GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  KRB5_MK_REP_EXTENDED (3)

NAME

krb5_mk_req, krb5_mk_req_exact, krb5_mk_req_extended, krb5_rd_req, krb5_rd_req_with_keyblock, krb5_mk_rep, krb5_mk_rep_exact, krb5_mk_rep_extended, krb5_rd_rep, krb5_build_ap_req, krb5_verify_ap_req - create and read application authentication request

CONTENTS

Library
Synopsis
Description
See Also

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS


.In krb5.h krb5_error_code
.Fo krb5_mk_req krb5_context context krb5_auth_context *auth_context const krb5_flags ap_req_options const char *service const char *hostname krb5_data *in_data krb5_ccache ccache krb5_data *outbuf
.Fc krb5_error_code
.Fo krb5_mk_req_extended krb5_context context krb5_auth_context *auth_context const krb5_flags ap_req_options krb5_data *in_data krb5_creds *in_creds krb5_data *outbuf
.Fc krb5_error_code
.Fo krb5_rd_req krb5_context context krb5_auth_context *auth_context const krb5_data *inbuf krb5_const_principal server krb5_keytab keytab krb5_flags *ap_req_options krb5_ticket **ticket
.Fc krb5_error_code
.Fo krb5_build_ap_req krb5_context context krb5_enctype enctype krb5_creds *cred krb5_flags ap_options krb5_data authenticator krb5_data *retdata
.Fc krb5_error_code
.Fo krb5_verify_ap_req krb5_context context krb5_auth_context *auth_context krb5_ap_req *ap_req krb5_const_principal server krb5_keyblock *keyblock krb5_flags flags krb5_flags *ap_req_options krb5_ticket **ticket
.Fc

DESCRIPTION

The functions documented in this manual page document the functions that facilitates the exchange between a Kerberos client and server. They are the core functions used in the authentication exchange between the client and the server.

The krb5_mk_req and krb5_mk_req_extended creates the Kerberos message KRB_AP_REQ that is sent from the client to the server as the first packet in a client/server exchange. The result that should be sent to server is stored in outbuf.

auth_context should be allocated with krb5_auth_con_init or NULL passed in, in that case, it will be allocated and freed internally.

The input data in_data will have a checksum calculated over it and checksum will be transported in the message to the server.

ap_req_options can be set to one or more of the following flags:

AP_OPTS_USE_SESSION_KEY
  Use the session key when creating the request, used for user to user authentication.
AP_OPTS_MUTUAL_REQUIRED
  Mark the request as mutual authenticate required so that the receiver returns a mutual authentication packet.

The krb5_rd_req read the AP_REQ in inbuf and verify and extract the content. If server is specified, that server will be fetched from the keytab and used unconditionally. If server is NULL, the keytab will be search for a matching principal.

The keytab argument specifies what keytab to search for receiving principals. The arguments ap_req_options and ticket returns the content.

When the AS-REQ is a user to user request, neither of keytab or principal are used, instead krb5_rd_req expects the session key to be set in auth_context.

The krb5_verify_ap_req and krb5_build_ap_req both constructs and verify the AP_REQ message, should not be used by external code.

SEE ALSO

krb5(3), krb5.conf(5)
Search for    or go to Top of page |  Section 3 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.