2
KRB5_AUTH_CONTEXT(3) BSD Library Functions Manual KRB5_AUTH_CONTEXT(3)
5
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_a�ad�dd�df�fl�la�ag�gs�s, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_f�fr�re�ee�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�na�ad�dd�dr�rs�s,
6
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�ne�er�ra�at�te�el�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s,
7
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tf�fl�la�ag�gs�s,
8
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y,
9
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�rc�ca�ac�ch�he�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y,
10
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tu�us�se�er�rk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�ti�iv�ve�ec�ct�to�or�r,
11
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_r�re�em�mo�ov�ve�ef�fl�la�ag�gs�s, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s,
12
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s,
13
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ti�iv�ve�ec�ct�to�or�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y,
14
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�rc�ca�ac�ch�he�e,
15
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y,
16
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t, k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tc�ck�ks�su�um�mt�ty�yp�pe�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tk�ke�ey�yt�ty�yp�pe�e,
17
k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r,
18
k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tc�ck�ks�su�um�mt�ty�yp�pe�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tk�ke�ey�yt�ty�yp�pe�e,
19
k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r,
20
k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r -- manage authentication on connection level
23
Kerberos 5 Library (libkrb5, -lkrb5)
25
S�SY�YN�NO�OP�PS�SI�IS�S
26
#�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
28
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
29
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
30
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t);
33
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t);
35
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
36
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
37
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�f_�l_�a_�g_�s);
39
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
40
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tf�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
41
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�*_�f_�l_�a_�g_�s);
43
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
44
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_a�ad�dd�df�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
45
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�a_�d_�d_�f_�l_�a_�g_�s, _�i_�n_�t_�3_�2_�__�t _�*_�f_�l_�a_�g_�s);
47
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
48
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_r�re�em�mo�ov�ve�ef�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
49
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�r_�e_�m_�o_�v_�e_�l_�a_�g_�s, _�i_�n_�t_�3_�2_�__�t _�*_�f_�l_�a_�g_�s);
51
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
52
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
53
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�l_�o_�c_�a_�l_�__�a_�d_�d_�r,
54
_�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r);
56
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
57
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
58
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�*_�l_�o_�c_�a_�l_�__�a_�d_�d_�r,
59
_�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�*_�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r);
61
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
62
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�na�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
63
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t _�f_�d, _�i_�n_�t _�f_�l_�a_�g_�s);
65
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
66
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
67
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�v_�o_�i_�d _�*_�p_�__�f_�d);
69
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
70
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
71
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y_�b_�l_�o_�c_�k);
73
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
74
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
75
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y_�b_�l_�o_�c_�k);
77
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
78
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
79
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y_�b_�l_�o_�c_�k);
81
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
82
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�ne�er�ra�at�te�el�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
83
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k, _�*_�k_�e_�y_�");
85
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
86
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�ti�iv�ve�ec�ct�to�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
87
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t);
89
_�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
90
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ti�iv�ve�ec�ct�to�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
91
_�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�o_�i_�n_�t_�e_�r _�i_�v_�e_�c_�t_�o_�r);
94
k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
95
_�k_�r_�b_�5_�__�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r _�*_�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r);
97
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
98
The k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t structure holds all context related to an authenti-
99
cated connection, in a similar way to k�kr�rb�b5�5_�_c�co�on�nt�te�ex�xt�t that holds the context
100
for the thread or process. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t is used by various func-
101
tions that are directly related to authentication between the
102
server/client. Example of data that this structure contains are various
103
flags, addresses of client and server, port numbers, keyblocks (and sub-
104
keys), sequence numbers, replay cache, and checksum-type.
106
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t() allocates and initializes the k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t
107
structure. Default values can be changed with
108
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tc�ck�ks�su�um�mt�ty�yp�pe�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s(). The
109
a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t structure must be freed by k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_f�fr�re�ee�e().
111
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tf�fl�la�ag�gs�s(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s(),
112
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_a�ad�dd�df�fl�la�ag�gs�s() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_r�re�em�mo�ov�ve�ef�fl�la�ag�gs�s() gets and modi-
113
fies the flags for a k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t structure. Possible flags to set
116
KRB5_AUTH_CONTEXT_DO_SEQUENCE
117
Generate and check sequence-number on each packet.
119
KRB5_AUTH_CONTEXT_DO_TIME
120
Check timestamp on incoming packets.
122
KRB5_AUTH_CONTEXT_RET_SEQUENCE, KRB5_AUTH_CONTEXT_RET_TIME
123
Return sequence numbers and time stamps in the outdata parame-
126
KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED
127
will force k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s() and k�kr�rb�b5�5_�_f�fw�wd�d_�_t�tg�gt�t_�_c�cr�re�ed�ds�s() to
128
create unencrypted ) ENCTYPE_NULL) credentials. This is for use
129
with old MIT server and JAVA based servers as they can't handle
130
encrypted KRB-CRED. Note that sending such KRB-CRED is clear
131
exposes crypto keys and tickets and is insecure, make sure the
132
packet is encrypted in the protocol. krb5_rd_cred(3),
133
krb5_rd_priv(3), krb5_rd_safe(3), krb5_mk_priv(3) and
134
krb5_mk_safe(3). Setting this flag requires that parameter to be
135
passed to these functions.
137
The flags KRB5_AUTH_CONTEXT_DO_TIME also modifies the behavior
138
the function k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s() by removing the timestamp
139
in the forward credential message, this have backward compatibil-
140
ity problems since not all versions of the heimdal supports time-
141
less credentional messages. Is very useful since it always the
142
sender of the message to cache forward message and thus avoiding
143
a round trip to the KDC for each time a credential is forwarded.
144
The same functionality can be obtained by using address-less
147
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d() and
148
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s() gets and sets the addresses that are checked
149
when a packet is received. It is mandatory to set an address for the
150
remote host. If the local address is not set, it iss deduced from the
151
underlaying operating system. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s() will call
152
k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�ad�dd�dr�re�es�ss�s() on any address that is passed in _�l_�o_�c_�a_�l_�__�a_�d_�d_�r or
153
_�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�r() allows passing in a NULL pointer as
154
_�l_�o_�c_�a_�l_�__�a_�d_�d_�r and _�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r, in that case it will just not set that
157
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d() fetches the addresses from a file
160
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�na�ad�dd�dr�rs�s() fetches the address information from the given
161
file descriptor _�f_�d depending on the bitmap argument _�f_�l_�a_�g_�s.
163
Possible values on _�f_�l_�a_�g_�s are:
165
_�K_�R_�B_�5_�__�A_�U_�T_�H_�__�C_�O_�N_�T_�E_�X_�T_�__�G_�E_�N_�E_�R_�A_�T_�E_�__�L_�O_�C_�A_�L_�__�A_�D_�D_�R
166
fetches the local address from _�f_�d.
168
_�K_�R_�B_�5_�__�A_�U_�T_�H_�__�C_�O_�N_�T_�E_�X_�T_�__�G_�E_�N_�E_�R_�A_�T_�E_�__�R_�E_�M_�O_�T_�E_�__�A_�D_�D_�R
169
fetches the remote address from _�f_�d.
171
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y() and
172
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y() gets and sets the key used for this auth context.
173
The keyblock returned by k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y() should be freed with
174
k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�ke�ey�yb�bl�lo�oc�ck�k(). The keyblock send into k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y() is
175
copied into the k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t, and thus no special handling is
176
needed. NULL is not a valid keyblock to k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y().
178
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y() is only useful when doing user to user authen-
179
tication. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y() is equivalent to
180
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y().
182
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(),
183
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y() gets
184
and sets the keyblock for the local and remote subkey. The keyblock
185
returned by k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y() and
186
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y() must be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�ke�ey�yb�bl�lo�oc�ck�k().
188
k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tc�ck�ks�su�um�mt�ty�yp�pe�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tc�ck�ks�su�um�mt�ty�yp�pe�e() sets and gets the
189
checksum type that should be used for this connection.
191
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�ne�er�ra�at�te�el�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y() generates a local subkey that have
192
the same encryption type as _�k_�e_�y.
194
k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r() k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r(),
195
k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r() gets and
196
sets the sequence-number for the local and remote sequence-number
199
k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tk�ke�ey�yt�ty�yp�pe�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tk�ke�ey�yt�ty�yp�pe�e() gets and gets the key-
200
type of the keyblock in k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t.
202
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r() Retrieves the authenticator that was
203
used during mutual authentication. The authenticator returned should be
204
freed by calling k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r().
206
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�rc�ca�ac�ch�he�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�rc�ca�ac�ch�he�e() gets and sets the
209
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�ti�iv�ve�ec�ct�to�or�r() allocates memory for and zeros the initial
210
vector in the _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t keyblock.
212
k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ti�iv�ve�ec�ct�to�or�r() sets the i_vector portion of _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t to
213
_�i_�v_�e_�c_�t_�o_�r.
215
k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r() free the content of _�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r and
216
_�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r itself.
218
S�SE�EE�E A�AL�LS�SO�O
219
krb5_context(3), kerberos(8)
221
HEIMDAL May 17, 2005 HEIMDAL
added
removed
lib/krb5/krb5_auth_context.cat3
