/); 1651 1652 /** 1653 * Get next credential cache from the iteration. 1654 * 1655 * @param context A Kerberos 5 context 1656 * @param cursor the iteration cursor 1657 * @param cache the returned cursor, pointer is set to NULL on failure 1658 * and a cache on success. The returned cache needs to be freed 1659 * with krb5_cc_close() or destroyed with krb5_cc_destroy(). 1660 * MIT Kerberos behavies slightly diffrent and sets cache to NULL 1661 * when all caches are iterated over and return 0. 1662 * 1663 * @return Return 0 or and error, KRB5_CC_END is returned at the end 1664 * of iteration. See krb5_get_error_message(). 1665 * 1666 * @ingroup krb5_ccache 1667 */ 1668 1669 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1670 krb5_cccol_cursor_next ( 1671 krb5_context /*context*/, 1672 krb5_cccol_cursor /*cursor*/, 1673 krb5_ccache */*cache*/); 1674 1675 /** 1676 * Return the last modfication time for a cache collection. The query 1677 * can be limited to a specific cache type. If the function return 0 1678 * and mtime is 0, there was no credentials in the caches. 1679 * 1680 * @param context A Kerberos 5 context 1681 * @param type The credential cache to probe, if NULL, all type are traversed. 1682 * @param mtime the last modification time, set to 0 on error. 1683 1684 * @return Return 0 or and error. See krb5_get_error_message(). 1685 * 1686 * @ingroup krb5_ccache 1687 */ 1688 1689 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1690 krb5_cccol_last_change_time ( 1691 krb5_context /*context*/, 1692 const char */*type*/, 1693 krb5_timestamp */*mtime*/); 1694 1695 /** 1696 * Deprecated: krb5_change_password() is deprecated, use krb5_set_password(). 1697 * 1698 * @param context a Keberos context 1699 * @param creds 1700 * @param newpw 1701 * @param result_code 1702 * @param result_code_string 1703 * @param result_string 1704 * 1705 * @return On sucess password is changed. 1706 1707 * @ingroup @krb5_deprecated 1708 */ 1709 1710 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1711 krb5_change_password ( 1712 krb5_context /*context*/, 1713 krb5_creds */*creds*/, 1714 const char */*newpw*/, 1715 int */*result_code*/, 1716 krb5_data */*result_code_string*/, 1717 krb5_data */*result_string*/) 1718 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1719 1720 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1721 krb5_check_transited ( 1722 krb5_context /*context*/, 1723 krb5_const_realm /*client_realm*/, 1724 krb5_const_realm /*server_realm*/, 1725 krb5_realm */*realms*/, 1726 unsigned int /*num_realms*/, 1727 int */*bad_realm*/); 1728 1729 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1730 krb5_check_transited_realms ( 1731 krb5_context /*context*/, 1732 const char *const */*realms*/, 1733 unsigned int /*num_realms*/, 1734 int */*bad_realm*/); 1735 1736 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1737 krb5_checksum_disable ( 1738 krb5_context /*context*/, 1739 krb5_cksumtype /*type*/); 1740 1741 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1742 krb5_checksum_free ( 1743 krb5_context /*context*/, 1744 krb5_checksum */*cksum*/); 1745 1746 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1747 krb5_checksum_is_collision_proof ( 1748 krb5_context /*context*/, 1749 krb5_cksumtype /*type*/); 1750 1751 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1752 krb5_checksum_is_keyed ( 1753 krb5_context /*context*/, 1754 krb5_cksumtype /*type*/); 1755 1756 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1757 krb5_checksumsize ( 1758 krb5_context /*context*/, 1759 krb5_cksumtype /*type*/, 1760 size_t */*size*/); 1761 1762 /** 1763 * Return the coresponding encryption type for a checksum type. 1764 * 1765 * @param context Kerberos context 1766 * @param ctype The checksum type to get the result enctype for 1767 * @param etype The returned encryption, when the matching etype is 1768 * not found, etype is set to ETYPE_NULL. 1769 * 1770 * @return Return an error code for an failure or 0 on success. 1771 * @ingroup krb5_crypto 1772 */ 1773 1774 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1775 krb5_cksumtype_to_enctype ( 1776 krb5_context /*context*/, 1777 krb5_cksumtype /*ctype*/, 1778 krb5_enctype */*etype*/); 1779 1780 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1781 krb5_cksumtype_valid ( 1782 krb5_context /*context*/, 1783 krb5_cksumtype /*ctype*/); 1784 1785 /** 1786 * Clears the error message from the Kerberos 5 context. 1787 * 1788 * @param context The Kerberos 5 context to clear 1789 * 1790 * @ingroup krb5_error 1791 */ 1792 1793 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1794 krb5_clear_error_message (krb5_context /*context*/); 1795 1796 /** 1797 * Clear the error message returned by krb5_get_error_string(). 1798 * 1799 * Deprecated: use krb5_clear_error_message() 1800 * 1801 * @param context Kerberos context 1802 * 1803 * @ingroup krb5_deprecated 1804 */ 1805 1806 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1807 krb5_clear_error_string (krb5_context /*context*/) 1808 KRB5_DEPRECATED_FUNCTION("Use X instead"); 1809 1810 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1811 krb5_closelog ( 1812 krb5_context /*context*/, 1813 krb5_log_facility */*fac*/); 1814 1815 /** 1816 * Return TRUE if `mcreds' and `creds' are equal (`whichfields' 1817 * determines what equal means). 1818 * 1819 * 1820 * The following flags, set in whichfields affects the comparison: 1821 * - KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal. 1822 * - KRB5_TC_MATCH_KEYTYPE Compare enctypes. 1823 * - KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical. 1824 * - KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds . 1825 * - KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly. 1826 * - KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds. 1827 * - KRB5_TC_MATCH_AUTHDATA Compares the authdata fields. 1828 * - KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication). 1829 * - KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket. 1830 * 1831 * @param context Kerberos 5 context. 1832 * @param whichfields which fields to compare. 1833 * @param mcreds cred to compare with. 1834 * @param creds cred to compare with. 1835 * 1836 * @return return TRUE if mcred and creds are equal, FALSE if not. 1837 * 1838 * @ingroup krb5 1839 */ 1840 1841 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1842 krb5_compare_creds ( 1843 krb5_context /*context*/, 1844 krb5_flags /*whichfields*/, 1845 const krb5_creds * /*mcreds*/, 1846 const krb5_creds * /*creds*/); 1847 1848 /** 1849 * Free configuration file section, the result of 1850 * krb5_config_parse_file() and krb5_config_parse_file_multi(). 1851 * 1852 * @param context A Kerberos 5 context 1853 * @param s the configuration section to free 1854 * 1855 * @return returns 0 on successes, otherwise an error code, see 1856 * krb5_get_error_message() 1857 * 1858 * @ingroup krb5_support 1859 */ 1860 1861 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 1862 krb5_config_file_free ( 1863 krb5_context /*context*/, 1864 krb5_config_section */*s*/); 1865 1866 /** 1867 * Free the resulting strings from krb5_config-get_strings() and 1868 * krb5_config_vget_strings(). 1869 * 1870 * @param strings strings to free 1871 * 1872 * @ingroup krb5_support 1873 */ 1874 1875 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 1876 krb5_config_free_strings (char **/*strings*/); 1877 1878 /** 1879 * Like krb5_config_get_bool() but with a va_list list of 1880 * configuration selection. 1881 * 1882 * Configuration value to a boolean value, where yes/true and any 1883 * non-zero number means TRUE and other value is FALSE. 1884 * 1885 * @param context A Kerberos 5 context. 1886 * @param c a configuration section, or NULL to use the section from context 1887 * @param ... a list of names, terminated with NULL. 1888 * 1889 * @return TRUE or FALSE 1890 * 1891 * @ingroup krb5_support 1892 */ 1893 1894 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1895 krb5_config_get_bool ( 1896 krb5_context /*context*/, 1897 const krb5_config_section */*c*/, 1898 ...); 1899 1900 /** 1901 * krb5_config_get_bool_default() will convert the configuration 1902 * option value to a boolean value, where yes/true and any non-zero 1903 * number means TRUE and other value is FALSE. 1904 * 1905 * @param context A Kerberos 5 context. 1906 * @param c a configuration section, or NULL to use the section from context 1907 * @param def_value the default value to return if no configuration 1908 * found in the database. 1909 * @param ... a list of names, terminated with NULL. 1910 * 1911 * @return TRUE or FALSE 1912 * 1913 * @ingroup krb5_support 1914 */ 1915 1916 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 1917 krb5_config_get_bool_default ( 1918 krb5_context /*context*/, 1919 const krb5_config_section */*c*/, 1920 krb5_boolean /*def_value*/, 1921 ...); 1922 1923 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1924 krb5_config_get_int ( 1925 krb5_context /*context*/, 1926 const krb5_config_section */*c*/, 1927 ...); 1928 1929 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 1930 krb5_config_get_int_default ( 1931 krb5_context /*context*/, 1932 const krb5_config_section */*c*/, 1933 int /*def_value*/, 1934 ...); 1935 1936 /** 1937 * Get a list of configuration binding list for more processing 1938 * 1939 * @param context A Kerberos 5 context. 1940 * @param c a configuration section, or NULL to use the section from context 1941 * @param ... a list of names, terminated with NULL. 1942 * 1943 * @return NULL if configuration list is not found, a list otherwise 1944 * 1945 * @ingroup krb5_support 1946 */ 1947 1948 KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 1949 krb5_config_get_list ( 1950 krb5_context /*context*/, 1951 const krb5_config_section */*c*/, 1952 ...); 1953 1954 /** 1955 * Returns a "const char *" to a string in the configuration database. 1956 * The string may not be valid after a reload of the configuration 1957 * database so a caller should make a local copy if it needs to keep 1958 * the string. 1959 * 1960 * @param context A Kerberos 5 context. 1961 * @param c a configuration section, or NULL to use the section from context 1962 * @param ... a list of names, terminated with NULL. 1963 * 1964 * @return NULL if configuration string not found, a string otherwise 1965 * 1966 * @ingroup krb5_support 1967 */ 1968 1969 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1970 krb5_config_get_string ( 1971 krb5_context /*context*/, 1972 const krb5_config_section */*c*/, 1973 ...); 1974 1975 /** 1976 * Like krb5_config_get_string(), but instead of returning NULL, 1977 * instead return a default value. 1978 * 1979 * @param context A Kerberos 5 context. 1980 * @param c a configuration section, or NULL to use the section from context 1981 * @param def_value the default value to return if no configuration 1982 * found in the database. 1983 * @param ... a list of names, terminated with NULL. 1984 * 1985 * @return a configuration string 1986 * 1987 * @ingroup krb5_support 1988 */ 1989 1990 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 1991 krb5_config_get_string_default ( 1992 krb5_context /*context*/, 1993 const krb5_config_section */*c*/, 1994 const char */*def_value*/, 1995 ...); 1996 1997 /** 1998 * Get a list of configuration strings, free the result with 1999 * krb5_config_free_strings(). 2000 * 2001 * @param context A Kerberos 5 context. 2002 * @param c a configuration section, or NULL to use the section from context 2003 * @param ... a list of names, terminated with NULL. 2004 * 2005 * @return TRUE or FALSE 2006 * 2007 * @ingroup krb5_support 2008 */ 2009 2010 KRB5_LIB_FUNCTION char** KRB5_LIB_CALL 2011 krb5_config_get_strings ( 2012 krb5_context /*context*/, 2013 const krb5_config_section */*c*/, 2014 ...); 2015 2016 /** 2017 * Get the time from the configuration file using a relative time, for example: 1h30s 2018 * 2019 * @param context A Kerberos 5 context. 2020 * @param c a configuration section, or NULL to use the section from context 2021 * @param ... a list of names, terminated with NULL. 2022 * 2023 * @return parsed the time or -1 on error 2024 * 2025 * @ingroup krb5_support 2026 */ 2027 2028 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2029 krb5_config_get_time ( 2030 krb5_context /*context*/, 2031 const krb5_config_section */*c*/, 2032 ...); 2033 2034 /** 2035 * Get the time from the configuration file using a relative time, for example: 1h30s 2036 * 2037 * @param context A Kerberos 5 context. 2038 * @param c a configuration section, or NULL to use the section from context 2039 * @param def_value the default value to return if no configuration 2040 * found in the database. 2041 * @param ... a list of names, terminated with NULL. 2042 * 2043 * @return parsed the time (or def_value on parse error) 2044 * 2045 * @ingroup krb5_support 2046 */ 2047 2048 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2049 krb5_config_get_time_default ( 2050 krb5_context /*context*/, 2051 const krb5_config_section */*c*/, 2052 int /*def_value*/, 2053 ...); 2054 2055 /** 2056 * If the fname starts with "~/" parse configuration file in the 2057 * current users home directory. The behavior can be disabled and 2058 * enabled by calling krb5_set_home_dir_access(). 2059 */ 2060 2061 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2062 krb5_config_parse_file ( 2063 krb5_context /*context*/, 2064 const char */*fname*/, 2065 krb5_config_section **/*res*/); 2066 2067 /** 2068 * Parse a configuration file and add the result into res. This 2069 * interface can be used to parse several configuration files into one 2070 * resulting krb5_config_section by calling it repeatably. 2071 * 2072 * @param context a Kerberos 5 context. 2073 * @param fname a file name to a Kerberos configuration file 2074 * @param res the returned result, must be free with krb5_free_config_files(). 2075 * @return Return an error code or 0, see krb5_get_error_message(). 2076 * 2077 * @ingroup krb5_support 2078 */ 2079 2080 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2081 krb5_config_parse_file_multi ( 2082 krb5_context /*context*/, 2083 const char */*fname*/, 2084 krb5_config_section **/*res*/); 2085 2086 /** 2087 * Deprecated: configuration files are not strings 2088 * 2089 * @ingroup krb5_deprecated 2090 */ 2091 2092 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2093 krb5_config_parse_string_multi ( 2094 krb5_context /*context*/, 2095 const char */*string*/, 2096 krb5_config_section **/*res*/) 2097 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2098 2099 /** 2100 * krb5_config_get_bool() will convert the configuration 2101 * option value to a boolean value, where yes/true and any non-zero 2102 * number means TRUE and other value is FALSE. 2103 * 2104 * @param context A Kerberos 5 context. 2105 * @param c a configuration section, or NULL to use the section from context 2106 * @param args a va_list of arguments 2107 * 2108 * @return TRUE or FALSE 2109 * 2110 * @ingroup krb5_support 2111 */ 2112 2113 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2114 krb5_config_vget_bool ( 2115 krb5_context /*context*/, 2116 const krb5_config_section */*c*/, 2117 va_list /*args*/); 2118 2119 /** 2120 * Like krb5_config_get_bool_default() but with a va_list list of 2121 * configuration selection. 2122 * 2123 * Configuration value to a boolean value, where yes/true and any 2124 * non-zero number means TRUE and other value is FALSE. 2125 * 2126 * @param context A Kerberos 5 context. 2127 * @param c a configuration section, or NULL to use the section from context 2128 * @param def_value the default value to return if no configuration 2129 * found in the database. 2130 * @param args a va_list of arguments 2131 * 2132 * @return TRUE or FALSE 2133 * 2134 * @ingroup krb5_support 2135 */ 2136 2137 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 2138 krb5_config_vget_bool_default ( 2139 krb5_context /*context*/, 2140 const krb5_config_section */*c*/, 2141 krb5_boolean /*def_value*/, 2142 va_list /*args*/); 2143 2144 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2145 krb5_config_vget_int ( 2146 krb5_context /*context*/, 2147 const krb5_config_section */*c*/, 2148 va_list /*args*/); 2149 2150 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2151 krb5_config_vget_int_default ( 2152 krb5_context /*context*/, 2153 const krb5_config_section */*c*/, 2154 int /*def_value*/, 2155 va_list /*args*/); 2156 2157 /** 2158 * Get a list of configuration binding list for more processing 2159 * 2160 * @param context A Kerberos 5 context. 2161 * @param c a configuration section, or NULL to use the section from context 2162 * @param args a va_list of arguments 2163 * 2164 * @return NULL if configuration list is not found, a list otherwise 2165 * 2166 * @ingroup krb5_support 2167 */ 2168 2169 KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL 2170 krb5_config_vget_list ( 2171 krb5_context /*context*/, 2172 const krb5_config_section */*c*/, 2173 va_list /*args*/); 2174 2175 /** 2176 * Like krb5_config_get_string(), but uses a va_list instead of ... 2177 * 2178 * @param context A Kerberos 5 context. 2179 * @param c a configuration section, or NULL to use the section from context 2180 * @param args a va_list of arguments 2181 * 2182 * @return NULL if configuration string not found, a string otherwise 2183 * 2184 * @ingroup krb5_support 2185 */ 2186 2187 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2188 krb5_config_vget_string ( 2189 krb5_context /*context*/, 2190 const krb5_config_section */*c*/, 2191 va_list /*args*/); 2192 2193 /** 2194 * Like krb5_config_vget_string(), but instead of returning NULL, 2195 * instead return a default value. 2196 * 2197 * @param context A Kerberos 5 context. 2198 * @param c a configuration section, or NULL to use the section from context 2199 * @param def_value the default value to return if no configuration 2200 * found in the database. 2201 * @param args a va_list of arguments 2202 * 2203 * @return a configuration string 2204 * 2205 * @ingroup krb5_support 2206 */ 2207 2208 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 2209 krb5_config_vget_string_default ( 2210 krb5_context /*context*/, 2211 const krb5_config_section */*c*/, 2212 const char */*def_value*/, 2213 va_list /*args*/); 2214 2215 /** 2216 * Get a list of configuration strings, free the result with 2217 * krb5_config_free_strings(). 2218 * 2219 * @param context A Kerberos 5 context. 2220 * @param c a configuration section, or NULL to use the section from context 2221 * @param args a va_list of arguments 2222 * 2223 * @return TRUE or FALSE 2224 * 2225 * @ingroup krb5_support 2226 */ 2227 2228 KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL 2229 krb5_config_vget_strings ( 2230 krb5_context /*context*/, 2231 const krb5_config_section */*c*/, 2232 va_list /*args*/); 2233 2234 /** 2235 * Get the time from the configuration file using a relative time, for example: 1h30s 2236 * 2237 * @param context A Kerberos 5 context. 2238 * @param c a configuration section, or NULL to use the section from context 2239 * @param args a va_list of arguments 2240 * 2241 * @return parsed the time or -1 on error 2242 * 2243 * @ingroup krb5_support 2244 */ 2245 2246 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2247 krb5_config_vget_time ( 2248 krb5_context /*context*/, 2249 const krb5_config_section */*c*/, 2250 va_list /*args*/); 2251 2252 /** 2253 * Get the time from the configuration file using a relative time. 2254 * 2255 * Like krb5_config_get_time_default() but with a va_list list of 2256 * configuration selection. 2257 * 2258 * @param context A Kerberos 5 context. 2259 * @param c a configuration section, or NULL to use the section from context 2260 * @param def_value the default value to return if no configuration 2261 * found in the database. 2262 * @param args a va_list of arguments 2263 * 2264 * @return parsed the time (or def_value on parse error) 2265 * 2266 * @ingroup krb5_support 2267 */ 2268 2269 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2270 krb5_config_vget_time_default ( 2271 krb5_context /*context*/, 2272 const krb5_config_section */*c*/, 2273 int /*def_value*/, 2274 va_list /*args*/); 2275 2276 /** 2277 * krb5_copy_address copies the content of address 2278 * inaddr to outaddr. 2279 * 2280 * @param context a Keberos context 2281 * @param inaddr pointer to source address 2282 * @param outaddr pointer to destination address 2283 * 2284 * @return Return an error code or 0. 2285 * 2286 * @ingroup krb5_address 2287 */ 2288 2289 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2290 krb5_copy_address ( 2291 krb5_context /*context*/, 2292 const krb5_address */*inaddr*/, 2293 krb5_address */*outaddr*/); 2294 2295 /** 2296 * krb5_copy_addresses copies the content of addresses 2297 * inaddr to outaddr. 2298 * 2299 * @param context a Keberos context 2300 * @param inaddr pointer to source addresses 2301 * @param outaddr pointer to destination addresses 2302 * 2303 * @return Return an error code or 0. 2304 * 2305 * @ingroup krb5_address 2306 */ 2307 2308 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2309 krb5_copy_addresses ( 2310 krb5_context /*context*/, 2311 const krb5_addresses */*inaddr*/, 2312 krb5_addresses */*outaddr*/); 2313 2314 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2315 krb5_copy_checksum ( 2316 krb5_context /*context*/, 2317 const krb5_checksum */*old*/, 2318 krb5_checksum **/*new*/); 2319 2320 /** 2321 * Make a copy for the Kerberos 5 context, the new krb5_context shoud 2322 * be freed with krb5_free_context(). 2323 * 2324 * @param context the Kerberos context to copy 2325 * @param out the copy of the Kerberos, set to NULL error. 2326 * 2327 * @return Returns 0 to indicate success. Otherwise an kerberos et 2328 * error code is returned, see krb5_get_error_message(). 2329 * 2330 * @ingroup krb5 2331 */ 2332 2333 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2334 krb5_copy_context ( 2335 krb5_context /*context*/, 2336 krb5_context */*out*/); 2337 2338 /** 2339 * Copy krb5_creds. 2340 * 2341 * @param context Kerberos 5 context. 2342 * @param incred source credential 2343 * @param outcred destination credential, free with krb5_free_creds(). 2344 * 2345 * @return Returns 0 to indicate success. Otherwise an kerberos et 2346 * error code is returned, see krb5_get_error_message(). 2347 * 2348 * @ingroup krb5 2349 */ 2350 2351 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2352 krb5_copy_creds ( 2353 krb5_context /*context*/, 2354 const krb5_creds */*incred*/, 2355 krb5_creds **/*outcred*/); 2356 2357 /** 2358 * Copy content of krb5_creds. 2359 * 2360 * @param context Kerberos 5 context. 2361 * @param incred source credential 2362 * @param c destination credential, free with krb5_free_cred_contents(). 2363 * 2364 * @return Returns 0 to indicate success. Otherwise an kerberos et 2365 * error code is returned, see krb5_get_error_message(). 2366 * 2367 * @ingroup krb5 2368 */ 2369 2370 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2371 krb5_copy_creds_contents ( 2372 krb5_context /*context*/, 2373 const krb5_creds */*incred*/, 2374 krb5_creds */*c*/); 2375 2376 /** 2377 * Copy the data into a newly allocated krb5_data. 2378 * 2379 * @param context Kerberos 5 context. 2380 * @param indata the krb5_data data to copy 2381 * @param outdata new krb5_date to copy too. Free with krb5_free_data(). 2382 * 2383 * @return Returns 0 to indicate success. Otherwise an kerberos et 2384 * error code is returned. 2385 * 2386 * @ingroup krb5 2387 */ 2388 2389 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2390 krb5_copy_data ( 2391 krb5_context /*context*/, 2392 const krb5_data */*indata*/, 2393 krb5_data **/*outdata*/); 2394 2395 /** 2396 * Copy the list of realms from `from' to `to'. 2397 * 2398 * @param context Kerberos 5 context. 2399 * @param from list of realms to copy from. 2400 * @param to list of realms to copy to, free list of krb5_free_host_realm(). 2401 * 2402 * @return Returns 0 to indicate success. Otherwise an kerberos et 2403 * error code is returned, see krb5_get_error_message(). 2404 * 2405 * @ingroup krb5 2406 */ 2407 2408 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2409 krb5_copy_host_realm ( 2410 krb5_context /*context*/, 2411 const krb5_realm */*from*/, 2412 krb5_realm **/*to*/); 2413 2414 /** 2415 * Copy a keyblock, free the output keyblock with 2416 * krb5_free_keyblock(). 2417 * 2418 * @param context a Kerberos 5 context 2419 * @param inblock the key to copy 2420 * @param to the output key. 2421 * 2422 * @return 0 on success or a Kerberos 5 error code 2423 * 2424 * @ingroup krb5_crypto 2425 */ 2426 2427 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2428 krb5_copy_keyblock ( 2429 krb5_context /*context*/, 2430 const krb5_keyblock */*inblock*/, 2431 krb5_keyblock **/*to*/); 2432 2433 /** 2434 * Copy a keyblock, free the output keyblock with 2435 * krb5_free_keyblock_contents(). 2436 * 2437 * @param context a Kerberos 5 context 2438 * @param inblock the key to copy 2439 * @param to the output key. 2440 * 2441 * @return 0 on success or a Kerberos 5 error code 2442 * 2443 * @ingroup krb5_crypto 2444 */ 2445 2446 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2447 krb5_copy_keyblock_contents ( 2448 krb5_context /*context*/, 2449 const krb5_keyblock */*inblock*/, 2450 krb5_keyblock */*to*/); 2451 2452 /** 2453 * Copy a principal 2454 * 2455 * @param context A Kerberos context. 2456 * @param inprinc principal to copy 2457 * @param outprinc copied principal, free with krb5_free_principal() 2458 * 2459 * @return An krb5 error code, see krb5_get_error_message(). 2460 * 2461 * @ingroup krb5_principal 2462 */ 2463 2464 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2465 krb5_copy_principal ( 2466 krb5_context /*context*/, 2467 krb5_const_principal /*inprinc*/, 2468 krb5_principal */*outprinc*/); 2469 2470 /** 2471 * Copy ticket and content 2472 * 2473 * @param context a Kerberos 5 context 2474 * @param from ticket to copy 2475 * @param to new copy of ticket, free with krb5_free_ticket() 2476 * 2477 * @return Returns 0 to indicate success. Otherwise an kerberos et 2478 * error code is returned, see krb5_get_error_message(). 2479 * 2480 * @ingroup krb5 2481 */ 2482 2483 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2484 krb5_copy_ticket ( 2485 krb5_context /*context*/, 2486 const krb5_ticket */*from*/, 2487 krb5_ticket **/*to*/); 2488 2489 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2490 krb5_create_checksum ( 2491 krb5_context /*context*/, 2492 krb5_crypto /*crypto*/, 2493 krb5_key_usage /*usage*/, 2494 int /*type*/, 2495 void */*data*/, 2496 size_t /*len*/, 2497 Checksum */*result*/); 2498 2499 /** 2500 * Create a Kerberos message checksum. 2501 * 2502 * @param context Kerberos context 2503 * @param crypto Kerberos crypto context 2504 * @param usage Key usage for this buffer 2505 * @param data array of buffers to process 2506 * @param num_data length of array 2507 * @param type output data 2508 * 2509 * @return Return an error code or 0. 2510 * @ingroup krb5_crypto 2511 */ 2512 2513 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2514 krb5_create_checksum_iov ( 2515 krb5_context /*context*/, 2516 krb5_crypto /*crypto*/, 2517 unsigned /*usage*/, 2518 krb5_crypto_iov */*data*/, 2519 unsigned int /*num_data*/, 2520 krb5_cksumtype */*type*/); 2521 2522 /** 2523 * Returns the ticket flags for the credentials in creds. 2524 * See also krb5_ticket_get_flags(). 2525 * 2526 * @param creds credential to get ticket flags from 2527 * 2528 * @return ticket flags 2529 * 2530 * @ingroup krb5 2531 */ 2532 2533 KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 2534 krb5_creds_get_ticket_flags (krb5_creds */*creds*/); 2535 2536 /** 2537 * Free a crypto context created by krb5_crypto_init(). 2538 * 2539 * @param context Kerberos context 2540 * @param crypto crypto context to free 2541 * 2542 * @return Return an error code or 0. 2543 * 2544 * @ingroup krb5_crypto 2545 */ 2546 2547 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2548 krb5_crypto_destroy ( 2549 krb5_context /*context*/, 2550 krb5_crypto /*crypto*/); 2551 2552 /** 2553 * The FX-CF2 key derivation function, used in FAST and preauth framework. 2554 * 2555 * @param context Kerberos 5 context 2556 * @param crypto1 first key to combine 2557 * @param crypto2 second key to combine 2558 * @param pepper1 factor to combine with first key to garante uniqueness 2559 * @param pepper2 factor to combine with second key to garante uniqueness 2560 * @param enctype the encryption type of the resulting key 2561 * @param res allocated key, free with krb5_free_keyblock_contents() 2562 * 2563 * @return Return an error code or 0. 2564 * 2565 * @ingroup krb5_crypto 2566 */ 2567 2568 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2569 krb5_crypto_fx_cf2 ( 2570 krb5_context /*context*/, 2571 const krb5_crypto /*crypto1*/, 2572 const krb5_crypto /*crypto2*/, 2573 krb5_data */*pepper1*/, 2574 krb5_data */*pepper2*/, 2575 krb5_enctype /*enctype*/, 2576 krb5_keyblock */*res*/); 2577 2578 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2579 krb5_crypto_get_checksum_type ( 2580 krb5_context /*context*/, 2581 krb5_crypto /*crypto*/, 2582 krb5_cksumtype */*type*/); 2583 2584 /** 2585 * Return the blocksize used algorithm referenced by the crypto context 2586 * 2587 * @param context Kerberos context 2588 * @param crypto crypto context to query 2589 * @param blocksize the resulting blocksize 2590 * 2591 * @return Return an error code or 0. 2592 * 2593 * @ingroup krb5_crypto 2594 */ 2595 2596 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2597 krb5_crypto_getblocksize ( 2598 krb5_context /*context*/, 2599 krb5_crypto /*crypto*/, 2600 size_t */*blocksize*/); 2601 2602 /** 2603 * Return the confounder size used by the crypto context 2604 * 2605 * @param context Kerberos context 2606 * @param crypto crypto context to query 2607 * @param confoundersize the returned confounder size 2608 * 2609 * @return Return an error code or 0. 2610 * 2611 * @ingroup krb5_crypto 2612 */ 2613 2614 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2615 krb5_crypto_getconfoundersize ( 2616 krb5_context /*context*/, 2617 krb5_crypto /*crypto*/, 2618 size_t */*confoundersize*/); 2619 2620 /** 2621 * Return the encryption type used by the crypto context 2622 * 2623 * @param context Kerberos context 2624 * @param crypto crypto context to query 2625 * @param enctype the resulting encryption type 2626 * 2627 * @return Return an error code or 0. 2628 * 2629 * @ingroup krb5_crypto 2630 */ 2631 2632 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2633 krb5_crypto_getenctype ( 2634 krb5_context /*context*/, 2635 krb5_crypto /*crypto*/, 2636 krb5_enctype */*enctype*/); 2637 2638 /** 2639 * Return the padding size used by the crypto context 2640 * 2641 * @param context Kerberos context 2642 * @param crypto crypto context to query 2643 * @param padsize the return padding size 2644 * 2645 * @return Return an error code or 0. 2646 * 2647 * @ingroup krb5_crypto 2648 */ 2649 2650 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2651 krb5_crypto_getpadsize ( 2652 krb5_context /*context*/, 2653 krb5_crypto /*crypto*/, 2654 size_t */*padsize*/); 2655 2656 /** 2657 * Create a crypto context used for all encryption and signature 2658 * operation. The encryption type to use is taken from the key, but 2659 * can be overridden with the enctype parameter. This can be useful 2660 * for encryptions types which is compatiable (DES for example). 2661 * 2662 * To free the crypto context, use krb5_crypto_destroy(). 2663 * 2664 * @param context Kerberos context 2665 * @param key the key block information with all key data 2666 * @param etype the encryption type 2667 * @param crypto the resulting crypto context 2668 * 2669 * @return Return an error code or 0. 2670 * 2671 * @ingroup krb5_crypto 2672 */ 2673 2674 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2675 krb5_crypto_init ( 2676 krb5_context /*context*/, 2677 const krb5_keyblock */*key*/, 2678 krb5_enctype /*etype*/, 2679 krb5_crypto */*crypto*/); 2680 2681 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2682 krb5_crypto_length ( 2683 krb5_context /*context*/, 2684 krb5_crypto /*crypto*/, 2685 int /*type*/, 2686 size_t */*len*/); 2687 2688 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2689 krb5_crypto_length_iov ( 2690 krb5_context /*context*/, 2691 krb5_crypto /*crypto*/, 2692 krb5_crypto_iov */*data*/, 2693 unsigned int /*num_data*/); 2694 2695 KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 2696 krb5_crypto_overhead ( 2697 krb5_context /*context*/, 2698 krb5_crypto /*crypto*/); 2699 2700 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2701 krb5_crypto_prf ( 2702 krb5_context /*context*/, 2703 const krb5_crypto /*crypto*/, 2704 const krb5_data */*input*/, 2705 krb5_data */*output*/); 2706 2707 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2708 krb5_crypto_prf_length ( 2709 krb5_context /*context*/, 2710 krb5_enctype /*type*/, 2711 size_t */*length*/); 2712 2713 /** 2714 * Allocate data of and krb5_data. 2715 * 2716 * @param p krb5_data to allocate. 2717 * @param len size to allocate. 2718 * 2719 * @return Returns 0 to indicate success. Otherwise an kerberos et 2720 * error code is returned. 2721 * 2722 * @ingroup krb5 2723 */ 2724 2725 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2726 krb5_data_alloc ( 2727 krb5_data */*p*/, 2728 int /*len*/); 2729 2730 /** 2731 * Compare to data. 2732 * 2733 * @param data1 krb5_data to compare 2734 * @param data2 krb5_data to compare 2735 * 2736 * @return return the same way as memcmp(), useful when sorting. 2737 * 2738 * @ingroup krb5 2739 */ 2740 2741 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2742 krb5_data_cmp ( 2743 const krb5_data */*data1*/, 2744 const krb5_data */*data2*/); 2745 2746 /** 2747 * Copy the data of len into the krb5_data. 2748 * 2749 * @param p krb5_data to copy into. 2750 * @param data data to copy.. 2751 * @param len new size. 2752 * 2753 * @return Returns 0 to indicate success. Otherwise an kerberos et 2754 * error code is returned. 2755 * 2756 * @ingroup krb5 2757 */ 2758 2759 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2760 krb5_data_copy ( 2761 krb5_data */*p*/, 2762 const void */*data*/, 2763 size_t /*len*/); 2764 2765 /** 2766 * Compare to data not exposing timing information from the checksum data 2767 * 2768 * @param data1 krb5_data to compare 2769 * @param data2 krb5_data to compare 2770 * 2771 * @return returns zero for same data, otherwise non zero. 2772 * 2773 * @ingroup krb5 2774 */ 2775 2776 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 2777 krb5_data_ct_cmp ( 2778 const krb5_data */*data1*/, 2779 const krb5_data */*data2*/); 2780 2781 /** 2782 * Free the content of krb5_data structure, its ok to free a zeroed 2783 * structure (with memset() or krb5_data_zero()). When done, the 2784 * structure will be zeroed. The same function is called 2785 * krb5_free_data_contents() in MIT Kerberos. 2786 * 2787 * @param p krb5_data to free. 2788 * 2789 * @ingroup krb5 2790 */ 2791 2792 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2793 krb5_data_free (krb5_data */*p*/); 2794 2795 /** 2796 * Grow (or shrink) the content of krb5_data to a new size. 2797 * 2798 * @param p krb5_data to free. 2799 * @param len new size. 2800 * 2801 * @return Returns 0 to indicate success. Otherwise an kerberos et 2802 * error code is returned. 2803 * 2804 * @ingroup krb5 2805 */ 2806 2807 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2808 krb5_data_realloc ( 2809 krb5_data */*p*/, 2810 int /*len*/); 2811 2812 /** 2813 * Reset the (potentially uninitalized) krb5_data structure. 2814 * 2815 * @param p krb5_data to reset. 2816 * 2817 * @ingroup krb5 2818 */ 2819 2820 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2821 krb5_data_zero (krb5_data */*p*/); 2822 2823 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2824 krb5_decode_Authenticator ( 2825 krb5_context /*context*/, 2826 const void */*data*/, 2827 size_t /*length*/, 2828 Authenticator */*t*/, 2829 size_t */*len*/) 2830 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2831 2832 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2833 krb5_decode_ETYPE_INFO ( 2834 krb5_context /*context*/, 2835 const void */*data*/, 2836 size_t /*length*/, 2837 ETYPE_INFO */*t*/, 2838 size_t */*len*/) 2839 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2840 2841 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2842 krb5_decode_ETYPE_INFO2 ( 2843 krb5_context /*context*/, 2844 const void */*data*/, 2845 size_t /*length*/, 2846 ETYPE_INFO2 */*t*/, 2847 size_t */*len*/) 2848 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2849 2850 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2851 krb5_decode_EncAPRepPart ( 2852 krb5_context /*context*/, 2853 const void */*data*/, 2854 size_t /*length*/, 2855 EncAPRepPart */*t*/, 2856 size_t */*len*/) 2857 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2858 2859 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2860 krb5_decode_EncASRepPart ( 2861 krb5_context /*context*/, 2862 const void */*data*/, 2863 size_t /*length*/, 2864 EncASRepPart */*t*/, 2865 size_t */*len*/) 2866 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2867 2868 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2869 krb5_decode_EncKrbCredPart ( 2870 krb5_context /*context*/, 2871 const void */*data*/, 2872 size_t /*length*/, 2873 EncKrbCredPart */*t*/, 2874 size_t */*len*/) 2875 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2876 2877 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2878 krb5_decode_EncTGSRepPart ( 2879 krb5_context /*context*/, 2880 const void */*data*/, 2881 size_t /*length*/, 2882 EncTGSRepPart */*t*/, 2883 size_t */*len*/) 2884 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2885 2886 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2887 krb5_decode_EncTicketPart ( 2888 krb5_context /*context*/, 2889 const void */*data*/, 2890 size_t /*length*/, 2891 EncTicketPart */*t*/, 2892 size_t */*len*/) 2893 KRB5_DEPRECATED_FUNCTION("Use X instead"); 2894 2895 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2896 krb5_decode_ap_req ( 2897 krb5_context /*context*/, 2898 const krb5_data */*inbuf*/, 2899 krb5_ap_req */*ap_req*/); 2900 2901 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2902 krb5_decrypt ( 2903 krb5_context /*context*/, 2904 krb5_crypto /*crypto*/, 2905 unsigned /*usage*/, 2906 void */*data*/, 2907 size_t /*len*/, 2908 krb5_data */*result*/); 2909 2910 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2911 krb5_decrypt_EncryptedData ( 2912 krb5_context /*context*/, 2913 krb5_crypto /*crypto*/, 2914 unsigned /*usage*/, 2915 const EncryptedData */*e*/, 2916 krb5_data */*result*/); 2917 2918 /** 2919 * Inline decrypt a Kerberos message. 2920 * 2921 * @param context Kerberos context 2922 * @param crypto Kerberos crypto context 2923 * @param usage Key usage for this buffer 2924 * @param data array of buffers to process 2925 * @param num_data length of array 2926 * @param ivec initial cbc/cts vector 2927 * 2928 * @return Return an error code or 0. 2929 * @ingroup krb5_crypto 2930 * 2931 * 1. KRB5_CRYPTO_TYPE_HEADER 2932 * 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in 2933 * any order, however the receiver have to aware of the 2934 * order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted 2935 * protocol headers and trailers. The output data will be of same 2936 * size as the input data or shorter. 2937 */ 2938 2939 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2940 krb5_decrypt_iov_ivec ( 2941 krb5_context /*context*/, 2942 krb5_crypto /*crypto*/, 2943 unsigned /*usage*/, 2944 krb5_crypto_iov */*data*/, 2945 unsigned int /*num_data*/, 2946 void */*ivec*/); 2947 2948 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2949 krb5_decrypt_ivec ( 2950 krb5_context /*context*/, 2951 krb5_crypto /*crypto*/, 2952 unsigned /*usage*/, 2953 void */*data*/, 2954 size_t /*len*/, 2955 krb5_data */*result*/, 2956 void */*ivec*/); 2957 2958 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2959 krb5_decrypt_ticket ( 2960 krb5_context /*context*/, 2961 Ticket */*ticket*/, 2962 krb5_keyblock */*key*/, 2963 EncTicketPart */*out*/, 2964 krb5_flags /*flags*/); 2965 2966 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2967 krb5_derive_key ( 2968 krb5_context /*context*/, 2969 const krb5_keyblock */*key*/, 2970 krb5_enctype /*etype*/, 2971 const void */*constant*/, 2972 size_t /*constant_len*/, 2973 krb5_keyblock **/*derived_key*/); 2974 2975 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2976 krb5_digest_alloc ( 2977 krb5_context /*context*/, 2978 krb5_digest */*digest*/); 2979 2980 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 2981 krb5_digest_free (krb5_digest /*digest*/); 2982 2983 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 2984 krb5_digest_get_client_binding ( 2985 krb5_context /*context*/, 2986 krb5_digest /*digest*/, 2987 char **/*type*/, 2988 char **/*binding*/); 2989 2990 KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2991 krb5_digest_get_identifier ( 2992 krb5_context /*context*/, 2993 krb5_digest /*digest*/); 2994 2995 KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 2996 krb5_digest_get_opaque ( 2997 krb5_context /*context*/, 2998 krb5_digest /*digest*/); 2999 3000 KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3001 krb5_digest_get_rsp ( 3002 krb5_context /*context*/, 3003 krb5_digest /*digest*/); 3004 3005 KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 3006 krb5_digest_get_server_nonce ( 3007 krb5_context /*context*/, 3008 krb5_digest /*digest*/); 3009 3010 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3011 krb5_digest_get_session_key ( 3012 krb5_context /*context*/, 3013 krb5_digest /*digest*/, 3014 krb5_data */*data*/); 3015 3016 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3017 krb5_digest_get_tickets ( 3018 krb5_context /*context*/, 3019 krb5_digest /*digest*/, 3020 Ticket **/*tickets*/); 3021 3022 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3023 krb5_digest_init_request ( 3024 krb5_context /*context*/, 3025 krb5_digest /*digest*/, 3026 krb5_realm /*realm*/, 3027 krb5_ccache /*ccache*/); 3028 3029 /** 3030 * Get the supported/allowed mechanism for this principal. 3031 * 3032 * @param context A Keberos context. 3033 * @param realm The realm of the KDC. 3034 * @param ccache The credential cache to use when talking to the KDC. 3035 * @param flags The supported mechanism. 3036 * 3037 * @return Return an error code or 0. 3038 * 3039 * @ingroup krb5_digest 3040 */ 3041 3042 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3043 krb5_digest_probe ( 3044 krb5_context /*context*/, 3045 krb5_realm /*realm*/, 3046 krb5_ccache /*ccache*/, 3047 unsigned */*flags*/); 3048 3049 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3050 krb5_digest_rep_get_status ( 3051 krb5_context /*context*/, 3052 krb5_digest /*digest*/); 3053 3054 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3055 krb5_digest_request ( 3056 krb5_context /*context*/, 3057 krb5_digest /*digest*/, 3058 krb5_realm /*realm*/, 3059 krb5_ccache /*ccache*/); 3060 3061 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3062 krb5_digest_set_authentication_user ( 3063 krb5_context /*context*/, 3064 krb5_digest /*digest*/, 3065 krb5_principal /*authentication_user*/); 3066 3067 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3068 krb5_digest_set_authid ( 3069 krb5_context /*context*/, 3070 krb5_digest /*digest*/, 3071 const char */*authid*/); 3072 3073 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3074 krb5_digest_set_client_nonce ( 3075 krb5_context /*context*/, 3076 krb5_digest /*digest*/, 3077 const char */*nonce*/); 3078 3079 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3080 krb5_digest_set_digest ( 3081 krb5_context /*context*/, 3082 krb5_digest /*digest*/, 3083 const char */*dgst*/); 3084 3085 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3086 krb5_digest_set_hostname ( 3087 krb5_context /*context*/, 3088 krb5_digest /*digest*/, 3089 const char */*hostname*/); 3090 3091 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3092 krb5_digest_set_identifier ( 3093 krb5_context /*context*/, 3094 krb5_digest /*digest*/, 3095 const char */*id*/); 3096 3097 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3098 krb5_digest_set_method ( 3099 krb5_context /*context*/, 3100 krb5_digest /*digest*/, 3101 const char */*method*/); 3102 3103 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3104 krb5_digest_set_nonceCount ( 3105 krb5_context /*context*/, 3106 krb5_digest /*digest*/, 3107 const char */*nonce_count*/); 3108 3109 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3110 krb5_digest_set_opaque ( 3111 krb5_context /*context*/, 3112 krb5_digest /*digest*/, 3113 const char */*opaque*/); 3114 3115 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3116 krb5_digest_set_qop ( 3117 krb5_context /*context*/, 3118 krb5_digest /*digest*/, 3119 const char */*qop*/); 3120 3121 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3122 krb5_digest_set_realm ( 3123 krb5_context /*context*/, 3124 krb5_digest /*digest*/, 3125 const char */*realm*/); 3126 3127 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 3128 krb5_digest_set_responseData ( 3129 krb5_context /*context*/, 3130 krb5_digest /*digest*/, 3131 const char */*response*/); 3132 3133 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3134 krb5_digest_set_server_cb ( 3135 krb5_context /*context*/, 3136 krb5_digest /*digest*/, 3137 const char */*type*/, 3138 const char */*binding*/); 3139 3140 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3141 krb5_digest_set_server_nonce ( 3142 krb5_context /*context*/, 3143 krb5_digest /*digest*/, 3144 const char */*nonce*/); 3145 3146 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3147 krb5_digest_set_type ( 3148 krb5_context /*context*/, 3149 krb5_digest /*digest*/, 3150 const char */*type*/); 3151 3152 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3153 krb5_digest_set_uri ( 3154 krb5_context /*context*/, 3155 krb5_digest /*digest*/, 3156 const char */*uri*/); 3157 3158 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3159 krb5_digest_set_username ( 3160 krb5_context /*context*/, 3161 krb5_digest /*digest*/, 3162 const char */*username*/); 3163 3164 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3165 krb5_domain_x500_decode ( 3166 krb5_context /*context*/, 3167 krb5_data /*tr*/, 3168 char ***/*realms*/, 3169 unsigned int */*num_realms*/, 3170 const char */*client_realm*/, 3171 const char */*server_realm*/); 3172 3173 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3174 krb5_domain_x500_encode ( 3175 char **/*realms*/, 3176 unsigned int /*num_realms*/, 3177 krb5_data */*encoding*/); 3178 3179 /** 3180 * Convert the getaddrinfo() error code to a Kerberos et error code. 3181 * 3182 * @param eai_errno contains the error code from getaddrinfo(). 3183 * @param system_error should have the value of errno after the failed getaddrinfo(). 3184 * 3185 * @return Kerberos error code representing the EAI errors. 3186 * 3187 * @ingroup krb5_error 3188 */ 3189 3190 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3191 krb5_eai_to_heim_errno ( 3192 int /*eai_errno*/, 3193 int /*system_error*/); 3194 3195 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3196 krb5_encode_Authenticator ( 3197 krb5_context /*context*/, 3198 void */*data*/, 3199 size_t /*length*/, 3200 Authenticator */*t*/, 3201 size_t */*len*/) 3202 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3203 3204 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3205 krb5_encode_ETYPE_INFO ( 3206 krb5_context /*context*/, 3207 void */*data*/, 3208 size_t /*length*/, 3209 ETYPE_INFO */*t*/, 3210 size_t */*len*/) 3211 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3212 3213 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3214 krb5_encode_ETYPE_INFO2 ( 3215 krb5_context /*context*/, 3216 void */*data*/, 3217 size_t /*length*/, 3218 ETYPE_INFO2 */*t*/, 3219 size_t */*len*/) 3220 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3221 3222 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3223 krb5_encode_EncAPRepPart ( 3224 krb5_context /*context*/, 3225 void */*data*/, 3226 size_t /*length*/, 3227 EncAPRepPart */*t*/, 3228 size_t */*len*/) 3229 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3230 3231 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3232 krb5_encode_EncASRepPart ( 3233 krb5_context /*context*/, 3234 void */*data*/, 3235 size_t /*length*/, 3236 EncASRepPart */*t*/, 3237 size_t */*len*/) 3238 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3239 3240 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3241 krb5_encode_EncKrbCredPart ( 3242 krb5_context /*context*/, 3243 void */*data*/, 3244 size_t /*length*/, 3245 EncKrbCredPart */*t*/, 3246 size_t */*len*/) 3247 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3248 3249 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3250 krb5_encode_EncTGSRepPart ( 3251 krb5_context /*context*/, 3252 void */*data*/, 3253 size_t /*length*/, 3254 EncTGSRepPart */*t*/, 3255 size_t */*len*/) 3256 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3257 3258 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3259 krb5_encode_EncTicketPart ( 3260 krb5_context /*context*/, 3261 void */*data*/, 3262 size_t /*length*/, 3263 EncTicketPart */*t*/, 3264 size_t */*len*/) 3265 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3266 3267 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3268 krb5_encrypt ( 3269 krb5_context /*context*/, 3270 krb5_crypto /*crypto*/, 3271 unsigned /*usage*/, 3272 const void */*data*/, 3273 size_t /*len*/, 3274 krb5_data */*result*/); 3275 3276 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3277 krb5_encrypt_EncryptedData ( 3278 krb5_context /*context*/, 3279 krb5_crypto /*crypto*/, 3280 unsigned /*usage*/, 3281 void */*data*/, 3282 size_t /*len*/, 3283 int /*kvno*/, 3284 EncryptedData */*result*/); 3285 3286 /** 3287 * Inline encrypt a kerberos message 3288 * 3289 * @param context Kerberos context 3290 * @param crypto Kerberos crypto context 3291 * @param usage Key usage for this buffer 3292 * @param data array of buffers to process 3293 * @param num_data length of array 3294 * @param ivec initial cbc/cts vector 3295 * 3296 * @return Return an error code or 0. 3297 * @ingroup krb5_crypto 3298 * 3299 * Kerberos encrypted data look like this: 3300 * 3301 * 1. KRB5_CRYPTO_TYPE_HEADER 3302 * 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...] 3303 * KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver 3304 * have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is 3305 * commonly used headers and trailers. 3306 * 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1 3307 * 4. KRB5_CRYPTO_TYPE_TRAILER 3308 */ 3309 3310 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3311 krb5_encrypt_iov_ivec ( 3312 krb5_context /*context*/, 3313 krb5_crypto /*crypto*/, 3314 unsigned /*usage*/, 3315 krb5_crypto_iov */*data*/, 3316 int /*num_data*/, 3317 void */*ivec*/); 3318 3319 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3320 krb5_encrypt_ivec ( 3321 krb5_context /*context*/, 3322 krb5_crypto /*crypto*/, 3323 unsigned /*usage*/, 3324 const void */*data*/, 3325 size_t /*len*/, 3326 krb5_data */*result*/, 3327 void */*ivec*/); 3328 3329 /** 3330 * Disable encryption type 3331 * 3332 * @param context Kerberos 5 context 3333 * @param enctype encryption type to disable 3334 * 3335 * @return Return an error code or 0. 3336 * 3337 * @ingroup krb5_crypto 3338 */ 3339 3340 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3341 krb5_enctype_disable ( 3342 krb5_context /*context*/, 3343 krb5_enctype /*enctype*/); 3344 3345 /** 3346 * Enable encryption type 3347 * 3348 * @param context Kerberos 5 context 3349 * @param enctype encryption type to enable 3350 * 3351 * @return Return an error code or 0. 3352 * 3353 * @ingroup krb5_crypto 3354 */ 3355 3356 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3357 krb5_enctype_enable ( 3358 krb5_context /*context*/, 3359 krb5_enctype /*enctype*/); 3360 3361 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3362 krb5_enctype_keybits ( 3363 krb5_context /*context*/, 3364 krb5_enctype /*type*/, 3365 size_t */*keybits*/); 3366 3367 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3368 krb5_enctype_keysize ( 3369 krb5_context /*context*/, 3370 krb5_enctype /*type*/, 3371 size_t */*keysize*/); 3372 3373 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3374 krb5_enctype_to_keytype ( 3375 krb5_context /*context*/, 3376 krb5_enctype /*etype*/, 3377 krb5_keytype */*keytype*/); 3378 3379 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3380 krb5_enctype_to_string ( 3381 krb5_context /*context*/, 3382 krb5_enctype /*etype*/, 3383 char **/*string*/); 3384 3385 /** 3386 * Check if a enctype is valid, return 0 if it is. 3387 * 3388 * @param context Kerberos context 3389 * @param etype enctype to check if its valid or not 3390 * 3391 * @return Return an error code for an failure or 0 on success (enctype valid). 3392 * @ingroup krb5_crypto 3393 */ 3394 3395 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3396 krb5_enctype_valid ( 3397 krb5_context /*context*/, 3398 krb5_enctype /*etype*/); 3399 3400 /** 3401 * Deprecated: keytypes doesn't exists, they are really enctypes. 3402 * 3403 * @ingroup krb5_deprecated 3404 */ 3405 3406 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 3407 krb5_enctypes_compatible_keys ( 3408 krb5_context /*context*/, 3409 krb5_enctype /*etype1*/, 3410 krb5_enctype /*etype2*/) 3411 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3412 3413 krb5_error_code 3414 krb5_enomem (krb5_context /*context*/); 3415 3416 /** 3417 * Log a warning to the log, default stderr, include bthe error from 3418 * the last failure and then exit. 3419 * 3420 * @param context A Kerberos 5 context 3421 * @param eval the exit code to exit with 3422 * @param code error code of the last error 3423 * @param fmt message to print 3424 * 3425 * @ingroup krb5_error 3426 */ 3427 3428 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3429 krb5_err ( 3430 krb5_context /*context*/, 3431 int /*eval*/, 3432 krb5_error_code /*code*/, 3433 const char */*fmt*/, 3434 ...) 3435 __attribute__ ((__noreturn__, __format__ (__printf__, 4, 5))); 3436 3437 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3438 krb5_error_from_rd_error ( 3439 krb5_context /*context*/, 3440 const krb5_error */*error*/, 3441 const krb5_creds */*creds*/); 3442 3443 /** 3444 * Log a warning to the log, default stderr, and then exit. 3445 * 3446 * @param context A Kerberos 5 context 3447 * @param eval the exit code to exit with 3448 * @param fmt message to print 3449 * 3450 * @ingroup krb5_error 3451 */ 3452 3453 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3454 krb5_errx ( 3455 krb5_context /*context*/, 3456 int /*eval*/, 3457 const char */*fmt*/, 3458 ...) 3459 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 4))); 3460 3461 /** 3462 * krb5_expand_hostname() tries to make orig_hostname into a more 3463 * canonical one in the newly allocated space returned in 3464 * new_hostname. 3465 3466 * @param context a Keberos context 3467 * @param orig_hostname hostname to canonicalise. 3468 * @param new_hostname output hostname, caller must free hostname with 3469 * krb5_xfree(). 3470 * 3471 * @return Return an error code or 0, see krb5_get_error_message(). 3472 * 3473 * @ingroup krb5_support 3474 */ 3475 3476 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3477 krb5_expand_hostname ( 3478 krb5_context /*context*/, 3479 const char */*orig_hostname*/, 3480 char **/*new_hostname*/); 3481 3482 /** 3483 * krb5_expand_hostname_realms() expands orig_hostname to a name we 3484 * believe to be a hostname in newly allocated space in new_hostname 3485 * and return the realms new_hostname is believed to belong to in 3486 * realms. 3487 * 3488 * @param context a Keberos context 3489 * @param orig_hostname hostname to canonicalise. 3490 * @param new_hostname output hostname, caller must free hostname with 3491 * krb5_xfree(). 3492 * @param realms output possible realms, is an array that is terminated 3493 * with NULL. Caller must free with krb5_free_host_realm(). 3494 * 3495 * @return Return an error code or 0, see krb5_get_error_message(). 3496 * 3497 * @ingroup krb5_support 3498 */ 3499 3500 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3501 krb5_expand_hostname_realms ( 3502 krb5_context /*context*/, 3503 const char */*orig_hostname*/, 3504 char **/*new_hostname*/, 3505 char ***/*realms*/); 3506 3507 KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL 3508 krb5_find_padata ( 3509 PA_DATA */*val*/, 3510 unsigned /*len*/, 3511 int /*type*/, 3512 int */*idx*/); 3513 3514 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3515 krb5_format_time ( 3516 krb5_context /*context*/, 3517 time_t /*t*/, 3518 char */*s*/, 3519 size_t /*len*/, 3520 krb5_boolean /*include_time*/); 3521 3522 /** 3523 * krb5_free_address frees the data stored in the address that is 3524 * alloced with any of the krb5_address functions. 3525 * 3526 * @param context a Keberos context 3527 * @param address addresss to be freed. 3528 * 3529 * @return Return an error code or 0. 3530 * 3531 * @ingroup krb5_address 3532 */ 3533 3534 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3535 krb5_free_address ( 3536 krb5_context /*context*/, 3537 krb5_address */*address*/); 3538 3539 /** 3540 * krb5_free_addresses frees the data stored in the address that is 3541 * alloced with any of the krb5_address functions. 3542 * 3543 * @param context a Keberos context 3544 * @param addresses addressses to be freed. 3545 * 3546 * @return Return an error code or 0. 3547 * 3548 * @ingroup krb5_address 3549 */ 3550 3551 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3552 krb5_free_addresses ( 3553 krb5_context /*context*/, 3554 krb5_addresses */*addresses*/); 3555 3556 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3557 krb5_free_ap_rep_enc_part ( 3558 krb5_context /*context*/, 3559 krb5_ap_rep_enc_part */*val*/); 3560 3561 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3562 krb5_free_authenticator ( 3563 krb5_context /*context*/, 3564 krb5_authenticator */*authenticator*/); 3565 3566 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3567 krb5_free_checksum ( 3568 krb5_context /*context*/, 3569 krb5_checksum */*cksum*/); 3570 3571 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3572 krb5_free_checksum_contents ( 3573 krb5_context /*context*/, 3574 krb5_checksum */*cksum*/); 3575 3576 /** 3577 * Free a list of configuration files. 3578 * 3579 * @param filenames list, terminated with a NULL pointer, to be 3580 * freed. NULL is an valid argument. 3581 * 3582 * @return Returns 0 to indicate success. Otherwise an kerberos et 3583 * error code is returned, see krb5_get_error_message(). 3584 * 3585 * @ingroup krb5 3586 */ 3587 3588 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3589 krb5_free_config_files (char **/*filenames*/); 3590 3591 /** 3592 * Frees the krb5_context allocated by krb5_init_context(). 3593 * 3594 * @param context context to be freed. 3595 * 3596 * @ingroup krb5 3597 */ 3598 3599 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3600 krb5_free_context (krb5_context /*context*/); 3601 3602 /** 3603 * Free content of krb5_creds. 3604 * 3605 * @param context Kerberos 5 context. 3606 * @param c krb5_creds to free. 3607 * 3608 * @return Returns 0 to indicate success. Otherwise an kerberos et 3609 * error code is returned, see krb5_get_error_message(). 3610 * 3611 * @ingroup krb5 3612 */ 3613 3614 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3615 krb5_free_cred_contents ( 3616 krb5_context /*context*/, 3617 krb5_creds */*c*/); 3618 3619 /** 3620 * Free krb5_creds. 3621 * 3622 * @param context Kerberos 5 context. 3623 * @param c krb5_creds to free. 3624 * 3625 * @return Returns 0 to indicate success. Otherwise an kerberos et 3626 * error code is returned, see krb5_get_error_message(). 3627 * 3628 * @ingroup krb5 3629 */ 3630 3631 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3632 krb5_free_creds ( 3633 krb5_context /*context*/, 3634 krb5_creds */*c*/); 3635 3636 /** 3637 * Deprecated: use krb5_free_cred_contents() 3638 * 3639 * @ingroup krb5_deprecated 3640 */ 3641 3642 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3643 krb5_free_creds_contents ( 3644 krb5_context /*context*/, 3645 krb5_creds */*c*/) 3646 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3647 3648 /** 3649 * Free krb5_data (and its content). 3650 * 3651 * @param context Kerberos 5 context. 3652 * @param p krb5_data to free. 3653 * 3654 * @ingroup krb5 3655 */ 3656 3657 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3658 krb5_free_data ( 3659 krb5_context /*context*/, 3660 krb5_data */*p*/); 3661 3662 /** 3663 * Same as krb5_data_free(). MIT compat. 3664 * 3665 * Deprecated: use krb5_data_free(). 3666 * 3667 * @param context Kerberos 5 context. 3668 * @param data krb5_data to free. 3669 * 3670 * @ingroup krb5_deprecated 3671 */ 3672 3673 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3674 krb5_free_data_contents ( 3675 krb5_context /*context*/, 3676 krb5_data */*data*/) 3677 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3678 3679 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3680 krb5_free_default_realm ( 3681 krb5_context /*context*/, 3682 krb5_realm /*realm*/); 3683 3684 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3685 krb5_free_error ( 3686 krb5_context /*context*/, 3687 krb5_error */*error*/); 3688 3689 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3690 krb5_free_error_contents ( 3691 krb5_context /*context*/, 3692 krb5_error */*error*/); 3693 3694 /** 3695 * Free the error message returned by krb5_get_error_message(). 3696 * 3697 * @param context Kerberos context 3698 * @param msg error message to free, returned byg 3699 * krb5_get_error_message(). 3700 * 3701 * @ingroup krb5_error 3702 */ 3703 3704 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3705 krb5_free_error_message ( 3706 krb5_context /*context*/, 3707 const char */*msg*/); 3708 3709 /** 3710 * Free the error message returned by krb5_get_error_string(). 3711 * 3712 * Deprecated: use krb5_free_error_message() 3713 * 3714 * @param context Kerberos context 3715 * @param str error message to free 3716 * 3717 * @ingroup krb5_deprecated 3718 */ 3719 3720 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3721 krb5_free_error_string ( 3722 krb5_context /*context*/, 3723 char */*str*/) 3724 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3725 3726 /** 3727 * Free all memory allocated by `realmlist' 3728 * 3729 * @param context A Kerberos 5 context. 3730 * @param realmlist realmlist to free, NULL is ok 3731 * 3732 * @return a Kerberos error code, always 0. 3733 * 3734 * @ingroup krb5_support 3735 */ 3736 3737 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3738 krb5_free_host_realm ( 3739 krb5_context /*context*/, 3740 krb5_realm */*realmlist*/); 3741 3742 /** 3743 * Variable containing the FILE based credential cache implemention. 3744 * 3745 * @ingroup krb5_ccache 3746 */ 3747 3748 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3749 krb5_free_kdc_rep ( 3750 krb5_context /*context*/, 3751 krb5_kdc_rep */*rep*/); 3752 3753 /** 3754 * Free a keyblock, also zero out the content of the keyblock, uses 3755 * krb5_free_keyblock_contents() to free the content. 3756 * 3757 * @param context a Kerberos 5 context 3758 * @param keyblock keyblock to free, NULL is valid argument 3759 * 3760 * @ingroup krb5_crypto 3761 */ 3762 3763 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3764 krb5_free_keyblock ( 3765 krb5_context /*context*/, 3766 krb5_keyblock */*keyblock*/); 3767 3768 /** 3769 * Free a keyblock's content, also zero out the content of the keyblock. 3770 * 3771 * @param context a Kerberos 5 context 3772 * @param keyblock keyblock content to free, NULL is valid argument 3773 * 3774 * @ingroup krb5_crypto 3775 */ 3776 3777 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3778 krb5_free_keyblock_contents ( 3779 krb5_context /*context*/, 3780 krb5_keyblock */*keyblock*/); 3781 3782 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3783 krb5_free_krbhst ( 3784 krb5_context /*context*/, 3785 char **/*hostlist*/); 3786 3787 /** 3788 * Free a name canonicalization rule iterator. 3789 */ 3790 3791 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3792 krb5_free_name_canon_iterator ( 3793 krb5_context /*context*/, 3794 krb5_name_canon_iterator /*iter*/); 3795 3796 /** 3797 * Frees a Kerberos principal allocated by the library with 3798 * krb5_parse_name(), krb5_make_principal() or any other related 3799 * principal functions. 3800 * 3801 * @param context A Kerberos context. 3802 * @param p a principal to free. 3803 * 3804 * @return An krb5 error code, see krb5_get_error_message(). 3805 * 3806 * @ingroup krb5_principal 3807 */ 3808 3809 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3810 krb5_free_principal ( 3811 krb5_context /*context*/, 3812 krb5_principal /*p*/); 3813 3814 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3815 krb5_free_salt ( 3816 krb5_context /*context*/, 3817 krb5_salt /*salt*/); 3818 3819 /** 3820 * Free ticket and content 3821 * 3822 * @param context a Kerberos 5 context 3823 * @param ticket ticket to free 3824 * 3825 * @return Returns 0 to indicate success. Otherwise an kerberos et 3826 * error code is returned, see krb5_get_error_message(). 3827 * 3828 * @ingroup krb5 3829 */ 3830 3831 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3832 krb5_free_ticket ( 3833 krb5_context /*context*/, 3834 krb5_ticket */*ticket*/); 3835 3836 /** 3837 * Deprecated: use krb5_xfree(). 3838 * 3839 * @ingroup krb5_deprecated 3840 */ 3841 3842 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3843 krb5_free_unparsed_name ( 3844 krb5_context /*context*/, 3845 char */*str*/) 3846 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3847 3848 /** 3849 * Forward credentials for client to host hostname , making them 3850 * forwardable if forwardable, and returning the blob of data to sent 3851 * in out_data. If hostname == NULL, pick it from server. 3852 * 3853 * @param context A kerberos 5 context. 3854 * @param auth_context the auth context with the key to encrypt the out_data. 3855 * @param hostname the host to forward the tickets too. 3856 * @param client the client to delegate from. 3857 * @param server the server to delegate the credential too. 3858 * @param ccache credential cache to use. 3859 * @param forwardable make the forwarded ticket forwabledable. 3860 * @param out_data the resulting credential. 3861 * 3862 * @return Return an error code or 0. 3863 * 3864 * @ingroup krb5_credential 3865 */ 3866 3867 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3868 krb5_fwd_tgt_creds ( 3869 krb5_context /*context*/, 3870 krb5_auth_context /*auth_context*/, 3871 const char */*hostname*/, 3872 krb5_principal /*client*/, 3873 krb5_principal /*server*/, 3874 krb5_ccache /*ccache*/, 3875 int /*forwardable*/, 3876 krb5_data */*out_data*/); 3877 3878 /** 3879 * Fill buffer buf with len bytes of PRNG randomness that is ok to use 3880 * for key generation, padding and public diclosing the randomness w/o 3881 * disclosing the randomness source. 3882 * 3883 * This function can fail, and callers must check the return value. 3884 * 3885 * @param buf a buffer to fill with randomness 3886 * @param len length of memory that buf points to. 3887 * 3888 * @return return 0 on success or HEIM_ERR_RANDOM_OFFLINE if the 3889 * funcation failed to initialize the randomness source. 3890 * 3891 * @ingroup krb5_crypto 3892 */ 3893 3894 HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3895 krb5_generate_random ( 3896 void */*buf*/, 3897 size_t /*len*/); 3898 3899 /** 3900 * Fill buffer buf with len bytes of PRNG randomness that is ok to use 3901 * for key generation, padding and public diclosing the randomness w/o 3902 * disclosing the randomness source. 3903 * 3904 * This function can NOT fail, instead it will abort() and program will crash. 3905 * 3906 * If this function is called after a successful krb5_init_context(), 3907 * the chance of it failing is low due to that krb5_init_context() 3908 * pulls out some random, and quite commonly the randomness sources 3909 * will not fail once it have started to produce good output, 3910 * /dev/urandom behavies that way. 3911 * 3912 * @param buf a buffer to fill with randomness 3913 * @param len length of memory that buf points to. 3914 * 3915 * @ingroup krb5_crypto 3916 */ 3917 3918 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 3919 krb5_generate_random_block ( 3920 void */*buf*/, 3921 size_t /*len*/); 3922 3923 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3924 krb5_generate_random_keyblock ( 3925 krb5_context /*context*/, 3926 krb5_enctype /*type*/, 3927 krb5_keyblock */*key*/); 3928 3929 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3930 krb5_generate_seq_number ( 3931 krb5_context /*context*/, 3932 const krb5_keyblock */*key*/, 3933 uint32_t */*seqno*/); 3934 3935 /** 3936 * Deprecated: use krb5_generate_subkey_extended() 3937 * 3938 * @ingroup krb5_deprecated 3939 */ 3940 3941 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3942 krb5_generate_subkey ( 3943 krb5_context /*context*/, 3944 const krb5_keyblock */*key*/, 3945 krb5_keyblock **/*subkey*/) 3946 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3947 3948 /** 3949 * Generate subkey, from keyblock 3950 * 3951 * @param context kerberos context 3952 * @param key session key 3953 * @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype 3954 * @param subkey returned new, free with krb5_free_keyblock(). 3955 * 3956 * @return 0 on success or a Kerberos 5 error code 3957 * 3958 * @ingroup krb5_crypto 3959 */ 3960 3961 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3962 krb5_generate_subkey_extended ( 3963 krb5_context /*context*/, 3964 const krb5_keyblock */*key*/, 3965 krb5_enctype /*etype*/, 3966 krb5_keyblock **/*subkey*/); 3967 3968 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3969 krb5_get_all_client_addrs ( 3970 krb5_context /*context*/, 3971 krb5_addresses */*res*/); 3972 3973 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3974 krb5_get_all_server_addrs ( 3975 krb5_context /*context*/, 3976 krb5_addresses */*res*/); 3977 3978 /** 3979 * Deprecated: use krb5_get_credentials_with_flags(). 3980 * 3981 * @ingroup krb5_deprecated 3982 */ 3983 3984 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 3985 krb5_get_cred_from_kdc ( 3986 krb5_context /*context*/, 3987 krb5_ccache /*ccache*/, 3988 krb5_creds */*in_creds*/, 3989 krb5_creds **/*out_creds*/, 3990 krb5_creds ***/*ret_tgts*/) 3991 KRB5_DEPRECATED_FUNCTION("Use X instead"); 3992 3993 /** 3994 * Deprecated: use krb5_get_credentials_with_flags(). 3995 * 3996 * @ingroup krb5_deprecated 3997 */ 3998 3999 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4000 krb5_get_cred_from_kdc_opt ( 4001 krb5_context /*context*/, 4002 krb5_ccache /*ccache*/, 4003 krb5_creds */*in_creds*/, 4004 krb5_creds **/*out_creds*/, 4005 krb5_creds ***/*ret_tgts*/, 4006 krb5_flags /*flags*/) 4007 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4008 4009 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4010 krb5_get_credentials ( 4011 krb5_context /*context*/, 4012 krb5_flags /*options*/, 4013 krb5_ccache /*ccache*/, 4014 krb5_creds */*in_creds*/, 4015 krb5_creds **/*out_creds*/); 4016 4017 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4018 krb5_get_credentials_with_flags ( 4019 krb5_context /*context*/, 4020 krb5_flags /*options*/, 4021 krb5_kdc_flags /*flags*/, 4022 krb5_ccache /*ccache*/, 4023 krb5_creds */*in_creds*/, 4024 krb5_creds **/*out_creds*/); 4025 4026 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4027 krb5_get_creds ( 4028 krb5_context /*context*/, 4029 krb5_get_creds_opt /*opt*/, 4030 krb5_ccache /*ccache*/, 4031 krb5_const_principal /*inprinc*/, 4032 krb5_creds **/*out_creds*/); 4033 4034 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4035 krb5_get_creds_opt_add_options ( 4036 krb5_context /*context*/, 4037 krb5_get_creds_opt /*opt*/, 4038 krb5_flags /*options*/); 4039 4040 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4041 krb5_get_creds_opt_alloc ( 4042 krb5_context /*context*/, 4043 krb5_get_creds_opt */*opt*/); 4044 4045 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4046 krb5_get_creds_opt_free ( 4047 krb5_context /*context*/, 4048 krb5_get_creds_opt /*opt*/); 4049 4050 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4051 krb5_get_creds_opt_set_enctype ( 4052 krb5_context /*context*/, 4053 krb5_get_creds_opt /*opt*/, 4054 krb5_enctype /*enctype*/); 4055 4056 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4057 krb5_get_creds_opt_set_impersonate ( 4058 krb5_context /*context*/, 4059 krb5_get_creds_opt /*opt*/, 4060 krb5_const_principal /*self*/); 4061 4062 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4063 krb5_get_creds_opt_set_options ( 4064 krb5_context /*context*/, 4065 krb5_get_creds_opt /*opt*/, 4066 krb5_flags /*options*/); 4067 4068 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4069 krb5_get_creds_opt_set_ticket ( 4070 krb5_context /*context*/, 4071 krb5_get_creds_opt /*opt*/, 4072 const Ticket */*ticket*/); 4073 4074 /** 4075 * Get the global configuration list. 4076 * 4077 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 4078 * 4079 * @return Returns 0 to indicate success. Otherwise an kerberos et 4080 * error code is returned, see krb5_get_error_message(). 4081 * 4082 * @ingroup krb5 4083 */ 4084 4085 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4086 krb5_get_default_config_files (char ***/*pfilenames*/); 4087 4088 /** 4089 * Get the default encryption types that will be use in communcation 4090 * with the KDC, clients and servers. 4091 * 4092 * @param context Kerberos 5 context. 4093 * @param pdu_type request type (AS, TGS or none) 4094 * @param etypes Encryption types, array terminated with 4095 * ETYPE_NULL(0), caller should free array with krb5_xfree(): 4096 * 4097 * @return Returns 0 to indicate success. Otherwise an kerberos et 4098 * error code is returned, see krb5_get_error_message(). 4099 * 4100 * @ingroup krb5 4101 */ 4102 4103 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4104 krb5_get_default_in_tkt_etypes ( 4105 krb5_context /*context*/, 4106 krb5_pdu /*pdu_type*/, 4107 krb5_enctype **/*etypes*/); 4108 4109 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4110 krb5_get_default_principal ( 4111 krb5_context /*context*/, 4112 krb5_principal */*princ*/); 4113 4114 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4115 krb5_get_default_realm ( 4116 krb5_context /*context*/, 4117 krb5_realm */*realm*/); 4118 4119 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4120 krb5_get_default_realms ( 4121 krb5_context /*context*/, 4122 krb5_realm **/*realms*/); 4123 4124 /** 4125 * Get if the library uses DNS to canonicalize hostnames. 4126 * 4127 * @param context Kerberos 5 context. 4128 * 4129 * @return return non zero if the library uses DNS to canonicalize hostnames. 4130 * 4131 * @ingroup krb5 4132 */ 4133 4134 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4135 krb5_get_dns_canonicalize_hostname (krb5_context /*context*/); 4136 4137 /** 4138 * Return the error string for the error code. The caller must not 4139 * free the string. 4140 * 4141 * This function is deprecated since its not threadsafe. 4142 * 4143 * @param context Kerberos 5 context. 4144 * @param code Kerberos error code. 4145 * 4146 * @return the error message matching code 4147 * 4148 * @ingroup krb5 4149 */ 4150 4151 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 4152 krb5_get_err_text ( 4153 krb5_context /*context*/, 4154 krb5_error_code /*code*/) 4155 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4156 4157 /** 4158 * Return the error message for `code' in context. On memory 4159 * allocation error the function returns NULL. 4160 * 4161 * @param context Kerberos 5 context 4162 * @param code Error code related to the error 4163 * 4164 * @return an error string, needs to be freed with 4165 * krb5_free_error_message(). The functions return NULL on error. 4166 * 4167 * @ingroup krb5_error 4168 */ 4169 4170 KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL 4171 krb5_get_error_message ( 4172 krb5_context /*context*/, 4173 krb5_error_code /*code*/); 4174 4175 /** 4176 * Return the error message in context. On error or no error string, 4177 * the function returns NULL. 4178 * 4179 * @param context Kerberos 5 context 4180 * 4181 * @return an error string, needs to be freed with 4182 * krb5_free_error_message(). The functions return NULL on error. 4183 * 4184 * @ingroup krb5_error 4185 */ 4186 4187 KRB5_LIB_FUNCTION char * KRB5_LIB_CALL 4188 krb5_get_error_string (krb5_context /*context*/) 4189 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4190 4191 /** 4192 * Get extra address to the address list that the library will add to 4193 * the client's address list when communicating with the KDC. 4194 * 4195 * @param context Kerberos 5 context. 4196 * @param addresses addreses to set 4197 * 4198 * @return Returns 0 to indicate success. Otherwise an kerberos et 4199 * error code is returned, see krb5_get_error_message(). 4200 * 4201 * @ingroup krb5 4202 */ 4203 4204 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4205 krb5_get_extra_addresses ( 4206 krb5_context /*context*/, 4207 krb5_addresses */*addresses*/); 4208 4209 /** 4210 * Get version of fcache that the library should use. 4211 * 4212 * @param context Kerberos 5 context. 4213 * @param version version number. 4214 * 4215 * @return Returns 0 to indicate success. Otherwise an kerberos et 4216 * error code is returned, see krb5_get_error_message(). 4217 * 4218 * @ingroup krb5 4219 */ 4220 4221 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4222 krb5_get_fcache_version ( 4223 krb5_context /*context*/, 4224 int */*version*/); 4225 4226 /** 4227 * Gets tickets forwarded to hostname. If the tickets that are 4228 * forwarded are address-less, the forwarded tickets will also be 4229 * address-less. 4230 * 4231 * If the ticket have any address, hostname will be used for figure 4232 * out the address to forward the ticket too. This since this might 4233 * use DNS, its insecure and also doesn't represent configured all 4234 * addresses of the host. For example, the host might have two 4235 * adresses, one IPv4 and one IPv6 address where the later is not 4236 * published in DNS. This IPv6 address might be used communications 4237 * and thus the resulting ticket useless. 4238 * 4239 * @param context A kerberos 5 context. 4240 * @param auth_context the auth context with the key to encrypt the out_data. 4241 * @param ccache credential cache to use 4242 * @param flags the flags to control the resulting ticket flags 4243 * @param hostname the host to forward the tickets too. 4244 * @param in_creds the in client and server ticket names. The client 4245 * and server components forwarded to the remote host. 4246 * @param out_data the resulting credential. 4247 * 4248 * @return Return an error code or 0. 4249 * 4250 * @ingroup krb5_credential 4251 */ 4252 4253 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4254 krb5_get_forwarded_creds ( 4255 krb5_context /*context*/, 4256 krb5_auth_context /*auth_context*/, 4257 krb5_ccache /*ccache*/, 4258 krb5_flags /*flags*/, 4259 const char */*hostname*/, 4260 krb5_creds */*in_creds*/, 4261 krb5_data */*out_data*/); 4262 4263 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4264 krb5_get_host_realm ( 4265 krb5_context /*context*/, 4266 const char */*targethost*/, 4267 krb5_realm **/*realms*/); 4268 4269 /** 4270 * Get extra addresses to ignore when fetching addresses from the 4271 * underlaying operating system. 4272 * 4273 * @param context Kerberos 5 context. 4274 * @param addresses list addreses ignored 4275 * 4276 * @return Returns 0 to indicate success. Otherwise an kerberos et 4277 * error code is returned, see krb5_get_error_message(). 4278 * 4279 * @ingroup krb5 4280 */ 4281 4282 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4283 krb5_get_ignore_addresses ( 4284 krb5_context /*context*/, 4285 krb5_addresses */*addresses*/); 4286 4287 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4288 krb5_get_in_cred ( 4289 krb5_context /*context*/, 4290 krb5_flags /*options*/, 4291 const krb5_addresses */*addrs*/, 4292 const krb5_enctype */*etypes*/, 4293 const krb5_preauthtype */*ptypes*/, 4294 const krb5_preauthdata */*preauth*/, 4295 krb5_key_proc /*key_proc*/, 4296 krb5_const_pointer /*keyseed*/, 4297 krb5_decrypt_proc /*decrypt_proc*/, 4298 krb5_const_pointer /*decryptarg*/, 4299 krb5_creds */*creds*/, 4300 krb5_kdc_rep */*ret_as_reply*/) 4301 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4302 4303 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4304 krb5_get_in_tkt ( 4305 krb5_context /*context*/, 4306 krb5_flags /*options*/, 4307 const krb5_addresses */*addrs*/, 4308 const krb5_enctype */*etypes*/, 4309 const krb5_preauthtype */*ptypes*/, 4310 krb5_key_proc /*key_proc*/, 4311 krb5_const_pointer /*keyseed*/, 4312 krb5_decrypt_proc /*decrypt_proc*/, 4313 krb5_const_pointer /*decryptarg*/, 4314 krb5_creds */*creds*/, 4315 krb5_ccache /*ccache*/, 4316 krb5_kdc_rep */*ret_as_reply*/) 4317 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4318 4319 /** 4320 * Deprecated: use krb5_get_init_creds() and friends. 4321 * 4322 * @ingroup krb5_deprecated 4323 */ 4324 4325 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4326 krb5_get_in_tkt_with_keytab ( 4327 krb5_context /*context*/, 4328 krb5_flags /*options*/, 4329 krb5_addresses */*addrs*/, 4330 const krb5_enctype */*etypes*/, 4331 const krb5_preauthtype */*pre_auth_types*/, 4332 krb5_keytab /*keytab*/, 4333 krb5_ccache /*ccache*/, 4334 krb5_creds */*creds*/, 4335 krb5_kdc_rep */*ret_as_reply*/) 4336 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4337 4338 /** 4339 * Deprecated: use krb5_get_init_creds() and friends. 4340 * 4341 * @ingroup krb5_deprecated 4342 */ 4343 4344 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4345 krb5_get_in_tkt_with_password ( 4346 krb5_context /*context*/, 4347 krb5_flags /*options*/, 4348 krb5_addresses */*addrs*/, 4349 const krb5_enctype */*etypes*/, 4350 const krb5_preauthtype */*pre_auth_types*/, 4351 const char */*password*/, 4352 krb5_ccache /*ccache*/, 4353 krb5_creds */*creds*/, 4354 krb5_kdc_rep */*ret_as_reply*/) 4355 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4356 4357 /** 4358 * Deprecated: use krb5_get_init_creds() and friends. 4359 * 4360 * @ingroup krb5_deprecated 4361 */ 4362 4363 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4364 krb5_get_in_tkt_with_skey ( 4365 krb5_context /*context*/, 4366 krb5_flags /*options*/, 4367 krb5_addresses */*addrs*/, 4368 const krb5_enctype */*etypes*/, 4369 const krb5_preauthtype */*pre_auth_types*/, 4370 const krb5_keyblock */*key*/, 4371 krb5_ccache /*ccache*/, 4372 krb5_creds */*creds*/, 4373 krb5_kdc_rep */*ret_as_reply*/) 4374 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4375 4376 /** 4377 * Get new credentials using keyblock. 4378 * 4379 * @ingroup krb5_credential 4380 */ 4381 4382 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4383 krb5_get_init_creds_keyblock ( 4384 krb5_context /*context*/, 4385 krb5_creds */*creds*/, 4386 krb5_principal /*client*/, 4387 krb5_keyblock */*keyblock*/, 4388 krb5_deltat /*start_time*/, 4389 const char */*in_tkt_service*/, 4390 krb5_get_init_creds_opt */*options*/); 4391 4392 /** 4393 * Get new credentials using keytab. 4394 * 4395 * @ingroup krb5_credential 4396 */ 4397 4398 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4399 krb5_get_init_creds_keytab ( 4400 krb5_context /*context*/, 4401 krb5_creds */*creds*/, 4402 krb5_principal /*client*/, 4403 krb5_keytab /*keytab*/, 4404 krb5_deltat /*start_time*/, 4405 const char */*in_tkt_service*/, 4406 krb5_get_init_creds_opt */*options*/); 4407 4408 /** 4409 * Allocate a new krb5_get_init_creds_opt structure, free with 4410 * krb5_get_init_creds_opt_free(). 4411 * 4412 * @ingroup krb5_credential 4413 */ 4414 4415 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4416 krb5_get_init_creds_opt_alloc ( 4417 krb5_context /*context*/, 4418 krb5_get_init_creds_opt **/*opt*/); 4419 4420 /** 4421 * Free krb5_get_init_creds_opt structure. 4422 * 4423 * @ingroup krb5_credential 4424 */ 4425 4426 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4427 krb5_get_init_creds_opt_free ( 4428 krb5_context /*context*/, 4429 krb5_get_init_creds_opt */*opt*/); 4430 4431 /** 4432 * Deprecated: use the new krb5_init_creds_init() and 4433 * krb5_init_creds_get_error(). 4434 * 4435 * @ingroup krb5_deprecated 4436 */ 4437 4438 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4439 krb5_get_init_creds_opt_get_error ( 4440 krb5_context /*context*/, 4441 krb5_get_init_creds_opt */*opt*/, 4442 KRB_ERROR **/*error*/) 4443 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4444 4445 /** 4446 * Deprecated: use krb5_get_init_creds_opt_alloc(). 4447 * 4448 * The reason krb5_get_init_creds_opt_init() is deprecated is that 4449 * krb5_get_init_creds_opt is a static structure and for ABI reason it 4450 * can't grow, ie can't add new functionality. 4451 * 4452 * @ingroup krb5_deprecated 4453 */ 4454 4455 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4456 krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */*opt*/) 4457 KRB5_DEPRECATED_FUNCTION("Use X instead"); 4458 4459 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4460 krb5_get_init_creds_opt_set_address_list ( 4461 krb5_get_init_creds_opt */*opt*/, 4462 krb5_addresses */*addresses*/); 4463 4464 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4465 krb5_get_init_creds_opt_set_addressless ( 4466 krb5_context /*context*/, 4467 krb5_get_init_creds_opt */*opt*/, 4468 krb5_boolean /*addressless*/); 4469 4470 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4471 krb5_get_init_creds_opt_set_anonymous ( 4472 krb5_get_init_creds_opt */*opt*/, 4473 int /*anonymous*/); 4474 4475 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4476 krb5_get_init_creds_opt_set_canonicalize ( 4477 krb5_context /*context*/, 4478 krb5_get_init_creds_opt */*opt*/, 4479 krb5_boolean /*req*/); 4480 4481 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4482 krb5_get_init_creds_opt_set_change_password_prompt ( 4483 krb5_get_init_creds_opt */*opt*/, 4484 int /*change_password_prompt*/); 4485 4486 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4487 krb5_get_init_creds_opt_set_default_flags ( 4488 krb5_context /*context*/, 4489 const char */*appname*/, 4490 krb5_const_realm /*realm*/, 4491 krb5_get_init_creds_opt */*opt*/); 4492 4493 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4494 krb5_get_init_creds_opt_set_etype_list ( 4495 krb5_get_init_creds_opt */*opt*/, 4496 krb5_enctype */*etype_list*/, 4497 int /*etype_list_length*/); 4498 4499 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4500 krb5_get_init_creds_opt_set_forwardable ( 4501 krb5_get_init_creds_opt */*opt*/, 4502 int /*forwardable*/); 4503 4504 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4505 krb5_get_init_creds_opt_set_pa_password ( 4506 krb5_context /*context*/, 4507 krb5_get_init_creds_opt */*opt*/, 4508 const char */*password*/, 4509 krb5_s2k_proc /*key_proc*/); 4510 4511 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4512 krb5_get_init_creds_opt_set_pac_request ( 4513 krb5_context /*context*/, 4514 krb5_get_init_creds_opt */*opt*/, 4515 krb5_boolean /*req_pac*/); 4516 4517 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4518 krb5_get_init_creds_opt_set_pkinit ( 4519 krb5_context /*context*/, 4520 krb5_get_init_creds_opt */*opt*/, 4521 krb5_principal /*principal*/, 4522 const char */*user_id*/, 4523 const char */*x509_anchors*/, 4524 char * const * /*pool*/, 4525 char * const * /*pki_revoke*/, 4526 int /*flags*/, 4527 krb5_prompter_fct /*prompter*/, 4528 void */*prompter_data*/, 4529 char */*password*/); 4530 4531 krb5_error_code KRB5_LIB_FUNCTION 4532 krb5_get_init_creds_opt_set_pkinit_user_certs ( 4533 krb5_context /*context*/, 4534 krb5_get_init_creds_opt */*opt*/, 4535 struct hx509_certs_data */*certs*/); 4536 4537 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4538 krb5_get_init_creds_opt_set_preauth_list ( 4539 krb5_get_init_creds_opt */*opt*/, 4540 krb5_preauthtype */*preauth_list*/, 4541 int /*preauth_list_length*/); 4542 4543 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4544 krb5_get_init_creds_opt_set_process_last_req ( 4545 krb5_context /*context*/, 4546 krb5_get_init_creds_opt */*opt*/, 4547 krb5_gic_process_last_req /*func*/, 4548 void */*ctx*/); 4549 4550 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4551 krb5_get_init_creds_opt_set_proxiable ( 4552 krb5_get_init_creds_opt */*opt*/, 4553 int /*proxiable*/); 4554 4555 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4556 krb5_get_init_creds_opt_set_renew_life ( 4557 krb5_get_init_creds_opt */*opt*/, 4558 krb5_deltat /*renew_life*/); 4559 4560 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4561 krb5_get_init_creds_opt_set_salt ( 4562 krb5_get_init_creds_opt */*opt*/, 4563 krb5_data */*salt*/); 4564 4565 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4566 krb5_get_init_creds_opt_set_tkt_life ( 4567 krb5_get_init_creds_opt */*opt*/, 4568 krb5_deltat /*tkt_life*/); 4569 4570 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4571 krb5_get_init_creds_opt_set_win2k ( 4572 krb5_context /*context*/, 4573 krb5_get_init_creds_opt */*opt*/, 4574 krb5_boolean /*req*/); 4575 4576 /** 4577 * Get new credentials using password. 4578 * 4579 * @ingroup krb5_credential 4580 */ 4581 4582 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4583 krb5_get_init_creds_password ( 4584 krb5_context /*context*/, 4585 krb5_creds */*creds*/, 4586 krb5_principal /*client*/, 4587 const char */*password*/, 4588 krb5_prompter_fct /*prompter*/, 4589 void */*data*/, 4590 krb5_deltat /*start_time*/, 4591 const char */*in_tkt_service*/, 4592 krb5_get_init_creds_opt */*options*/); 4593 4594 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4595 krb5_get_kdc_cred ( 4596 krb5_context /*context*/, 4597 krb5_ccache /*id*/, 4598 krb5_kdc_flags /*flags*/, 4599 krb5_addresses */*addresses*/, 4600 Ticket */*second_ticket*/, 4601 krb5_creds */*in_creds*/, 4602 krb5_creds **out_creds ); 4603 4604 /** 4605 * Get current offset in time to the KDC. 4606 * 4607 * @param context Kerberos 5 context. 4608 * @param sec seconds part of offset. 4609 * @param usec micro seconds part of offset. 4610 * 4611 * @return returns zero 4612 * 4613 * @ingroup krb5 4614 */ 4615 4616 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4617 krb5_get_kdc_sec_offset ( 4618 krb5_context /*context*/, 4619 int32_t */*sec*/, 4620 int32_t */*usec*/); 4621 4622 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4623 krb5_get_krb524hst ( 4624 krb5_context /*context*/, 4625 const krb5_realm */*realm*/, 4626 char ***/*hostlist*/); 4627 4628 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4629 krb5_get_krb_admin_hst ( 4630 krb5_context /*context*/, 4631 const krb5_realm */*realm*/, 4632 char ***/*hostlist*/); 4633 4634 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4635 krb5_get_krb_changepw_hst ( 4636 krb5_context /*context*/, 4637 const krb5_realm */*realm*/, 4638 char ***/*hostlist*/); 4639 4640 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4641 krb5_get_krbhst ( 4642 krb5_context /*context*/, 4643 const krb5_realm */*realm*/, 4644 char ***/*hostlist*/); 4645 4646 /** 4647 * Get max time skew allowed. 4648 * 4649 * @param context Kerberos 5 context. 4650 * 4651 * @return timeskew in seconds. 4652 * 4653 * @ingroup krb5 4654 */ 4655 4656 KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 4657 krb5_get_max_time_skew (krb5_context /*context*/); 4658 4659 /** 4660 * krb5_init_context() will get one random byte to make sure our 4661 * random is alive. Assumption is that once the non blocking 4662 * source allows us to pull bytes, its all seeded and allows us to 4663 * pull more bytes. 4664 * 4665 * Most Kerberos users calls krb5_init_context(), so this is 4666 * useful point where we can do the checking. 4667 */ 4668 4669 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4670 krb5_get_permitted_enctypes ( 4671 krb5_context /*context*/, 4672 krb5_enctype **/*etypes*/); 4673 4674 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4675 krb5_get_pw_salt ( 4676 krb5_context /*context*/, 4677 krb5_const_principal /*principal*/, 4678 krb5_salt */*salt*/); 4679 4680 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4681 krb5_get_renewed_creds ( 4682 krb5_context /*context*/, 4683 krb5_creds */*creds*/, 4684 krb5_const_principal /*client*/, 4685 krb5_ccache /*ccache*/, 4686 const char */*in_tkt_service*/); 4687 4688 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4689 krb5_get_server_rcache ( 4690 krb5_context /*context*/, 4691 const krb5_data */*piece*/, 4692 krb5_rcache */*id*/); 4693 4694 /** 4695 * Make the kerberos library default to the admin KDC. 4696 * 4697 * @param context Kerberos 5 context. 4698 * 4699 * @return boolean flag to telling the context will use admin KDC as the default KDC. 4700 * 4701 * @ingroup krb5 4702 */ 4703 4704 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4705 krb5_get_use_admin_kdc (krb5_context /*context*/); 4706 4707 /** 4708 * Validate the newly fetch credential, see also krb5_verify_init_creds(). 4709 * 4710 * @param context a Kerberos 5 context 4711 * @param creds the credentials to verify 4712 * @param client the client name to match up 4713 * @param ccache the credential cache to use 4714 * @param service a service name to use, used with 4715 * krb5_sname_to_principal() to build a hostname to use to 4716 * verify. 4717 * 4718 * @ingroup krb5_ccache 4719 */ 4720 4721 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4722 krb5_get_validated_creds ( 4723 krb5_context /*context*/, 4724 krb5_creds */*creds*/, 4725 krb5_principal /*client*/, 4726 krb5_ccache /*ccache*/, 4727 char */*service*/); 4728 4729 /** 4730 * Get the default logging facility. 4731 * 4732 * @param context A Kerberos 5 context 4733 * 4734 * @ingroup krb5_error 4735 */ 4736 4737 KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL 4738 krb5_get_warn_dest (krb5_context /*context*/); 4739 4740 KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 4741 krb5_get_wrapped_length ( 4742 krb5_context /*context*/, 4743 krb5_crypto /*crypto*/, 4744 size_t /*data_len*/); 4745 4746 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 4747 krb5_getportbyname ( 4748 krb5_context /*context*/, 4749 const char */*service*/, 4750 const char */*proto*/, 4751 int /*default_port*/); 4752 4753 /** 4754 * krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception 4755 * that it operates on a krb5_address instead of a struct sockaddr. 4756 * 4757 * @param context a Keberos context 4758 * @param af address family 4759 * @param haddr host address from struct hostent. 4760 * @param addr returned krb5_address. 4761 * 4762 * @return Return an error code or 0. 4763 * 4764 * @ingroup krb5_address 4765 */ 4766 4767 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4768 krb5_h_addr2addr ( 4769 krb5_context /*context*/, 4770 int /*af*/, 4771 const char */*haddr*/, 4772 krb5_address */*addr*/); 4773 4774 /** 4775 * krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and 4776 * the "struct hostent" (see gethostbyname(3) ) h_addr_list 4777 * component. The argument sa_size should initially contain the size 4778 * of the sa, and after the call, it will contain the actual length of 4779 * the address. 4780 * 4781 * @param context a Keberos context 4782 * @param af addresses 4783 * @param addr address 4784 * @param sa returned struct sockaddr 4785 * @param sa_size size of sa 4786 * @param port port to set in sa. 4787 * 4788 * @return Return an error code or 0. 4789 * 4790 * @ingroup krb5_address 4791 */ 4792 4793 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4794 krb5_h_addr2sockaddr ( 4795 krb5_context /*context*/, 4796 int /*af*/, 4797 const char */*addr*/, 4798 struct sockaddr */*sa*/, 4799 krb5_socklen_t */*sa_size*/, 4800 int /*port*/); 4801 4802 /** 4803 * Convert the gethostname() error code (h_error) to a Kerberos et 4804 * error code. 4805 * 4806 * @param eai_errno contains the error code from gethostname(). 4807 * 4808 * @return Kerberos error code representing the gethostname errors. 4809 * 4810 * @ingroup krb5_error 4811 */ 4812 4813 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4814 krb5_h_errno_to_heim_errno (int /*eai_errno*/); 4815 4816 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 4817 krb5_have_error_string (krb5_context /*context*/) 4818 KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead"); 4819 4820 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4821 krb5_hmac ( 4822 krb5_context /*context*/, 4823 krb5_cksumtype /*cktype*/, 4824 const void */*data*/, 4825 size_t /*len*/, 4826 unsigned /*usage*/, 4827 krb5_keyblock */*key*/, 4828 Checksum */*result*/); 4829 4830 /** 4831 * Initializes the context structure and reads the configuration file 4832 * /etc/krb5.conf. The structure should be freed by calling 4833 * krb5_free_context() when it is no longer being used. 4834 * 4835 * @param context pointer to returned context 4836 * 4837 * @return Returns 0 to indicate success. Otherwise an errno code is 4838 * returned. Failure means either that something bad happened during 4839 * initialization (typically ENOMEM) or that Kerberos should not be 4840 * used ENXIO. If the function returns HEIM_ERR_RANDOM_OFFLINE, the 4841 * random source is not available and later Kerberos calls might fail. 4842 * 4843 * @ingroup krb5 4844 */ 4845 4846 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4847 krb5_init_context (krb5_context */*context*/); 4848 4849 /** 4850 * Free the krb5_init_creds_context allocated by krb5_init_creds_init(). 4851 * 4852 * @param context A Kerberos 5 context. 4853 * @param ctx The krb5_init_creds_context to free. 4854 * 4855 * @ingroup krb5_credential 4856 */ 4857 4858 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 4859 krb5_init_creds_free ( 4860 krb5_context /*context*/, 4861 krb5_init_creds_context /*ctx*/); 4862 4863 /** 4864 * Get new credentials as setup by the krb5_init_creds_context. 4865 * 4866 * @param context A Kerberos 5 context. 4867 * @param ctx The krb5_init_creds_context to process. 4868 * 4869 * @ingroup krb5_credential 4870 */ 4871 4872 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4873 krb5_init_creds_get ( 4874 krb5_context /*context*/, 4875 krb5_init_creds_context /*ctx*/); 4876 4877 /** 4878 * Extract the newly acquired credentials from krb5_init_creds_context 4879 * context. 4880 * 4881 * @param context A Kerberos 5 context. 4882 * @param ctx 4883 * @param cred credentials, free with krb5_free_cred_contents(). 4884 * 4885 * @return 0 for sucess or An Kerberos error code, see krb5_get_error_message(). 4886 */ 4887 4888 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4889 krb5_init_creds_get_creds ( 4890 krb5_context /*context*/, 4891 krb5_init_creds_context /*ctx*/, 4892 krb5_creds */*cred*/); 4893 4894 /** 4895 * Get the last error from the transaction. 4896 * 4897 * @return Returns 0 or an error code 4898 * 4899 * @ingroup krb5_credential 4900 */ 4901 4902 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4903 krb5_init_creds_get_error ( 4904 krb5_context /*context*/, 4905 krb5_init_creds_context /*ctx*/, 4906 KRB_ERROR */*error*/); 4907 4908 /** 4909 * Start a new context to get a new initial credential. 4910 * 4911 * @param context A Kerberos 5 context. 4912 * @param client The Kerberos principal to get the credential for, if 4913 * NULL is given, the default principal is used as determined by 4914 * krb5_get_default_principal(). 4915 * @param prompter 4916 * @param prompter_data 4917 * @param start_time the time the ticket should start to be valid or 0 for now. 4918 * @param options a options structure, can be NULL for default options. 4919 * @param rctx A new allocated free with krb5_init_creds_free(). 4920 * 4921 * @return 0 for success or an Kerberos 5 error code, see krb5_get_error_message(). 4922 * 4923 * @ingroup krb5_credential 4924 */ 4925 4926 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4927 krb5_init_creds_init ( 4928 krb5_context /*context*/, 4929 krb5_principal /*client*/, 4930 krb5_prompter_fct /*prompter*/, 4931 void */*prompter_data*/, 4932 krb5_deltat /*start_time*/, 4933 krb5_get_init_creds_opt */*options*/, 4934 krb5_init_creds_context */*rctx*/); 4935 4936 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4937 krb5_init_creds_set_fast_ap_armor_service ( 4938 krb5_context /*context*/, 4939 krb5_init_creds_context /*ctx*/, 4940 krb5_const_principal /*armor_service*/); 4941 4942 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4943 krb5_init_creds_set_fast_ccache ( 4944 krb5_context /*context*/, 4945 krb5_init_creds_context /*ctx*/, 4946 krb5_ccache /*fast_ccache*/); 4947 4948 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4949 krb5_init_creds_set_keyblock ( 4950 krb5_context /*context*/, 4951 krb5_init_creds_context /*ctx*/, 4952 krb5_keyblock */*keyblock*/); 4953 4954 /** 4955 * Set the keytab to use for authentication. 4956 * 4957 * @param context a Kerberos 5 context. 4958 * @param ctx ctx krb5_init_creds_context context. 4959 * @param keytab the keytab to read the key from. 4960 * 4961 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4962 * @ingroup krb5_credential 4963 */ 4964 4965 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4966 krb5_init_creds_set_keytab ( 4967 krb5_context /*context*/, 4968 krb5_init_creds_context /*ctx*/, 4969 krb5_keytab /*keytab*/); 4970 4971 /** 4972 * Sets the password that will use for the request. 4973 * 4974 * @param context a Kerberos 5 context. 4975 * @param ctx ctx krb5_init_creds_context context. 4976 * @param password the password to use. 4977 * 4978 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4979 * @ingroup krb5_credential 4980 */ 4981 4982 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 4983 krb5_init_creds_set_password ( 4984 krb5_context /*context*/, 4985 krb5_init_creds_context /*ctx*/, 4986 const char */*password*/); 4987 4988 /** 4989 * Sets the service that the is requested. This call is only neede for 4990 * special initial tickets, by default the a krbtgt is fetched in the default realm. 4991 * 4992 * @param context a Kerberos 5 context. 4993 * @param ctx a krb5_init_creds_context context. 4994 * @param service the service given as a string, for example 4995 * "kadmind/admin". If NULL, the default krbtgt in the clients 4996 * realm is set. 4997 * 4998 * @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). 4999 * @ingroup krb5_credential 5000 */ 5001 5002 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5003 krb5_init_creds_set_service ( 5004 krb5_context /*context*/, 5005 krb5_init_creds_context /*ctx*/, 5006 const char */*service*/); 5007 5008 /** 5009 * The core loop if krb5_get_init_creds() function family. Create the 5010 * packets and have the caller send them off to the KDC. 5011 * 5012 * If the caller want all work been done for them, use 5013 * krb5_init_creds_get() instead. 5014 * 5015 * @param context a Kerberos 5 context. 5016 * @param ctx ctx krb5_init_creds_context context. 5017 * @param in input data from KDC, first round it should be reset by krb5_data_zer(). 5018 * @param out reply to KDC. 5019 * @param hostinfo KDC address info, first round it can be NULL. 5020 * @param flags status of the round, if 5021 * KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round. 5022 * 5023 * @return 0 for success, or an Kerberos 5 error code, see 5024 * krb5_get_error_message(). 5025 * 5026 * @ingroup krb5_credential 5027 */ 5028 5029 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5030 krb5_init_creds_step ( 5031 krb5_context /*context*/, 5032 krb5_init_creds_context /*ctx*/, 5033 krb5_data */*in*/, 5034 krb5_data */*out*/, 5035 krb5_krbhst_info */*hostinfo*/, 5036 unsigned int */*flags*/); 5037 5038 /** 5039 * 5040 * @ingroup krb5_credential 5041 */ 5042 5043 krb5_error_code 5044 krb5_init_creds_store ( 5045 krb5_context /*context*/, 5046 krb5_init_creds_context /*ctx*/, 5047 krb5_ccache /*id*/); 5048 5049 /** 5050 * Init the built-in ets in the Kerberos library. 5051 * 5052 * @param context kerberos context to add the ets too 5053 * 5054 * @ingroup krb5 5055 */ 5056 5057 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5058 krb5_init_ets (krb5_context /*context*/); 5059 5060 /** 5061 @struct krb5plugin_kuserok_ftable_desc * 5062 * @brief Description of the krb5_kuserok(3) plugin facility. 5063 * 5064 * The krb5_kuserok(3) function is pluggable. The plugin is named 5065 * KRB5_PLUGIN_KUSEROK ("krb5_plugin_kuserok"), with a single minor 5066 * version, KRB5_PLUGIN_KUSEROK_VERSION_0 (0). 5067 * 5068 * The plugin for krb5_kuserok(3) consists of a data symbol referencing 5069 * a structure of type krb5plugin_kuserok_ftable, with four fields: 5070 * 5071 * @param init Plugin initialization function (see krb5-plugin(7)) 5072 * 5073 * @param minor_version The plugin minor version number (0) 5074 * 5075 * @param fini Plugin finalization function 5076 * 5077 * @param kuserok Plugin kuserok function 5078 * 5079 * The kuserok field is the plugin entry point that performs the 5080 * traditional kuserok operation however the plugin desires. It is 5081 * invoked in no particular order relative to other kuserok plugins, but 5082 * it has a 'rule' argument that indicates which plugin is intended to 5083 * act on the rule. The plugin kuserok function must return 5084 * KRB5_PLUGIN_NO_HANDLE if the rule is not applicable to it. 5085 * 5086 * The plugin kuserok function has the following arguments, in this 5087 * order: 5088 * 5089 * -# plug_ctx, the context value output by the plugin's init function 5090 * -# context, a krb5_context 5091 * -# rule, the kuserok rule being evaluated (from krb5.conf(5)) 5092 * -# flags 5093 * -# k5login_dir, configured location of k5login per-user files if any 5094 * -# luser, name of the local user account to which principal is attempting to access. 5095 * -# principal, the krb5_principal trying to access the luser account 5096 * -# result, a krb5_boolean pointer where the plugin will output its result 5097 * 5098 * @ingroup krb5_support 5099 */ 5100 5101 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5102 krb5_initlog ( 5103 krb5_context /*context*/, 5104 const char */*program*/, 5105 krb5_log_facility **/*fac*/); 5106 5107 /** 5108 * Return TRUE (non zero) if the principal is a configuration 5109 * principal (generated part of krb5_cc_set_config()). Returns FALSE 5110 * (zero) if not a configuration principal. 5111 * 5112 * @param context a Keberos context 5113 * @param principal principal to check if it a configuration principal 5114 * 5115 * @ingroup krb5_ccache 5116 */ 5117 5118 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5119 krb5_is_config_principal ( 5120 krb5_context /*context*/, 5121 krb5_const_principal /*principal*/); 5122 5123 /** 5124 * Returns is the encryption is strong or weak 5125 * 5126 * @param context Kerberos 5 context 5127 * @param enctype encryption type to probe 5128 * 5129 * @return Returns true if encryption type is weak or is not supported. 5130 * 5131 * @ingroup krb5_crypto 5132 */ 5133 5134 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5135 krb5_is_enctype_weak ( 5136 krb5_context /*context*/, 5137 krb5_enctype /*enctype*/); 5138 5139 /** 5140 * Runtime check if the Kerberos library was complied with thread support. 5141 * 5142 * @return TRUE if the library was compiled with thread support, FALSE if not. 5143 * 5144 * @ingroup krb5 5145 */ 5146 5147 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5148 krb5_is_thread_safe (void); 5149 5150 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5151 krb5_kcm_call ( 5152 krb5_context /*context*/, 5153 krb5_storage */*request*/, 5154 krb5_storage **/*response_p*/, 5155 krb5_data */*response_data_p*/); 5156 5157 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5158 krb5_kcm_storage_request ( 5159 krb5_context /*context*/, 5160 uint16_t /*opcode*/, 5161 krb5_storage **/*storage_p*/); 5162 5163 /** 5164 * Returns the list of Kerberos encryption types sorted in order of 5165 * most preferred to least preferred encryption type. Note that some 5166 * encryption types might be disabled, so you need to check with 5167 * krb5_enctype_valid() before using the encryption type. 5168 * 5169 * @return list of enctypes, terminated with ETYPE_NULL. Its a static 5170 * array completed into the Kerberos library so the content doesn't 5171 * need to be freed. 5172 * 5173 * @ingroup krb5 5174 */ 5175 5176 KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL 5177 krb5_kerberos_enctypes (krb5_context /*context*/); 5178 5179 /** 5180 * Get encryption type of a keyblock. 5181 * 5182 * @ingroup krb5_crypto 5183 */ 5184 5185 KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL 5186 krb5_keyblock_get_enctype (const krb5_keyblock */*block*/); 5187 5188 /** 5189 * Fill in `key' with key data of type `enctype' from `data' of length 5190 * `size'. Key should be freed using krb5_free_keyblock_contents(). 5191 * 5192 * @return 0 on success or a Kerberos 5 error code 5193 * 5194 * @ingroup krb5_crypto 5195 */ 5196 5197 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5198 krb5_keyblock_init ( 5199 krb5_context /*context*/, 5200 krb5_enctype /*type*/, 5201 const void */*data*/, 5202 size_t /*size*/, 5203 krb5_keyblock */*key*/); 5204 5205 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5206 krb5_keyblock_key_proc ( 5207 krb5_context /*context*/, 5208 krb5_keytype /*type*/, 5209 krb5_data */*salt*/, 5210 krb5_const_pointer /*keyseed*/, 5211 krb5_keyblock **/*key*/); 5212 5213 /** 5214 * Zero out a keyblock 5215 * 5216 * @param keyblock keyblock to zero out 5217 * 5218 * @ingroup krb5_crypto 5219 */ 5220 5221 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5222 krb5_keyblock_zero (krb5_keyblock */*keyblock*/); 5223 5224 /** 5225 * Deprecated: use krb5_get_init_creds() and friends. 5226 * 5227 * @ingroup krb5_deprecated 5228 */ 5229 5230 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 5231 krb5_keytab_key_proc ( 5232 krb5_context /*context*/, 5233 krb5_enctype /*enctype*/, 5234 krb5_salt /*salt*/, 5235 krb5_const_pointer /*keyseed*/, 5236 krb5_keyblock **/*key*/) 5237 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5238 5239 /** 5240 * Deprecated: keytypes doesn't exists, they are really enctypes. 5241 * 5242 * @ingroup krb5_deprecated 5243 */ 5244 5245 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5246 krb5_keytype_to_enctypes ( 5247 krb5_context /*context*/, 5248 krb5_keytype /*keytype*/, 5249 unsigned */*len*/, 5250 krb5_enctype **/*val*/) 5251 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5252 5253 /** 5254 * Deprecated: keytypes doesn't exists, they are really enctypes. 5255 * 5256 * @ingroup krb5_deprecated 5257 */ 5258 5259 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5260 krb5_keytype_to_enctypes_default ( 5261 krb5_context /*context*/, 5262 krb5_keytype /*keytype*/, 5263 unsigned */*len*/, 5264 krb5_enctype **/*val*/) 5265 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5266 5267 /** 5268 * Deprecated: keytypes doesn't exists, they are really enctypes in 5269 * most cases, use krb5_enctype_to_string(). 5270 * 5271 * @ingroup krb5_deprecated 5272 */ 5273 5274 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5275 krb5_keytype_to_string ( 5276 krb5_context /*context*/, 5277 krb5_keytype /*keytype*/, 5278 char **/*string*/) 5279 KRB5_DEPRECATED_FUNCTION("Use X instead"); 5280 5281 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5282 krb5_krbhst_format_string ( 5283 krb5_context /*context*/, 5284 const krb5_krbhst_info */*host*/, 5285 char */*hostname*/, 5286 size_t /*hostlen*/); 5287 5288 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5289 krb5_krbhst_free ( 5290 krb5_context /*context*/, 5291 krb5_krbhst_handle /*handle*/); 5292 5293 /** 5294 * Return an `struct addrinfo *' for a KDC host. 5295 * 5296 * Returns an the struct addrinfo in in that corresponds to the 5297 * information in `host'. free:ing is handled by krb5_krbhst_free, so 5298 * the returned ai must not be released. 5299 * 5300 * @ingroup krb5 5301 */ 5302 5303 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5304 krb5_krbhst_get_addrinfo ( 5305 krb5_context /*context*/, 5306 krb5_krbhst_info */*host*/, 5307 struct addrinfo **/*ai*/); 5308 5309 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5310 krb5_krbhst_init ( 5311 krb5_context /*context*/, 5312 const char */*realm*/, 5313 unsigned int /*type*/, 5314 krb5_krbhst_handle */*handle*/); 5315 5316 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5317 krb5_krbhst_init_flags ( 5318 krb5_context /*context*/, 5319 const char */*realm*/, 5320 unsigned int /*type*/, 5321 int /*flags*/, 5322 krb5_krbhst_handle */*handle*/); 5323 5324 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5325 krb5_krbhst_next ( 5326 krb5_context /*context*/, 5327 krb5_krbhst_handle /*handle*/, 5328 krb5_krbhst_info **/*host*/); 5329 5330 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5331 krb5_krbhst_next_as_string ( 5332 krb5_context /*context*/, 5333 krb5_krbhst_handle /*handle*/, 5334 char */*hostname*/, 5335 size_t /*hostlen*/); 5336 5337 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 5338 krb5_krbhst_reset ( 5339 krb5_context /*context*/, 5340 krb5_krbhst_handle /*handle*/); 5341 5342 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5343 krb5_krbhst_set_hostname ( 5344 krb5_context /*context*/, 5345 krb5_krbhst_handle /*handle*/, 5346 const char */*hostname*/); 5347 5348 /** 5349 * Add the entry in `entry' to the keytab `id'. 5350 * 5351 * @param context a Keberos context. 5352 * @param id a keytab. 5353 * @param entry the entry to add 5354 * 5355 * @return Return an error code or 0, see krb5_get_error_message(). 5356 * 5357 * @ingroup krb5_keytab 5358 */ 5359 5360 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5361 krb5_kt_add_entry ( 5362 krb5_context /*context*/, 5363 krb5_keytab /*id*/, 5364 krb5_keytab_entry */*entry*/); 5365 5366 /** 5367 * Finish using the keytab in `id'. All resources will be released, 5368 * even on errors. 5369 * 5370 * @param context a Keberos context. 5371 * @param id keytab to close. 5372 * 5373 * @return Return an error code or 0, see krb5_get_error_message(). 5374 * 5375 * @ingroup krb5_keytab 5376 */ 5377 5378 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5379 krb5_kt_close ( 5380 krb5_context /*context*/, 5381 krb5_keytab /*id*/); 5382 5383 /** 5384 * Compare `entry' against `principal, vno, enctype'. 5385 * Any of `principal, vno, enctype' might be 0 which acts as a wildcard. 5386 * Return TRUE if they compare the same, FALSE otherwise. 5387 * 5388 * @param context a Keberos context. 5389 * @param entry an entry to match with. 5390 * @param principal principal to match, NULL matches all principals. 5391 * @param vno key version to match, 0 matches all key version numbers. 5392 * @param enctype encryption type to match, 0 matches all encryption types. 5393 * 5394 * @return Return TRUE or match, FALSE if not matched. 5395 * 5396 * @ingroup krb5_keytab 5397 */ 5398 5399 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5400 krb5_kt_compare ( 5401 krb5_context /*context*/, 5402 krb5_keytab_entry */*entry*/, 5403 krb5_const_principal /*principal*/, 5404 krb5_kvno /*vno*/, 5405 krb5_enctype /*enctype*/); 5406 5407 /** 5408 * Copy the contents of `in' into `out'. 5409 * 5410 * @param context a Keberos context. 5411 * @param in the keytab entry to copy. 5412 * @param out the copy of the keytab entry, free with krb5_kt_free_entry(). 5413 * 5414 * @return Return an error code or 0, see krb5_get_error_message(). 5415 * 5416 * @ingroup krb5_keytab 5417 */ 5418 5419 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5420 krb5_kt_copy_entry_contents ( 5421 krb5_context /*context*/, 5422 const krb5_keytab_entry */*in*/, 5423 krb5_keytab_entry */*out*/); 5424 5425 /** 5426 * Set `id' to the default keytab. 5427 * 5428 * @param context a Keberos context. 5429 * @param id the new default keytab. 5430 * 5431 * @return Return an error code or 0, see krb5_get_error_message(). 5432 * 5433 * @ingroup krb5_keytab 5434 */ 5435 5436 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5437 krb5_kt_default ( 5438 krb5_context /*context*/, 5439 krb5_keytab */*id*/); 5440 5441 /** 5442 * Copy the name of the default modify keytab into `name'. 5443 * 5444 * @param context a Keberos context. 5445 * @param name buffer where the name will be written 5446 * @param namesize length of name 5447 * 5448 * @return Return an error code or 0, see krb5_get_error_message(). 5449 * 5450 * @ingroup krb5_keytab 5451 */ 5452 5453 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5454 krb5_kt_default_modify_name ( 5455 krb5_context /*context*/, 5456 char */*name*/, 5457 size_t /*namesize*/); 5458 5459 /** 5460 * copy the name of the default keytab into `name'. 5461 * 5462 * @param context a Keberos context. 5463 * @param name buffer where the name will be written 5464 * @param namesize length of name 5465 * 5466 * @return Return an error code or 0, see krb5_get_error_message(). 5467 * 5468 * @ingroup krb5_keytab 5469 */ 5470 5471 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5472 krb5_kt_default_name ( 5473 krb5_context /*context*/, 5474 char */*name*/, 5475 size_t /*namesize*/); 5476 5477 /** 5478 * Destroy (remove) the keytab in `id'. All resources will be released, 5479 * even on errors, does the equvalment of krb5_kt_close() on the resources. 5480 * 5481 * @param context a Keberos context. 5482 * @param id keytab to destroy. 5483 * 5484 * @return Return an error code or 0, see krb5_get_error_message(). 5485 * 5486 * @ingroup krb5_keytab 5487 */ 5488 5489 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5490 krb5_kt_destroy ( 5491 krb5_context /*context*/, 5492 krb5_keytab /*id*/); 5493 5494 /** 5495 * Release all resources associated with `cursor'. 5496 * 5497 * @param context a Keberos context. 5498 * @param id a keytab. 5499 * @param cursor the cursor to free. 5500 * 5501 * @return Return an error code or 0, see krb5_get_error_message(). 5502 * 5503 * @ingroup krb5_keytab 5504 */ 5505 5506 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5507 krb5_kt_end_seq_get ( 5508 krb5_context /*context*/, 5509 krb5_keytab /*id*/, 5510 krb5_kt_cursor */*cursor*/); 5511 5512 /** 5513 * Free the contents of `entry'. 5514 * 5515 * @param context a Keberos context. 5516 * @param entry the entry to free 5517 * 5518 * @return Return an error code or 0, see krb5_get_error_message(). 5519 * 5520 * @ingroup krb5_keytab 5521 */ 5522 5523 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5524 krb5_kt_free_entry ( 5525 krb5_context /*context*/, 5526 krb5_keytab_entry */*entry*/); 5527 5528 /** 5529 * Retrieve the keytab entry for `principal, kvno, enctype' into `entry' 5530 * from the keytab `id'. Matching is done like krb5_kt_compare(). 5531 * 5532 * @param context a Keberos context. 5533 * @param id a keytab. 5534 * @param principal principal to match, NULL matches all principals. 5535 * @param kvno key version to match, 0 matches all key version numbers. 5536 * @param enctype encryption type to match, 0 matches all encryption types. 5537 * @param entry the returned entry, free with krb5_kt_free_entry(). 5538 * 5539 * @return Return an error code or 0, see krb5_get_error_message(). 5540 * 5541 * @ingroup krb5_keytab 5542 */ 5543 5544 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5545 krb5_kt_get_entry ( 5546 krb5_context /*context*/, 5547 krb5_keytab /*id*/, 5548 krb5_const_principal /*principal*/, 5549 krb5_kvno /*kvno*/, 5550 krb5_enctype /*enctype*/, 5551 krb5_keytab_entry */*entry*/); 5552 5553 /** 5554 * Retrieve the full name of the keytab `keytab' and store the name in 5555 * `str'. 5556 * 5557 * @param context a Keberos context. 5558 * @param keytab keytab to get name for. 5559 * @param str the name of the keytab name, usee krb5_xfree() to free 5560 * the string. On error, *str is set to NULL. 5561 * 5562 * @return Return an error code or 0, see krb5_get_error_message(). 5563 * 5564 * @ingroup krb5_keytab 5565 */ 5566 5567 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5568 krb5_kt_get_full_name ( 5569 krb5_context /*context*/, 5570 krb5_keytab /*keytab*/, 5571 char **/*str*/); 5572 5573 /** 5574 * Retrieve the name of the keytab `keytab' into `name', `namesize' 5575 * 5576 * @param context a Keberos context. 5577 * @param keytab the keytab to get the name for. 5578 * @param name name buffer. 5579 * @param namesize size of name buffer. 5580 * 5581 * @return Return an error code or 0, see krb5_get_error_message(). 5582 * 5583 * @ingroup krb5_keytab 5584 */ 5585 5586 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5587 krb5_kt_get_name ( 5588 krb5_context /*context*/, 5589 krb5_keytab /*keytab*/, 5590 char */*name*/, 5591 size_t /*namesize*/); 5592 5593 /** 5594 * Return the type of the `keytab' in the string `prefix of length 5595 * `prefixsize'. 5596 * 5597 * @param context a Keberos context. 5598 * @param keytab the keytab to get the prefix for 5599 * @param prefix prefix buffer 5600 * @param prefixsize length of prefix buffer 5601 * 5602 * @return Return an error code or 0, see krb5_get_error_message(). 5603 * 5604 * @ingroup krb5_keytab 5605 */ 5606 5607 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5608 krb5_kt_get_type ( 5609 krb5_context /*context*/, 5610 krb5_keytab /*keytab*/, 5611 char */*prefix*/, 5612 size_t /*prefixsize*/); 5613 5614 /** 5615 * Return true if the keytab exists and have entries 5616 * 5617 * @param context a Keberos context. 5618 * @param id a keytab. 5619 * 5620 * @return Return an error code or 0, see krb5_get_error_message(). 5621 * 5622 * @ingroup krb5_keytab 5623 */ 5624 5625 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5626 krb5_kt_have_content ( 5627 krb5_context /*context*/, 5628 krb5_keytab /*id*/); 5629 5630 /** 5631 * Get the next entry from keytab, advance the cursor. On last entry 5632 * the function will return KRB5_KT_END. 5633 * 5634 * @param context a Keberos context. 5635 * @param id a keytab. 5636 * @param entry the returned entry, free with krb5_kt_free_entry(). 5637 * @param cursor the cursor of the iteration. 5638 * 5639 * @return Return an error code or 0, see krb5_get_error_message(). 5640 * 5641 * @ingroup krb5_keytab 5642 */ 5643 5644 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5645 krb5_kt_next_entry ( 5646 krb5_context /*context*/, 5647 krb5_keytab /*id*/, 5648 krb5_keytab_entry */*entry*/, 5649 krb5_kt_cursor */*cursor*/); 5650 5651 /** 5652 * Read the key identified by `(principal, vno, enctype)' from the 5653 * keytab in `keyprocarg' (the default if == NULL) into `*key'. 5654 * 5655 * @param context a Keberos context. 5656 * @param keyprocarg 5657 * @param principal 5658 * @param vno 5659 * @param enctype 5660 * @param key 5661 * 5662 * @return Return an error code or 0, see krb5_get_error_message(). 5663 * 5664 * @ingroup krb5_keytab 5665 */ 5666 5667 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5668 krb5_kt_read_service_key ( 5669 krb5_context /*context*/, 5670 krb5_pointer /*keyprocarg*/, 5671 krb5_principal /*principal*/, 5672 krb5_kvno /*vno*/, 5673 krb5_enctype /*enctype*/, 5674 krb5_keyblock **/*key*/); 5675 5676 /** 5677 * Register a new keytab backend. 5678 * 5679 * @param context a Keberos context. 5680 * @param ops a backend to register. 5681 * 5682 * @return Return an error code or 0, see krb5_get_error_message(). 5683 * 5684 * @ingroup krb5_keytab 5685 */ 5686 5687 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5688 krb5_kt_register ( 5689 krb5_context /*context*/, 5690 const krb5_kt_ops */*ops*/); 5691 5692 /** 5693 * Remove an entry from the keytab, matching is done using 5694 * krb5_kt_compare(). 5695 5696 * @param context a Keberos context. 5697 * @param id a keytab. 5698 * @param entry the entry to remove 5699 * 5700 * @return Return an error code or 0, see krb5_get_error_message(). 5701 * 5702 * @ingroup krb5_keytab 5703 */ 5704 5705 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5706 krb5_kt_remove_entry ( 5707 krb5_context /*context*/, 5708 krb5_keytab /*id*/, 5709 krb5_keytab_entry */*entry*/); 5710 5711 /** 5712 * Resolve the keytab name (of the form `type:residual') in `name' 5713 * into a keytab in `id'. 5714 * 5715 * @param context a Keberos context. 5716 * @param name name to resolve 5717 * @param id resulting keytab, free with krb5_kt_close(). 5718 * 5719 * @return Return an error code or 0, see krb5_get_error_message(). 5720 * 5721 * @ingroup krb5_keytab 5722 */ 5723 5724 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5725 krb5_kt_resolve ( 5726 krb5_context /*context*/, 5727 const char */*name*/, 5728 krb5_keytab */*id*/); 5729 5730 /** 5731 * Set `cursor' to point at the beginning of `id'. 5732 * 5733 * @param context a Keberos context. 5734 * @param id a keytab. 5735 * @param cursor a newly allocated cursor, free with krb5_kt_end_seq_get(). 5736 * 5737 * @return Return an error code or 0, see krb5_get_error_message(). 5738 * 5739 * @ingroup krb5_keytab 5740 */ 5741 5742 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5743 krb5_kt_start_seq_get ( 5744 krb5_context /*context*/, 5745 krb5_keytab /*id*/, 5746 krb5_kt_cursor */*cursor*/); 5747 5748 /** 5749 * This function takes the name of a local user and checks if 5750 * principal is allowed to log in as that user. 5751 * 5752 * The user may have a ~/.k5login file listing principals that are 5753 * allowed to login as that user. If that file does not exist, all 5754 * principals with a only one component that is identical to the 5755 * username, and a realm considered local, are allowed access. 5756 * 5757 * The .k5login file must contain one principal per line, be owned by 5758 * user and not be writable by group or other (but must be readable by 5759 * anyone). 5760 * 5761 * Note that if the file exists, no implicit access rights are given 5762 * to user@@LOCALREALM. 5763 * 5764 * Optionally, a set of files may be put in ~/.k5login.d (a 5765 * directory), in which case they will all be checked in the same 5766 * manner as .k5login. The files may be called anything, but files 5767 * starting with a hash (#) , or ending with a tilde (~) are 5768 * ignored. Subdirectories are not traversed. Note that this directory 5769 * may not be checked by other Kerberos implementations. 5770 * 5771 * If no configuration file exists, match user against local domains, 5772 * ie luser@@LOCAL-REALMS-IN-CONFIGURATION-FILES. 5773 * 5774 * @param context Kerberos 5 context. 5775 * @param principal principal to check if allowed to login 5776 * @param luser local user id 5777 * 5778 * @return returns TRUE if access should be granted, FALSE otherwise. 5779 * 5780 * @ingroup krb5_support 5781 */ 5782 5783 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 5784 krb5_kuserok ( 5785 krb5_context /*context*/, 5786 krb5_principal /*principal*/, 5787 const char */*luser*/); 5788 5789 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5790 krb5_log ( 5791 krb5_context /*context*/, 5792 krb5_log_facility */*fac*/, 5793 int /*level*/, 5794 const char */*fmt*/, 5795 ...) 5796 __attribute__ ((__format__ (__printf__, 4, 5))); 5797 5798 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5799 krb5_log_msg ( 5800 krb5_context /*context*/, 5801 krb5_log_facility */*fac*/, 5802 int /*level*/, 5803 char **/*reply*/, 5804 const char */*fmt*/, 5805 ...) 5806 __attribute__ ((__format__ (__printf__, 5, 6))); 5807 5808 /** 5809 * Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port) 5810 * 5811 * @param context a Keberos context 5812 * @param res built address from addr/port 5813 * @param addr address to use 5814 * @param port port to use 5815 * 5816 * @return Return an error code or 0. 5817 * 5818 * @ingroup krb5_address 5819 */ 5820 5821 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5822 krb5_make_addrport ( 5823 krb5_context /*context*/, 5824 krb5_address **/*res*/, 5825 const krb5_address */*addr*/, 5826 int16_t /*port*/); 5827 5828 /** 5829 * Build a principal using vararg style building 5830 * 5831 * @param context A Kerberos context. 5832 * @param principal returned principal 5833 * @param realm realm name 5834 * @param ... a list of components ended with NULL. 5835 * 5836 * @return An krb5 error code, see krb5_get_error_message(). 5837 * 5838 * @ingroup krb5_principal 5839 */ 5840 5841 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5842 krb5_make_principal ( 5843 krb5_context /*context*/, 5844 krb5_principal */*principal*/, 5845 krb5_const_realm /*realm*/, 5846 ...); 5847 5848 /** 5849 * krb5_max_sockaddr_size returns the max size of the .Li struct 5850 * sockaddr that the Kerberos library will return. 5851 * 5852 * @return Return an size_t of the maximum struct sockaddr. 5853 * 5854 * @ingroup krb5_address 5855 */ 5856 5857 KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL 5858 krb5_max_sockaddr_size (void); 5859 5860 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5861 krb5_mk_error ( 5862 krb5_context /*context*/, 5863 krb5_error_code /*error_code*/, 5864 const char */*e_text*/, 5865 const krb5_data */*e_data*/, 5866 const krb5_principal /*client*/, 5867 const krb5_principal /*server*/, 5868 time_t */*client_time*/, 5869 int */*client_usec*/, 5870 krb5_data */*reply*/); 5871 5872 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5873 krb5_mk_error_ext ( 5874 krb5_context /*context*/, 5875 krb5_error_code /*error_code*/, 5876 const char */*e_text*/, 5877 const krb5_data */*e_data*/, 5878 const krb5_principal /*server*/, 5879 const PrincipalName */*client_name*/, 5880 const Realm */*client_realm*/, 5881 time_t */*client_time*/, 5882 int */*client_usec*/, 5883 krb5_data */*reply*/); 5884 5885 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5886 krb5_mk_priv ( 5887 krb5_context /*context*/, 5888 krb5_auth_context /*auth_context*/, 5889 const krb5_data */*userdata*/, 5890 krb5_data */*outbuf*/, 5891 krb5_replay_data */*outdata*/); 5892 5893 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5894 krb5_mk_rep ( 5895 krb5_context /*context*/, 5896 krb5_auth_context /*auth_context*/, 5897 krb5_data */*outbuf*/); 5898 5899 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5900 krb5_mk_req ( 5901 krb5_context /*context*/, 5902 krb5_auth_context */*auth_context*/, 5903 const krb5_flags /*ap_req_options*/, 5904 const char */*service*/, 5905 const char */*hostname*/, 5906 krb5_data */*in_data*/, 5907 krb5_ccache /*ccache*/, 5908 krb5_data */*outbuf*/); 5909 5910 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5911 krb5_mk_req_exact ( 5912 krb5_context /*context*/, 5913 krb5_auth_context */*auth_context*/, 5914 const krb5_flags /*ap_req_options*/, 5915 const krb5_principal /*server*/, 5916 krb5_data */*in_data*/, 5917 krb5_ccache /*ccache*/, 5918 krb5_data */*outbuf*/); 5919 5920 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5921 krb5_mk_req_extended ( 5922 krb5_context /*context*/, 5923 krb5_auth_context */*auth_context*/, 5924 const krb5_flags /*ap_req_options*/, 5925 krb5_data */*in_data*/, 5926 krb5_creds */*in_creds*/, 5927 krb5_data */*outbuf*/); 5928 5929 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5930 krb5_mk_safe ( 5931 krb5_context /*context*/, 5932 krb5_auth_context /*auth_context*/, 5933 const krb5_data */*userdata*/, 5934 krb5_data */*outbuf*/, 5935 krb5_replay_data */*outdata*/); 5936 5937 /** 5938 * Iteratively apply name canon rules, outputing a principal and rule 5939 * options each time. Iteration completes when the @iter is NULL on 5940 * return or when an error is returned. Callers must free the iterator 5941 * if they abandon it mid-way. 5942 * 5943 * @param context Kerberos context 5944 * @param iter name canon rule iterator (input/output) 5945 * @param try_princ output principal name 5946 * @param rule_opts output rule options 5947 */ 5948 5949 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5950 krb5_name_canon_iterate ( 5951 krb5_context /*context*/, 5952 krb5_name_canon_iterator */*iter*/, 5953 krb5_const_principal */*try_princ*/, 5954 krb5_name_canon_rule_options */*rule_opts*/); 5955 5956 /** 5957 * Initialize name canonicalization iterator. 5958 * 5959 * @param context Kerberos context 5960 * @param in_princ principal name to be canonicalized OR 5961 * @param iter output iterator object 5962 */ 5963 5964 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 5965 krb5_name_canon_iterator_start ( 5966 krb5_context /*context*/, 5967 krb5_const_principal /*in_princ*/, 5968 krb5_name_canon_iterator */*iter*/); 5969 5970 /** 5971 * Read \a len bytes from socket \a p_fd into buffer \a buf. 5972 * Block until \a len bytes are read or until an error. 5973 * 5974 * @return If successful, the number of bytes read: \a len. 5975 * On end-of-file, 0. 5976 * On error, less than 0 (if single-threaded, the error can be found 5977 * in the errno global variable). 5978 */ 5979 5980 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5981 krb5_net_read ( 5982 krb5_context /*context*/, 5983 void */*p_fd*/, 5984 void */*buf*/, 5985 size_t /*len*/); 5986 5987 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5988 krb5_net_write ( 5989 krb5_context /*context*/, 5990 void */*p_fd*/, 5991 const void */*buf*/, 5992 size_t /*len*/); 5993 5994 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 5995 krb5_net_write_block ( 5996 krb5_context /*context*/, 5997 void */*p_fd*/, 5998 const void */*buf*/, 5999 size_t /*len*/, 6000 time_t /*timeout*/); 6001 6002 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6003 krb5_ntlm_alloc ( 6004 krb5_context /*context*/, 6005 krb5_ntlm */*ntlm*/); 6006 6007 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6008 krb5_ntlm_free ( 6009 krb5_context /*context*/, 6010 krb5_ntlm /*ntlm*/); 6011 6012 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6013 krb5_ntlm_init_get_challenge ( 6014 krb5_context /*context*/, 6015 krb5_ntlm /*ntlm*/, 6016 krb5_data */*challenge*/); 6017 6018 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6019 krb5_ntlm_init_get_flags ( 6020 krb5_context /*context*/, 6021 krb5_ntlm /*ntlm*/, 6022 uint32_t */*flags*/); 6023 6024 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6025 krb5_ntlm_init_get_opaque ( 6026 krb5_context /*context*/, 6027 krb5_ntlm /*ntlm*/, 6028 krb5_data */*opaque*/); 6029 6030 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6031 krb5_ntlm_init_get_targetinfo ( 6032 krb5_context /*context*/, 6033 krb5_ntlm /*ntlm*/, 6034 krb5_data */*data*/); 6035 6036 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6037 krb5_ntlm_init_get_targetname ( 6038 krb5_context /*context*/, 6039 krb5_ntlm /*ntlm*/, 6040 char **/*name*/); 6041 6042 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6043 krb5_ntlm_init_request ( 6044 krb5_context /*context*/, 6045 krb5_ntlm /*ntlm*/, 6046 krb5_realm /*realm*/, 6047 krb5_ccache /*ccache*/, 6048 uint32_t /*flags*/, 6049 const char */*hostname*/, 6050 const char */*domainname*/); 6051 6052 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6053 krb5_ntlm_rep_get_sessionkey ( 6054 krb5_context /*context*/, 6055 krb5_ntlm /*ntlm*/, 6056 krb5_data */*data*/); 6057 6058 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6059 krb5_ntlm_rep_get_status ( 6060 krb5_context /*context*/, 6061 krb5_ntlm /*ntlm*/); 6062 6063 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6064 krb5_ntlm_req_set_flags ( 6065 krb5_context /*context*/, 6066 krb5_ntlm /*ntlm*/, 6067 uint32_t /*flags*/); 6068 6069 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6070 krb5_ntlm_req_set_lm ( 6071 krb5_context /*context*/, 6072 krb5_ntlm /*ntlm*/, 6073 void */*hash*/, 6074 size_t /*len*/); 6075 6076 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6077 krb5_ntlm_req_set_ntlm ( 6078 krb5_context /*context*/, 6079 krb5_ntlm /*ntlm*/, 6080 void */*hash*/, 6081 size_t /*len*/); 6082 6083 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6084 krb5_ntlm_req_set_opaque ( 6085 krb5_context /*context*/, 6086 krb5_ntlm /*ntlm*/, 6087 krb5_data */*opaque*/); 6088 6089 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6090 krb5_ntlm_req_set_session ( 6091 krb5_context /*context*/, 6092 krb5_ntlm /*ntlm*/, 6093 void */*sessionkey*/, 6094 size_t /*length*/); 6095 6096 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6097 krb5_ntlm_req_set_targetname ( 6098 krb5_context /*context*/, 6099 krb5_ntlm /*ntlm*/, 6100 const char */*targetname*/); 6101 6102 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6103 krb5_ntlm_req_set_username ( 6104 krb5_context /*context*/, 6105 krb5_ntlm /*ntlm*/, 6106 const char */*username*/); 6107 6108 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6109 krb5_ntlm_request ( 6110 krb5_context /*context*/, 6111 krb5_ntlm /*ntlm*/, 6112 krb5_realm /*realm*/, 6113 krb5_ccache /*ccache*/); 6114 6115 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6116 krb5_openlog ( 6117 krb5_context /*context*/, 6118 const char */*program*/, 6119 krb5_log_facility **/*fac*/); 6120 6121 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6122 krb5_pac_add_buffer ( 6123 krb5_context /*context*/, 6124 krb5_pac /*p*/, 6125 uint32_t /*type*/, 6126 const krb5_data */*data*/); 6127 6128 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6129 krb5_pac_free ( 6130 krb5_context /*context*/, 6131 krb5_pac /*pac*/); 6132 6133 /** 6134 * Get the PAC buffer of specific type from the pac. 6135 * 6136 * @param context Kerberos 5 context. 6137 * @param p the pac structure returned by krb5_pac_parse(). 6138 * @param type type of buffer to get 6139 * @param data return data, free with krb5_data_free(). 6140 * 6141 * @return Returns 0 to indicate success. Otherwise an kerberos et 6142 * error code is returned, see krb5_get_error_message(). 6143 * 6144 * @ingroup krb5_pac 6145 */ 6146 6147 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6148 krb5_pac_get_buffer ( 6149 krb5_context /*context*/, 6150 krb5_pac /*p*/, 6151 uint32_t /*type*/, 6152 krb5_data */*data*/); 6153 6154 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6155 krb5_pac_get_types ( 6156 krb5_context /*context*/, 6157 krb5_pac /*p*/, 6158 size_t */*len*/, 6159 uint32_t **/*types*/); 6160 6161 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6162 krb5_pac_init ( 6163 krb5_context /*context*/, 6164 krb5_pac */*pac*/); 6165 6166 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6167 krb5_pac_parse ( 6168 krb5_context /*context*/, 6169 const void */*ptr*/, 6170 size_t /*len*/, 6171 krb5_pac */*pac*/); 6172 6173 /** 6174 * Verify the PAC. 6175 * 6176 * @param context Kerberos 5 context. 6177 * @param pac the pac structure returned by krb5_pac_parse(). 6178 * @param authtime The time of the ticket the PAC belongs to. 6179 * @param principal the principal to verify. 6180 * @param server The service key, most always be given. 6181 * @param privsvr The KDC key, may be given. 6182 6183 * @return Returns 0 to indicate success. Otherwise an kerberos et 6184 * error code is returned, see krb5_get_error_message(). 6185 * 6186 * @ingroup krb5_pac 6187 */ 6188 6189 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6190 krb5_pac_verify ( 6191 krb5_context /*context*/, 6192 const krb5_pac /*pac*/, 6193 time_t /*authtime*/, 6194 krb5_const_principal /*principal*/, 6195 const krb5_keyblock */*server*/, 6196 const krb5_keyblock */*privsvr*/); 6197 6198 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6199 krb5_padata_add ( 6200 krb5_context /*context*/, 6201 METHOD_DATA */*md*/, 6202 int /*type*/, 6203 void */*buf*/, 6204 size_t /*len*/); 6205 6206 /** 6207 * krb5_parse_address returns the resolved hostname in string to the 6208 * krb5_addresses addresses . 6209 * 6210 * @param context a Keberos context 6211 * @param string 6212 * @param addresses 6213 * 6214 * @return Return an error code or 0. 6215 * 6216 * @ingroup krb5_address 6217 */ 6218 6219 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6220 krb5_parse_address ( 6221 krb5_context /*context*/, 6222 const char */*string*/, 6223 krb5_addresses */*addresses*/); 6224 6225 /** 6226 * Parse a name into a krb5_principal structure 6227 * 6228 * @param context Kerberos 5 context 6229 * @param name name to parse into a Kerberos principal 6230 * @param principal returned principal, free with krb5_free_principal(). 6231 * 6232 * @return An krb5 error code, see krb5_get_error_message(). 6233 * 6234 * @ingroup krb5_principal 6235 */ 6236 6237 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6238 krb5_parse_name ( 6239 krb5_context /*context*/, 6240 const char */*name*/, 6241 krb5_principal */*principal*/); 6242 6243 /** 6244 * Parse a name into a krb5_principal structure, flags controls the behavior. 6245 * 6246 * @param context Kerberos 5 context 6247 * @param name name to parse into a Kerberos principal 6248 * @param flags flags to control the behavior 6249 * @param principal returned principal, free with krb5_free_principal(). 6250 * 6251 * @return An krb5 error code, see krb5_get_error_message(). 6252 * 6253 * @ingroup krb5_principal 6254 */ 6255 6256 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6257 krb5_parse_name_flags ( 6258 krb5_context /*context*/, 6259 const char */*name*/, 6260 int /*flags*/, 6261 krb5_principal */*principal*/); 6262 6263 /** 6264 * Parse nametype string and return a nametype integer 6265 * 6266 * @ingroup krb5_principal 6267 */ 6268 6269 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6270 krb5_parse_nametype ( 6271 krb5_context /*context*/, 6272 const char */*str*/, 6273 int32_t */*nametype*/); 6274 6275 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6276 krb5_passwd_result_to_string ( 6277 krb5_context /*context*/, 6278 int /*result*/); 6279 6280 /** 6281 * Deprecated: use krb5_get_init_creds() and friends. 6282 * 6283 * @ingroup krb5_deprecated 6284 */ 6285 6286 KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV 6287 krb5_password_key_proc ( 6288 krb5_context /*context*/, 6289 krb5_enctype /*type*/, 6290 krb5_salt /*salt*/, 6291 krb5_const_pointer /*keyseed*/, 6292 krb5_keyblock **/*key*/) 6293 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6294 6295 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6296 krb5_pk_enterprise_cert ( 6297 krb5_context /*context*/, 6298 const char */*user_id*/, 6299 krb5_const_realm /*realm*/, 6300 krb5_principal */*principal*/, 6301 struct hx509_certs_data **/*res*/); 6302 6303 /** 6304 * Register a plugin symbol name of specific type. 6305 * @param context a Keberos context 6306 * @param type type of plugin symbol 6307 * @param name name of plugin symbol 6308 * @param symbol a pointer to the named symbol 6309 * @return In case of error a non zero error com_err error is returned 6310 * and the Kerberos error string is set. 6311 * 6312 * @ingroup krb5_support 6313 */ 6314 6315 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6316 krb5_plugin_register ( 6317 krb5_context /*context*/, 6318 enum krb5_plugin_type /*type*/, 6319 const char */*name*/, 6320 void */*symbol*/); 6321 6322 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6323 krb5_prepend_config_files ( 6324 const char */*filelist*/, 6325 char **/*pq*/, 6326 char ***/*ret_pp*/); 6327 6328 /** 6329 * Prepend the filename to the global configuration list. 6330 * 6331 * @param filelist a filename to add to the default list of filename 6332 * @param pfilenames return array of filenames, should be freed with krb5_free_config_files(). 6333 * 6334 * @return Returns 0 to indicate success. Otherwise an kerberos et 6335 * error code is returned, see krb5_get_error_message(). 6336 * 6337 * @ingroup krb5 6338 */ 6339 6340 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6341 krb5_prepend_config_files_default ( 6342 const char */*filelist*/, 6343 char ***/*pfilenames*/); 6344 6345 /** 6346 * Prepend the context full error string for a specific error code. 6347 * The error that is stored should be internationalized. 6348 * 6349 * The if context is NULL, no error string is stored. 6350 * 6351 * @param context Kerberos 5 context 6352 * @param ret The error code 6353 * @param fmt Error string for the error code 6354 * @param ... printf(3) style parameters. 6355 * 6356 * @ingroup krb5_error 6357 */ 6358 6359 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6360 krb5_prepend_error_message ( 6361 krb5_context /*context*/, 6362 krb5_error_code /*ret*/, 6363 const char */*fmt*/, 6364 ...) 6365 __attribute__ ((__format__ (__printf__, 3, 4))); 6366 6367 /** 6368 * Deprecated: use krb5_principal_get_realm() 6369 * 6370 * @ingroup krb5_deprecated 6371 */ 6372 6373 KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL 6374 krb5_princ_realm ( 6375 krb5_context /*context*/, 6376 krb5_principal /*principal*/) 6377 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6378 6379 /** 6380 * Deprecated: use krb5_principal_set_realm() 6381 * 6382 * @ingroup krb5_deprecated 6383 */ 6384 6385 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6386 krb5_princ_set_realm ( 6387 krb5_context /*context*/, 6388 krb5_principal /*principal*/, 6389 krb5_realm */*realm*/) 6390 KRB5_DEPRECATED_FUNCTION("Use X instead"); 6391 6392 /** 6393 * Compares the two principals, including realm of the principals and returns 6394 * TRUE if they are the same and FALSE if not. 6395 * 6396 * @param context Kerberos 5 context 6397 * @param princ1 first principal to compare 6398 * @param princ2 second principal to compare 6399 * 6400 * @ingroup krb5_principal 6401 * @see krb5_principal_compare_any_realm() 6402 * @see krb5_realm_compare() 6403 */ 6404 6405 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6406 krb5_principal_compare ( 6407 krb5_context /*context*/, 6408 krb5_const_principal /*princ1*/, 6409 krb5_const_principal /*princ2*/); 6410 6411 /** 6412 * Return TRUE iff princ1 == princ2 (without considering the realm) 6413 * 6414 * @param context Kerberos 5 context 6415 * @param princ1 first principal to compare 6416 * @param princ2 second principal to compare 6417 * 6418 * @return non zero if equal, 0 if not 6419 * 6420 * @ingroup krb5_principal 6421 * @see krb5_principal_compare() 6422 * @see krb5_realm_compare() 6423 */ 6424 6425 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6426 krb5_principal_compare_any_realm ( 6427 krb5_context /*context*/, 6428 krb5_const_principal /*princ1*/, 6429 krb5_const_principal /*princ2*/); 6430 6431 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6432 krb5_principal_get_comp_string ( 6433 krb5_context /*context*/, 6434 krb5_const_principal /*principal*/, 6435 unsigned int /*component*/); 6436 6437 /** 6438 * Get number of component is principal. 6439 * 6440 * @param context Kerberos 5 context 6441 * @param principal principal to query 6442 * 6443 * @return number of components in string 6444 * 6445 * @ingroup krb5_principal 6446 */ 6447 6448 KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL 6449 krb5_principal_get_num_comp ( 6450 krb5_context /*context*/, 6451 krb5_const_principal /*principal*/); 6452 6453 /** 6454 * Get the realm of the principal 6455 * 6456 * @param context A Kerberos context. 6457 * @param principal principal to get the realm for 6458 * 6459 * @return realm of the principal, don't free or use after krb5_principal is freed 6460 * 6461 * @ingroup krb5_principal 6462 */ 6463 6464 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6465 krb5_principal_get_realm ( 6466 krb5_context /*context*/, 6467 krb5_const_principal /*principal*/); 6468 6469 /** 6470 * Get the type of the principal 6471 * 6472 * @param context A Kerberos context. 6473 * @param principal principal to get the type for 6474 * 6475 * @return the type of principal 6476 * 6477 * @ingroup krb5_principal 6478 */ 6479 6480 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6481 krb5_principal_get_type ( 6482 krb5_context /*context*/, 6483 krb5_const_principal /*principal*/); 6484 6485 /** 6486 * Returns true iff name is an WELLKNOWN:ORG.H5L.HOSTBASED-SERVICE 6487 * 6488 * @ingroup krb5_principal 6489 */ 6490 6491 krb5_boolean KRB5_LIB_FUNCTION 6492 krb5_principal_is_gss_hostbased_service ( 6493 krb5_context /*context*/, 6494 krb5_const_principal /*principal*/); 6495 6496 /** 6497 * Check if the cname part of the principal is a krbtgt principal 6498 * 6499 * @ingroup krb5_principal 6500 */ 6501 6502 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6503 krb5_principal_is_krbtgt ( 6504 krb5_context /*context*/, 6505 krb5_const_principal /*p*/); 6506 6507 /** 6508 * Returns true if name is Kerberos an LKDC realm 6509 * 6510 * @ingroup krb5_principal 6511 */ 6512 6513 krb5_boolean KRB5_LIB_FUNCTION 6514 krb5_principal_is_lkdc ( 6515 krb5_context /*context*/, 6516 krb5_const_principal /*principal*/); 6517 6518 /** 6519 * Returns true if name is Kerberos NULL name 6520 * 6521 * @ingroup krb5_principal 6522 */ 6523 6524 krb5_boolean KRB5_LIB_FUNCTION 6525 krb5_principal_is_null ( 6526 krb5_context /*context*/, 6527 krb5_const_principal /*principal*/); 6528 6529 /** 6530 * Returns true if name is Kerberos an LKDC realm 6531 * 6532 * @ingroup krb5_principal 6533 */ 6534 6535 krb5_boolean KRB5_LIB_FUNCTION 6536 krb5_principal_is_pku2u ( 6537 krb5_context /*context*/, 6538 krb5_const_principal /*principal*/); 6539 6540 /** 6541 * Check if the cname part of the principal is a initial or renewed krbtgt principal 6542 * 6543 * @ingroup krb5_principal 6544 */ 6545 6546 krb5_boolean KRB5_LIB_FUNCTION 6547 krb5_principal_is_root_krbtgt ( 6548 krb5_context /*context*/, 6549 krb5_const_principal /*p*/); 6550 6551 /** 6552 * return TRUE iff princ matches pattern 6553 * 6554 * @ingroup krb5_principal 6555 */ 6556 6557 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 6558 krb5_principal_match ( 6559 krb5_context /*context*/, 6560 krb5_const_principal /*princ*/, 6561 krb5_const_principal /*pattern*/); 6562 6563 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6564 krb5_principal_set_comp_string ( 6565 krb5_context /*context*/, 6566 krb5_principal /*principal*/, 6567 unsigned int /*k*/, 6568 const char */*component*/); 6569 6570 /** 6571 * Set a new realm for a principal, and as a side-effect free the 6572 * previous realm. 6573 * 6574 * @param context A Kerberos context. 6575 * @param principal principal set the realm for 6576 * @param realm the new realm to set 6577 * 6578 * @return An krb5 error code, see krb5_get_error_message(). 6579 * 6580 * @ingroup krb5_principal 6581 */ 6582 6583 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6584 krb5_principal_set_realm ( 6585 krb5_context /*context*/, 6586 krb5_principal /*principal*/, 6587 krb5_const_realm /*realm*/); 6588 6589 /** 6590 * Set the type of the principal 6591 * 6592 * @param context A Kerberos context. 6593 * @param principal principal to set the type for 6594 * @param type the new type 6595 * 6596 * @return An krb5 error code, see krb5_get_error_message(). 6597 * 6598 * @ingroup krb5_principal 6599 */ 6600 6601 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6602 krb5_principal_set_type ( 6603 krb5_context /*context*/, 6604 krb5_principal /*principal*/, 6605 int /*type*/); 6606 6607 /** 6608 * krb5_print_address prints the address in addr to the string string 6609 * that have the length len. If ret_len is not NULL, it will be filled 6610 * with the length of the string if size were unlimited (not including 6611 * the final NUL) . 6612 * 6613 * @param addr address to be printed 6614 * @param str pointer string to print the address into 6615 * @param len length that will fit into area pointed to by "str". 6616 * @param ret_len return length the str. 6617 * 6618 * @return Return an error code or 0. 6619 * 6620 * @ingroup krb5_address 6621 */ 6622 6623 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6624 krb5_print_address ( 6625 const krb5_address */*addr*/, 6626 char */*str*/, 6627 size_t /*len*/, 6628 size_t */*ret_len*/); 6629 6630 krb5_error_code 6631 krb5_process_last_request ( 6632 krb5_context /*context*/, 6633 krb5_get_init_creds_opt */*options*/, 6634 krb5_init_creds_context /*ctx*/); 6635 6636 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 6637 krb5_program_setup ( 6638 krb5_context */*context*/, 6639 int /*argc*/, 6640 char **/*argv*/, 6641 struct getargs */*args*/, 6642 int /*num_args*/, 6643 void (KRB5_LIB_CALL *usage)(int, struct getargs*, int)); 6644 6645 KRB5_LIB_FUNCTION int KRB5_CALLCONV 6646 krb5_prompter_posix ( 6647 krb5_context /*context*/, 6648 void */*data*/, 6649 const char */*name*/, 6650 const char */*banner*/, 6651 int /*num_prompts*/, 6652 krb5_prompt prompts[]); 6653 6654 /** 6655 * Converts the random bytestring to a protocol key according to 6656 * Kerberos crypto frame work. It may be assumed that all the bits of 6657 * the input string are equally random, even though the entropy 6658 * present in the random source may be limited. 6659 * 6660 * @param context Kerberos 5 context 6661 * @param type the enctype resulting key will be of 6662 * @param data input random data to convert to a key 6663 * @param size size of input random data, at least krb5_enctype_keysize() long 6664 * @param key key, output key, free with krb5_free_keyblock_contents() 6665 * 6666 * @return Return an error code or 0. 6667 * 6668 * @ingroup krb5_crypto 6669 */ 6670 6671 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6672 krb5_random_to_key ( 6673 krb5_context /*context*/, 6674 krb5_enctype /*type*/, 6675 const void */*data*/, 6676 size_t /*size*/, 6677 krb5_keyblock */*key*/); 6678 6679 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6680 krb5_rc_close ( 6681 krb5_context /*context*/, 6682 krb5_rcache /*id*/); 6683 6684 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6685 krb5_rc_default ( 6686 krb5_context /*context*/, 6687 krb5_rcache */*id*/); 6688 6689 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6690 krb5_rc_default_name (krb5_context /*context*/); 6691 6692 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6693 krb5_rc_default_type (krb5_context /*context*/); 6694 6695 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6696 krb5_rc_destroy ( 6697 krb5_context /*context*/, 6698 krb5_rcache /*id*/); 6699 6700 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6701 krb5_rc_expunge ( 6702 krb5_context /*context*/, 6703 krb5_rcache /*id*/); 6704 6705 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6706 krb5_rc_get_lifespan ( 6707 krb5_context /*context*/, 6708 krb5_rcache /*id*/, 6709 krb5_deltat */*auth_lifespan*/); 6710 6711 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6712 krb5_rc_get_name ( 6713 krb5_context /*context*/, 6714 krb5_rcache /*id*/); 6715 6716 KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL 6717 krb5_rc_get_type ( 6718 krb5_context /*context*/, 6719 krb5_rcache /*id*/); 6720 6721 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6722 krb5_rc_initialize ( 6723 krb5_context /*context*/, 6724 krb5_rcache /*id*/, 6725 krb5_deltat /*auth_lifespan*/); 6726 6727 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6728 krb5_rc_recover ( 6729 krb5_context /*context*/, 6730 krb5_rcache /*id*/); 6731 6732 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6733 krb5_rc_resolve ( 6734 krb5_context /*context*/, 6735 krb5_rcache /*id*/, 6736 const char */*name*/); 6737 6738 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6739 krb5_rc_resolve_full ( 6740 krb5_context /*context*/, 6741 krb5_rcache */*id*/, 6742 const char */*string_name*/); 6743 6744 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6745 krb5_rc_resolve_type ( 6746 krb5_context /*context*/, 6747 krb5_rcache */*id*/, 6748 const char */*type*/); 6749 6750 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6751 krb5_rc_store ( 6752 krb5_context /*context*/, 6753 krb5_rcache /*id*/, 6754 krb5_donot_replay */*rep*/); 6755 6756 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6757 krb5_rd_cred ( 6758 krb5_context /*context*/, 6759 krb5_auth_context /*auth_context*/, 6760 krb5_data */*in_data*/, 6761 krb5_creds ***/*ret_creds*/, 6762 krb5_replay_data */*outdata*/); 6763 6764 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6765 krb5_rd_cred2 ( 6766 krb5_context /*context*/, 6767 krb5_auth_context /*auth_context*/, 6768 krb5_ccache /*ccache*/, 6769 krb5_data */*in_data*/); 6770 6771 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6772 krb5_rd_error ( 6773 krb5_context /*context*/, 6774 const krb5_data */*msg*/, 6775 KRB_ERROR */*result*/); 6776 6777 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6778 krb5_rd_priv ( 6779 krb5_context /*context*/, 6780 krb5_auth_context /*auth_context*/, 6781 const krb5_data */*inbuf*/, 6782 krb5_data */*outbuf*/, 6783 krb5_replay_data */*outdata*/); 6784 6785 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6786 krb5_rd_rep ( 6787 krb5_context /*context*/, 6788 krb5_auth_context /*auth_context*/, 6789 const krb5_data */*inbuf*/, 6790 krb5_ap_rep_enc_part **/*repl*/); 6791 6792 /** 6793 * Process an AP_REQ message. 6794 * 6795 * @param context Kerberos 5 context. 6796 * @param auth_context authentication context of the peer. 6797 * @param inbuf the AP_REQ message, obtained for example with krb5_read_message(). 6798 * @param server server principal. 6799 * @param keytab server keytab. 6800 * @param ap_req_options set to the AP_REQ options. See the AP_OPTS_* defines. 6801 * @param ticket on success, set to the authenticated client credentials. 6802 * Must be deallocated with krb5_free_ticket(). If not 6803 * interested, pass a NULL value. 6804 * 6805 * @return 0 to indicate success. Otherwise a Kerberos error code is 6806 * returned, see krb5_get_error_message(). 6807 */ 6808 6809 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6810 krb5_rd_req ( 6811 krb5_context /*context*/, 6812 krb5_auth_context */*auth_context*/, 6813 const krb5_data */*inbuf*/, 6814 krb5_const_principal /*server*/, 6815 krb5_keytab /*keytab*/, 6816 krb5_flags */*ap_req_options*/, 6817 krb5_ticket **/*ticket*/); 6818 6819 /** 6820 * The core server function that verify application authentication 6821 * requests from clients. 6822 * 6823 * @param context Keberos 5 context. 6824 * @param auth_context the authentication context, can be NULL, then 6825 * default values for the authentication context will used. 6826 * @param inbuf the (AP-REQ) authentication buffer 6827 * 6828 * @param server the server to authenticate to. If NULL the function 6829 * will try to find any available credential in the keytab 6830 * that will verify the reply. The function will prefer the 6831 * server specified in the AP-REQ, but if 6832 * there is no mach, it will try all keytab entries for a 6833 * match. This has serious performance issues for large keytabs. 6834 * 6835 * @param inctx control the behavior of the function, if NULL, the 6836 * default behavior is used. 6837 * @param outctx the return outctx, free with krb5_rd_req_out_ctx_free(). 6838 * @return Kerberos 5 error code, see krb5_get_error_message(). 6839 * 6840 * @ingroup krb5_auth 6841 */ 6842 6843 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6844 krb5_rd_req_ctx ( 6845 krb5_context /*context*/, 6846 krb5_auth_context */*auth_context*/, 6847 const krb5_data */*inbuf*/, 6848 krb5_const_principal /*server*/, 6849 krb5_rd_req_in_ctx /*inctx*/, 6850 krb5_rd_req_out_ctx */*outctx*/); 6851 6852 /** 6853 * Allocate a krb5_rd_req_in_ctx as an input parameter to 6854 * krb5_rd_req_ctx(). The caller should free the context with 6855 * krb5_rd_req_in_ctx_free() when done with the context. 6856 * 6857 * @param context Keberos 5 context. 6858 * @param ctx in ctx to krb5_rd_req_ctx(). 6859 * 6860 * @return Kerberos 5 error code, see krb5_get_error_message(). 6861 * 6862 * @ingroup krb5_auth 6863 */ 6864 6865 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6866 krb5_rd_req_in_ctx_alloc ( 6867 krb5_context /*context*/, 6868 krb5_rd_req_in_ctx */*ctx*/); 6869 6870 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6871 krb5_rd_req_in_ctx_free ( 6872 krb5_context /*context*/, 6873 krb5_rd_req_in_ctx /*ctx*/); 6874 6875 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6876 krb5_rd_req_in_set_keyblock ( 6877 krb5_context /*context*/, 6878 krb5_rd_req_in_ctx /*in*/, 6879 krb5_keyblock */*keyblock*/); 6880 6881 /** 6882 * Set the keytab that krb5_rd_req_ctx() will use. 6883 * 6884 * @param context Keberos 5 context. 6885 * @param in in ctx to krb5_rd_req_ctx(). 6886 * @param keytab keytab that krb5_rd_req_ctx() will use, only copy the 6887 * pointer, so the caller must free they keytab after 6888 * krb5_rd_req_in_ctx_free() is called. 6889 * 6890 * @return Kerberos 5 error code, see krb5_get_error_message(). 6891 * 6892 * @ingroup krb5_auth 6893 */ 6894 6895 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6896 krb5_rd_req_in_set_keytab ( 6897 krb5_context /*context*/, 6898 krb5_rd_req_in_ctx /*in*/, 6899 krb5_keytab /*keytab*/); 6900 6901 /** 6902 * Set if krb5_rq_red() is going to check the Windows PAC or not 6903 * 6904 * @param context Keberos 5 context. 6905 * @param in krb5_rd_req_in_ctx to check the option on. 6906 * @param flag flag to select if to check the pac (TRUE) or not (FALSE). 6907 * 6908 * @return Kerberos 5 error code, see krb5_get_error_message(). 6909 * 6910 * @ingroup krb5_auth 6911 */ 6912 6913 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6914 krb5_rd_req_in_set_pac_check ( 6915 krb5_context /*context*/, 6916 krb5_rd_req_in_ctx /*in*/, 6917 krb5_boolean /*flag*/); 6918 6919 /** 6920 * Free the krb5_rd_req_out_ctx. 6921 * 6922 * @param context Keberos 5 context. 6923 * @param ctx krb5_rd_req_out_ctx context to free. 6924 * 6925 * @ingroup krb5_auth 6926 */ 6927 6928 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 6929 krb5_rd_req_out_ctx_free ( 6930 krb5_context /*context*/, 6931 krb5_rd_req_out_ctx /*ctx*/); 6932 6933 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6934 krb5_rd_req_out_get_ap_req_options ( 6935 krb5_context /*context*/, 6936 krb5_rd_req_out_ctx /*out*/, 6937 krb5_flags */*ap_req_options*/); 6938 6939 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6940 krb5_rd_req_out_get_keyblock ( 6941 krb5_context /*context*/, 6942 krb5_rd_req_out_ctx /*out*/, 6943 krb5_keyblock **/*keyblock*/); 6944 6945 /** 6946 * Get the principal that was used in the request from the 6947 * client. Might not match whats in the ticket if krb5_rd_req_ctx() 6948 * searched in the keytab for a matching key. 6949 * 6950 * @param context a Kerberos 5 context. 6951 * @param out a krb5_rd_req_out_ctx from krb5_rd_req_ctx(). 6952 * @param principal return principal, free with krb5_free_principal(). 6953 * 6954 * @ingroup krb5_auth 6955 */ 6956 6957 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6958 krb5_rd_req_out_get_server ( 6959 krb5_context /*context*/, 6960 krb5_rd_req_out_ctx /*out*/, 6961 krb5_principal */*principal*/); 6962 6963 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6964 krb5_rd_req_out_get_ticket ( 6965 krb5_context /*context*/, 6966 krb5_rd_req_out_ctx /*out*/, 6967 krb5_ticket **/*ticket*/); 6968 6969 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6970 krb5_rd_req_with_keyblock ( 6971 krb5_context /*context*/, 6972 krb5_auth_context */*auth_context*/, 6973 const krb5_data */*inbuf*/, 6974 krb5_const_principal /*server*/, 6975 krb5_keyblock */*keyblock*/, 6976 krb5_flags */*ap_req_options*/, 6977 krb5_ticket **/*ticket*/); 6978 6979 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6980 krb5_rd_safe ( 6981 krb5_context /*context*/, 6982 krb5_auth_context /*auth_context*/, 6983 const krb5_data */*inbuf*/, 6984 krb5_data */*outbuf*/, 6985 krb5_replay_data */*outdata*/); 6986 6987 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6988 krb5_read_message ( 6989 krb5_context /*context*/, 6990 krb5_pointer /*p_fd*/, 6991 krb5_data */*data*/); 6992 6993 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 6994 krb5_read_priv_message ( 6995 krb5_context /*context*/, 6996 krb5_auth_context /*ac*/, 6997 krb5_pointer /*p_fd*/, 6998 krb5_data */*data*/); 6999 7000 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7001 krb5_read_safe_message ( 7002 krb5_context /*context*/, 7003 krb5_auth_context /*ac*/, 7004 krb5_pointer /*p_fd*/, 7005 krb5_data */*data*/); 7006 7007 /** 7008 * return TRUE iff realm(princ1) == realm(princ2) 7009 * 7010 * @param context Kerberos 5 context 7011 * @param princ1 first principal to compare 7012 * @param princ2 second principal to compare 7013 * 7014 * @ingroup krb5_principal 7015 * @see krb5_principal_compare_any_realm() 7016 * @see krb5_principal_compare() 7017 */ 7018 7019 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7020 krb5_realm_compare ( 7021 krb5_context /*context*/, 7022 krb5_const_principal /*princ1*/, 7023 krb5_const_principal /*princ2*/); 7024 7025 /** 7026 * Returns true if name is Kerberos an LKDC realm 7027 * 7028 * @ingroup krb5_principal 7029 */ 7030 7031 krb5_boolean KRB5_LIB_FUNCTION 7032 krb5_realm_is_lkdc (const char */*realm*/); 7033 7034 /** 7035 * Perform the server side of the sendauth protocol. 7036 * 7037 * @param context Kerberos 5 context. 7038 * @param auth_context authentication context of the peer. 7039 * @param p_fd socket associated to the connection. 7040 * @param appl_version server-specific string. 7041 * @param server server principal. 7042 * @param flags if KRB5_RECVAUTH_IGNORE_VERSION is set, skip the sendauth version 7043 * part of the protocol. 7044 * @param keytab server keytab. 7045 * @param ticket on success, set to the authenticated client credentials. 7046 * Must be deallocated with krb5_free_ticket(). If not 7047 * interested, pass a NULL value. 7048 * 7049 * @return 0 to indicate success. Otherwise a Kerberos error code is 7050 * returned, see krb5_get_error_message(). 7051 */ 7052 7053 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7054 krb5_recvauth ( 7055 krb5_context /*context*/, 7056 krb5_auth_context */*auth_context*/, 7057 krb5_pointer /*p_fd*/, 7058 const char */*appl_version*/, 7059 krb5_principal /*server*/, 7060 int32_t /*flags*/, 7061 krb5_keytab /*keytab*/, 7062 krb5_ticket **/*ticket*/); 7063 7064 /** 7065 * Perform the server side of the sendauth protocol like krb5_recvauth(), but support 7066 * a user-specified callback, \a match_appl_version, to perform the match of the application 7067 * version \a match_data. 7068 */ 7069 7070 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7071 krb5_recvauth_match_version ( 7072 krb5_context /*context*/, 7073 krb5_auth_context */*auth_context*/, 7074 krb5_pointer /*p_fd*/, 7075 krb5_boolean (*/*match_appl_version*/)(const void *, const char*), 7076 const void */*match_data*/, 7077 krb5_principal /*server*/, 7078 int32_t /*flags*/, 7079 krb5_keytab /*keytab*/, 7080 krb5_ticket **/*ticket*/); 7081 7082 /** 7083 * Read a address block from the storage. 7084 * 7085 * @param sp the storage buffer to write to 7086 * @param adr the address block read from storage 7087 * 7088 * @return 0 on success, a Kerberos 5 error code on failure. 7089 * 7090 * @ingroup krb5_storage 7091 */ 7092 7093 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7094 krb5_ret_address ( 7095 krb5_storage */*sp*/, 7096 krb5_address */*adr*/); 7097 7098 /** 7099 * Read a addresses block from the storage. 7100 * 7101 * @param sp the storage buffer to write to 7102 * @param adr the addresses block read from storage 7103 * 7104 * @return 0 on success, a Kerberos 5 error code on failure. 7105 * 7106 * @ingroup krb5_storage 7107 */ 7108 7109 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7110 krb5_ret_addrs ( 7111 krb5_storage */*sp*/, 7112 krb5_addresses */*adr*/); 7113 7114 /** 7115 * Read a auth data from the storage. 7116 * 7117 * @param sp the storage buffer to write to 7118 * @param auth the auth data block read from storage 7119 * 7120 * @return 0 on success, a Kerberos 5 error code on failure. 7121 * 7122 * @ingroup krb5_storage 7123 */ 7124 7125 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7126 krb5_ret_authdata ( 7127 krb5_storage */*sp*/, 7128 krb5_authdata */*auth*/); 7129 7130 /** 7131 * Read a credentials block from the storage. 7132 * 7133 * @param sp the storage buffer to write to 7134 * @param creds the credentials block read from storage 7135 * 7136 * @return 0 on success, a Kerberos 5 error code on failure. 7137 * 7138 * @ingroup krb5_storage 7139 */ 7140 7141 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7142 krb5_ret_creds ( 7143 krb5_storage */*sp*/, 7144 krb5_creds */*creds*/); 7145 7146 /** 7147 * Read a tagged credentials block from the storage. 7148 * 7149 * @param sp the storage buffer to write to 7150 * @param creds the credentials block read from storage 7151 * 7152 * @return 0 on success, a Kerberos 5 error code on failure. 7153 * 7154 * @ingroup krb5_storage 7155 */ 7156 7157 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7158 krb5_ret_creds_tag ( 7159 krb5_storage */*sp*/, 7160 krb5_creds */*creds*/); 7161 7162 /** 7163 * Parse a data from the storage. 7164 * 7165 * @param sp the storage buffer to read from 7166 * @param data the parsed data 7167 * 7168 * @return 0 on success, a Kerberos 5 error code on failure. 7169 * 7170 * @ingroup krb5_storage 7171 */ 7172 7173 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7174 krb5_ret_data ( 7175 krb5_storage */*sp*/, 7176 krb5_data */*data*/); 7177 7178 /** 7179 * Read a int16 from storage, byte order is controlled by the settings 7180 * on the storage, see krb5_storage_set_byteorder(). 7181 * 7182 * @param sp the storage to write too 7183 * @param value the value read from the buffer 7184 * 7185 * @return 0 for success, or a Kerberos 5 error code on failure. 7186 * 7187 * @ingroup krb5_storage 7188 */ 7189 7190 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7191 krb5_ret_int16 ( 7192 krb5_storage */*sp*/, 7193 int16_t */*value*/); 7194 7195 /** 7196 * Read a int32 from storage, byte order is controlled by the settings 7197 * on the storage, see krb5_storage_set_byteorder(). 7198 * 7199 * @param sp the storage to write too 7200 * @param value the value read from the buffer 7201 * 7202 * @return 0 for success, or a Kerberos 5 error code on failure. 7203 * 7204 * @ingroup krb5_storage 7205 */ 7206 7207 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7208 krb5_ret_int32 ( 7209 krb5_storage */*sp*/, 7210 int32_t */*value*/); 7211 7212 /** 7213 * Read a int64 from storage, byte order is controlled by the settings 7214 * on the storage, see krb5_storage_set_byteorder(). 7215 * 7216 * @param sp the storage to write too 7217 * @param value the value read from the buffer 7218 * 7219 * @return 0 for success, or a Kerberos 5 error code on failure. 7220 * 7221 * @ingroup krb5_storage 7222 */ 7223 7224 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7225 krb5_ret_int64 ( 7226 krb5_storage */*sp*/, 7227 int64_t */*value*/); 7228 7229 /** 7230 * Read a int8 from storage 7231 * 7232 * @param sp the storage to write too 7233 * @param value the value read from the buffer 7234 * 7235 * @return 0 for success, or a Kerberos 5 error code on failure. 7236 * 7237 * @ingroup krb5_storage 7238 */ 7239 7240 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7241 krb5_ret_int8 ( 7242 krb5_storage */*sp*/, 7243 int8_t */*value*/); 7244 7245 /** 7246 * Read a keyblock from the storage. 7247 * 7248 * @param sp the storage buffer to write to 7249 * @param p the keyblock read from storage, free using krb5_free_keyblock() 7250 * 7251 * @return 0 on success, a Kerberos 5 error code on failure. 7252 * 7253 * @ingroup krb5_storage 7254 */ 7255 7256 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7257 krb5_ret_keyblock ( 7258 krb5_storage */*sp*/, 7259 krb5_keyblock */*p*/); 7260 7261 /** 7262 * Parse principal from the storage. 7263 * 7264 * @param sp the storage buffer to read from 7265 * @param princ the parsed principal 7266 * 7267 * @return 0 on success, a Kerberos 5 error code on failure. 7268 * 7269 * @ingroup krb5_storage 7270 */ 7271 7272 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7273 krb5_ret_principal ( 7274 krb5_storage */*sp*/, 7275 krb5_principal */*princ*/); 7276 7277 /** 7278 * Parse a string from the storage. 7279 * 7280 * @param sp the storage buffer to read from 7281 * @param string the parsed string 7282 * 7283 * @return 0 on success, a Kerberos 5 error code on failure. 7284 * 7285 * @ingroup krb5_storage 7286 */ 7287 7288 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7289 krb5_ret_string ( 7290 krb5_storage */*sp*/, 7291 char **/*string*/); 7292 7293 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7294 krb5_ret_stringnl ( 7295 krb5_storage */*sp*/, 7296 char **/*string*/); 7297 7298 /** 7299 * Parse zero terminated string from the storage. 7300 * 7301 * @param sp the storage buffer to read from 7302 * @param string the parsed string 7303 * 7304 * @return 0 on success, a Kerberos 5 error code on failure. 7305 * 7306 * @ingroup krb5_storage 7307 */ 7308 7309 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7310 krb5_ret_stringz ( 7311 krb5_storage */*sp*/, 7312 char **/*string*/); 7313 7314 /** 7315 * Read a times block from the storage. 7316 * 7317 * @param sp the storage buffer to write to 7318 * @param times the times block read from storage 7319 * 7320 * @return 0 on success, a Kerberos 5 error code on failure. 7321 * 7322 * @ingroup krb5_storage 7323 */ 7324 7325 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7326 krb5_ret_times ( 7327 krb5_storage */*sp*/, 7328 krb5_times */*times*/); 7329 7330 /** 7331 * Read a int16 from storage, byte order is controlled by the settings 7332 * on the storage, see krb5_storage_set_byteorder(). 7333 * 7334 * @param sp the storage to write too 7335 * @param value the value read from the buffer 7336 * 7337 * @return 0 for success, or a Kerberos 5 error code on failure. 7338 * 7339 * @ingroup krb5_storage 7340 */ 7341 7342 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7343 krb5_ret_uint16 ( 7344 krb5_storage */*sp*/, 7345 uint16_t */*value*/); 7346 7347 /** 7348 * Read a uint32 from storage, byte order is controlled by the settings 7349 * on the storage, see krb5_storage_set_byteorder(). 7350 * 7351 * @param sp the storage to write too 7352 * @param value the value read from the buffer 7353 * 7354 * @return 0 for success, or a Kerberos 5 error code on failure. 7355 * 7356 * @ingroup krb5_storage 7357 */ 7358 7359 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7360 krb5_ret_uint32 ( 7361 krb5_storage */*sp*/, 7362 uint32_t */*value*/); 7363 7364 /** 7365 * Read a uint64 from storage, byte order is controlled by the settings 7366 * on the storage, see krb5_storage_set_byteorder(). 7367 * 7368 * @param sp the storage to write too 7369 * @param value the value read from the buffer 7370 * 7371 * @return 0 for success, or a Kerberos 5 error code on failure. 7372 * 7373 * @ingroup krb5_storage 7374 */ 7375 7376 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7377 krb5_ret_uint64 ( 7378 krb5_storage */*sp*/, 7379 uint64_t */*value*/); 7380 7381 /** 7382 * Read a uint8 from storage 7383 * 7384 * @param sp the storage to write too 7385 * @param value the value read from the buffer 7386 * 7387 * @return 0 for success, or a Kerberos 5 error code on failure. 7388 * 7389 * @ingroup krb5_storage 7390 */ 7391 7392 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7393 krb5_ret_uint8 ( 7394 krb5_storage */*sp*/, 7395 uint8_t */*value*/); 7396 7397 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7398 krb5_salttype_to_string ( 7399 krb5_context /*context*/, 7400 krb5_enctype /*etype*/, 7401 krb5_salttype /*stype*/, 7402 char **/*string*/); 7403 7404 /** 7405 * Perform the client side of the sendauth protocol. 7406 * 7407 * @param context Kerberos 5 context. 7408 * @param auth_context Authentication context of the peer. 7409 * @param p_fd Socket associated to the connection. 7410 * @param appl_version Server-specific string. 7411 * @param client Client principal. If NULL, use the credentials in \a ccache. 7412 * @param server Server principal. 7413 * @param ap_req_options Options for the AP_REQ message. See the AP_OPTS_* defines in krb5.h. 7414 * @param in_data FIXME 7415 * @param in_creds FIXME 7416 * @param ccache Credentials cache. If NULL, use the default credentials cache. 7417 * @param ret_error If not NULL, will be set to the error reported by server, if any. 7418 * Must be deallocated with krb5_free_error_contents(). 7419 * @param rep_result If not NULL, will be set to the EncApRepPart of the AP_REP message. 7420 * Must be deallocated with krb5_free_ap_rep_enc_part(). 7421 * @param out_creds FIXME If not NULL, will be set to FIXME. Must be deallocated with 7422 * krb5_free_creds(). 7423 * 7424 * @return 0 to indicate success. Otherwise a Kerberos error code is 7425 * returned, see krb5_get_error_message(). 7426 */ 7427 7428 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7429 krb5_sendauth ( 7430 krb5_context /*context*/, 7431 krb5_auth_context */*auth_context*/, 7432 krb5_pointer /*p_fd*/, 7433 const char */*appl_version*/, 7434 krb5_principal /*client*/, 7435 krb5_principal /*server*/, 7436 krb5_flags /*ap_req_options*/, 7437 krb5_data */*in_data*/, 7438 krb5_creds */*in_creds*/, 7439 krb5_ccache /*ccache*/, 7440 krb5_error **/*ret_error*/, 7441 krb5_ap_rep_enc_part **/*rep_result*/, 7442 krb5_creds **/*out_creds*/); 7443 7444 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7445 krb5_sendto ( 7446 krb5_context /*context*/, 7447 const krb5_data */*send_data*/, 7448 krb5_krbhst_handle /*handle*/, 7449 krb5_data */*receive*/); 7450 7451 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7452 krb5_sendto_context ( 7453 krb5_context /*context*/, 7454 krb5_sendto_ctx /*ctx*/, 7455 const krb5_data */*send_data*/, 7456 krb5_const_realm /*realm*/, 7457 krb5_data */*receive*/); 7458 7459 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7460 krb5_sendto_ctx_add_flags ( 7461 krb5_sendto_ctx /*ctx*/, 7462 int /*flags*/); 7463 7464 /** 7465 * @section send_to_kdc Locating and sending packets to the KDC 7466 * 7467 * The send to kdc code is responsible to request the list of KDC from 7468 * the locate-kdc subsystem and then send requests to each of them. 7469 * 7470 * - Each second a new hostname is tried. 7471 * - If the hostname have several addresses, the first will be tried 7472 * directly then in turn the other will be tried every 3 seconds 7473 * (host_timeout). 7474 * - UDP requests are tried 3 times, and it tried with a individual timeout of kdc_timeout / 3. 7475 * - TCP and HTTP requests are tried 1 time. 7476 * 7477 * Total wait time shorter then (number of addresses * 3) + kdc_timeout seconds. 7478 * 7479 */ 7480 7481 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7482 krb5_sendto_ctx_alloc ( 7483 krb5_context /*context*/, 7484 krb5_sendto_ctx */*ctx*/); 7485 7486 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7487 krb5_sendto_ctx_free ( 7488 krb5_context /*context*/, 7489 krb5_sendto_ctx /*ctx*/); 7490 7491 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 7492 krb5_sendto_ctx_get_flags (krb5_sendto_ctx /*ctx*/); 7493 7494 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7495 krb5_sendto_ctx_set_func ( 7496 krb5_sendto_ctx /*ctx*/, 7497 krb5_sendto_ctx_func /*func*/, 7498 void */*data*/); 7499 7500 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7501 krb5_sendto_ctx_set_type ( 7502 krb5_sendto_ctx /*ctx*/, 7503 int /*type*/); 7504 7505 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7506 krb5_sendto_kdc ( 7507 krb5_context /*context*/, 7508 const krb5_data */*send_data*/, 7509 const krb5_realm */*realm*/, 7510 krb5_data */*receive*/); 7511 7512 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7513 krb5_sendto_kdc_flags ( 7514 krb5_context /*context*/, 7515 const krb5_data */*send_data*/, 7516 const krb5_realm */*realm*/, 7517 krb5_data */*receive*/, 7518 int /*flags*/); 7519 7520 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7521 krb5_sendto_set_hostname ( 7522 krb5_context /*context*/, 7523 krb5_sendto_ctx /*ctx*/, 7524 const char */*hostname*/); 7525 7526 /** 7527 * Reinit the context from a new set of filenames. 7528 * 7529 * @param context context to add configuration too. 7530 * @param filenames array of filenames, end of list is indicated with a NULL filename. 7531 * 7532 * @return Returns 0 to indicate success. Otherwise an kerberos et 7533 * error code is returned, see krb5_get_error_message(). 7534 * 7535 * @ingroup krb5 7536 */ 7537 7538 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7539 krb5_set_config_files ( 7540 krb5_context /*context*/, 7541 char **/*filenames*/); 7542 7543 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7544 krb5_set_debug_dest ( 7545 krb5_context /*context*/, 7546 const char */*program*/, 7547 const char */*log_spec*/); 7548 7549 /** 7550 * Set the default encryption types that will be use in communcation 7551 * with the KDC, clients and servers. 7552 * 7553 * @param context Kerberos 5 context. 7554 * @param etypes Encryption types, array terminated with ETYPE_NULL (0). 7555 * A value of NULL resets the encryption types to the defaults set in the 7556 * configuration file. 7557 * 7558 * @return Returns 0 to indicate success. Otherwise an kerberos et 7559 * error code is returned, see krb5_get_error_message(). 7560 * 7561 * @ingroup krb5 7562 */ 7563 7564 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7565 krb5_set_default_in_tkt_etypes ( 7566 krb5_context /*context*/, 7567 const krb5_enctype */*etypes*/); 7568 7569 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7570 krb5_set_default_realm ( 7571 krb5_context /*context*/, 7572 const char */*realm*/); 7573 7574 /** 7575 * Set if the library should use DNS to canonicalize hostnames. 7576 * 7577 * @param context Kerberos 5 context. 7578 * @param flag if its dns canonicalizion is used or not. 7579 * 7580 * @ingroup krb5 7581 */ 7582 7583 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7584 krb5_set_dns_canonicalize_hostname ( 7585 krb5_context /*context*/, 7586 krb5_boolean /*flag*/); 7587 7588 /** 7589 * Set the context full error string for a specific error code. 7590 * The error that is stored should be internationalized. 7591 * 7592 * The if context is NULL, no error string is stored. 7593 * 7594 * @param context Kerberos 5 context 7595 * @param ret The error code 7596 * @param fmt Error string for the error code 7597 * @param ... printf(3) style parameters. 7598 * 7599 * @ingroup krb5_error 7600 */ 7601 7602 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7603 krb5_set_error_message ( 7604 krb5_context /*context*/, 7605 krb5_error_code /*ret*/, 7606 const char */*fmt*/, 7607 ...) 7608 __attribute__ ((__format__ (__printf__, 3, 4))); 7609 7610 /** 7611 * Set the error message returned by krb5_get_error_string(). 7612 * 7613 * Deprecated: use krb5_get_error_message() 7614 * 7615 * @param context Kerberos context 7616 * @param fmt error message to free 7617 * 7618 * @return Return an error code or 0. 7619 * 7620 * @ingroup krb5_deprecated 7621 */ 7622 7623 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7624 krb5_set_error_string ( 7625 krb5_context /*context*/, 7626 const char */*fmt*/, 7627 ...) 7628 __attribute__ ((__format__ (__printf__, 2, 3))) KRB5_DEPRECATED_FUNCTION("Use X instead"); 7629 7630 /** 7631 * Set extra address to the address list that the library will add to 7632 * the client's address list when communicating with the KDC. 7633 * 7634 * @param context Kerberos 5 context. 7635 * @param addresses addreses to set 7636 * 7637 * @return Returns 0 to indicate success. Otherwise an kerberos et 7638 * error code is returned, see krb5_get_error_message(). 7639 * 7640 * @ingroup krb5 7641 */ 7642 7643 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7644 krb5_set_extra_addresses ( 7645 krb5_context /*context*/, 7646 const krb5_addresses */*addresses*/); 7647 7648 /** 7649 * Set version of fcache that the library should use. 7650 * 7651 * @param context Kerberos 5 context. 7652 * @param version version number. 7653 * 7654 * @return Returns 0 to indicate success. Otherwise an kerberos et 7655 * error code is returned, see krb5_get_error_message(). 7656 * 7657 * @ingroup krb5 7658 */ 7659 7660 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7661 krb5_set_fcache_version ( 7662 krb5_context /*context*/, 7663 int /*version*/); 7664 7665 /** 7666 * Enable and disable home directory access on either the global state 7667 * or the krb5_context state. By calling krb5_set_home_dir_access() 7668 * with context set to NULL, the global state is configured otherwise 7669 * the state for the krb5_context is modified. 7670 * 7671 * For home directory access to be allowed, both the global state and 7672 * the krb5_context state have to be allowed. 7673 * 7674 * @param context a Kerberos 5 context or NULL 7675 * @param allow allow if TRUE home directory 7676 * @return the old value 7677 * 7678 * @ingroup krb5 7679 */ 7680 7681 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7682 krb5_set_home_dir_access ( 7683 krb5_context /*context*/, 7684 krb5_boolean /*allow*/); 7685 7686 /** 7687 * Set extra addresses to ignore when fetching addresses from the 7688 * underlaying operating system. 7689 * 7690 * @param context Kerberos 5 context. 7691 * @param addresses addreses to ignore 7692 * 7693 * @return Returns 0 to indicate success. Otherwise an kerberos et 7694 * error code is returned, see krb5_get_error_message(). 7695 * 7696 * @ingroup krb5 7697 */ 7698 7699 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7700 krb5_set_ignore_addresses ( 7701 krb5_context /*context*/, 7702 const krb5_addresses */*addresses*/); 7703 7704 /** 7705 * Set current offset in time to the KDC. 7706 * 7707 * @param context Kerberos 5 context. 7708 * @param sec seconds part of offset. 7709 * @param usec micro seconds part of offset. 7710 * 7711 * @return returns zero 7712 * 7713 * @ingroup krb5 7714 */ 7715 7716 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7717 krb5_set_kdc_sec_offset ( 7718 krb5_context /*context*/, 7719 int32_t /*sec*/, 7720 int32_t /*usec*/); 7721 7722 /** 7723 * Set max time skew allowed. 7724 * 7725 * @param context Kerberos 5 context. 7726 * @param t timeskew in seconds. 7727 * 7728 * @ingroup krb5 7729 */ 7730 7731 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7732 krb5_set_max_time_skew ( 7733 krb5_context /*context*/, 7734 time_t /*t*/); 7735 7736 /** 7737 * Change password using creds. 7738 * 7739 * @param context a Keberos context 7740 * @param creds The initial kadmin/passwd for the principal or an admin principal 7741 * @param newpw The new password to set 7742 * @param targprinc if unset, the default principal is used. 7743 * @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed. 7744 * @param result_code_string binary message from the server, contains 7745 * at least the result_code. 7746 * @param result_string A message from the kpasswd service or the 7747 * library in human printable form. The string is NUL terminated. 7748 * 7749 * @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed. 7750 7751 * @ingroup @krb5 7752 */ 7753 7754 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7755 krb5_set_password ( 7756 krb5_context /*context*/, 7757 krb5_creds */*creds*/, 7758 const char */*newpw*/, 7759 krb5_principal /*targprinc*/, 7760 int */*result_code*/, 7761 krb5_data */*result_code_string*/, 7762 krb5_data */*result_string*/); 7763 7764 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7765 krb5_set_password_using_ccache ( 7766 krb5_context /*context*/, 7767 krb5_ccache /*ccache*/, 7768 const char */*newpw*/, 7769 krb5_principal /*targprinc*/, 7770 int */*result_code*/, 7771 krb5_data */*result_code_string*/, 7772 krb5_data */*result_string*/); 7773 7774 /** 7775 * Set the absolute time that the caller knows the kdc has so the 7776 * kerberos library can calculate the relative diffrence beteen the 7777 * KDC time and local system time. 7778 * 7779 * @param context Keberos 5 context. 7780 * @param sec The applications new of "now" in seconds 7781 * @param usec The applications new of "now" in micro seconds 7782 7783 * @return Kerberos 5 error code, see krb5_get_error_message(). 7784 * 7785 * @ingroup krb5 7786 */ 7787 7788 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7789 krb5_set_real_time ( 7790 krb5_context /*context*/, 7791 krb5_timestamp /*sec*/, 7792 int32_t /*usec*/); 7793 7794 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7795 krb5_set_send_to_kdc_func ( 7796 krb5_context /*context*/, 7797 krb5_send_to_kdc_func /*func*/, 7798 void */*data*/); 7799 7800 /** 7801 * Make the kerberos library default to the admin KDC. 7802 * 7803 * @param context Kerberos 5 context. 7804 * @param flag boolean flag to select if the use the admin KDC or not. 7805 * 7806 * @ingroup krb5 7807 */ 7808 7809 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7810 krb5_set_use_admin_kdc ( 7811 krb5_context /*context*/, 7812 krb5_boolean /*flag*/); 7813 7814 /** 7815 * Set the default logging facility. 7816 * 7817 * @param context A Kerberos 5 context 7818 * @param fac Facility to use for logging. 7819 * 7820 * @ingroup krb5_error 7821 */ 7822 7823 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7824 krb5_set_warn_dest ( 7825 krb5_context /*context*/, 7826 krb5_log_facility */*fac*/); 7827 7828 /** 7829 * Create a principal for the given service running on the given 7830 * hostname. If KRB5_NT_SRV_HST is used, the hostname is canonicalized 7831 * according the configured name canonicalization rules, with 7832 * canonicalization delayed in some cases. One rule involves DNS, which 7833 * is insecure unless DNSSEC is used, but we don't use DNSSEC-capable 7834 * resolver APIs here, so that if DNSSEC is used we wouldn't know it. 7835 * 7836 * Canonicalization is immediate (not delayed) only when there is only 7837 * one canonicalization rule and that rule indicates that we should do a 7838 * host lookup by name (i.e., DNS). 7839 * 7840 * @param context A Kerberos context. 7841 * @param hostname hostname to use 7842 * @param sname Service name to use 7843 * @param type name type of principal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN. 7844 * @param ret_princ return principal, free with krb5_free_principal(). 7845 * 7846 * @return An krb5 error code, see krb5_get_error_message(). 7847 * 7848 * @ingroup krb5_principal 7849 */ 7850 7851 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7852 krb5_sname_to_principal ( 7853 krb5_context /*context*/, 7854 const char */*hostname*/, 7855 const char */*sname*/, 7856 int32_t /*type*/, 7857 krb5_principal */*ret_princ*/); 7858 7859 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7860 krb5_sock_to_principal ( 7861 krb5_context /*context*/, 7862 int /*sock*/, 7863 const char */*sname*/, 7864 int32_t /*type*/, 7865 krb5_principal */*ret_princ*/); 7866 7867 /** 7868 * krb5_sockaddr2address stores a address a "struct sockaddr" sa in 7869 * the krb5_address addr. 7870 * 7871 * @param context a Keberos context 7872 * @param sa a struct sockaddr to extract the address from 7873 * @param addr an Kerberos 5 address to store the address in. 7874 * 7875 * @return Return an error code or 0. 7876 * 7877 * @ingroup krb5_address 7878 */ 7879 7880 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7881 krb5_sockaddr2address ( 7882 krb5_context /*context*/, 7883 const struct sockaddr */*sa*/, 7884 krb5_address */*addr*/); 7885 7886 /** 7887 * krb5_sockaddr2port extracts a port (if possible) from a "struct 7888 * sockaddr. 7889 * 7890 * @param context a Keberos context 7891 * @param sa a struct sockaddr to extract the port from 7892 * @param port a pointer to an int16_t store the port in. 7893 * 7894 * @return Return an error code or 0. Will return 7895 * KRB5_PROG_ATYPE_NOSUPP in case address type is not supported. 7896 * 7897 * @ingroup krb5_address 7898 */ 7899 7900 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7901 krb5_sockaddr2port ( 7902 krb5_context /*context*/, 7903 const struct sockaddr */*sa*/, 7904 int16_t */*port*/); 7905 7906 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7907 krb5_sockaddr_is_loopback (const struct sockaddr */*sa*/); 7908 7909 /** 7910 * krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the 7911 * kerberos library thinks are uninteresting. One example are link 7912 * local addresses. 7913 * 7914 * @param sa pointer to struct sockaddr that might be interesting. 7915 * 7916 * @return Return a non zero for uninteresting addresses. 7917 * 7918 * @ingroup krb5_address 7919 */ 7920 7921 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 7922 krb5_sockaddr_uninteresting (const struct sockaddr */*sa*/); 7923 7924 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7925 krb5_std_usage ( 7926 int /*code*/, 7927 struct getargs */*args*/, 7928 int /*num_args*/); 7929 7930 /** 7931 * Clear the flags on a storage buffer 7932 * 7933 * @param sp the storage buffer to clear the flags on 7934 * @param flags the flags to clear 7935 * 7936 * @ingroup krb5_storage 7937 */ 7938 7939 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 7940 krb5_storage_clear_flags ( 7941 krb5_storage */*sp*/, 7942 krb5_flags /*flags*/); 7943 7944 /** 7945 * Create a elastic (allocating) memory storage backend. Memory is 7946 * allocated on demand. Free returned krb5_storage with 7947 * krb5_storage_free(). 7948 * 7949 * @return A krb5_storage on success, or NULL on out of memory error. 7950 * 7951 * @ingroup krb5_storage 7952 * 7953 * @sa krb5_storage_from_mem() 7954 * @sa krb5_storage_from_readonly_mem() 7955 * @sa krb5_storage_from_fd() 7956 * @sa krb5_storage_from_data() 7957 * @sa krb5_storage_from_socket() 7958 */ 7959 7960 KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7961 krb5_storage_emem (void); 7962 7963 /** 7964 * Free a krb5 storage. 7965 * 7966 * @param sp the storage to free. 7967 * 7968 * @return An Kerberos 5 error code. 7969 * 7970 * @ingroup krb5_storage 7971 */ 7972 7973 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 7974 krb5_storage_free (krb5_storage */*sp*/); 7975 7976 /** 7977 * Create a fixed size memory storage block 7978 * 7979 * @return A krb5_storage on success, or NULL on out of memory error. 7980 * 7981 * @ingroup krb5_storage 7982 * 7983 * @sa krb5_storage_mem() 7984 * @sa krb5_storage_from_mem() 7985 * @sa krb5_storage_from_readonly_mem() 7986 * @sa krb5_storage_from_fd() 7987 */ 7988 7989 KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 7990 krb5_storage_from_data (krb5_data */*data*/); 7991 7992 /** 7993 * 7994 * 7995 * @return A krb5_storage on success, or NULL on out of memory error. 7996 * 7997 * @ingroup krb5_storage 7998 * 7999 * @sa krb5_storage_emem() 8000 * @sa krb5_storage_from_mem() 8001 * @sa krb5_storage_from_readonly_mem() 8002 * @sa krb5_storage_from_data() 8003 * @sa krb5_storage_from_socket() 8004 */ 8005 8006 KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8007 krb5_storage_from_fd (int /*fd_in*/); 8008 8009 /** 8010 * Create a fixed size memory storage block 8011 * 8012 * @return A krb5_storage on success, or NULL on out of memory error. 8013 * 8014 * @ingroup krb5_storage 8015 * 8016 * @sa krb5_storage_mem() 8017 * @sa krb5_storage_from_readonly_mem() 8018 * @sa krb5_storage_from_data() 8019 * @sa krb5_storage_from_fd() 8020 * @sa krb5_storage_from_socket() 8021 */ 8022 8023 KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8024 krb5_storage_from_mem ( 8025 void */*buf*/, 8026 size_t /*len*/); 8027 8028 /** 8029 * Create a fixed size memory storage block that is read only 8030 * 8031 * @return A krb5_storage on success, or NULL on out of memory error. 8032 * 8033 * @ingroup krb5_storage 8034 * 8035 * @sa krb5_storage_mem() 8036 * @sa krb5_storage_from_mem() 8037 * @sa krb5_storage_from_data() 8038 * @sa krb5_storage_from_fd() 8039 */ 8040 8041 KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8042 krb5_storage_from_readonly_mem ( 8043 const void */*buf*/, 8044 size_t /*len*/); 8045 8046 /** 8047 * 8048 * 8049 * @return A krb5_storage on success, or NULL on out of memory error. 8050 * 8051 * @ingroup krb5_storage 8052 * 8053 * @sa krb5_storage_emem() 8054 * @sa krb5_storage_from_mem() 8055 * @sa krb5_storage_from_readonly_mem() 8056 * @sa krb5_storage_from_data() 8057 * @sa krb5_storage_from_fd() 8058 */ 8059 8060 KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL 8061 krb5_storage_from_socket (krb5_socket_t /*sock_in*/); 8062 8063 /** 8064 * Sync the storage buffer to its backing store. If there is no 8065 * backing store this function will return success. 8066 * 8067 * @param sp the storage buffer to sync 8068 * 8069 * @return A Kerberos 5 error code 8070 * 8071 * @ingroup krb5_storage 8072 */ 8073 8074 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8075 krb5_storage_fsync (krb5_storage */*sp*/); 8076 8077 /** 8078 * Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants. 8079 * 8080 * @ingroup krb5_storage 8081 */ 8082 8083 KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL 8084 krb5_storage_get_byteorder (krb5_storage */*sp*/); 8085 8086 /** 8087 * Get the return code that will be used when end of storage is reached. 8088 * 8089 * @param sp the storage 8090 * 8091 * @return storage error code 8092 * 8093 * @ingroup krb5_storage 8094 */ 8095 8096 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8097 krb5_storage_get_eof_code (krb5_storage */*sp*/); 8098 8099 /** 8100 * Return true or false depending on if the storage flags is set or 8101 * not. NB testing for the flag 0 always return true. 8102 * 8103 * @param sp the storage buffer to check flags on 8104 * @param flags The flags to test for 8105 * 8106 * @return true if all the flags are set, false if not. 8107 * 8108 * @ingroup krb5_storage 8109 */ 8110 8111 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL 8112 krb5_storage_is_flags ( 8113 krb5_storage */*sp*/, 8114 krb5_flags /*flags*/); 8115 8116 /** 8117 * Read to the storage buffer. 8118 * 8119 * @param sp the storage buffer to read from 8120 * @param buf the buffer to store the data in 8121 * @param len the length to read 8122 * 8123 * @return The length of data read (can be shorter then len), or negative on error. 8124 * 8125 * @ingroup krb5_storage 8126 */ 8127 8128 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 8129 krb5_storage_read ( 8130 krb5_storage */*sp*/, 8131 void */*buf*/, 8132 size_t /*len*/); 8133 8134 /** 8135 * Seek to a new offset. 8136 * 8137 * @param sp the storage buffer to seek in. 8138 * @param offset the offset to seek 8139 * @param whence relateive searching, SEEK_CUR from the current 8140 * position, SEEK_END from the end, SEEK_SET absolute from the start. 8141 * 8142 * @return The new current offset 8143 * 8144 * @ingroup krb5_storage 8145 */ 8146 8147 KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL 8148 krb5_storage_seek ( 8149 krb5_storage */*sp*/, 8150 off_t /*offset*/, 8151 int /*whence*/); 8152 8153 /** 8154 * Set the new byte order of the storage buffer. 8155 * 8156 * @param sp the storage buffer to set the byte order for. 8157 * @param byteorder the new byte order. 8158 * 8159 * The byte order are: KRB5_STORAGE_BYTEORDER_BE, 8160 * KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST. 8161 * 8162 * @ingroup krb5_storage 8163 */ 8164 8165 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8166 krb5_storage_set_byteorder ( 8167 krb5_storage */*sp*/, 8168 krb5_flags /*byteorder*/); 8169 8170 /** 8171 * Set the return code that will be used when end of storage is reached. 8172 * 8173 * @param sp the storage 8174 * @param code the error code to return on end of storage 8175 * 8176 * @ingroup krb5_storage 8177 */ 8178 8179 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8180 krb5_storage_set_eof_code ( 8181 krb5_storage */*sp*/, 8182 int /*code*/); 8183 8184 /** 8185 * Add the flags on a storage buffer by or-ing in the flags to the buffer. 8186 * 8187 * @param sp the storage buffer to set the flags on 8188 * @param flags the flags to set 8189 * 8190 * @ingroup krb5_storage 8191 */ 8192 8193 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8194 krb5_storage_set_flags ( 8195 krb5_storage */*sp*/, 8196 krb5_flags /*flags*/); 8197 8198 /** 8199 * Set the max alloc value 8200 * 8201 * @param sp the storage buffer set the max allow for 8202 * @param size maximum size to allocate, use 0 to remove limit 8203 * 8204 * @ingroup krb5_storage 8205 */ 8206 8207 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8208 krb5_storage_set_max_alloc ( 8209 krb5_storage */*sp*/, 8210 size_t /*size*/); 8211 8212 /** 8213 * Copy the contnent of storage 8214 * 8215 * @param sp the storage to copy to a data 8216 * @param data the copied data, free with krb5_data_free() 8217 * 8218 * @return 0 for success, or a Kerberos 5 error code on failure. 8219 * 8220 * @ingroup krb5_storage 8221 */ 8222 8223 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8224 krb5_storage_to_data ( 8225 krb5_storage */*sp*/, 8226 krb5_data */*data*/); 8227 8228 /** 8229 * Truncate the storage buffer in sp to offset. 8230 * 8231 * @param sp the storage buffer to truncate. 8232 * @param offset the offset to truncate too. 8233 * 8234 * @return An Kerberos 5 error code. 8235 * 8236 * @ingroup krb5_storage 8237 */ 8238 8239 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 8240 krb5_storage_truncate ( 8241 krb5_storage */*sp*/, 8242 off_t /*offset*/); 8243 8244 /** 8245 * Write to the storage buffer. 8246 * 8247 * @param sp the storage buffer to write to 8248 * @param buf the buffer to write to the storage buffer 8249 * @param len the length to write 8250 * 8251 * @return The length of data written (can be shorter then len), or negative on error. 8252 * 8253 * @ingroup krb5_storage 8254 */ 8255 8256 KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL 8257 krb5_storage_write ( 8258 krb5_storage */*sp*/, 8259 const void */*buf*/, 8260 size_t /*len*/); 8261 8262 /** 8263 * Write a address block to storage. 8264 * 8265 * @param sp the storage buffer to write to 8266 * @param p the address block to write. 8267 * 8268 * @return 0 on success, a Kerberos 5 error code on failure. 8269 * 8270 * @ingroup krb5_storage 8271 */ 8272 8273 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8274 krb5_store_address ( 8275 krb5_storage */*sp*/, 8276 krb5_address /*p*/); 8277 8278 /** 8279 * Write a addresses block to storage. 8280 * 8281 * @param sp the storage buffer to write to 8282 * @param p the addresses block to write. 8283 * 8284 * @return 0 on success, a Kerberos 5 error code on failure. 8285 * 8286 * @ingroup krb5_storage 8287 */ 8288 8289 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8290 krb5_store_addrs ( 8291 krb5_storage */*sp*/, 8292 krb5_addresses /*p*/); 8293 8294 /** 8295 * Write a auth data block to storage. 8296 * 8297 * @param sp the storage buffer to write to 8298 * @param auth the auth data block to write. 8299 * 8300 * @return 0 on success, a Kerberos 5 error code on failure. 8301 * 8302 * @ingroup krb5_storage 8303 */ 8304 8305 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8306 krb5_store_authdata ( 8307 krb5_storage */*sp*/, 8308 krb5_authdata /*auth*/); 8309 8310 /** 8311 * Write a credentials block to storage. 8312 * 8313 * @param sp the storage buffer to write to 8314 * @param creds the creds block to write. 8315 * 8316 * @return 0 on success, a Kerberos 5 error code on failure. 8317 * 8318 * @ingroup krb5_storage 8319 */ 8320 8321 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8322 krb5_store_creds ( 8323 krb5_storage */*sp*/, 8324 krb5_creds */*creds*/); 8325 8326 /** 8327 * Write a tagged credentials block to storage. 8328 * 8329 * @param sp the storage buffer to write to 8330 * @param creds the creds block to write. 8331 * 8332 * @return 0 on success, a Kerberos 5 error code on failure. 8333 * 8334 * @ingroup krb5_storage 8335 */ 8336 8337 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8338 krb5_store_creds_tag ( 8339 krb5_storage */*sp*/, 8340 krb5_creds */*creds*/); 8341 8342 /** 8343 * Store a data to the storage. The data is stored with an int32 as 8344 * lenght plus the data (not padded). 8345 * 8346 * @param sp the storage buffer to write to 8347 * @param data the buffer to store. 8348 * 8349 * @return 0 on success, a Kerberos 5 error code on failure. 8350 * 8351 * @ingroup krb5_storage 8352 */ 8353 8354 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8355 krb5_store_data ( 8356 krb5_storage */*sp*/, 8357 krb5_data /*data*/); 8358 8359 /** 8360 * Store a int16 to storage, byte order is controlled by the settings 8361 * on the storage, see krb5_storage_set_byteorder(). 8362 * 8363 * @param sp the storage to write too 8364 * @param value the value to store 8365 * 8366 * @return 0 for success, or a Kerberos 5 error code on failure. 8367 * 8368 * @ingroup krb5_storage 8369 */ 8370 8371 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8372 krb5_store_int16 ( 8373 krb5_storage */*sp*/, 8374 int16_t /*value*/); 8375 8376 /** 8377 * Store a int32 to storage, byte order is controlled by the settings 8378 * on the storage, see krb5_storage_set_byteorder(). 8379 * 8380 * @param sp the storage to write too 8381 * @param value the value to store 8382 * 8383 * @return 0 for success, or a Kerberos 5 error code on failure. 8384 * 8385 * @ingroup krb5_storage 8386 */ 8387 8388 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8389 krb5_store_int32 ( 8390 krb5_storage */*sp*/, 8391 int32_t /*value*/); 8392 8393 /** 8394 * Store a int64 to storage, byte order is controlled by the settings 8395 * on the storage, see krb5_storage_set_byteorder(). 8396 * 8397 * @param sp the storage to write too 8398 * @param value the value to store 8399 * 8400 * @return 0 for success, or a Kerberos 5 error code on failure. 8401 * 8402 * @ingroup krb5_storage 8403 */ 8404 8405 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8406 krb5_store_int64 ( 8407 krb5_storage */*sp*/, 8408 int64_t /*value*/); 8409 8410 /** 8411 * Store a int8 to storage. 8412 * 8413 * @param sp the storage to write too 8414 * @param value the value to store 8415 * 8416 * @return 0 for success, or a Kerberos 5 error code on failure. 8417 * 8418 * @ingroup krb5_storage 8419 */ 8420 8421 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8422 krb5_store_int8 ( 8423 krb5_storage */*sp*/, 8424 int8_t /*value*/); 8425 8426 /** 8427 * Store a keyblock to the storage. 8428 * 8429 * @param sp the storage buffer to write to 8430 * @param p the keyblock to write 8431 * 8432 * @return 0 on success, a Kerberos 5 error code on failure. 8433 * 8434 * @ingroup krb5_storage 8435 */ 8436 8437 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8438 krb5_store_keyblock ( 8439 krb5_storage */*sp*/, 8440 krb5_keyblock /*p*/); 8441 8442 /** 8443 * Write a principal block to storage. 8444 * 8445 * @param sp the storage buffer to write to 8446 * @param p the principal block to write. 8447 * 8448 * @return 0 on success, a Kerberos 5 error code on failure. 8449 * 8450 * @ingroup krb5_storage 8451 */ 8452 8453 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8454 krb5_store_principal ( 8455 krb5_storage */*sp*/, 8456 krb5_const_principal /*p*/); 8457 8458 /** 8459 * Store a string to the buffer. The data is formated as an len:uint32 8460 * plus the string itself (not padded). 8461 * 8462 * @param sp the storage buffer to write to 8463 * @param s the string to store. 8464 * 8465 * @return 0 on success, a Kerberos 5 error code on failure. 8466 * 8467 * @ingroup krb5_storage 8468 */ 8469 8470 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8471 krb5_store_string ( 8472 krb5_storage */*sp*/, 8473 const char */*s*/); 8474 8475 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8476 krb5_store_stringnl ( 8477 krb5_storage */*sp*/, 8478 const char */*s*/); 8479 8480 /** 8481 * Store a zero terminated string to the buffer. The data is stored 8482 * one character at a time until a NUL is stored. 8483 * 8484 * @param sp the storage buffer to write to 8485 * @param s the string to store. 8486 * 8487 * @return 0 on success, a Kerberos 5 error code on failure. 8488 * 8489 * @ingroup krb5_storage 8490 */ 8491 8492 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8493 krb5_store_stringz ( 8494 krb5_storage */*sp*/, 8495 const char */*s*/); 8496 8497 /** 8498 * Write a times block to storage. 8499 * 8500 * @param sp the storage buffer to write to 8501 * @param times the times block to write. 8502 * 8503 * @return 0 on success, a Kerberos 5 error code on failure. 8504 * 8505 * @ingroup krb5_storage 8506 */ 8507 8508 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8509 krb5_store_times ( 8510 krb5_storage */*sp*/, 8511 krb5_times /*times*/); 8512 8513 /** 8514 * Store a uint16 to storage, byte order is controlled by the settings 8515 * on the storage, see krb5_storage_set_byteorder(). 8516 * 8517 * @param sp the storage to write too 8518 * @param value the value to store 8519 * 8520 * @return 0 for success, or a Kerberos 5 error code on failure. 8521 * 8522 * @ingroup krb5_storage 8523 */ 8524 8525 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8526 krb5_store_uint16 ( 8527 krb5_storage */*sp*/, 8528 uint16_t /*value*/); 8529 8530 /** 8531 * Store a uint32 to storage, byte order is controlled by the settings 8532 * on the storage, see krb5_storage_set_byteorder(). 8533 * 8534 * @param sp the storage to write too 8535 * @param value the value to store 8536 * 8537 * @return 0 for success, or a Kerberos 5 error code on failure. 8538 * 8539 * @ingroup krb5_storage 8540 */ 8541 8542 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8543 krb5_store_uint32 ( 8544 krb5_storage */*sp*/, 8545 uint32_t /*value*/); 8546 8547 /** 8548 * Store a uint64 to storage, byte order is controlled by the settings 8549 * on the storage, see krb5_storage_set_byteorder(). 8550 * 8551 * @param sp the storage to write too 8552 * @param value the value to store 8553 * 8554 * @return 0 for success, or a Kerberos 5 error code on failure. 8555 * 8556 * @ingroup krb5_storage 8557 */ 8558 8559 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8560 krb5_store_uint64 ( 8561 krb5_storage */*sp*/, 8562 uint64_t /*value*/); 8563 8564 /** 8565 * Store a uint8 to storage. 8566 * 8567 * @param sp the storage to write too 8568 * @param value the value to store 8569 * 8570 * @return 0 for success, or a Kerberos 5 error code on failure. 8571 * 8572 * @ingroup krb5_storage 8573 */ 8574 8575 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8576 krb5_store_uint8 ( 8577 krb5_storage */*sp*/, 8578 uint8_t /*value*/); 8579 8580 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8581 krb5_string_to_deltat ( 8582 const char */*string*/, 8583 krb5_deltat */*deltat*/); 8584 8585 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8586 krb5_string_to_enctype ( 8587 krb5_context /*context*/, 8588 const char */*string*/, 8589 krb5_enctype */*etype*/); 8590 8591 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8592 krb5_string_to_key ( 8593 krb5_context /*context*/, 8594 krb5_enctype /*enctype*/, 8595 const char */*password*/, 8596 krb5_principal /*principal*/, 8597 krb5_keyblock */*key*/); 8598 8599 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8600 krb5_string_to_key_data ( 8601 krb5_context /*context*/, 8602 krb5_enctype /*enctype*/, 8603 krb5_data /*password*/, 8604 krb5_principal /*principal*/, 8605 krb5_keyblock */*key*/); 8606 8607 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8608 krb5_string_to_key_data_salt ( 8609 krb5_context /*context*/, 8610 krb5_enctype /*enctype*/, 8611 krb5_data /*password*/, 8612 krb5_salt /*salt*/, 8613 krb5_keyblock */*key*/); 8614 8615 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8616 krb5_string_to_key_data_salt_opaque ( 8617 krb5_context /*context*/, 8618 krb5_enctype /*enctype*/, 8619 krb5_data /*password*/, 8620 krb5_salt /*salt*/, 8621 krb5_data /*opaque*/, 8622 krb5_keyblock */*key*/); 8623 8624 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8625 krb5_string_to_key_derived ( 8626 krb5_context /*context*/, 8627 const void */*str*/, 8628 size_t /*len*/, 8629 krb5_enctype /*etype*/, 8630 krb5_keyblock */*key*/); 8631 8632 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8633 krb5_string_to_key_salt ( 8634 krb5_context /*context*/, 8635 krb5_enctype /*enctype*/, 8636 const char */*password*/, 8637 krb5_salt /*salt*/, 8638 krb5_keyblock */*key*/); 8639 8640 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8641 krb5_string_to_key_salt_opaque ( 8642 krb5_context /*context*/, 8643 krb5_enctype /*enctype*/, 8644 const char */*password*/, 8645 krb5_salt /*salt*/, 8646 krb5_data /*opaque*/, 8647 krb5_keyblock */*key*/); 8648 8649 /** 8650 * Deprecated: keytypes doesn't exists, they are really enctypes in 8651 * most cases, use krb5_string_to_enctype(). 8652 * 8653 * @ingroup krb5_deprecated 8654 */ 8655 8656 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8657 krb5_string_to_keytype ( 8658 krb5_context /*context*/, 8659 const char */*string*/, 8660 krb5_keytype */*keytype*/) 8661 KRB5_DEPRECATED_FUNCTION("Use X instead"); 8662 8663 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8664 krb5_string_to_salttype ( 8665 krb5_context /*context*/, 8666 krb5_enctype /*etype*/, 8667 const char */*string*/, 8668 krb5_salttype */*salttype*/); 8669 8670 /** 8671 * Extract the authorization data type of type from the ticket. Store 8672 * the field in data. This function is to use for kerberos 8673 * applications. 8674 * 8675 * @param context a Kerberos 5 context 8676 * @param ticket Kerberos ticket 8677 * @param type type to fetch 8678 * @param data returned data, free with krb5_data_free() 8679 * 8680 * @ingroup krb5 8681 */ 8682 8683 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8684 krb5_ticket_get_authorization_data_type ( 8685 krb5_context /*context*/, 8686 krb5_ticket */*ticket*/, 8687 int /*type*/, 8688 krb5_data */*data*/); 8689 8690 /** 8691 * Return client principal in ticket 8692 * 8693 * @param context a Kerberos 5 context 8694 * @param ticket ticket to copy 8695 * @param client client principal, free with krb5_free_principal() 8696 * 8697 * @return Returns 0 to indicate success. Otherwise an kerberos et 8698 * error code is returned, see krb5_get_error_message(). 8699 * 8700 * @ingroup krb5 8701 */ 8702 8703 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8704 krb5_ticket_get_client ( 8705 krb5_context /*context*/, 8706 const krb5_ticket */*ticket*/, 8707 krb5_principal */*client*/); 8708 8709 /** 8710 * Return end time of ticket 8711 * 8712 * @param context a Kerberos 5 context 8713 * @param ticket ticket to copy 8714 * 8715 * @return end time of ticket 8716 * 8717 * @ingroup krb5 8718 */ 8719 8720 KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL 8721 krb5_ticket_get_endtime ( 8722 krb5_context /*context*/, 8723 const krb5_ticket */*ticket*/); 8724 8725 /** 8726 * Get the flags from the Kerberos ticket 8727 * 8728 * @param context Kerberos context 8729 * @param ticket Kerberos ticket 8730 * 8731 * @return ticket flags 8732 * 8733 * @ingroup krb5_ticket 8734 */ 8735 8736 KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL 8737 krb5_ticket_get_flags ( 8738 krb5_context /*context*/, 8739 const krb5_ticket */*ticket*/); 8740 8741 /** 8742 * Return server principal in ticket 8743 * 8744 * @param context a Kerberos 5 context 8745 * @param ticket ticket to copy 8746 * @param server server principal, free with krb5_free_principal() 8747 * 8748 * @return Returns 0 to indicate success. Otherwise an kerberos et 8749 * error code is returned, see krb5_get_error_message(). 8750 * 8751 * @ingroup krb5 8752 */ 8753 8754 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8755 krb5_ticket_get_server ( 8756 krb5_context /*context*/, 8757 const krb5_ticket */*ticket*/, 8758 krb5_principal */*server*/); 8759 8760 /** 8761 * If the caller passes in a negative usec, its assumed to be 8762 * unknown and the function will use the current time usec. 8763 */ 8764 8765 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8766 krb5_timeofday ( 8767 krb5_context /*context*/, 8768 krb5_timestamp */*timeret*/); 8769 8770 /** 8771 * Unparse the Kerberos name into a string 8772 * 8773 * @param context Kerberos 5 context 8774 * @param principal principal to query 8775 * @param name resulting string, free with krb5_xfree() 8776 * 8777 * @return An krb5 error code, see krb5_get_error_message(). 8778 * 8779 * @ingroup krb5_principal 8780 */ 8781 8782 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8783 krb5_unparse_name ( 8784 krb5_context /*context*/, 8785 krb5_const_principal /*principal*/, 8786 char **/*name*/); 8787 8788 /** 8789 * Unparse the principal name to a fixed buffer 8790 * 8791 * @param context A Kerberos context. 8792 * @param principal principal to unparse 8793 * @param name buffer to write name to 8794 * @param len length of buffer 8795 * 8796 * @return An krb5 error code, see krb5_get_error_message(). 8797 * 8798 * @ingroup krb5_principal 8799 */ 8800 8801 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8802 krb5_unparse_name_fixed ( 8803 krb5_context /*context*/, 8804 krb5_const_principal /*principal*/, 8805 char */*name*/, 8806 size_t /*len*/); 8807 8808 /** 8809 * Unparse the principal name with unparse flags to a fixed buffer. 8810 * 8811 * @param context A Kerberos context. 8812 * @param principal principal to unparse 8813 * @param flags unparse flags 8814 * @param name buffer to write name to 8815 * @param len length of buffer 8816 * 8817 * @return An krb5 error code, see krb5_get_error_message(). 8818 * 8819 * @ingroup krb5_principal 8820 */ 8821 8822 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8823 krb5_unparse_name_fixed_flags ( 8824 krb5_context /*context*/, 8825 krb5_const_principal /*principal*/, 8826 int /*flags*/, 8827 char */*name*/, 8828 size_t /*len*/); 8829 8830 /** 8831 * Unparse the principal name to a fixed buffer. The realm is skipped 8832 * if its a default realm. 8833 * 8834 * @param context A Kerberos context. 8835 * @param principal principal to unparse 8836 * @param name buffer to write name to 8837 * @param len length of buffer 8838 * 8839 * @return An krb5 error code, see krb5_get_error_message(). 8840 * 8841 * @ingroup krb5_principal 8842 */ 8843 8844 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8845 krb5_unparse_name_fixed_short ( 8846 krb5_context /*context*/, 8847 krb5_const_principal /*principal*/, 8848 char */*name*/, 8849 size_t /*len*/); 8850 8851 /** 8852 * Unparse the Kerberos name into a string 8853 * 8854 * @param context Kerberos 5 context 8855 * @param principal principal to query 8856 * @param flags flag to determine the behavior 8857 * @param name resulting string, free with krb5_xfree() 8858 * 8859 * @return An krb5 error code, see krb5_get_error_message(). 8860 * 8861 * @ingroup krb5_principal 8862 */ 8863 8864 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8865 krb5_unparse_name_flags ( 8866 krb5_context /*context*/, 8867 krb5_const_principal /*principal*/, 8868 int /*flags*/, 8869 char **/*name*/); 8870 8871 /** 8872 * Unparse the principal name to a allocated buffer. The realm is 8873 * skipped if its a default realm. 8874 * 8875 * @param context A Kerberos context. 8876 * @param principal principal to unparse 8877 * @param name returned buffer, free with krb5_xfree() 8878 * 8879 * @return An krb5 error code, see krb5_get_error_message(). 8880 * 8881 * @ingroup krb5_principal 8882 */ 8883 8884 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8885 krb5_unparse_name_short ( 8886 krb5_context /*context*/, 8887 krb5_const_principal /*principal*/, 8888 char **/*name*/); 8889 8890 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8891 krb5_us_timeofday ( 8892 krb5_context /*context*/, 8893 krb5_timestamp */*sec*/, 8894 int32_t */*usec*/); 8895 8896 /** 8897 * Log a warning to the log, default stderr, include bthe error from 8898 * the last failure and then abort. 8899 * 8900 * @param context A Kerberos 5 context 8901 * @param code error code of the last error 8902 * @param fmt message to print 8903 * @param ap arguments 8904 * 8905 * @ingroup krb5_error 8906 */ 8907 8908 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8909 krb5_vabort ( 8910 krb5_context /*context*/, 8911 krb5_error_code /*code*/, 8912 const char */*fmt*/, 8913 va_list /*ap*/) 8914 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 0))); 8915 8916 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8917 krb5_vabortx ( 8918 krb5_context /*context*/, 8919 const char */*fmt*/, 8920 va_list /*ap*/) 8921 __attribute__ ((__noreturn__, __format__ (__printf__, 2, 0))); 8922 8923 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8924 krb5_verify_ap_req ( 8925 krb5_context /*context*/, 8926 krb5_auth_context */*auth_context*/, 8927 krb5_ap_req */*ap_req*/, 8928 krb5_const_principal /*server*/, 8929 krb5_keyblock */*keyblock*/, 8930 krb5_flags /*flags*/, 8931 krb5_flags */*ap_req_options*/, 8932 krb5_ticket **/*ticket*/); 8933 8934 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8935 krb5_verify_ap_req2 ( 8936 krb5_context /*context*/, 8937 krb5_auth_context */*auth_context*/, 8938 krb5_ap_req */*ap_req*/, 8939 krb5_const_principal /*server*/, 8940 krb5_keyblock */*keyblock*/, 8941 krb5_flags /*flags*/, 8942 krb5_flags */*ap_req_options*/, 8943 krb5_ticket **/*ticket*/, 8944 krb5_key_usage /*usage*/); 8945 8946 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8947 krb5_verify_authenticator_checksum ( 8948 krb5_context /*context*/, 8949 krb5_auth_context /*ac*/, 8950 void */*data*/, 8951 size_t /*len*/); 8952 8953 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8954 krb5_verify_checksum ( 8955 krb5_context /*context*/, 8956 krb5_crypto /*crypto*/, 8957 krb5_key_usage /*usage*/, 8958 void */*data*/, 8959 size_t /*len*/, 8960 Checksum */*cksum*/); 8961 8962 /** 8963 * Verify a Kerberos message checksum. 8964 * 8965 * @param context Kerberos context 8966 * @param crypto Kerberos crypto context 8967 * @param usage Key usage for this buffer 8968 * @param data array of buffers to process 8969 * @param num_data length of array 8970 * @param type return checksum type if not NULL 8971 * 8972 * @return Return an error code or 0. 8973 * @ingroup krb5_crypto 8974 */ 8975 8976 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8977 krb5_verify_checksum_iov ( 8978 krb5_context /*context*/, 8979 krb5_crypto /*crypto*/, 8980 unsigned /*usage*/, 8981 krb5_crypto_iov */*data*/, 8982 unsigned int /*num_data*/, 8983 krb5_cksumtype */*type*/); 8984 8985 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 8986 krb5_verify_init_creds ( 8987 krb5_context /*context*/, 8988 krb5_creds */*creds*/, 8989 krb5_principal /*ap_req_server*/, 8990 krb5_keytab /*ap_req_keytab*/, 8991 krb5_ccache */*ccache*/, 8992 krb5_verify_init_creds_opt */*options*/); 8993 8994 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8995 krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt */*options*/); 8996 8997 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 8998 krb5_verify_init_creds_opt_set_ap_req_nofail ( 8999 krb5_verify_init_creds_opt */*options*/, 9000 int /*ap_req_nofail*/); 9001 9002 KRB5_LIB_FUNCTION int KRB5_LIB_CALL 9003 krb5_verify_opt_alloc ( 9004 krb5_context /*context*/, 9005 krb5_verify_opt **/*opt*/); 9006 9007 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9008 krb5_verify_opt_free (krb5_verify_opt */*opt*/); 9009 9010 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9011 krb5_verify_opt_init (krb5_verify_opt */*opt*/); 9012 9013 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9014 krb5_verify_opt_set_ccache ( 9015 krb5_verify_opt */*opt*/, 9016 krb5_ccache /*ccache*/); 9017 9018 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9019 krb5_verify_opt_set_flags ( 9020 krb5_verify_opt */*opt*/, 9021 unsigned int /*flags*/); 9022 9023 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9024 krb5_verify_opt_set_keytab ( 9025 krb5_verify_opt */*opt*/, 9026 krb5_keytab /*keytab*/); 9027 9028 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9029 krb5_verify_opt_set_secure ( 9030 krb5_verify_opt */*opt*/, 9031 krb5_boolean /*secure*/); 9032 9033 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9034 krb5_verify_opt_set_service ( 9035 krb5_verify_opt */*opt*/, 9036 const char */*service*/); 9037 9038 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9039 krb5_verify_user ( 9040 krb5_context /*context*/, 9041 krb5_principal /*principal*/, 9042 krb5_ccache /*ccache*/, 9043 const char */*password*/, 9044 krb5_boolean /*secure*/, 9045 const char */*service*/); 9046 9047 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9048 krb5_verify_user_lrealm ( 9049 krb5_context /*context*/, 9050 krb5_principal /*principal*/, 9051 krb5_ccache /*ccache*/, 9052 const char */*password*/, 9053 krb5_boolean /*secure*/, 9054 const char */*service*/); 9055 9056 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9057 krb5_verify_user_opt ( 9058 krb5_context /*context*/, 9059 krb5_principal /*principal*/, 9060 const char */*password*/, 9061 krb5_verify_opt */*opt*/); 9062 9063 /** 9064 * Log a warning to the log, default stderr, include bthe error from 9065 * the last failure and then exit. 9066 * 9067 * @param context A Kerberos 5 context 9068 * @param eval the exit code to exit with 9069 * @param code error code of the last error 9070 * @param fmt message to print 9071 * @param ap arguments 9072 * 9073 * @ingroup krb5_error 9074 */ 9075 9076 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9077 krb5_verr ( 9078 krb5_context /*context*/, 9079 int /*eval*/, 9080 krb5_error_code /*code*/, 9081 const char */*fmt*/, 9082 va_list /*ap*/) 9083 __attribute__ ((__noreturn__, __format__ (__printf__, 4, 0))); 9084 9085 /** 9086 * Log a warning to the log, default stderr, and then exit. 9087 * 9088 * @param context A Kerberos 5 context 9089 * @param eval the exit code to exit with 9090 * @param fmt message to print 9091 * @param ap arguments 9092 * 9093 * @ingroup krb5_error 9094 */ 9095 9096 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9097 krb5_verrx ( 9098 krb5_context /*context*/, 9099 int /*eval*/, 9100 const char */*fmt*/, 9101 va_list /*ap*/) 9102 __attribute__ ((__noreturn__, __format__ (__printf__, 3, 0))); 9103 9104 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9105 krb5_vlog ( 9106 krb5_context /*context*/, 9107 krb5_log_facility */*fac*/, 9108 int /*level*/, 9109 const char */*fmt*/, 9110 va_list /*ap*/) 9111 __attribute__ ((__format__ (__printf__, 4, 0))); 9112 9113 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9114 krb5_vlog_msg ( 9115 krb5_context /*context*/, 9116 krb5_log_facility */*fac*/, 9117 char **/*reply*/, 9118 int /*level*/, 9119 const char */*fmt*/, 9120 va_list /*ap*/) 9121 __attribute__ ((__format__ (__printf__, 5, 0))); 9122 9123 /** 9124 * Prepend the contexts's full error string for a specific error code. 9125 * 9126 * The if context is NULL, no error string is stored. 9127 * 9128 * @param context Kerberos 5 context 9129 * @param ret The error code 9130 * @param fmt Error string for the error code 9131 * @param args printf(3) style parameters. 9132 * 9133 * @ingroup krb5_error 9134 */ 9135 9136 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9137 krb5_vprepend_error_message ( 9138 krb5_context /*context*/, 9139 krb5_error_code /*ret*/, 9140 const char */*fmt*/, 9141 va_list /*args*/) 9142 __attribute__ ((__format__ (__printf__, 3, 0))); 9143 9144 /** 9145 * Set the context full error string for a specific error code. 9146 * 9147 * The if context is NULL, no error string is stored. 9148 * 9149 * @param context Kerberos 5 context 9150 * @param ret The error code 9151 * @param fmt Error string for the error code 9152 * @param args printf(3) style parameters. 9153 * 9154 * @ingroup krb5_error 9155 */ 9156 9157 KRB5_LIB_FUNCTION void KRB5_LIB_CALL 9158 krb5_vset_error_message ( 9159 krb5_context /*context*/, 9160 krb5_error_code /*ret*/, 9161 const char */*fmt*/, 9162 va_list /*args*/) 9163 __attribute__ ((__format__ (__printf__, 3, 0))); 9164 9165 /** 9166 * Set the error message returned by krb5_get_error_string(), 9167 * deprecated, use krb5_set_error_message(). 9168 * 9169 * Deprecated: use krb5_vset_error_message() 9170 * 9171 * @param context Kerberos context 9172 * @param fmt error message to free 9173 * @param args variable argument list vector 9174 * 9175 * @return Return an error code or 0. 9176 * 9177 * @ingroup krb5_deprecated 9178 */ 9179 9180 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9181 krb5_vset_error_string ( 9182 krb5_context /*context*/, 9183 const char */*fmt*/, 9184 va_list /*args*/) 9185 __attribute__ ((__format__ (__printf__, 2, 0))) KRB5_DEPRECATED_FUNCTION("Use X instead"); 9186 9187 /** 9188 * Log a warning to the log, default stderr, include the error from 9189 * the last failure. 9190 * 9191 * @param context A Kerberos 5 context. 9192 * @param code error code of the last error 9193 * @param fmt message to print 9194 * @param ap arguments 9195 * 9196 * @ingroup krb5_error 9197 */ 9198 9199 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9200 krb5_vwarn ( 9201 krb5_context /*context*/, 9202 krb5_error_code /*code*/, 9203 const char */*fmt*/, 9204 va_list /*ap*/) 9205 __attribute__ ((__format__ (__printf__, 3, 0))); 9206 9207 /** 9208 * Log a warning to the log, default stderr. 9209 * 9210 * @param context A Kerberos 5 context. 9211 * @param fmt message to print 9212 * @param ap arguments 9213 * 9214 * @ingroup krb5_error 9215 */ 9216 9217 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9218 krb5_vwarnx ( 9219 krb5_context /*context*/, 9220 const char */*fmt*/, 9221 va_list /*ap*/) 9222 __attribute__ ((__format__ (__printf__, 2, 0))); 9223 9224 /** 9225 * Log a warning to the log, default stderr, include the error from 9226 * the last failure. 9227 * 9228 * @param context A Kerberos 5 context. 9229 * @param code error code of the last error 9230 * @param fmt message to print 9231 * 9232 * @ingroup krb5_error 9233 */ 9234 9235 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9236 krb5_warn ( 9237 krb5_context /*context*/, 9238 krb5_error_code /*code*/, 9239 const char */*fmt*/, 9240 ...) 9241 __attribute__ ((__format__ (__printf__, 3, 4))); 9242 9243 /** 9244 * Log a warning to the log, default stderr. 9245 * 9246 * @param context A Kerberos 5 context. 9247 * @param fmt message to print 9248 * 9249 * @ingroup krb5_error 9250 */ 9251 9252 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9253 krb5_warnx ( 9254 krb5_context /*context*/, 9255 const char */*fmt*/, 9256 ...) 9257 __attribute__ ((__format__ (__printf__, 2, 3))); 9258 9259 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9260 krb5_write_message ( 9261 krb5_context /*context*/, 9262 krb5_pointer /*p_fd*/, 9263 krb5_data */*data*/); 9264 9265 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9266 krb5_write_priv_message ( 9267 krb5_context /*context*/, 9268 krb5_auth_context /*ac*/, 9269 krb5_pointer /*p_fd*/, 9270 krb5_data */*data*/); 9271 9272 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9273 krb5_write_safe_message ( 9274 krb5_context /*context*/, 9275 krb5_auth_context /*ac*/, 9276 krb5_pointer /*p_fd*/, 9277 krb5_data */*data*/); 9278 9279 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL 9280 krb5_xfree (void */*ptr*/); 9281 9282 #ifdef __cplusplus 9283 } 9284 #endif 9285 9286 #undef KRB5_DEPRECATED_FUNCTION 9287 9288 #endif /* DOXY */ 9289 #endif /* __krb5_protos_h__ */ 9290