xref: /freebsd/crypto/heimdal/doc/doxyout/krb5/html/group__krb5__credential.html (revision 6a068746777241722b2b32c5d0bc443a2a64d80b)
1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2<html><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
3<title>HeimdalKerberos5library: Heimdal Kerberos 5 credential handing functions</title>
4<link href="doxygen.css" rel="stylesheet" type="text/css">
5<link href="tabs.css" rel="stylesheet" type="text/css">
6</head><body>
7<p>
8<a href="http://www.h5l.org/"><img src="http://www.h5l.org/keyhole-heimdal.png" alt="keyhole logo"/></a>
9</p>
10<!-- end of header marker -->
11<!-- Generated by Doxygen 1.5.6 -->
12<div class="navigation" id="top">
13  <div class="tabs">
14    <ul>
15      <li><a href="index.html"><span>Main&nbsp;Page</span></a></li>
16      <li><a href="pages.html"><span>Related&nbsp;Pages</span></a></li>
17      <li><a href="modules.html"><span>Modules</span></a></li>
18      <li><a href="annotated.html"><span>Data&nbsp;Structures</span></a></li>
19    </ul>
20  </div>
21</div>
22<div class="contents">
23<h1>Heimdal Kerberos 5 credential handing functions</h1><table border="0" cellpadding="0" cellspacing="0">
24<tr><td></td></tr>
25<tr><td colspan="2"><br><h2>Functions</h2></td></tr>
26<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
27krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g7335efb74572151bb521c367c39b7a4a">krb5_fwd_tgt_creds</a> (krb5_context context, krb5_auth_context auth_context, const char *hostname, krb5_principal client, krb5_principal server, krb5_ccache ccache, int forwardable, krb5_data *out_data)</td></tr>
28
29<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
30krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g6429a273ae5ed0d9333a22f5b5f1f42a">krb5_get_forwarded_creds</a> (krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, krb5_flags flags, const char *hostname, krb5_creds *in_creds, krb5_data *out_data)</td></tr>
31
32<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
33krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#gbc0922393cb5c5eecec2d83f1851c21b">krb5_get_init_creds_opt_alloc</a> (krb5_context context, krb5_get_init_creds_opt **opt)</td></tr>
34
35<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION void <br>
36KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g2be2f013c88153be9535c17a2b16f336">krb5_get_init_creds_opt_free</a> (krb5_context context, krb5_get_init_creds_opt *opt)</td></tr>
37
38<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
39krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g1a610bb2706e4048e8220225da110033">krb5_init_creds_init</a> (krb5_context context, krb5_principal client, krb5_prompter_fct prompter, void *prompter_data, krb5_deltat start_time, krb5_get_init_creds_opt *options, krb5_init_creds_context *rctx)</td></tr>
40
41<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
42krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g71f386b20c42540d4e733eeb7c0cb18e">krb5_init_creds_set_service</a> (krb5_context context, krb5_init_creds_context ctx, const char *service)</td></tr>
43
44<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
45krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g0a1d093a3c43b57b5e84206e73441d68">krb5_init_creds_set_password</a> (krb5_context context, krb5_init_creds_context ctx, const char *password)</td></tr>
46
47<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
48krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#gb80179f38c8cc87627752d5db22c8203">krb5_init_creds_set_keytab</a> (krb5_context context, krb5_init_creds_context ctx, krb5_keytab keytab)</td></tr>
49
50<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
51krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g9b1f54a05b9e7b60bef0c7d5f40b351b">krb5_init_creds_step</a> (krb5_context context, krb5_init_creds_context ctx, krb5_data *in, krb5_data *out, krb5_krbhst_info *hostinfo, unsigned int *flags)</td></tr>
52
53<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
54krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#gb5b9ab4698f5af99c06dbcc015c39e27">krb5_init_creds_get_error</a> (krb5_context context, krb5_init_creds_context ctx, KRB_ERROR *error)</td></tr>
55
56<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION void <br>
57KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#gf878f5715a3048995f175c09e95a3a71">krb5_init_creds_free</a> (krb5_context context, krb5_init_creds_context ctx)</td></tr>
58
59<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
60krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#gb1716df7cb25ebea9bbf652094970bce">krb5_init_creds_get</a> (krb5_context context, krb5_init_creds_context ctx)</td></tr>
61
62<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
63krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#ge7e4852f19e7f83bd743952491d1f4b1">krb5_get_init_creds_password</a> (krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)</td></tr>
64
65<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
66krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g32573c317cca5198b04550d753b369a1">krb5_get_init_creds_keyblock</a> (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keyblock *keyblock, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)</td></tr>
67
68<tr><td class="memItemLeft" nowrap align="right" valign="top">KRB5_LIB_FUNCTION <br>
69krb5_error_code KRB5_LIB_CALL&nbsp;</td><td class="memItemRight" valign="bottom"><a class="el" href="group__krb5__credential.html#g83e4a8a74b08522bd778c2d59ef1f2b6">krb5_get_init_creds_keytab</a> (krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keytab keytab, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)</td></tr>
70
71</table>
72<hr><a name="_details"></a><h2>Detailed Description</h2>
73<hr><h2>Function Documentation</h2>
74<a class="anchor" name="g7335efb74572151bb521c367c39b7a4a"></a><!-- doxytag: member="get_for_creds.c::krb5_fwd_tgt_creds" ref="g7335efb74572151bb521c367c39b7a4a" args="(krb5_context context, krb5_auth_context auth_context, const char *hostname, krb5_principal client, krb5_principal server, krb5_ccache ccache, int forwardable, krb5_data *out_data)" -->
75<div class="memitem">
76<div class="memproto">
77      <table class="memname">
78        <tr>
79          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_fwd_tgt_creds           </td>
80          <td>(</td>
81          <td class="paramtype">krb5_context&nbsp;</td>
82          <td class="paramname"> <em>context</em>, </td>
83        </tr>
84        <tr>
85          <td class="paramkey"></td>
86          <td></td>
87          <td class="paramtype">krb5_auth_context&nbsp;</td>
88          <td class="paramname"> <em>auth_context</em>, </td>
89        </tr>
90        <tr>
91          <td class="paramkey"></td>
92          <td></td>
93          <td class="paramtype">const char *&nbsp;</td>
94          <td class="paramname"> <em>hostname</em>, </td>
95        </tr>
96        <tr>
97          <td class="paramkey"></td>
98          <td></td>
99          <td class="paramtype">krb5_principal&nbsp;</td>
100          <td class="paramname"> <em>client</em>, </td>
101        </tr>
102        <tr>
103          <td class="paramkey"></td>
104          <td></td>
105          <td class="paramtype">krb5_principal&nbsp;</td>
106          <td class="paramname"> <em>server</em>, </td>
107        </tr>
108        <tr>
109          <td class="paramkey"></td>
110          <td></td>
111          <td class="paramtype">krb5_ccache&nbsp;</td>
112          <td class="paramname"> <em>ccache</em>, </td>
113        </tr>
114        <tr>
115          <td class="paramkey"></td>
116          <td></td>
117          <td class="paramtype">int&nbsp;</td>
118          <td class="paramname"> <em>forwardable</em>, </td>
119        </tr>
120        <tr>
121          <td class="paramkey"></td>
122          <td></td>
123          <td class="paramtype">krb5_data *&nbsp;</td>
124          <td class="paramname"> <em>out_data</em></td><td>&nbsp;</td>
125        </tr>
126        <tr>
127          <td></td>
128          <td>)</td>
129          <td></td><td></td><td></td>
130        </tr>
131      </table>
132</div>
133<div class="memdoc">
134
135<p>
136Forward credentials for client to host hostname , making them forwardable if forwardable, and returning the blob of data to sent in out_data. If hostname == NULL, pick it from server.<p>
137<dl compact><dt><b>Parameters:</b></dt><dd>
138  <table border="0" cellspacing="2" cellpadding="0">
139    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A kerberos 5 context. </td></tr>
140    <tr><td valign="top"></td><td valign="top"><em>auth_context</em>&nbsp;</td><td>the auth context with the key to encrypt the out_data. </td></tr>
141    <tr><td valign="top"></td><td valign="top"><em>hostname</em>&nbsp;</td><td>the host to forward the tickets too. </td></tr>
142    <tr><td valign="top"></td><td valign="top"><em>client</em>&nbsp;</td><td>the client to delegate from. </td></tr>
143    <tr><td valign="top"></td><td valign="top"><em>server</em>&nbsp;</td><td>the server to delegate the credential too. </td></tr>
144    <tr><td valign="top"></td><td valign="top"><em>ccache</em>&nbsp;</td><td>credential cache to use. </td></tr>
145    <tr><td valign="top"></td><td valign="top"><em>forwardable</em>&nbsp;</td><td>make the forwarded ticket forwabledable. </td></tr>
146    <tr><td valign="top"></td><td valign="top"><em>out_data</em>&nbsp;</td><td>the resulting credential.</td></tr>
147  </table>
148</dl>
149<dl class="return" compact><dt><b>Returns:</b></dt><dd>Return an error code or 0. </dd></dl>
150
151</div>
152</div><p>
153<a class="anchor" name="g6429a273ae5ed0d9333a22f5b5f1f42a"></a><!-- doxytag: member="get_for_creds.c::krb5_get_forwarded_creds" ref="g6429a273ae5ed0d9333a22f5b5f1f42a" args="(krb5_context context, krb5_auth_context auth_context, krb5_ccache ccache, krb5_flags flags, const char *hostname, krb5_creds *in_creds, krb5_data *out_data)" -->
154<div class="memitem">
155<div class="memproto">
156      <table class="memname">
157        <tr>
158          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_forwarded_creds           </td>
159          <td>(</td>
160          <td class="paramtype">krb5_context&nbsp;</td>
161          <td class="paramname"> <em>context</em>, </td>
162        </tr>
163        <tr>
164          <td class="paramkey"></td>
165          <td></td>
166          <td class="paramtype">krb5_auth_context&nbsp;</td>
167          <td class="paramname"> <em>auth_context</em>, </td>
168        </tr>
169        <tr>
170          <td class="paramkey"></td>
171          <td></td>
172          <td class="paramtype">krb5_ccache&nbsp;</td>
173          <td class="paramname"> <em>ccache</em>, </td>
174        </tr>
175        <tr>
176          <td class="paramkey"></td>
177          <td></td>
178          <td class="paramtype">krb5_flags&nbsp;</td>
179          <td class="paramname"> <em>flags</em>, </td>
180        </tr>
181        <tr>
182          <td class="paramkey"></td>
183          <td></td>
184          <td class="paramtype">const char *&nbsp;</td>
185          <td class="paramname"> <em>hostname</em>, </td>
186        </tr>
187        <tr>
188          <td class="paramkey"></td>
189          <td></td>
190          <td class="paramtype">krb5_creds *&nbsp;</td>
191          <td class="paramname"> <em>in_creds</em>, </td>
192        </tr>
193        <tr>
194          <td class="paramkey"></td>
195          <td></td>
196          <td class="paramtype">krb5_data *&nbsp;</td>
197          <td class="paramname"> <em>out_data</em></td><td>&nbsp;</td>
198        </tr>
199        <tr>
200          <td></td>
201          <td>)</td>
202          <td></td><td></td><td></td>
203        </tr>
204      </table>
205</div>
206<div class="memdoc">
207
208<p>
209Gets tickets forwarded to hostname. If the tickets that are forwarded are address-less, the forwarded tickets will also be address-less.<p>
210If the ticket have any address, hostname will be used for figure out the address to forward the ticket too. This since this might use DNS, its insecure and also doesn't represent configured all addresses of the host. For example, the host might have two adresses, one IPv4 and one IPv6 address where the later is not published in DNS. This IPv6 address might be used communications and thus the resulting ticket useless.<p>
211<dl compact><dt><b>Parameters:</b></dt><dd>
212  <table border="0" cellspacing="2" cellpadding="0">
213    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A kerberos 5 context. </td></tr>
214    <tr><td valign="top"></td><td valign="top"><em>auth_context</em>&nbsp;</td><td>the auth context with the key to encrypt the out_data. </td></tr>
215    <tr><td valign="top"></td><td valign="top"><em>ccache</em>&nbsp;</td><td>credential cache to use </td></tr>
216    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td>the flags to control the resulting ticket flags </td></tr>
217    <tr><td valign="top"></td><td valign="top"><em>hostname</em>&nbsp;</td><td>the host to forward the tickets too. </td></tr>
218    <tr><td valign="top"></td><td valign="top"><em>in_creds</em>&nbsp;</td><td>the in client and server ticket names. The client and server components forwarded to the remote host. </td></tr>
219    <tr><td valign="top"></td><td valign="top"><em>out_data</em>&nbsp;</td><td>the resulting credential.</td></tr>
220  </table>
221</dl>
222<dl class="return" compact><dt><b>Returns:</b></dt><dd>Return an error code or 0. </dd></dl>
223
224<p>
225Some older of the MIT gssapi library used clear-text tickets (warped inside AP-REQ encryption), use the krb5_auth_context flag KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED to support those tickets. The session key is used otherwise to encrypt the forwarded ticket.
226</div>
227</div><p>
228<a class="anchor" name="g32573c317cca5198b04550d753b369a1"></a><!-- doxytag: member="init_creds_pw.c::krb5_get_init_creds_keyblock" ref="g32573c317cca5198b04550d753b369a1" args="(krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keyblock *keyblock, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)" -->
229<div class="memitem">
230<div class="memproto">
231      <table class="memname">
232        <tr>
233          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keyblock           </td>
234          <td>(</td>
235          <td class="paramtype">krb5_context&nbsp;</td>
236          <td class="paramname"> <em>context</em>, </td>
237        </tr>
238        <tr>
239          <td class="paramkey"></td>
240          <td></td>
241          <td class="paramtype">krb5_creds *&nbsp;</td>
242          <td class="paramname"> <em>creds</em>, </td>
243        </tr>
244        <tr>
245          <td class="paramkey"></td>
246          <td></td>
247          <td class="paramtype">krb5_principal&nbsp;</td>
248          <td class="paramname"> <em>client</em>, </td>
249        </tr>
250        <tr>
251          <td class="paramkey"></td>
252          <td></td>
253          <td class="paramtype">krb5_keyblock *&nbsp;</td>
254          <td class="paramname"> <em>keyblock</em>, </td>
255        </tr>
256        <tr>
257          <td class="paramkey"></td>
258          <td></td>
259          <td class="paramtype">krb5_deltat&nbsp;</td>
260          <td class="paramname"> <em>start_time</em>, </td>
261        </tr>
262        <tr>
263          <td class="paramkey"></td>
264          <td></td>
265          <td class="paramtype">const char *&nbsp;</td>
266          <td class="paramname"> <em>in_tkt_service</em>, </td>
267        </tr>
268        <tr>
269          <td class="paramkey"></td>
270          <td></td>
271          <td class="paramtype">krb5_get_init_creds_opt *&nbsp;</td>
272          <td class="paramname"> <em>options</em></td><td>&nbsp;</td>
273        </tr>
274        <tr>
275          <td></td>
276          <td>)</td>
277          <td></td><td></td><td></td>
278        </tr>
279      </table>
280</div>
281<div class="memdoc">
282
283<p>
284Get new credentials using keyblock.
285</div>
286</div><p>
287<a class="anchor" name="g83e4a8a74b08522bd778c2d59ef1f2b6"></a><!-- doxytag: member="init_creds_pw.c::krb5_get_init_creds_keytab" ref="g83e4a8a74b08522bd778c2d59ef1f2b6" args="(krb5_context context, krb5_creds *creds, krb5_principal client, krb5_keytab keytab, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)" -->
288<div class="memitem">
289<div class="memproto">
290      <table class="memname">
291        <tr>
292          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_keytab           </td>
293          <td>(</td>
294          <td class="paramtype">krb5_context&nbsp;</td>
295          <td class="paramname"> <em>context</em>, </td>
296        </tr>
297        <tr>
298          <td class="paramkey"></td>
299          <td></td>
300          <td class="paramtype">krb5_creds *&nbsp;</td>
301          <td class="paramname"> <em>creds</em>, </td>
302        </tr>
303        <tr>
304          <td class="paramkey"></td>
305          <td></td>
306          <td class="paramtype">krb5_principal&nbsp;</td>
307          <td class="paramname"> <em>client</em>, </td>
308        </tr>
309        <tr>
310          <td class="paramkey"></td>
311          <td></td>
312          <td class="paramtype">krb5_keytab&nbsp;</td>
313          <td class="paramname"> <em>keytab</em>, </td>
314        </tr>
315        <tr>
316          <td class="paramkey"></td>
317          <td></td>
318          <td class="paramtype">krb5_deltat&nbsp;</td>
319          <td class="paramname"> <em>start_time</em>, </td>
320        </tr>
321        <tr>
322          <td class="paramkey"></td>
323          <td></td>
324          <td class="paramtype">const char *&nbsp;</td>
325          <td class="paramname"> <em>in_tkt_service</em>, </td>
326        </tr>
327        <tr>
328          <td class="paramkey"></td>
329          <td></td>
330          <td class="paramtype">krb5_get_init_creds_opt *&nbsp;</td>
331          <td class="paramname"> <em>options</em></td><td>&nbsp;</td>
332        </tr>
333        <tr>
334          <td></td>
335          <td>)</td>
336          <td></td><td></td><td></td>
337        </tr>
338      </table>
339</div>
340<div class="memdoc">
341
342<p>
343Get new credentials using keytab.
344</div>
345</div><p>
346<a class="anchor" name="gbc0922393cb5c5eecec2d83f1851c21b"></a><!-- doxytag: member="init_creds.c::krb5_get_init_creds_opt_alloc" ref="gbc0922393cb5c5eecec2d83f1851c21b" args="(krb5_context context, krb5_get_init_creds_opt **opt)" -->
347<div class="memitem">
348<div class="memproto">
349      <table class="memname">
350        <tr>
351          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_opt_alloc           </td>
352          <td>(</td>
353          <td class="paramtype">krb5_context&nbsp;</td>
354          <td class="paramname"> <em>context</em>, </td>
355        </tr>
356        <tr>
357          <td class="paramkey"></td>
358          <td></td>
359          <td class="paramtype">krb5_get_init_creds_opt **&nbsp;</td>
360          <td class="paramname"> <em>opt</em></td><td>&nbsp;</td>
361        </tr>
362        <tr>
363          <td></td>
364          <td>)</td>
365          <td></td><td></td><td></td>
366        </tr>
367      </table>
368</div>
369<div class="memdoc">
370
371<p>
372Allocate a new krb5_get_init_creds_opt structure, free with <a class="el" href="group__krb5__credential.html#g2be2f013c88153be9535c17a2b16f336">krb5_get_init_creds_opt_free()</a>.
373</div>
374</div><p>
375<a class="anchor" name="g2be2f013c88153be9535c17a2b16f336"></a><!-- doxytag: member="init_creds.c::krb5_get_init_creds_opt_free" ref="g2be2f013c88153be9535c17a2b16f336" args="(krb5_context context, krb5_get_init_creds_opt *opt)" -->
376<div class="memitem">
377<div class="memproto">
378      <table class="memname">
379        <tr>
380          <td class="memname">KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_get_init_creds_opt_free           </td>
381          <td>(</td>
382          <td class="paramtype">krb5_context&nbsp;</td>
383          <td class="paramname"> <em>context</em>, </td>
384        </tr>
385        <tr>
386          <td class="paramkey"></td>
387          <td></td>
388          <td class="paramtype">krb5_get_init_creds_opt *&nbsp;</td>
389          <td class="paramname"> <em>opt</em></td><td>&nbsp;</td>
390        </tr>
391        <tr>
392          <td></td>
393          <td>)</td>
394          <td></td><td></td><td></td>
395        </tr>
396      </table>
397</div>
398<div class="memdoc">
399
400<p>
401Free krb5_get_init_creds_opt structure.
402</div>
403</div><p>
404<a class="anchor" name="ge7e4852f19e7f83bd743952491d1f4b1"></a><!-- doxytag: member="init_creds_pw.c::krb5_get_init_creds_password" ref="ge7e4852f19e7f83bd743952491d1f4b1" args="(krb5_context context, krb5_creds *creds, krb5_principal client, const char *password, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, const char *in_tkt_service, krb5_get_init_creds_opt *options)" -->
405<div class="memitem">
406<div class="memproto">
407      <table class="memname">
408        <tr>
409          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_get_init_creds_password           </td>
410          <td>(</td>
411          <td class="paramtype">krb5_context&nbsp;</td>
412          <td class="paramname"> <em>context</em>, </td>
413        </tr>
414        <tr>
415          <td class="paramkey"></td>
416          <td></td>
417          <td class="paramtype">krb5_creds *&nbsp;</td>
418          <td class="paramname"> <em>creds</em>, </td>
419        </tr>
420        <tr>
421          <td class="paramkey"></td>
422          <td></td>
423          <td class="paramtype">krb5_principal&nbsp;</td>
424          <td class="paramname"> <em>client</em>, </td>
425        </tr>
426        <tr>
427          <td class="paramkey"></td>
428          <td></td>
429          <td class="paramtype">const char *&nbsp;</td>
430          <td class="paramname"> <em>password</em>, </td>
431        </tr>
432        <tr>
433          <td class="paramkey"></td>
434          <td></td>
435          <td class="paramtype">krb5_prompter_fct&nbsp;</td>
436          <td class="paramname"> <em>prompter</em>, </td>
437        </tr>
438        <tr>
439          <td class="paramkey"></td>
440          <td></td>
441          <td class="paramtype">void *&nbsp;</td>
442          <td class="paramname"> <em>data</em>, </td>
443        </tr>
444        <tr>
445          <td class="paramkey"></td>
446          <td></td>
447          <td class="paramtype">krb5_deltat&nbsp;</td>
448          <td class="paramname"> <em>start_time</em>, </td>
449        </tr>
450        <tr>
451          <td class="paramkey"></td>
452          <td></td>
453          <td class="paramtype">const char *&nbsp;</td>
454          <td class="paramname"> <em>in_tkt_service</em>, </td>
455        </tr>
456        <tr>
457          <td class="paramkey"></td>
458          <td></td>
459          <td class="paramtype">krb5_get_init_creds_opt *&nbsp;</td>
460          <td class="paramname"> <em>options</em></td><td>&nbsp;</td>
461        </tr>
462        <tr>
463          <td></td>
464          <td>)</td>
465          <td></td><td></td><td></td>
466        </tr>
467      </table>
468</div>
469<div class="memdoc">
470
471<p>
472Get new credentials using password.
473</div>
474</div><p>
475<a class="anchor" name="gf878f5715a3048995f175c09e95a3a71"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_free" ref="gf878f5715a3048995f175c09e95a3a71" args="(krb5_context context, krb5_init_creds_context ctx)" -->
476<div class="memitem">
477<div class="memproto">
478      <table class="memname">
479        <tr>
480          <td class="memname">KRB5_LIB_FUNCTION void KRB5_LIB_CALL krb5_init_creds_free           </td>
481          <td>(</td>
482          <td class="paramtype">krb5_context&nbsp;</td>
483          <td class="paramname"> <em>context</em>, </td>
484        </tr>
485        <tr>
486          <td class="paramkey"></td>
487          <td></td>
488          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
489          <td class="paramname"> <em>ctx</em></td><td>&nbsp;</td>
490        </tr>
491        <tr>
492          <td></td>
493          <td>)</td>
494          <td></td><td></td><td></td>
495        </tr>
496      </table>
497</div>
498<div class="memdoc">
499
500<p>
501Free the krb5_init_creds_context allocated by <a class="el" href="group__krb5__credential.html#g1a610bb2706e4048e8220225da110033">krb5_init_creds_init()</a>.<p>
502<dl compact><dt><b>Parameters:</b></dt><dd>
503  <table border="0" cellspacing="2" cellpadding="0">
504    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A Kerberos 5 context. </td></tr>
505    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>The krb5_init_creds_context to free. </td></tr>
506  </table>
507</dl>
508
509</div>
510</div><p>
511<a class="anchor" name="gb1716df7cb25ebea9bbf652094970bce"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_get" ref="gb1716df7cb25ebea9bbf652094970bce" args="(krb5_context context, krb5_init_creds_context ctx)" -->
512<div class="memitem">
513<div class="memproto">
514      <table class="memname">
515        <tr>
516          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_get           </td>
517          <td>(</td>
518          <td class="paramtype">krb5_context&nbsp;</td>
519          <td class="paramname"> <em>context</em>, </td>
520        </tr>
521        <tr>
522          <td class="paramkey"></td>
523          <td></td>
524          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
525          <td class="paramname"> <em>ctx</em></td><td>&nbsp;</td>
526        </tr>
527        <tr>
528          <td></td>
529          <td>)</td>
530          <td></td><td></td><td></td>
531        </tr>
532      </table>
533</div>
534<div class="memdoc">
535
536<p>
537Get new credentials as setup by the krb5_init_creds_context.<p>
538<dl compact><dt><b>Parameters:</b></dt><dd>
539  <table border="0" cellspacing="2" cellpadding="0">
540    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A Kerberos 5 context. </td></tr>
541    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>The krb5_init_creds_context to process. </td></tr>
542  </table>
543</dl>
544
545</div>
546</div><p>
547<a class="anchor" name="gb5b9ab4698f5af99c06dbcc015c39e27"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_get_error" ref="gb5b9ab4698f5af99c06dbcc015c39e27" args="(krb5_context context, krb5_init_creds_context ctx, KRB_ERROR *error)" -->
548<div class="memitem">
549<div class="memproto">
550      <table class="memname">
551        <tr>
552          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_get_error           </td>
553          <td>(</td>
554          <td class="paramtype">krb5_context&nbsp;</td>
555          <td class="paramname"> <em>context</em>, </td>
556        </tr>
557        <tr>
558          <td class="paramkey"></td>
559          <td></td>
560          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
561          <td class="paramname"> <em>ctx</em>, </td>
562        </tr>
563        <tr>
564          <td class="paramkey"></td>
565          <td></td>
566          <td class="paramtype">KRB_ERROR *&nbsp;</td>
567          <td class="paramname"> <em>error</em></td><td>&nbsp;</td>
568        </tr>
569        <tr>
570          <td></td>
571          <td>)</td>
572          <td></td><td></td><td></td>
573        </tr>
574      </table>
575</div>
576<div class="memdoc">
577
578<p>
579Get the last error from the transaction.<p>
580<dl class="return" compact><dt><b>Returns:</b></dt><dd>Returns 0 or an error code </dd></dl>
581
582</div>
583</div><p>
584<a class="anchor" name="g1a610bb2706e4048e8220225da110033"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_init" ref="g1a610bb2706e4048e8220225da110033" args="(krb5_context context, krb5_principal client, krb5_prompter_fct prompter, void *prompter_data, krb5_deltat start_time, krb5_get_init_creds_opt *options, krb5_init_creds_context *rctx)" -->
585<div class="memitem">
586<div class="memproto">
587      <table class="memname">
588        <tr>
589          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_init           </td>
590          <td>(</td>
591          <td class="paramtype">krb5_context&nbsp;</td>
592          <td class="paramname"> <em>context</em>, </td>
593        </tr>
594        <tr>
595          <td class="paramkey"></td>
596          <td></td>
597          <td class="paramtype">krb5_principal&nbsp;</td>
598          <td class="paramname"> <em>client</em>, </td>
599        </tr>
600        <tr>
601          <td class="paramkey"></td>
602          <td></td>
603          <td class="paramtype">krb5_prompter_fct&nbsp;</td>
604          <td class="paramname"> <em>prompter</em>, </td>
605        </tr>
606        <tr>
607          <td class="paramkey"></td>
608          <td></td>
609          <td class="paramtype">void *&nbsp;</td>
610          <td class="paramname"> <em>prompter_data</em>, </td>
611        </tr>
612        <tr>
613          <td class="paramkey"></td>
614          <td></td>
615          <td class="paramtype">krb5_deltat&nbsp;</td>
616          <td class="paramname"> <em>start_time</em>, </td>
617        </tr>
618        <tr>
619          <td class="paramkey"></td>
620          <td></td>
621          <td class="paramtype">krb5_get_init_creds_opt *&nbsp;</td>
622          <td class="paramname"> <em>options</em>, </td>
623        </tr>
624        <tr>
625          <td class="paramkey"></td>
626          <td></td>
627          <td class="paramtype">krb5_init_creds_context *&nbsp;</td>
628          <td class="paramname"> <em>rctx</em></td><td>&nbsp;</td>
629        </tr>
630        <tr>
631          <td></td>
632          <td>)</td>
633          <td></td><td></td><td></td>
634        </tr>
635      </table>
636</div>
637<div class="memdoc">
638
639<p>
640Start a new context to get a new initial credential.<p>
641<dl compact><dt><b>Parameters:</b></dt><dd>
642  <table border="0" cellspacing="2" cellpadding="0">
643    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>A Kerberos 5 context. </td></tr>
644    <tr><td valign="top"></td><td valign="top"><em>client</em>&nbsp;</td><td>The Kerberos principal to get the credential for, if NULL is given, the default principal is used as determined by krb5_get_default_principal(). </td></tr>
645    <tr><td valign="top"></td><td valign="top"><em>prompter</em>&nbsp;</td><td></td></tr>
646    <tr><td valign="top"></td><td valign="top"><em>prompter_data</em>&nbsp;</td><td></td></tr>
647    <tr><td valign="top"></td><td valign="top"><em>start_time</em>&nbsp;</td><td>the time the ticket should start to be valid or 0 for now. </td></tr>
648    <tr><td valign="top"></td><td valign="top"><em>options</em>&nbsp;</td><td>a options structure, can be NULL for default options. </td></tr>
649    <tr><td valign="top"></td><td valign="top"><em>rctx</em>&nbsp;</td><td>A new allocated free with <a class="el" href="group__krb5__credential.html#gf878f5715a3048995f175c09e95a3a71">krb5_init_creds_free()</a>.</td></tr>
650  </table>
651</dl>
652<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 for success or an Kerberos 5 error code, see krb5_get_error_message(). </dd></dl>
653
654</div>
655</div><p>
656<a class="anchor" name="gb80179f38c8cc87627752d5db22c8203"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_set_keytab" ref="gb80179f38c8cc87627752d5db22c8203" args="(krb5_context context, krb5_init_creds_context ctx, krb5_keytab keytab)" -->
657<div class="memitem">
658<div class="memproto">
659      <table class="memname">
660        <tr>
661          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_keytab           </td>
662          <td>(</td>
663          <td class="paramtype">krb5_context&nbsp;</td>
664          <td class="paramname"> <em>context</em>, </td>
665        </tr>
666        <tr>
667          <td class="paramkey"></td>
668          <td></td>
669          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
670          <td class="paramname"> <em>ctx</em>, </td>
671        </tr>
672        <tr>
673          <td class="paramkey"></td>
674          <td></td>
675          <td class="paramtype">krb5_keytab&nbsp;</td>
676          <td class="paramname"> <em>keytab</em></td><td>&nbsp;</td>
677        </tr>
678        <tr>
679          <td></td>
680          <td>)</td>
681          <td></td><td></td><td></td>
682        </tr>
683      </table>
684</div>
685<div class="memdoc">
686
687<p>
688Set the keytab to use for authentication.<p>
689<dl compact><dt><b>Parameters:</b></dt><dd>
690  <table border="0" cellspacing="2" cellpadding="0">
691    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>a Kerberos 5 context. </td></tr>
692    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>ctx krb5_init_creds_context context. </td></tr>
693    <tr><td valign="top"></td><td valign="top"><em>keytab</em>&nbsp;</td><td>the keytab to read the key from.</td></tr>
694  </table>
695</dl>
696<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). </dd></dl>
697
698</div>
699</div><p>
700<a class="anchor" name="g0a1d093a3c43b57b5e84206e73441d68"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_set_password" ref="g0a1d093a3c43b57b5e84206e73441d68" args="(krb5_context context, krb5_init_creds_context ctx, const char *password)" -->
701<div class="memitem">
702<div class="memproto">
703      <table class="memname">
704        <tr>
705          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_password           </td>
706          <td>(</td>
707          <td class="paramtype">krb5_context&nbsp;</td>
708          <td class="paramname"> <em>context</em>, </td>
709        </tr>
710        <tr>
711          <td class="paramkey"></td>
712          <td></td>
713          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
714          <td class="paramname"> <em>ctx</em>, </td>
715        </tr>
716        <tr>
717          <td class="paramkey"></td>
718          <td></td>
719          <td class="paramtype">const char *&nbsp;</td>
720          <td class="paramname"> <em>password</em></td><td>&nbsp;</td>
721        </tr>
722        <tr>
723          <td></td>
724          <td>)</td>
725          <td></td><td></td><td></td>
726        </tr>
727      </table>
728</div>
729<div class="memdoc">
730
731<p>
732Sets the password that will use for the request.<p>
733<dl compact><dt><b>Parameters:</b></dt><dd>
734  <table border="0" cellspacing="2" cellpadding="0">
735    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>a Kerberos 5 context. </td></tr>
736    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>ctx krb5_init_creds_context context. </td></tr>
737    <tr><td valign="top"></td><td valign="top"><em>password</em>&nbsp;</td><td>the password to use.</td></tr>
738  </table>
739</dl>
740<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). </dd></dl>
741
742</div>
743</div><p>
744<a class="anchor" name="g71f386b20c42540d4e733eeb7c0cb18e"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_set_service" ref="g71f386b20c42540d4e733eeb7c0cb18e" args="(krb5_context context, krb5_init_creds_context ctx, const char *service)" -->
745<div class="memitem">
746<div class="memproto">
747      <table class="memname">
748        <tr>
749          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_set_service           </td>
750          <td>(</td>
751          <td class="paramtype">krb5_context&nbsp;</td>
752          <td class="paramname"> <em>context</em>, </td>
753        </tr>
754        <tr>
755          <td class="paramkey"></td>
756          <td></td>
757          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
758          <td class="paramname"> <em>ctx</em>, </td>
759        </tr>
760        <tr>
761          <td class="paramkey"></td>
762          <td></td>
763          <td class="paramtype">const char *&nbsp;</td>
764          <td class="paramname"> <em>service</em></td><td>&nbsp;</td>
765        </tr>
766        <tr>
767          <td></td>
768          <td>)</td>
769          <td></td><td></td><td></td>
770        </tr>
771      </table>
772</div>
773<div class="memdoc">
774
775<p>
776Sets the service that the is requested. This call is only neede for special initial tickets, by default the a krbtgt is fetched in the default realm.<p>
777<dl compact><dt><b>Parameters:</b></dt><dd>
778  <table border="0" cellspacing="2" cellpadding="0">
779    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>a Kerberos 5 context. </td></tr>
780    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>a krb5_init_creds_context context. </td></tr>
781    <tr><td valign="top"></td><td valign="top"><em>service</em>&nbsp;</td><td>the service given as a string, for example "kadmind/admin". If NULL, the default krbtgt in the clients realm is set.</td></tr>
782  </table>
783</dl>
784<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). </dd></dl>
785
786</div>
787</div><p>
788<a class="anchor" name="g9b1f54a05b9e7b60bef0c7d5f40b351b"></a><!-- doxytag: member="init_creds_pw.c::krb5_init_creds_step" ref="g9b1f54a05b9e7b60bef0c7d5f40b351b" args="(krb5_context context, krb5_init_creds_context ctx, krb5_data *in, krb5_data *out, krb5_krbhst_info *hostinfo, unsigned int *flags)" -->
789<div class="memitem">
790<div class="memproto">
791      <table class="memname">
792        <tr>
793          <td class="memname">KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_init_creds_step           </td>
794          <td>(</td>
795          <td class="paramtype">krb5_context&nbsp;</td>
796          <td class="paramname"> <em>context</em>, </td>
797        </tr>
798        <tr>
799          <td class="paramkey"></td>
800          <td></td>
801          <td class="paramtype">krb5_init_creds_context&nbsp;</td>
802          <td class="paramname"> <em>ctx</em>, </td>
803        </tr>
804        <tr>
805          <td class="paramkey"></td>
806          <td></td>
807          <td class="paramtype">krb5_data *&nbsp;</td>
808          <td class="paramname"> <em>in</em>, </td>
809        </tr>
810        <tr>
811          <td class="paramkey"></td>
812          <td></td>
813          <td class="paramtype">krb5_data *&nbsp;</td>
814          <td class="paramname"> <em>out</em>, </td>
815        </tr>
816        <tr>
817          <td class="paramkey"></td>
818          <td></td>
819          <td class="paramtype">krb5_krbhst_info *&nbsp;</td>
820          <td class="paramname"> <em>hostinfo</em>, </td>
821        </tr>
822        <tr>
823          <td class="paramkey"></td>
824          <td></td>
825          <td class="paramtype">unsigned int *&nbsp;</td>
826          <td class="paramname"> <em>flags</em></td><td>&nbsp;</td>
827        </tr>
828        <tr>
829          <td></td>
830          <td>)</td>
831          <td></td><td></td><td></td>
832        </tr>
833      </table>
834</div>
835<div class="memdoc">
836
837<p>
838The core loop if krb5_get_init_creds() function family. Create the packets and have the caller send them off to the KDC.<p>
839If the caller want all work been done for them, use <a class="el" href="group__krb5__credential.html#gb1716df7cb25ebea9bbf652094970bce">krb5_init_creds_get()</a> instead.<p>
840<dl compact><dt><b>Parameters:</b></dt><dd>
841  <table border="0" cellspacing="2" cellpadding="0">
842    <tr><td valign="top"></td><td valign="top"><em>context</em>&nbsp;</td><td>a Kerberos 5 context. </td></tr>
843    <tr><td valign="top"></td><td valign="top"><em>ctx</em>&nbsp;</td><td>ctx krb5_init_creds_context context. </td></tr>
844    <tr><td valign="top"></td><td valign="top"><em>in</em>&nbsp;</td><td>input data from KDC, first round it should be reset by krb5_data_zer(). </td></tr>
845    <tr><td valign="top"></td><td valign="top"><em>out</em>&nbsp;</td><td>reply to KDC. </td></tr>
846    <tr><td valign="top"></td><td valign="top"><em>hostinfo</em>&nbsp;</td><td>KDC address info, first round it can be NULL. </td></tr>
847    <tr><td valign="top"></td><td valign="top"><em>flags</em>&nbsp;</td><td>status of the round, if KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round.</td></tr>
848  </table>
849</dl>
850<dl class="return" compact><dt><b>Returns:</b></dt><dd>0 for success, or an Kerberos 5 error code, see krb5_get_error_message(). </dd></dl>
851
852</div>
853</div><p>
854</div>
855<hr size="1"><address style="text-align: right;"><small>
856Generated on Wed Jan 11 14:07:49 2012 for HeimdalKerberos5library by&nbsp;<a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> 1.5.6</small></address>
857</body>
858</html>
859