Home
last modified time | relevance | path

Searched full:ticket (Results 1 – 25 of 579) sorted by relevance

12345678910>>...24

/freebsd/crypto/openssl/test/ssl-tests/
H A D06-sni-ticket.cnf5 test-0 = 0-sni-session-ticket
6 test-1 = 1-sni-session-ticket
7 test-2 = 2-sni-session-ticket
8 test-3 = 3-sni-session-ticket
9 test-4 = 4-sni-session-ticket
10 test-5 = 5-sni-session-ticket
11 test-6 = 6-sni-session-ticket
12 test-7 = 7-sni-session-ticket
13 test-8 = 8-sni-session-ticket
14 test-9 = 9-sni-session-ticket
[all …]
H A D27-ticket-appdata.cnf5 test-0 = 0-session-ticket-app-data12
6 test-1 = 1-session-ticket-app-data12
7 test-2 = 2-session-ticket-app-data13
8 test-3 = 3-session-ticket-app-data13
11 [0-session-ticket-app-data12]
12 ssl_conf = 0-session-ticket-app-data12-ssl
14 [0-session-ticket-app-data12-ssl]
15 server = 0-session-ticket-app-data12-server
16 client = 0-session-ticket-app-data12-client
17 resume-server = 0-session-ticket-app-data12-server
[all …]
/freebsd/crypto/openssl/doc/man3/
H A DSSL_CTX_set_session_ticket_cb.pod9 SSL_CTX_decrypt_session_ticket_fn - manage session ticket application data
32 with a session, and placed into a session ticket. Either callback function may
35 B<gen_cb> is the application defined callback invoked when a session ticket is
37 at this time to add application data to the session ticket. The value of B<arg>
41 B<dec_cb> is the application defined callback invoked after session ticket
42 decryption has been attempted and any session ticket application data is
43 available. If ticket decryption was successful then the B<ss> argument contains
45 used to decrypt the session ticket. The B<status> argument is the result of the
46 ticket decryption. See the L</NOTES> section below for further details. The value
52 tickets. It can be called at any time before a session ticket is created to
[all …]
H A DSSL_CTX_set_tlsext_ticket_key_cb.pod7 - set a callback for session ticket processing
36 session when session ticket extension is presented in the TLS hello
41 ticket construction state according to RFC5077 Section 4 such that per session
45 In order to reuse a session, a TLS client must send the session ticket
46 extension to the server. The client must send exactly one session ticket.
48 ticket information or it starts a full TLS handshake to create a new session
49 ticket.
55 For new sessions tickets, when the client doesn't present a session ticket, or
56 an attempted retrieval of the ticket failed, or a renew option was indicated,
72 When the client presents a session ticket, the callback function with be called
[all …]
/freebsd/secure/lib/libcrypto/man/man3/
H A DSSL_CTX_set_session_ticket_cb.368 SSL_CTX_decrypt_session_ticket_fn \- manage session ticket application data
91 with a session, and placed into a session ticket. Either callback function may
94 \&\fBgen_cb\fR is the application defined callback invoked when a session ticket is
96 at this time to add application data to the session ticket. The value of \fBarg\fR
100 \&\fBdec_cb\fR is the application defined callback invoked after session ticket
101 decryption has been attempted and any session ticket application data is
102 available. If ticket decryption was successful then the \fBss\fR argument contains
104 used to decrypt the session ticket. The \fBstatus\fR argument is the result of the
105 ticket decryption. See the "NOTES" section below for further details. The value
111 tickets. It can be called at any time before a session ticket is created to
[all …]
H A DSSL_CTX_set_tlsext_ticket_key_cb.366 \&\- set a callback for session ticket processing
97 session when session ticket extension is presented in the TLS hello
102 ticket construction state according to RFC5077 Section 4 such that per session
106 In order to reuse a session, a TLS client must send the session ticket
107 extension to the server. The client must send exactly one session ticket.
109 ticket information or it starts a full TLS handshake to create a new session
110 ticket.
116 For new sessions tickets, when the client doesn't present a session ticket, or
117 an attempted retrieval of the ticket failed, or a renew option was indicated,
133 When the client presents a session ticket, the callback function with be called
[all …]
/freebsd/sys/contrib/ck/include/spinlock/
H A Dticket.h78 ck_spinlock_ticket_init(struct ck_spinlock_ticket *ticket) in ck_spinlock_ticket_init() argument
81 ticket->value = 0; in ck_spinlock_ticket_init()
87 ck_spinlock_ticket_locked(struct ck_spinlock_ticket *ticket) in ck_spinlock_ticket_locked() argument
91 request = CK_SPINLOCK_TICKET_LOAD(&ticket->value); in ck_spinlock_ticket_locked()
100 ck_spinlock_ticket_lock(struct ck_spinlock_ticket *ticket) in ck_spinlock_ticket_lock() argument
104 /* Get our ticket number and set next ticket number. */ in ck_spinlock_ticket_lock()
105 request = CK_SPINLOCK_TICKET_FAA(&ticket->value, in ck_spinlock_ticket_lock()
113 position = CK_SPINLOCK_TICKET_LOAD(&ticket->value) & in ck_spinlock_ticket_lock()
122 ck_spinlock_ticket_lock_pb(struct ck_spinlock_ticket *ticket, unsigned int c) in ck_spinlock_ticket_lock_pb() argument
127 /* Get our ticket number and set next ticket number. */ in ck_spinlock_ticket_lock_pb()
[all …]
/freebsd/crypto/krb5/src/windows/leash/htmlhelp/html/
H A DTicket_Settings.htm11 <title>Ticket Settings</title></head>
14 <a name="top"><h1>Ticket Settings and Flags</h1></a>
15 <p>When you obtain a new ticket you have a chance to view and change
16 the ticket's settings and flags in the Get Ticket window. You cannot
17 change settings or flags on an existing ticket.</p>
24 <li> <a href="#lifetime"> Ticket lifetime setting </a> </li>
33 <li> <a href="#lifetime"> Adjust the ticket lifetime setting </a> </li>
34 <li><a href="#forwardable"> Flag a ticket as forwardable</a></li>
35 <li><a href="#renewable"> Flag a ticket as renewable </a></li>
43 To adjust settings for a new ticket:</p>
[all …]
H A DTickets.htm12 the Get Ticket button and enter your principal (your Kerberos identity)
13 and password to obtain a ticket. The ticket allows you to securely
15 through Kerberos, until the ticket expires, without requiring you to
23 <li><a href="#expiration"> Ticket expiration </a></li>
34 <li><a href="HTML/Ticket_Settings.htm">Work with ticket settings and flags</a>
44 <tbody><tr><th colspan="2"><a name="expiration">Ticket Expiration</a></th></tr>
50 Expiration Alarm in the Ticket Options panel.</td></tr>
53 <td>When you get your ticket, click Show Advanced to view and adjust
54 the ticket's lifetime. Note that some Kerberos installations will not
55 allow you to adjust the ticket lifetime. <br> <a href="HTML/Get_Tickets.htm">How to: Get Tickets </…
[all …]
H A DTroubleshooting.htm10 …li> <a href="#renew"> When I try to renew my ticket, why do I get an error message and see the Ge…
13 <li> <a href="#ticket-lifetime"> Why doesn't my ticket lifetime match the lifetime I selected with…
17 <li> <a href="#set-preferences"> How do I set properties like the default ticket lifetime? </a></…
24 <a name="renew"> <h3> When I try to renew my ticket, why do I get an error message and see the Get…
26 The ticket cannot be renewed. This could be because the ticket was not
28 you could renew it, or because the ticket's renewable lifetime has been
40 …="ticket-lifetime"> </a><h3><a name="ticket-lifetime"> Why doesn't my ticket lifetime match the l…
41 <p> Your Kerberos installation is configured for a maximum ticket
43 installation uses a shorter maximum ticket lifetime than the default,
44 the Ticket Lifetime slider might show the default maximum instead of
[all …]
H A DOptions_Tab.htm11 Click the Options tab to reach the checkboxes that control ticket and
14 the Ticket Options panel to turn MIT Kerberos's automatic features on
24 <li><a href="#ticket-options">Ticket Options </a></li>
29 <li><a href="#using-ticket-options">Use the Ticket Options Panel</a></li>
38 left to find the View Options panel. View Options control which ticket information columns are dis…
61 <td> See the date and time your ticket was originally obtained. </td>
69 …If this column shows <em>Not Renewable</em>, the ticket was not flagged as renewable when you obta…
75 <li><a href="HTML/Ticket_Settings.htm"> About: Ticket Settings and Flags</a></li>
83 See when your ticket will expire. </a>Note that you cannot renew a ticket if you let it expire.
86 … the Expiration Alarm checkbox in the Ticket Options panel. <br><a href="#using-ticket-options">Ho…
[all …]
H A DGetting_Started.htm42 <td> Learn about tickets, ticket expiration, renewable tickets, and forwardable tickets.</td></tr>
52 the Options tab to reach checkboxes that control what ticket
60 </tr><tr><th id="th2"> Get new MIT Kerberos tickets</th> <td>Click the Get Ticket button. <br>
62 …ange ticket flags and settings (e.g., flag a ticket as renewable)</th> <td>In the Get Ticket windo…
63 <a href="HTML/Ticket_Settings.htm">About: Ticket Settings and Flags</a> </td></tr>
67 <tr><th id="th2">Change what ticket information is displayed </th> <td>In the Options tab, select o…
69 …enew, auto destroy, audible ticket expiration alarm)</th> <td>In the Options tab, select or desele…
70 <a href="HTML/Options_Tab.htm#using-ticket-options">How to: Use Ticket Options Panel</a> </td></tr>
71 … of your tickets, go to the Options tab and select Automatic Ticket Renewal in the Ticket Options…
78 In the main window, click a principal to select it. The Renew Ticket,
[all …]
H A DView_Tickets.htm16 applies only to the initial Ticket Granting Ticket (TGT). </li>
47 <td> <a name="principal"> The identity that has obtained the ticket. </a>This is your user name (e.…
52 applies only to the principal's initial Ticket Granting Ticket (TGT).
56 <a href="HTML/Kerberos_Terminology.htm#ticket">About: Kerberos Terminology (Tickets)</a></td>
62 <td>The date and time the ticket was originally obtained.</td>
67 <td> <a name="renewable-until">The date and time marking the end of each ticket's renewable lifetim…
69 ticket's renewable lifetime. After this time, you cannot renew the
70 ticket and must instead get a new one. <p></p>
71 If this column shows <em>Not Renewable</em>, the ticket was not flagged as renewable when you obtai…
82 <td> <a name="valid-until"> The date and time the ticket will expire and can no longer be used or r…
[all …]
H A DRenew_Tickets.htm10 Renew a ticket to extend its usable lifetime. Each time a ticket is
11 renewed, its lifespan is reset to the original length of the ticket. It
27 <li><a href="#renew-once"> Renew ticket once</a></li>
29 <li><a href="#renewable-until">Find how long a ticket can be renewed</a></li>
39 <h2>Renew ticket once</h2>
43 <li>Click the Renew Ticket button in the Home tab or use the <a href="JavaScript:popup.TextPopup(po…
46 The ticket lifetime is reset for all of the selected principal's renewable tickets.</p>
55 <li> In the Ticket Options panel, select the Automatic Ticket Renewal checkbox if it is not alread…
71 You can renew a ticket if the following conditions are met:</p>
73 <li> When you obtained the ticket, the Renewable flag was selected. <br> <a href="HTML/Ticket_Setti…
[all …]
/freebsd/crypto/heimdal/lib/krb5/
H A Dticket.c39 * Free ticket and content
42 * @param ticket ticket to free
52 krb5_ticket *ticket) in krb5_free_ticket() argument
54 free_EncTicketPart(&ticket->ticket); in krb5_free_ticket()
55 krb5_free_principal(context, ticket->client); in krb5_free_ticket()
56 krb5_free_principal(context, ticket->server); in krb5_free_ticket()
57 free(ticket); in krb5_free_ticket()
62 * Copy ticket and content
65 * @param from ticket to copy
66 * @param to new copy of ticket, free with krb5_free_ticket()
[all …]
H A Drd_req.c64 "ticket part", "")); in decrypt_tkt_enc_part()
126 if (ap_req->ticket.tkt_vno != 5){ in krb5_decode_ap_req()
135 check_transited(krb5_context context, Ticket *ticket, EncTicketPart *enc) in check_transited() argument
158 ticket->realm); in check_transited()
162 ticket->realm, in check_transited()
225 Ticket *ticket, in krb5_decrypt_ticket() argument
232 ret = decrypt_tkt_enc_part (context, key, &ticket->enc_part, &t); in krb5_decrypt_ticket()
257 ret = check_transited(context, ticket, &t); in krb5_decrypt_ticket()
322 krb5_ticket **ticket) in krb5_verify_ap_req() argument
331 ticket, in krb5_verify_ap_req()
[all …]
H A Dkrb_err.et24 ec GC_TKFIL, "Can't read Kerberos 4 ticket file"
25 ec GC_NOTKT, "Can't find Kerberos 4 ticket or TGT"
30 ec RD_AP_EXP, "Kerberos 4 ticket expired"
31 ec RD_AP_NYV, "Kerberos 4 ticket not yet valid"
33 ec RD_AP_NOT_US, "The Kerberos 4 ticket isn't for us"
47 ec GT_PW_NULLTKT, "Null Kerberos 4 ticket returned by KDC"
56 ec AD_NOTGT, "Don't have Kerberos 4 ticket-granting ticket"
58 ec NO_TKT_FIL, "No Kerberos 4 ticket file found"
59 ec TKT_FIL_ACC, "Couldn't access Kerberos 4 ticket file"
60 ec TKT_FIL_LCK, "Couldn't lock Kerberos 4 ticket file"
[all …]
/freebsd/crypto/krb5/src/man/
H A Dkinit.man32 kinit \- obtain and cache Kerberos ticket-granting ticket
59 kinit obtains and caches an initial ticket\-granting ticket for
71 (\fI\%Time duration\fP string.) Requests a ticket with the lifetime
76 If the \fB\-l\fP option is not specified, the default ticket lifetime
77 (configured by each site) is used. Specifying a ticket lifetime
78 longer than the maximum ticket lifetime (configured by each site)
79 will not override the configured maximum ticket lifetime.
82 (\fI\%Time duration\fP string.) Requests a postdated ticket. Postdated
86 \fIstart_time\fP specifies the duration of the delay before the ticket
120 requests that the ticket\-granting ticket in the cache (with the
[all …]
H A Dksu.man80 takes place. Otherwise, ksu looks for an appropriate Kerberos ticket
83 The ticket can either be for the end\-server or a ticket granting
84 ticket (TGT) for the target principal\(aqs realm. If the ticket for the
87 ticket for the end\-server. The end\-server ticket is then verified.
88 If neither ticket is in the cache, but ksu is compiled with the
92 may be exposed. If neither ticket is in the cache and
203 there is a legitimate ticket for that principal in the source
215 If a\-c fails try any principal for which there is a ticket in
286 Ticket granting ticket options:
290 The ticket granting ticket options only apply to the case where
[all …]
/freebsd/crypto/krb5/src/lib/krb5/krb/
H A Drd_req_dec.c45 * server specifies the expected server's name for the ticket; if NULL, then
48 * kdb keytab, the ticket's server field need not match the name passed in for
49 * server. All that is required is that the ticket be encrypted with a key
54 * local keytab, but not with the informational name in the ticket.
60 * ticket. If keyproc is non-NULL, keyprocarg is passed to it, and the result
89 /* Unparse the specified server principal (which may be NULL) and the ticket
116 * an explicit server principal using the ticket's kvno and enctype. */
151 _("Cannot find key for %s kvno %d in keytab (request ticket " in keytab_fetch_error()
159 /* Return a helpful code and error when ticket decryption fails using the key
176 _("Cannot decrypt ticket for %s using keytab key for %s"), in integrity_error()
[all …]
H A Dsrv_dec_tkt.c28 * Server decrypt ticket via keytab or keyblock.
37 * - Does not free ticket->enc_part2 on error.
45 krb5_ticket *ticket) in decrypt_ticket_keyblock() argument
51 retval = krb5_decrypt_tkt_part(context, key, ticket); in decrypt_ticket_keyblock()
55 trans = &ticket->enc_part2->transited; in decrypt_ticket_keyblock()
56 realm = &ticket->enc_part2->client->realm; in decrypt_ticket_keyblock()
59 realm, &ticket->server->realm); in decrypt_ticket_keyblock()
63 if (ticket->enc_part2->flags & TKT_FLG_INVALID) { /* ie, KDC_OPT_POSTDATED */ in decrypt_ticket_keyblock()
76 krb5_ticket *ticket) in krb5_server_decrypt_ticket_keytab() argument
83 ticket->server, in krb5_server_decrypt_ticket_keytab()
[all …]
/freebsd/crypto/openssl/test/recipes/
H A D70-test_sslsessiontick.t46 #Test 1: By default with no existing session we should get a session ticket
52 checkmessages(1, "Default session ticket test", 1, 1, 1, 1);
62 checkmessages(2, "No server support session ticket test", 1, 0, 0, 1);
71 checkmessages(3, "No client support session ticket test", 0, 0, 0, 1);
73 #Test 4: Test session resumption with session ticket
84 checkmessages(4, "Session resumption session ticket test", 1, 0, 0, 0);
87 #Test 5: Test session resumption with ticket capable client without a ticket
98 checkmessages(5, "Session resumption with ticket capable client without a "
99 ."ticket", 1, 1, 1, 0);
102 #Test 6: Client accepts empty ticket.
[all …]
/freebsd/crypto/krb5/src/kdc/
H A Dtgs_policy.c73 "VALIDATE VALID TICKET", KRB5KDC_ERR_BADOPTION },
75 "TICKET NOT RENEWABLE", KRB5KDC_ERR_BADOPTION }
79 * Some TGS-REQ options require that the ticket have corresponding flags set.
100 *status = "TICKET NOT VALID"; in check_tgs_opts()
109 "NON-RENEWABLE TICKET", KRB5KDC_ERR_POLICY },
111 "NON-POSTDATABLE TICKET", KRB5KDC_ERR_CANNOT_POSTDATE },
218 * Check header ticket timestamps against the current time.
226 /* For validating a postdated ticket, check the start time vs. the in check_tgs_times()
329 /* The header ticket PAC must be present. */ in check_tgs_s4u2self()
336 /* The header ticket PAC must be for the impersonator. */ in check_tgs_s4u2self()
[all …]
/freebsd/crypto/heimdal/doc/doxyout/krb5/man/man3/
H A Dkrb5.3153 …N krb5_error_code KRB5_LIB_CALL \fBkrb5_free_ticket\fP (krb5_context context, krb5_ticket *ticket)"
159 …L \fBkrb5_ticket_get_client\fP (krb5_context context, const krb5_ticket *ticket, krb5_principal *c…
162 …L \fBkrb5_ticket_get_server\fP (krb5_context context, const krb5_ticket *ticket, krb5_principal *s…
165 …me_t KRB5_LIB_CALL \fBkrb5_ticket_get_endtime\fP (krb5_context context, const krb5_ticket *ticket)"
168 …icket_get_authorization_data_type\fP (krb5_context context, krb5_ticket *ticket, int type, krb5_da…
240 KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical.
242 KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds .
244 KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly.
252 KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket.
367 Copy ticket and content
[all …]
/freebsd/crypto/heimdal/kuser/
H A Dklist.159 known as the ticket file).
73 Include ticket flags in short form, each character stands for a
107 the principal the ticket is for
108 .It Ticket etype
109 the encryption type used in the ticket, followed by the key version of
110 the ticket, if it is available
113 encryption type of the ticket
117 the time that this ticket is valid from (only printed if it's
120 when the ticket expires, if it has already expired this is also noted
122 the maximum possible end time of any ticket derived from this one
[all …]

12345678910>>...24