krb5_mk_req Format a KRB_AP

If both a Table of Contents and Search form are not displayed in separate frames along with this one, you may wish to redisplay this book in a frameset, beginning with the first page.

HP Open Source Security for OpenVMS Volume 3:...

KRB5 (Kerberos V5) Application Programming Interface

krb5_mk_rep Format and encrypt an AP_REP message

krb5_mk_req_extended Format a KRB_AP_REQ message with additional...

krb5_mk_req -- Format a KRB_AP_REQ message

C Prototype

krb5_error_code krb5_mk_req(
         krb5_context           context,
         krb5_auth_context      *auth_context,
         const krb5_flags       ap_req_options,
         char                   *service,
         char                   *hostname,
         krb5_data              *in_data,
         krb5_ccache            ccache,
         krb5_data              *outbuf );

Arguments

context
(input/output) The context structure.

auth_context (input/output)
Authentication context. Contains the checksum method to be used. A new authentication context will be returned if NULL is specified.

ap_req_options (input) Specifies the KRB_AP_REQ options desired. Valid options are:

AP_OPTS_USE_SESSION_KEY

AP_OPTS_MUTUAL_REQUIRED

AP_OPTS_USE_SUBKEY

service (input) Used to specify the principal name, in conjunction with hostname.

hostname (input) The server to receive the message.

in_data (input) Application data whose checksum should be included in the authenticator. Specify NULL if no checksum is to be included.

ccache (input/output) The credentials cache.

outbuf (output) A pointer to an existing krb5_data structure to be filled. Returns the generated AP_REQ message.

Description

This routine formats a KRB_AP_REQ message into outbuf.

The principal of the server to receive the message is specified by hostname and service. If credentials are not present in the credentials cache ccache for this server, the TGS request with default arguments is used in an attempt to obtain such credentials, and they are stored in ccache.

The checksum method to be used is as specified in auth_context.

The outbuf argument should point to an existing krb5_data structure. outbuf->length and outbuf->data will be filled in on success, and the latter should be freed by the caller when it is no longer needed; if an error is returned, however, no storage is allocated and outbuf->data does not need to be freed.

Return Values

This routine returns one of the following KRB5 status codes:

0
Successful completion.

krb5_mk_rep Format and encrypt an AP_REP message

krb5_mk_req_extended Format a KRB_AP_REQ message with additional...

context (input/output)		The context structure.
auth_context (input/output)
		Authentication context. Contains the checksum method to be used. A new authentication context will be returned if NULL is specified.
ap_req_options (input)		Specifies the `KRB_AP_REQ` options desired. Valid options are: AP_OPTS_USE_SESSION_KEY AP_OPTS_MUTUAL_REQUIRED AP_OPTS_USE_SUBKEY
service (input)		Used to specify the principal name, in conjunction with `hostname`.
hostname (input)		The server to receive the message.
in_data (input)		Application data whose checksum should be included in the authenticator. Specify NULL if no checksum is to be included.
ccache (input/output)		The credentials cache.
outbuf (output)		A pointer to an existing `krb5_data` structure to be filled. Returns the generated AP_REQ message.