| 
|  | KRB5_AUTH_CONTEXT(3)Contents |  
      krb5_auth_context, krb5_auth_con_init, krb5_auth_con_free,
     krb5_auth_con_setflags,              krb5_auth_con_getflags,
krb5_auth_con_setaddrs,
     krb5_auth_con_setaddrs_from_fd, krb5_auth_con_getaddrs,
     krb5_auth_con_genaddrs,                krb5_auth_con_getkey,
krb5_auth_con_setkey,
     krb5_auth_con_getuserkey, krb5_auth_con_setuserkey,
     krb5_auth_con_getlocalsubkey, krb5_auth_con_setlocalsubkey,
     krb5_auth_con_getremotesubkey,
krb5_auth_con_setremotesubkey,
     krb5_auth_setcksumtype,              krb5_auth_getcksumtype,
krb5_auth_setkeytype,
     krb5_auth_getkeytype, krb5_auth_getlocalseqnumber,
     krb5_auth_setlocalseqnumber, krb5_auth_getremoteseqnumber,
     krb5_auth_setremoteseqnumber, krb5_auth_getauthenticator,
     krb5_auth_con_getrcache, krb5_auth_con_setrcache,
     krb5_auth_con_initivector, krb5_auth_con_setivector - manage
authentication
 on connection level
     Kerberos 5 Library (libkrb5, -lkrb5)
      #include <krb5.h>
     krb5_error_code
     krb5_auth_con_init(krb5_context context,
             krb5_auth_context *auth_context);
     void
     krb5_auth_con_free(krb5_context  context,  krb5_auth_context
auth_context);
     krb5_error_code
     krb5_auth_con_setflags(krb5_context context,
             krb5_auth_context auth_context, int32_t flags);
     krb5_error_code
     krb5_auth_con_getflags(krb5_context context,
             krb5_auth_context auth_context, int32_t *flags);
     krb5_error_code
     krb5_auth_con_setaddrs(krb5_context context,
             krb5_auth_context     auth_context,     krb5_address
*local_addr,
             krb5_address *remote_addr);
     krb5_error_code
     krb5_auth_con_getaddrs(krb5_context context,
             krb5_auth_context     auth_context,     krb5_address
**local_addr,
             krb5_address **remote_addr);
     krb5_error_code
     krb5_auth_con_genaddrs(krb5_context context,
             krb5_auth_context auth_context, int fd, int flags);
     krb5_error_code
     krb5_auth_con_setaddrs_from_fd(krb5_context context,
             krb5_auth_context auth_context, void *p_fd);
     krb5_error_code
     krb5_auth_con_getkey(krb5_context context,
             krb5_auth_context    auth_context,     krb5_keyblock
**keyblock);
     krb5_error_code
     krb5_auth_con_getlocalsubkey(krb5_context context,
             krb5_auth_context     auth_context,    krb5_keyblock
**keyblock);
     krb5_error_code
     krb5_auth_con_getremotesubkey(krb5_context context,
             krb5_auth_context    auth_context,     krb5_keyblock
**keyblock);
     krb5_error_code
     krb5_auth_con_initivector(krb5_context context,
             krb5_auth_context auth_context);
     krb5_error_code
     krb5_auth_con_setivector(krb5_context context,
             krb5_auth_context     *auth_context,    krb5_pointer
ivector);
     The krb5_auth_context structure holds all context related to
an authenticated
  connection,  in  a  similar  way to krb5_context that
holds the context
     for the thread or process.   krb5_auth_context  is  used  by
various functions
  that  are  directly related to authentication between
the server/client.
 Example of data that this structure contains  are
various
     flags,  addresses  of  client and server, port numbers, keyblocks (and subkeys),
 sequence numbers, replay cache, and checksum-type.
     krb5_auth_con_init()   allocates   and    initializes    the
krb5_auth_context
     structure. Default values can be changed with
     krb5_auth_con_setcksumtype()  and  krb5_auth_con_setflags().
The
     auth_context     structure     must     be     freed      by
krb5_auth_con_free().
     krb5_auth_con_getflags()  and  krb5_auth_con_setflags() gets
and modifies
     the flags for a krb5_auth_context structure. Possible  flags
to set are:
     KRB5_AUTH_CONTEXT_DO_TIME
             check timestamp on incoming packets.
     KRB5_AUTH_CONTEXT_DO_SEQUENCE
             Generate and check sequence-number on each packet.
     krb5_auth_con_setaddrs(),   krb5_auth_con_setaddrs_from_fd()
and
     krb5_auth_con_getaddrs() gets and sets  the  addresses  that
are checked
     when  a  packet  is received.  It is mandatory to set an address for the remote
 host. If the local address is not set, it  iss  deduced
from the underlaying
  operating  system.  krb5_auth_con_getaddrs() will
call
     krb5_free_address()  on  any  address  that  is  passed   in
local_addr or
     remote_addr.   krb5_auth_con_setaddr()  allows  passing in a
NULL pointer as
     local_addr and remote_addr, in that case it  will  just  not
set that address.
     krb5_auth_con_setaddrs_from_fd()  fetches the addresses from
a file descriptor.
     krb5_auth_con_genaddrs()  fetches  the  address  information
from the given
     file descriptor fd depending on the bitmap argument flags.
     Possible values on flags are:
     KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR
             fetches the local address from fd.
     KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR
             fetches the remote address from fd.
     krb5_auth_con_setkey(), krb5_auth_con_setuserkey() and
     krb5_auth_con_getkey()  gets  and sets the key used for this
auth context.
     The keyblock returned by  krb5_auth_con_getkey()  should  be
freed with
     krb5_free_keyblock().      The     keyblock     send    into
krb5_auth_con_setkey() is
     copied into the krb5_auth_context, and thus no special  handling is needed.
  NULL is not a valid keyblock to krb5_auth_con_setkey().
     krb5_auth_con_setuserkey() is only useful when doing user to
user authentication.
  krb5_auth_con_setkey() is equivalent to
     krb5_auth_con_setuserkey().
     krb5_auth_con_getlocalsubkey(),
krb5_auth_con_setlocalsubkey(),
     krb5_auth_con_getremotesubkey()                          and
krb5_auth_con_setremotesubkey() gets
     and  sets  the keyblock for the local and remote subkey. The
keyblock returned
 by krb5_auth_con_getlocalsubkey() and
     krb5_auth_con_getremotesubkey()   must   be    freed    with
krb5_free_keyblock().
     krb5_auth_setcksumtype()  and  krb5_auth_getcksumtype() sets
and gets the
     checksum type that should be used for this connection.
     krb5_auth_getremoteseqnumber()
krb5_auth_setremoteseqnumber(),
     krb5_auth_getlocalseqnumber()                            and
krb5_auth_setlocalseqnumber() gets and
     sets the sequence-number for the local and remote  sequencenumber
     counter.
     krb5_auth_setkeytype()  and  krb5_auth_getkeytype() gets and
gets the keytype
 of the keyblock in krb5_auth_context.
     krb5_auth_getauthenticator()  Retrieves  the   authenticator
that was used
     during  mutual  authentication.  The  authenticator returned
should be freed
     by calling krb5_free_authenticator().
     krb5_auth_con_getrcache() and krb5_auth_con_setrcache() gets
and sets the
     replay-cache.
     krb5_auth_con_initivector()  allocates  memory for and zeros
the initial
     vector in the auth_context keyblock.
     krb5_auth_con_setivector()  sets  the  i_vector  portion  of
auth_context to
     ivector.
     krb5_context(3), kerberos(8)
 HEIMDAL                             January       21,       2001
[ Back ] |