skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 3:... HP Open Source Security for OpenVMS Volume 3:...
go to beginning of chapter: KRB5 (Kerberos V5) Application Programming Interface KRB5 (Kerberos V5) Application Programming Interface
go to previous page: krb5_realm_compare Compare the realms of two principals krb5_realm_compare Compare the realms of two principals
go to next page: krb5_recvauth_version Receive authenticated message with version informationkrb5_recvauth_version Receive authenticated message with version...
end of book navigation links

krb5_recvauth -- Receive authenticated message 



C Prototype 

krb5_error_code krb5_recvauth(
         krb5_context           context,
         krb5_auth_context      *auth_context,
         krb5_pointer           fd,
         char                   *appl_version,
         krb5_principal         server,
         krb5_int32             flags,
         krb5_keytab            keytab,
         krb5_ticket            **ticket );

Arguments 

context
(input/output)		 The context structure.
auth_context (input/output)
 Authentication context.
fd (input) A pointer to a file descriptor describing the network socket.
appl_version (input) A string describing the application protocol version that the client is expecting to use for this exchange. If the client is using a different application protocol, an error will be returned, and the authentication exchange will be aborted.
server (input) If server is nonNULL, then krb5_recvauth verifies that the server principal requested by the client matches server. If not, an error will be returned and the authentication exchange will be aborted.
flags (input) The flags argument allows the caller to modify the behavior of krb5_recvauth. For nonlibrary callers, flags should be 0.
keytab (input)  Specifies a keytab containing a decryption key.
ticket (output) Ticket is optional and is only filled in if nonNULL. It is filled with the data from the ticket sent by the client, and should be freed with krb5_free_ticket when it is no longer needed.

Description 

This routine provides a convenient means for client and server programs to send authenticated messages to one another through network connections. The krb5_sendauth routine is the matching routine to krb5_recvauth for the server. The krb5_recvauth routine will engage in an authentication dialog with the client program running krb5_sendauth to authenticate the client to the server. In addition, if requested by the client, krb5_recvauth will provide mutual authentication to prove to the client that the server represented by krb5_recvauth is legitimate.

The fd argument is a pointer to the network connection. As in krb5_sendauth, in the MIT UNIX and OpenVMS implementations, fd is a pointer to a file descriptor.

The arguments server, auth_context, and keytab are used by krb5_rd_req to obtain the server's private key.

If server is nonNULL, the principal component of it is used to determine the replay cache to use. Otherwise, krb5_recvauth will use a default replay cache.

Return Values 

This routine returns the following KRB5 status code:

0
Successful completion.

go to previous page: krb5_realm_compare Compare the realms of two principals krb5_realm_compare Compare the realms of two principals
go to next page: krb5_recvauth_version Receive authenticated message with version informationkrb5_recvauth_version Receive authenticated message with version...