2 * lib/krb5/krb/in_tkt_ktb.c
4 * Copyright 1990,1991 by the Massachusetts Institute of Technology.
7 * Export of this software from the United States of America may
8 * require a specific license from the United States Government.
9 * It is the responsibility of any person or organization contemplating
10 * export to obtain such a license before exporting.
12 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
13 * distribute this software and its documentation for any purpose and
14 * without fee is hereby granted, provided that the above copyright
15 * notice appear in all copies and that both that copyright notice and
16 * this permission notice appear in supporting documentation, and that
17 * the name of M.I.T. not be used in advertising or publicity pertaining
18 * to distribution of the software without specific, written prior
19 * permission. M.I.T. makes no representations about the suitability of
20 * this software for any purpose. It is provided "as is" without express
21 * or implied warranty.
24 * krb5_get_in_tkt_with_keytab()
30 struct keytab_keyproc_arg {
32 krb5_principal client;
36 * Key-generator for in_tkt_keytab, below.
37 * "keyseed" is actually a krb5_keytab, or NULL if we should fetch
40 krb5_error_code keytab_keyproc
41 PROTOTYPE((krb5_context,
48 keytab_keyproc(context, type, salt, keyseed, key)
50 const krb5_keytype type;
52 krb5_const_pointer keyseed;
55 struct keytab_keyproc_arg * arg = (struct keytab_keyproc_arg *)keyseed;
56 krb5_keyblock *realkey;
57 krb5_error_code retval;
59 krb5_keytab_entry kt_ent;
63 if (!valid_keytype(type))
64 return KRB5_PROG_ETYPE_NOSUPP;
67 /* Fetch from default keytab location */
68 if (retval = krb5_kt_default(context, &kt_id))
72 if (retval = krb5_kt_get_entry(context, kt_id, arg->client,
73 0, /* don't have vno available */
77 if (retval = krb5_copy_keyblock(context, &kt_ent.key, &realkey)) {
78 (void) krb5_kt_free_entry(context, &kt_ent);
82 if (realkey->keytype != type) {
83 (void) krb5_kt_free_entry(context, &kt_ent);
84 krb5_free_keyblock(context, realkey);
85 return KRB5_PROG_ETYPE_NOSUPP;
88 (void) krb5_kt_free_entry(context, &kt_ent);
94 Similar to krb5_get_in_tkt_with_skey.
96 Attempts to get an initial ticket for creds->client to use server
97 creds->server, (realm is taken from creds->client), with options
98 options, and using creds->times.starttime, creds->times.endtime,
99 creds->times.renew_till as from, till, and rtime.
100 creds->times.renew_till is ignored unless the RENEWABLE option is requested.
102 If addrs is non-NULL, it is used for the addresses requested. If it is
103 null, the system standard addresses are used.
105 A succesful call will place the ticket in the credentials cache ccache.
107 returns system errors, encryption errors
111 krb5_get_in_tkt_with_keytab(context, options, addrs, etypes, pre_auth_types,
112 keytab, ccache, creds, ret_as_reply)
113 krb5_context context;
114 const krb5_flags options;
115 krb5_address * const * addrs;
116 krb5_enctype * etypes;
117 krb5_preauthtype * pre_auth_types;
118 const krb5_keytab keytab;
121 krb5_kdc_rep ** ret_as_reply;
123 struct keytab_keyproc_arg arg;
126 arg.client = creds->client;
128 return (krb5_get_in_tkt(context, options, addrs, etypes, pre_auth_types,
129 keytab_keyproc, (krb5_pointer)&arg,
130 krb5_kdc_rep_decrypt_proc, 0, creds,
131 ccache, ret_as_reply));