X-Git-Url: http://git.tremily.us/?a=blobdiff_plain;f=src%2Finclude%2Fkrb5%2Fkrb5.hin;h=94a78a004c6f3adc4d9f10145cd0aab588a151a1;hb=bc096a77ffdab283d77c2e0fc1fdd15b9f77eb41;hp=c28e8571e50fd4ee7cff2ce8d2d24faca25c956c;hpb=772766f5f7d1e3b37f3fc380fb20ea143955ae07;p=krb5.git diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index c28e8571e..94a78a004 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -52,7 +52,11 @@ #ifndef KRB5_GENERAL__ #define KRB5_GENERAL__ -/* By default, do not expose deprecated interfaces. */ +/** @defgroup KRB5_H krb5 library API + * @{ + */ + + /* By default, do not expose deprecated interfaces. */ #ifndef KRB5_DEPRECATED #define KRB5_DEPRECATED 0 #endif @@ -207,18 +211,14 @@ typedef struct _krb5_data { char *data; } krb5_data; +/* Originally introduced for PKINIT; now unused. Do not use this. */ typedef struct _krb5_octet_data { krb5_magic magic; unsigned int length; krb5_octet *data; } krb5_octet_data; -/* - * Hack length for crypto library to use the afs_string_to_key It is - * equivalent to -1 without possible sign extension - * We also overload for an unset salt type length - which is also -1, but - * hey, why not.... - */ +/* Originally used to recognize AFS and default salts. No longer used. */ #define SALT_TYPE_AFS_LENGTH UINT_MAX #define SALT_TYPE_NO_LENGTH UINT_MAX @@ -239,35 +239,25 @@ typedef krb5_principal_data * krb5_principal; * Per V5 spec on definition of principal types */ -/* Name type not known */ -#define KRB5_NT_UNKNOWN 0 -/* Just the name of the principal as in DCE, or for users */ -#define KRB5_NT_PRINCIPAL 1 -/* Service and other unique instance (krbtgt) */ -#define KRB5_NT_SRV_INST 2 -/* Service with host name as instance (telnet, rcommands) */ -#define KRB5_NT_SRV_HST 3 -/* Service with host as remaining components */ -#define KRB5_NT_SRV_XHST 4 -/* Unique ID */ -#define KRB5_NT_UID 5 -/* PKINIT */ -#define KRB5_NT_X500_PRINCIPAL 6 -/* Name in form of SMTP email name */ -#define KRB5_NT_SMTP_NAME 7 -/* Windows 2000 UPN */ -#define KRB5_NT_ENTERPRISE_PRINCIPAL 10 -#define KRB5_NT_WELLKNOWN 11 -/* First component of NT_WELLKNOWN principals */ -#define KRB5_WELLKNOWN_NAMESTR "WELLKNOWN" -/* Windows 2000 UPN and SID */ -#define KRB5_NT_MS_PRINCIPAL -128 -/* NT 4 style name */ -#define KRB5_NT_MS_PRINCIPAL_AND_ID -129 -/* NT 4 style name and SID */ -#define KRB5_NT_ENT_PRINCIPAL_AND_ID -130 - -/* constant version thereof: */ +#define KRB5_NT_UNKNOWN 0 /**< Name type not known */ +#define KRB5_NT_PRINCIPAL 1 /**< Just the name of the principal + as in DCE, or for users */ +#define KRB5_NT_SRV_INST 2 /**< Service and other unique instance (krbtgt) */ +#define KRB5_NT_SRV_HST 3 /**< Service with host name as instance + (telnet, rcommands) */ +#define KRB5_NT_SRV_XHST 4 /**< Service with host as remaining components */ +#define KRB5_NT_UID 5 /**< Unique ID */ +#define KRB5_NT_X500_PRINCIPAL 6 /**< PKINIT */ +#define KRB5_NT_SMTP_NAME 7 /**< Name in form of SMTP email name */ +#define KRB5_NT_ENTERPRISE_PRINCIPAL 10 /**< Windows 2000 UPN */ +#define KRB5_NT_WELLKNOWN 11 /**< Well-known (special) principal */ +#define KRB5_WELLKNOWN_NAMESTR "WELLKNOWN" /**< First component of + NT_WELLKNOWN principals */ +#define KRB5_NT_MS_PRINCIPAL -128 /**< Windows 2000 UPN and SID */ +#define KRB5_NT_MS_PRINCIPAL_AND_ID -129 /**< NT 4 style name */ +#define KRB5_NT_ENT_PRINCIPAL_AND_ID -130 /**< NT 4 style name and SID */ + +/** Constant version of krb5_principal_data */ typedef const krb5_principal_data *krb5_const_principal; #define krb5_princ_realm(context, princ) (&(princ)->realm) @@ -282,22 +272,45 @@ typedef const krb5_principal_data *krb5_const_principal; ? (princ)->data + (i) \ : NULL) -/* - * Constants for realm referrals. - */ +/** Constant for realm referrals. */ #define KRB5_REFERRAL_REALM "" /* * Referral-specific functions. */ -krb5_boolean KRB5_CALLCONV krb5_is_referral_realm(const krb5_data *r); -/* Both these functions return constant storage that must not be freed. */ -const krb5_data *KRB5_CALLCONV krb5_anonymous_realm(void); -krb5_const_principal KRB5_CALLCONV krb5_anonymous_principal(void); +/** + * Check for a match with KRB5_REFERRAL_REALM. + * + * @param [in] r Realm to check + * + * @return @c TRUE if @a r is zero-length, @c FALSE otherwise + */ +krb5_boolean KRB5_CALLCONV +krb5_is_referral_realm(const krb5_data *r); + +/** + * Return an anonymous realm data. + * + * This function returns constant storage that must not be freed. + * + * @sa #KRB5_ANONYMOUS_REALMSTR + */ +const krb5_data *KRB5_CALLCONV +krb5_anonymous_realm(void); + +/** + * Build an anonymous principal. + * + * This function returns constant storage that must not be freed. + * + * @sa #KRB5_ANONYMOUS_PRINCSTR + */ +krb5_const_principal KRB5_CALLCONV +krb5_anonymous_principal(void); -#define KRB5_ANONYMOUS_REALMSTR "WELLKNOWN:ANONYMOUS" -#define KRB5_ANONYMOUS_PRINCSTR "ANONYMOUS" /* wellknown name type */ +#define KRB5_ANONYMOUS_REALMSTR "WELLKNOWN:ANONYMOUS" /**< Anonymous realm */ +#define KRB5_ANONYMOUS_PRINCSTR "ANONYMOUS" /**< Anonymous principal name */ /* * end "base-defs.h" */ @@ -306,7 +319,7 @@ krb5_const_principal KRB5_CALLCONV krb5_anonymous_principal(void); * begin "hostaddr.h" */ -/** structure for address */ +/** Structure for address */ typedef struct _krb5_address { krb5_magic magic; krb5_addrtype addrtype; @@ -346,7 +359,7 @@ struct _krb5_cryptosystem_entry; * begin "encryption.h" */ -/** @brief Exposed contents of a key. */ +/** Exposed contents of a key. */ typedef struct _krb5_keyblock { krb5_magic magic; krb5_enctype enctype; @@ -354,16 +367,15 @@ typedef struct _krb5_keyblock { krb5_octet *contents; } krb5_keyblock; +struct krb5_key_st; /** - * @brief Opaque identifier for a key. + * Opaque identifier for a key. * - * Use with the krb5_k APIs for better - * performance for repeated operations with the same key usage. Key - * identifiers must not be used simultaneously within multiple - * threads, as they may contain mutable internal state and are not - * mutex-protected. + * Use with the krb5_k APIs for better performance for repeated operations with + * the same key and usage. Key identifiers must not be used simultaneously + * within multiple threads, as they may contain mutable internal state and are + * not mutex-protected. */ -struct krb5_key_st; typedef struct krb5_key_st *krb5_key; #ifdef KRB5_OLD_CRYPTO @@ -390,36 +402,45 @@ typedef struct _krb5_enc_data { krb5_data ciphertext; } krb5_enc_data; +/** + * Structure to describe a region of text to be encrypted or decrypted. + * + * The @a flags member describes the type of the iov. + * The @a data member points to the memory that will be manipulated. + * All iov APIs take a pointer to the first element of an array of krb5_crypto_iov's + * along with the size of that array. Buffer contents are manipulated in-place; + * data is overwritten. Callers must allocate the right number of krb5_crypto_iov + * structures before calling into an iov API. + */ typedef struct _krb5_crypto_iov { - krb5_cryptotype flags; + krb5_cryptotype flags; /**< @ref KRB5_CRYPTO_TYPE type of the iov */ krb5_data data; } krb5_crypto_iov; /* per Kerberos v5 protocol spec */ #define ENCTYPE_NULL 0x0000 -#define ENCTYPE_DES_CBC_CRC 0x0001 /* DES cbc mode with CRC-32 */ -#define ENCTYPE_DES_CBC_MD4 0x0002 /* DES cbc mode with RSA-MD4 */ -#define ENCTYPE_DES_CBC_MD5 0x0003 /* DES cbc mode with RSA-MD5 */ -#define ENCTYPE_DES_CBC_RAW 0x0004 /* DES cbc mode raw */ -/* XXX deprecated? */ -#define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */ -#define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ -#define ENCTYPE_DES_HMAC_SHA1 0x0008 +#define ENCTYPE_DES_CBC_CRC 0x0001 /**< DES cbc mode with CRC-32 */ +#define ENCTYPE_DES_CBC_MD4 0x0002 /**< DES cbc mode with RSA-MD4 */ +#define ENCTYPE_DES_CBC_MD5 0x0003 /**< DES cbc mode with RSA-MD5 */ +#define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated DES cbc mode raw */ +#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */ +#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */ +#define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated */ /* PKINIT */ -#define ENCTYPE_DSA_SHA1_CMS 0x0009 /* DSA with SHA1, CMS signature */ -#define ENCTYPE_MD5_RSA_CMS 0x000a /* MD5 with RSA, CMS signature */ -#define ENCTYPE_SHA1_RSA_CMS 0x000b /* SHA1 with RSA, CMS signature */ -#define ENCTYPE_RC2_CBC_ENV 0x000c /* RC2 cbc mode, CMS enveloped data */ -#define ENCTYPE_RSA_ENV 0x000d /* RSA encryption, CMS enveloped data */ -#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /* RSA w/OEAP encryption, CMS enveloped data */ -#define ENCTYPE_DES3_CBC_ENV 0x000f /* DES-3 cbc mode, CMS enveloped data */ - -#define ENCTYPE_DES3_CBC_SHA1 0x0010 -#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 -#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 -#define ENCTYPE_ARCFOUR_HMAC 0x0017 -#define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 -#define ENCTYPE_UNKNOWN 0x01ff +#define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */ +#define ENCTYPE_MD5_RSA_CMS 0x000a /**< MD5 with RSA, CMS signature */ +#define ENCTYPE_SHA1_RSA_CMS 0x000b /**< SHA1 with RSA, CMS signature */ +#define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */ +#define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */ +#define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */ +#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */ + +#define ENCTYPE_DES3_CBC_SHA1 0x0010 +#define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */ +#define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */ +#define ENCTYPE_ARCFOUR_HMAC 0x0017 +#define ENCTYPE_ARCFOUR_HMAC_EXP 0x0018 +#define ENCTYPE_UNKNOWN 0x01ff #define CKSUMTYPE_CRC32 0x0001 #define CKSUMTYPE_RSA_MD4 0x0002 @@ -430,25 +451,29 @@ typedef struct _krb5_crypto_iov { #define CKSUMTYPE_RSA_MD5 0x0007 #define CKSUMTYPE_RSA_MD5_DES 0x0008 #define CKSUMTYPE_NIST_SHA 0x0009 -#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c -#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f -#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 +#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c +#define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with + ENCTYPE_AES128_CTS_HMAC_SHA1_96 */ +#define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with + ENCTYPE_AES256_CTS_HMAC_SHA1_96 */ #define CKSUMTYPE_MD5_HMAC_ARCFOUR -137 /*Microsoft netlogon cksumtype*/ #define CKSUMTYPE_HMAC_MD5_ARCFOUR -138 /*Microsoft md5 hmac cksumtype*/ -/* The following are entropy source designations. Whenever - * krb5_C_random_add_entropy is called, one of these source ids is passed - * in. This allows the library to better estimate bits of - * entropy in the sample and to keep track of what sources of entropy have - * contributed enough entropy. Sources marked internal MUST NOT be - * used by applications outside the Kerberos library +/* + * The following are entropy source designations. Whenever + * krb5_C_random_add_entropy is called, one of these source ids is passed in. + * This allows the library to better estimate bits of entropy in the sample and + * to keep track of what sources of entropy have contributed enough entropy. + * Sources marked internal MUST NOT be used by applications outside the + * Kerberos library */ enum { KRB5_C_RANDSOURCE_OLDAPI = 0, /*calls to krb5_C_RANDOM_SEED (INTERNAL)*/ KRB5_C_RANDSOURCE_OSRAND = 1, /* /dev/random or equivalent (internal)*/ KRB5_C_RANDSOURCE_TRUSTEDPARTY = 2, /* From KDC or other trusted party*/ - /*This source should be used carefully; data in this category + /* + * This source should be used carefully; data in this category * should be from a third party trusted to give random bits * For example keys issued by the KDC in the application server. */ @@ -472,25 +497,28 @@ enum { #define krb5_xc(ptr,args) ((*(ptr)) args) #endif - /** - * @brief Encrypt data using a key. +/** + * Encrypt data using a key (operates on keyblock). * - * @param context Context structure [input, output] - * @param key Key value from key table, ticket, etc. [input] - * @param usage Key usage [input] - * @param cipher_state Cipher state [input] - * @param input Data to be encrypted [input] - * @param output Encrypted data [output] + * @param [in] context Library context + * @param [in] key Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in,out] cipher_state Cipher state; specify NULL if not needed + * @param [in] input Data to be encrypted + * @param [out] output Encrypted data * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @return - * Kerberos error codes + * This function encrypts the data block @a input and stores the output into @a + * output. The actual encryption key will be derived from @a key and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the encryption operation, and + * is updated with the state to be passed as input to the next operation. * - * @sa enctype + * @note The caller must initialize @a output and allocate at least enough + * space for the result (using krb5_c_encrypt_length() to determine the amount + * of space needed). @a output->length will be set to the actual length of the + * ciphertext. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_encrypt(krb5_context context, const krb5_keyblock *key, @@ -498,170 +526,153 @@ krb5_c_encrypt(krb5_context context, const krb5_keyblock *key, const krb5_data *input, krb5_enc_data *output); /** - * @brief Decrypt data using a key. + * Decrypt data using a key (operates on keyblock). * - * @param context Context structure [input, output] - * @param key Key value from key table, ticket, etc. [input] - * @param usage Key usage [input] - * @param cipher_state Cipher state [input] - * @param input Encrypted data [input] - * @param output Decrypted data [output] + * @param [in] context Library context + * @param [in] key Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in,out] cipher_state Cipher state; specify NULL if not needed + * @param [in] input Encrypted data + * @param [out] output Decrypted data * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @return - * Kerberos error codes + * This function decrypts the data block @a input and stores the output into @a + * output. The actual decryption key will be derived from @a key and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the decryption operation, and + * is updated with the state to be passed as input to the next operation. * - * @sa keyusage + * @note The caller must initialize @a output and allocate at least enough + * space for the result. The usual practice is to allocate an output buffer as + * long as the ciphertext, and let krb5_c_decrypt() trim @a output->length. + * For some enctypes, the resulting @a output->length may include padding + * bytes. + * + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV krb5_c_decrypt(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, const krb5_data *cipher_state, const krb5_enc_data *input, krb5_data *output); /** - * @brief Compute the length of the ciphertext produced by encrypting @a inputlen bytes. + * Compute encrypted data length. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param inputlen Length of encrypted data [input] - * @param length Length of unecrypted data [output] + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] inputlen Length of the data to be encrypted + * @param [out] length Length of the encrypted data * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @return - * Kerberos error codes + * This function computes the length of the ciphertext produced by encrypting + * @a inputlen bytes including padding, confounder, and checksum. + * + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV krb5_c_encrypt_length(krb5_context context, krb5_enctype enctype, size_t inputlen, size_t *length); /** - * @brief Write the block size for the specified encryption type into the @a size_t pointed to by @a blocksize. + * Return cipher block size. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param blocksize Attribute of encryption system [output] - * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [out] blocksize Block size for @a enctype * - * @sa enctype + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_block_size(krb5_context context, krb5_enctype enctype, size_t *blocksize); /** - * @brief Write the length of the specified key to keylength. + * Return length of the specified key in bytes. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param keybytes Number of bytes required to make a key [input] - * @param keylength Length of final key + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [out] keybytes Number of bytes required to make a key + * @param [out] keylength Length of final key * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_keylengths(krb5_context context, krb5_enctype enctype, size_t *keybytes, size_t *keylength); /** - * @brief Initialize a new cipher state for @a enc_type in the specified @c _krb5_keyblock. - * - * @param context Context structure [input, output] - * @param key Key [input] - * @param usage Usage [input] - * @param new_state New cipher state [output] + * Initialize a new cipher state. * - * @note @a new_state contains the new cipher state. + * @param [in] context Library context + * @param [in] key Key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [out] new_state New cipher state * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_init_state(krb5_context context, const krb5_keyblock *key, krb5_keyusage usage, krb5_data *new_state); /** - * @brief Free a cipher state previously allocated by krb5_c_init_state(). + * Free a cipher state previously allocated by krb5_c_init_state(). * - * @param context Context structure [input, output] - * @param key Key [input] - * @param state Cipher state to be freed [input] + * @param [in] context Library context + * @param [in] key Key + * @param [in] state Cipher state to be freed * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV krb5_c_free_state(krb5_context context, const krb5_keyblock *key, krb5_data *state); /** - * @brief Generate pseudo-random bytes from @a input. + * Generate enctype-specific pseudo-random bytes. * - * @param context Context structure [input, output] - * @param keyblock Key [input] - * @param input Input data [input] - * @param output Output data [output] + * @param [in] context Library context + * @param [in] keyblock Key + * @param [in] input Input data + * @param [out] output Output data * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function selects a pseudo-random function based on @a keyblock and + * computes its value over @a input, placing the result into @a output. + * The caller must preinitialize @a output and allocate space for the + * result, using krb5_c_prf_length() to determine the required length. + * + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV -krb5_c_prf(krb5_context context, const krb5_keyblock *keyblock, krb5_data *input, krb5_data *output); +krb5_c_prf(krb5_context context, const krb5_keyblock *keyblock, + krb5_data *input, krb5_data *output); /** - * @brief Get the number of pseudo-random bytes output by krb5_c_prf() for the specified @a enctype. - * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param len Number of bytes for @a enctype [output] + * Get the output length of pseudo-random functions for an encryption type. * - * Make sure to free the allocated memory when it is no longer needed. + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [out] len Length of PRF output * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV krb5_c_prf_length(krb5_context context, krb5_enctype enctype, size_t *len); /** - * @return Returns KRB-FX-CF2 in a newly allocated - * keyblock on success or an error code on error. + * Compute the KRB-FX-CF2 combination of two keys and pepper strings. + * + * @param [in] context Library context + * @param [in] k1 KDC contribution key + * @param [in] pepper1 String "PKINIT" + * @param [in] k2 Reply key + * @param [in] pepper2 String "KeyExchange" + * @param [out] out Output key * - * This function is simple in that it assumes - * pepper1 and pepper2 are C strings with no - * internal nulls and that the enctype of the - * result will be the same as that of k1. Both - * of these assumptions are true of current - * specs. + * This function computes the KRB-FX-CF2 function over its inputs and places + * the results in a newly allocated keyblock. This function is simple in that + * it assumes that @a pepper1 and @a pepper2 are C strings with no internal + * nulls and that the enctype of the result will be the same as that of @a k1. + * @a k1 and @a k2 may be of different enctypes. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_fx_cf2_simple(krb5_context context, @@ -670,136 +681,110 @@ krb5_c_fx_cf2_simple(krb5_context context, krb5_keyblock **out); /** - * @brief Create a key from @a random_key. - * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param k5_random_key Pointer to an allocated and initialized keyblock [output] + * Generate an enctype-specific random encryption key. * - * The @a length field in @c _krb5_c_keylength ensures that @a random_key->contents points to an allocated buffer - * of the correct length. + * @param [in] context Library context + * @param [in] enctype Encryption type of the generated key + * @param [out] k5_random_key An allocated and initialized keyblock * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_keyblock_contents() to free @a k5_random_key when + * no longer needed. * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV krb5_c_make_random_key(krb5_context context, krb5_enctype enctype, krb5_keyblock *k5_random_key); /** - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param random_data Pointer to @c _krb5_data structure [input] - * @param k5_random_key Pointer to an allocated and initialized keyblock [output] + * Generate an enctype-specific key from random data. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] random_data Random input data + * @param [out] k5_random_key Resulting key + * + * This function takes random input data @a random_data and produces a valid + * key @a k5_random_key for a given @a enctype. + * + * @note It is assumed that @a k5_random_key has already been initialized and + * @a k5_random_key->contents has been allocated with the correct length. + * + * @sa krb5_c_keylengths() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_random_to_key(krb5_context context, krb5_enctype enctype, krb5_data *random_data, krb5_keyblock *k5_random_key); /** - * @brief Add entropy to the pseudo-random number generator. - * - * @param context Context structure [input, output] - * @param randsource Entropy source [input] - * @param data Data [input, output] + * Add entropy to the pseudo-random number generator. * - * @note This might cause the @c PRNG to be reseeded, although this is not guaranteed. + * @param [in] context Library context + * @param [in] randsource Entropy source (see KRB5_RANDSOURCE types) + * @param [in] data Data * - * @retval - * 0 Success - * @return - * Kerberos error codes + * Contribute entropy to the PRNG used by krb5 crypto operations. This may or + * may not affect the output of the next crypto operation requiring random + * data. * - * @sa randsource + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_random_add_entropy(krb5_context context, unsigned int randsource, const krb5_data *data); /** - * @brief Generate pseudo-random bytes using entropy from OS. + * Generate pseudo-random bytes. * - * @param context Context structure [input, output] - * @param data Random data [output] + * @param [in] context Library context + * @param [out] data Random data * - * @a data->length specifies the number of bytes to generate and @a data->data points to an allocated buffer of the correct length. + * Fills in @a data with bytes from the PRNG used by krb5 crypto operations. + * The caller must preinitialize @a data and allocate the desired amount of + * space. * - * @retval - * 0 Success - * @retval - * KRB5_CRYPTO_INTERNAL Cryptosystem internal error - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_random_make_octets(krb5_context context, krb5_data *data); /** - * @brief Collect entropy from the OS if possible. - * - * @a strong requests that as strong - * of a source of entropy as available be used. Setting @a strong may - * increase the probability of blocking and should not be used for normal - * applications. Good uses include seeding the PRNG for kadmind - * and realm setup. - * - * @param context Context structure [input, output] - * @param strong Strongest available source of entropy [input] - * @param success 1 if OS provides entropy, 0 if OS did not provide entropy [output] + * Collect entropy from the OS if possible. * - * @note If @a strong is non-zero, this function attempts to use the strongest available source of entropy. + * @param [in] context Library context + * @param [in] strong Strongest available source of entropy + * @param [out] success 1 if OS provides entropy, 0 otherwise * - * @return - * If the OS provided and @a success is non-null,@a success is set to 1 + * If @a strong is non-zero, this function attempts to use the strongest + * available source of entropy. Setting this flag may cause the function to + * block on some operating systems. Good uses include seeding the PRNG for + * kadmind and realm setup. * - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_random_os_entropy(krb5_context context, int strong, int *success); -/** - * @deprecated. Replaced by krb5_c_random_add_entropy() - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_c_random_seed(krb5_context context, krb5_data *data); /** - * @brief Convert the specified string to a key, using the specified encryption type, salt value, and parameters. + * Convert a string (such a password) to a key. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param string String to be converted [input] - * @param salt Salt value [input] - * @param key Generated key [output] + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] string String to be converted + * @param [in] salt Salt value + * @param [out] key Generated key * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @retval - * KRB5_CRYPTO_INTERNAL Cryptosystem internal error - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * This function converts @a string to a @a key of encryption type @a enctype, + * using the specified @a salt. The newly created @a key must be released by + * calling krb5_free_keyblock_contents() when it is no longer needed. * - * @sa enctype - * @sa salt + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_string_to_key(krb5_context context, krb5_enctype enctype, @@ -807,28 +792,21 @@ krb5_c_string_to_key(krb5_context context, krb5_enctype enctype, krb5_keyblock *key); /** - * @brief Convert a string representation of a key into a @c _krb5_keyblock structure using a specified group of parameters. + * Convert a string (such as a password) to a key with additional parameters. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param string String form of the key [input] - * @param salt Salt value used in the encryption [input] - * @param params Parameters to be used for this conversion [input] - * @param key Keyblock [output] + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] string String to be converted + * @param [in] salt Salt value + * @param [in] params Parameters + * @param [out] key Generated key * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @retval - * KRB5_CRYPTO_INTERNAL Cryptosystem internal error - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * This function is similar to krb5_c_string_to_key(), but also takes + * parameters which may affect the algorithm in an enctype-dependent way. The + * newly created @a key must be released by calling + * krb5_free_keyblock_contents() when it is no longer needed. * - * @sa enctype - * @sa salt + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_string_to_key_with_params(krb5_context context, @@ -839,48 +817,46 @@ krb5_c_string_to_key_with_params(krb5_context context, krb5_keyblock *key); /** - * @brief Compare two encryption types. + * Compare two encryption types. * - * @param context Context structure [input, output] - * @param e1 First encryption type [input] - * @param e2 Second encryption type [input] - * @param similar @c TRUE if types are similar, @c FALSE if types are different [output] + * @param [in] context Library context + * @param [in] e1 First encryption type + * @param [in] e2 Second encryption type + * @param [out] similar @c TRUE if types are similar, @c FALSE if not * - * @retval - * TRUE @a enctypes are similar - * @retval - * FALSE @a enctypes are different - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @return - * Kerberos error codes + * This function determines whether two encryption types use the same kind of + * keys. * - * @sa enctype + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_enctype_compare(krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean *similar); /** - * @brief Compute a checksum. + * Compute a checksum (operates on keyblock). * - * @param context Context structure [input, output] - * @param cksumtype Checksum type [input] - * @param key Encryption key [input] - * @param usage Usage [input] - * @param input Input data [input] - * @param cksum Checksum [output] + * @param [in] context Library context + * @param [in] cksumtype Checksum type (0 for mandatory type) + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] input Input data + * @param [out] cksum Generated checksum * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * This function computes a checksum of type @a cksumtype over @a input, using + * @a key if the checksum type is a keyed checksum. If @a cksumtype is 0 and + * @a key is non-null, the checksum type will be the mandatory-to-implement + * checksum type for the key's encryption type. The actual checksum key will + * be derived from @a key and @a usage if key derivation is specified for the + * checksum type. The newly created @a cksum must be released by calling + * krb5_free_checksum_contents() when it is no longer needed. + * + * @note This function is similar to krb5_k_make_checksum(), but operates + * on keyblock @a key. + * + * @sa krb5_c_verify_checksum() * - * @sa cksumtype + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, @@ -888,27 +864,25 @@ krb5_c_make_checksum(krb5_context context, krb5_cksumtype cksumtype, const krb5_data *input, krb5_checksum *cksum); /** - * @brief Verify the checksum of data in @a cksum that was created with a @a key using the specified key usage. + * Verify a checksum (operates on keyblock). * - * @param context Context structure [input, output] - * @param key Encryption key [input] - * @param usage Usage [input] - * @param data Data [input] - * @param cksum Checksum to be verified [input] - * @param valid Non-zero for success, zero for failure [output] + * @param [in] context Library context + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage @a key usage + * @param [in] data Data to be used to compute a new checksum + * using @a key to compare @a cksum against + * @param [in] cksum Checksum to be verified + * @param [out] valid Non-zero for success, zero for failure * - * @retval - * Non-zero Success - * @retval - * 0 Failure - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @retval - * KRB5_BAD_MSIZE Message size is incompatible with encryption type - * @return - * Kerberos error codes + * This function verifies that @a cksum is a valid checksum for @a data. If + * the checksum type of @a cksum is a keyed checksum, @a key is used to verify + * the checksum. The actual checksum key will be derived from @a key and @a + * usage if key derivation is specified for the checksum type. * - * @sa keyusage + * @note This function is similar to krb5_k_verify_checksum(), but operates + * on keyblock @a key. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, @@ -916,51 +890,38 @@ krb5_c_verify_checksum(krb5_context context, const krb5_keyblock *key, const krb5_checksum *cksum, krb5_boolean *valid); /** - * @brief Output the checksum length produced by the specified checksum type. - * - * @param context Context structure [input, output] - * @param cksumtype Checksum type [input] - * @param length Checksum length [output] + * Return the length of checksums for a checksum type. * - * @retval - * 0 Success - * @retval - * KRB5_BAD_ENCTYPE Bad encryption type - * @return - * Kerberos error codes + * @param [in] context Library context + * @param [in] cksumtype Checksum type + * @param [out] length Checksum length * - * @sa cksumtype + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_checksum_length(krb5_context context, krb5_cksumtype cksumtype, size_t *length); /** - * @brief Get list of checksum types that match a specified encryption type. + * Return a list of keyed checksum types usable with an encryption type. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param count Count of checksums matching the encryption type [output] - * @param cksumtypes List of matching checksums [output] + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [out] count Count of allowable checksum types + * @param [out] cksumtypes Array of allowable checksum types * - * This returns only the checksum types that use key derivation. - * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * Use krb5_free_cksumtypes() to free @a cksumtypes when it is no longer + * needed. * - * @sa enctype - * @sa cksumtype + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype, unsigned int *count, krb5_cksumtype **cksumtypes); +/** @defgroup KRB5_KEYUSAGE KRB5_KEYUSAGE + * @{ + */ #define KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS 1 #define KRB5_KEYUSAGE_KDC_REP_TICKET 2 #define KRB5_KEYUSAGE_AS_REP_ENCPART 3 @@ -996,10 +957,9 @@ krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype, #define KRB5_KEYUSAGE_PA_SAM_RESPONSE 27 /* Defined in KDC referrals draft */ -/** +/* * @note There is a conflict with the value of @c KRB5_KEYUSAGE_PA_REFERRAL: * it is used for hardware Pre-athentication @a and KDC referrals. - * */ #define KRB5_KEYUSAGE_PA_REFERRAL 26 /* XXX note conflict with above */ @@ -1018,258 +978,601 @@ krb5_c_keyed_checksum_types(krb5_context context, krb5_enctype enctype, #define KRB5_KEYUSAGE_ENC_CHALLENGE_CLIENT 54 #define KRB5_KEYUSAGE_ENC_CHALLENGE_KDC 55 #define KRB5_KEYUSAGE_AS_REQ 56 +/** @} */ /* end of KRB5_KEYUSAGE group */ /** - * @brief Verify that the specified encryption type is a valid Kerberos encryption type. + * Verify that a specified encryption type is a valid Kerberos encryption type. * - * @param ktype Encryption type [input] + * @param [in] ktype Encryption type * - * @retval - * 0 invalid - * @retval - * 1 valid - * - * @sa enctype + * @return @c TRUE if @a ktype is valid, @c FALSE if not */ krb5_boolean KRB5_CALLCONV krb5_c_valid_enctype(krb5_enctype ktype); /** - * @brief Verify that specified checksum type is a valid Kerberos checksum type. - * - * @param ctype Checksum type [input] + * Verify that specified checksum type is a valid Kerberos checksum type. * - * @retval - * 0 invalid - * @retval - * 1 valid + * @param [in] ctype Checksum type * - * @sa cksumtype + * @return @c TRUE if @a ctype is valid, @c FALSE if not */ krb5_boolean KRB5_CALLCONV krb5_c_valid_cksumtype(krb5_cksumtype ctype); /** - * @brief Test whether a checksum type is collision-proof. + * Test whether a checksum type is collision-proof. * - * @param ctype Checksum type [input] + * @param [in] ctype Checksum type * - * @retval - * 0 Not collision-proof, or checksum type is not in the list - * @retval - * 1 Success + * @return @c TRUE if @a ctype is collision-proof, @c FALSE if it is not + * collision-proof or not a valid checksum type. */ krb5_boolean KRB5_CALLCONV krb5_c_is_coll_proof_cksum(krb5_cksumtype ctype); /** - * @brief Test whether a checksum type is keyed. + * Test whether a checksum type is keyed. * - * @param ctype Checksum type [input] + * @param [in] ctype Checksum type * - * @retval - * 0 Checksum does not use derived keys, or checksum type is not in the list - * @retval - * 1 Checksum uses derived keys + * @return @c TRUE if @a ctype is a keyed checksum type, @c FALSE otherwise. */ krb5_boolean KRB5_CALLCONV krb5_c_is_keyed_cksum(krb5_cksumtype ctype); /* AEAD APIs */ -#define KRB5_CRYPTO_TYPE_EMPTY 0 /* [in] ignored */ -#define KRB5_CRYPTO_TYPE_HEADER 1 /* [out] header */ -#define KRB5_CRYPTO_TYPE_DATA 2 /* [in, out] plaintext */ -#define KRB5_CRYPTO_TYPE_SIGN_ONLY 3 /* [in] associated data */ -#define KRB5_CRYPTO_TYPE_PADDING 4 /* [out] padding */ -#define KRB5_CRYPTO_TYPE_TRAILER 5 /* [out] checksum for encrypt */ -#define KRB5_CRYPTO_TYPE_CHECKSUM 6 /* [out] checksum for MIC */ -#define KRB5_CRYPTO_TYPE_STREAM 7 /* [in] entire message */ +/** @defgroup KRB5_CRYPTO_TYPE KRB5_CRYPTO_TYPE + * @{ + */ +#define KRB5_CRYPTO_TYPE_EMPTY 0 /**< [in] ignored */ +#define KRB5_CRYPTO_TYPE_HEADER 1 /**< [out] header */ +#define KRB5_CRYPTO_TYPE_DATA 2 /**< [in, out] plaintext */ +#define KRB5_CRYPTO_TYPE_SIGN_ONLY 3 /**< [in] associated data */ +#define KRB5_CRYPTO_TYPE_PADDING 4 /**< [out] padding */ +#define KRB5_CRYPTO_TYPE_TRAILER 5 /**< [out] checksum for encrypt */ +#define KRB5_CRYPTO_TYPE_CHECKSUM 6 /**< [out] checksum for MIC */ +#define KRB5_CRYPTO_TYPE_STREAM 7 /**< [in] entire message without + decomposing the structure into + header, data and trailer buffers */ +/** @} */ /* end of KRB5_CRYPTO_TYPE group */ +/** + * Fill in a checksum element in IOV array (operates on keyblock) + * + * @param [in] context Library context + * @param [in] cksumtype Checksum type (0 for mandatory type) + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in,out] data IOV array + * @param [in] num_data Size of @a data + * + * Create a checksum in the #KRB5_CRYPTO_TYPE_CHECKSUM element over + * #KRB5_CRYPTO_TYPE_DATA and #KRB5_CRYPTO_TYPE_SIGN_ONLY chunks in @a data. + * Only the #KRB5_CRYPTO_TYPE_CHECKSUM region is modified. + * + * @note This function is similar to krb5_k_make_checksum_iov(), but operates + * on keyblock @a key. + * + * @sa krb5_c_verify_checksum_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_c_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype, const krb5_keyblock *key, krb5_keyusage usage, krb5_crypto_iov *data, size_t num_data); +/** + * Validate a checksum element in IOV array (operates on keyblock). + * + * @param [in] context Library context + * @param [in] cksumtype Checksum type (0 for mandatory type) + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] data IOV array + * @param [in] num_data Size of @a data + * @param [out] valid Non-zero for success, zero for failure + * + * Confirm that the checksum in the #KRB5_CRYPTO_TYPE_CHECKSUM element is a + * valid checksum of the #KRB5_CRYPTO_TYPE_DATA and #KRB5_CRYPTO_TYPE_SIGN_ONLY + * regions in the iov. + * + * @note This function is similar to krb5_k_verify_checksum_iov(), but operates + * on keyblock @a key. + * + * @sa krb5_c_make_checksum_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_c_verify_checksum_iov(krb5_context context, krb5_cksumtype cksumtype, const krb5_keyblock *key, krb5_keyusage usage, const krb5_crypto_iov *data, size_t num_data, krb5_boolean *valid); +/** + * Encrypt data in place supporting AEAD (operates on keyblock). + * + * @param [in] context Library context + * @param [in] keyblock Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] cipher_state Cipher state; specify NULL if not needed + * @param [in,out] data IOV array. Modified in-place. + * @param [in] num_data Size of @a data + * + * This function encrypts the data block @a data and stores the output in-place. + * The actual encryption key will be derived from @a keyblock and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the encryption operation, and + * is updated with the state to be passed as input to the next operation. + * The caller must allocate the right number of krb5_crypto_iov + * structures before calling into this API. + * + * @note On return from a krb5_c_encrypt_iov() call, the @a data->length in the + * iov structure are adjusted to reflect actual lengths of the ciphertext used. + * For example, if the padding length is too large, the length will be reduced. + * Lengths are never increased. + * + * @note This function is similar to krb5_k_encrypt_iov(), but operates + * on keyblock @a keyblock. + * + * @sa krb5_c_decrypt_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV -krb5_c_encrypt_iov(krb5_context context, const krb5_keyblock *key, +krb5_c_encrypt_iov(krb5_context context, const krb5_keyblock *keyblock, krb5_keyusage usage, const krb5_data *cipher_state, krb5_crypto_iov *data, size_t num_data); +/** + * Decrypt data in place supporting AEAD (operates on keyblock). + * + * @param [in] context Library context + * @param [in] keyblock Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] cipher_state Cipher state; specify NULL if not needed + * @param [in,out] data IOV array. Modified in-place. + * @param [in] num_data Size of @a data + * + * This function decrypts the data block @a data and stores the output in-place. + * The actual decryption key will be derived from @a keyblock and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the decryption operation, and + * is updated with the state to be passed as input to the next operation. + * The caller must allocate the right number of krb5_crypto_iov + * structures before calling into this API. + * + * @note On return from a krb5_c_decrypt_iov() call, the @a data->length in the + * iov structure are adjusted to reflect actual lengths of the ciphertext used. + * For example, if the padding length is too large, the length will be reduced. + * Lengths are never increased. + * + * @note This function is similar to krb5_k_decrypt_iov(), but operates + * on keyblock @a keyblock. + * + * @sa krb5_c_decrypt_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV -krb5_c_decrypt_iov(krb5_context context, const krb5_keyblock *key, +krb5_c_decrypt_iov(krb5_context context, const krb5_keyblock *keyblock, krb5_keyusage usage, const krb5_data *cipher_state, krb5_crypto_iov *data, size_t num_data); +/** + * Return a length of a message field specific to the encryption type. + * + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] type Type field (See @ref KRB5_CRYPTO_TYPE types) + * @param [out] size Length of the @a type specific to @a enctype + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_c_crypto_length(krb5_context context, krb5_enctype enctype, krb5_cryptotype type, unsigned int *size); +/** + * Fill in lengths for header, trailer and padding in a IOV array. + * + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in,out] data IOV array + * @param [in] num_data Size of @a data + * + * Padding is set to the actual padding required based on the provided + * @a data buffers. Typically this API is used after setting up the data + * buffers and #KRB5_CRYPTO_TYPE_SIGN_ONLY buffers, but before actually + * allocating header, trailer and padding. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_c_crypto_length_iov(krb5_context context, krb5_enctype enctype, krb5_crypto_iov *data, size_t num_data); +/** + * Return a number of padding octets. + * + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] data_length Length of the plaintext to pad + * @param [out] size Number of padding octets + * + * This function returns the number of the padding octets required to pad + * @a data_length octets of plaintext. + * + * @retval 0 Success; otherwise - KRB5_BAD_ENCTYPE + */ krb5_error_code KRB5_CALLCONV krb5_c_padding_length(krb5_context context, krb5_enctype enctype, size_t data_length, unsigned int *size); +/** + * Create a krb5_key from the enctype and key data in a keyblock. + * + * @param [in] context Library context + * @param [in] key_data Keyblock + * @param [out] out Opaque key + * + * The reference count on a key @a out is set to 1. + * Use krb5_k_free_key() to free @a out when it is no longer needed. + * + * @retval 0 Success; otherwise - KRB5_BAD_ENCTYPE + */ krb5_error_code KRB5_CALLCONV krb5_k_create_key(krb5_context context, const krb5_keyblock *key_data, krb5_key *out); -/** - * Keys are logically immutable and can be "copied" by reference count. - */ +/** Increment the reference count on a key. */ void KRB5_CALLCONV krb5_k_reference_key(krb5_context context, krb5_key key); -/** - * @brief Decrement the reference count on a key and free it if it hits zero. - */ -void KRB5_CALLCONV krb5_k_free_key(krb5_context context, krb5_key key); +/** Decrement the reference count on a key and free it if it hits zero. */ +void KRB5_CALLCONV +krb5_k_free_key(krb5_context context, krb5_key key); +/** Retrieve a copy of the keyblock from a krb5_key structure. */ krb5_error_code KRB5_CALLCONV krb5_k_key_keyblock(krb5_context context, krb5_key key, krb5_keyblock **key_data); +/** Retrieve the enctype of a krb5_key structure. */ krb5_enctype KRB5_CALLCONV krb5_k_key_enctype(krb5_context context, krb5_key key); +/** + * Encrypt data using a key (operates on opaque key). + * + * @param [in] context Library context + * @param [in] key Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in,out] cipher_state Cipher state; specify NULL if not needed + * @param [in] input Data to be encrypted + * @param [out] output Encrypted data + * + * This function encrypts the data block @a input and stores the output into @a + * output. The actual encryption key will be derived from @a key and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the encryption operation, and + * is updated with the state to be passed as input to the next operation. + * + * @note The caller must initialize @a output and allocate at least enough + * space for the result (using krb5_c_encrypt_length() to determine the amount + * of space needed). @a output->length will be set to the actual length of the + * ciphertext. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_k_encrypt(krb5_context context, krb5_key key, krb5_keyusage usage, const krb5_data *cipher_state, const krb5_data *input, krb5_enc_data *output); +/** + * Encrypt data in place supporting AEAD (operates on opaque key). + * + * @param [in] context Library context + * @param [in] key Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] cipher_state Cipher state; specify NULL if not needed + * @param [in,out] data IOV array. Modified in-place. + * @param [in] num_data Size of @a data + * + * This function encrypts the data block @a data and stores the output in-place. + * The actual encryption key will be derived from @a key and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the encryption operation, and + * is updated with the state to be passed as input to the next operation. + * The caller must allocate the right number of krb5_crypto_iov + * structures before calling into this API. + * + * @note On return from a krb5_c_encrypt_iov() call, the @a data->length in the + * iov structure are adjusted to reflect actual lengths of the ciphertext used. + * For example, if the padding length is too large, the length will be reduced. + * Lengths are never increased. + * + * @note This function is similar to krb5_c_encrypt_iov(), but operates + * on opaque key @a key. + * + * @sa krb5_k_decrypt_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_k_encrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, const krb5_data *cipher_state, krb5_crypto_iov *data, size_t num_data); +/** + * Decrypt data using a key (operates on opaque key). + * + * @param [in] context Library context + * @param [in] key Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in,out] cipher_state Cipher state; specify NULL if not needed + * @param [in] input Encrypted data + * @param [out] output Decrypted data + * + * This function decrypts the data block @a input and stores the output into @a + * output. The actual decryption key will be derived from @a key and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the decryption operation, and + * is updated with the state to be passed as input to the next operation. + * + * @note The caller must initialize @a output and allocate at least enough + * space for the result. The usual practice is to allocate an output buffer as + * long as the ciphertext, and let krb5_c_decrypt() trim @a output->length. + * For some enctypes, the resulting @a output->length may include padding + * bytes. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_k_decrypt(krb5_context context, krb5_key key, krb5_keyusage usage, const krb5_data *cipher_state, const krb5_enc_data *input, krb5_data *output); -krb5_error_code KRB5_CALLCONV -krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, - const krb5_data *cipher_state, krb5_crypto_iov *data, - size_t num_data); - -krb5_error_code KRB5_CALLCONV -krb5_k_make_checksum(krb5_context context, krb5_cksumtype cksumtype, +/** + * Decrypt data in place supporting AEAD (operates on opaque key). + * + * @param [in] context Library context + * @param [in] key Encryption key + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] cipher_state Cipher state; specify NULL if not needed + * @param [in,out] data IOV array. Modified in-place. + * @param [in] num_data Size of @a data + * + * This function decrypts the data block @a data and stores the output in-place. + * The actual decryption key will be derived from @a key and @a usage + * if key derivation is specified for the encryption type. If non-null, @a + * cipher_state specifies the beginning state for the decryption operation, and + * is updated with the state to be passed as input to the next operation. + * The caller must allocate the right number of krb5_crypto_iov + * structures before calling into this API. + * + * @note On return from a krb5_c_decrypt_iov() call, the @a data->length in the + * iov structure are adjusted to reflect actual lengths of the ciphertext used. + * For example, if the padding length is too large, the length will be reduced. + * Lengths are never increased. + * + * @note This function is similar to krb5_c_decrypt_iov(), but operates + * on opaque key @a key. + * + * @sa krb5_k_encrypt_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ +krb5_error_code KRB5_CALLCONV +krb5_k_decrypt_iov(krb5_context context, krb5_key key, krb5_keyusage usage, + const krb5_data *cipher_state, krb5_crypto_iov *data, + size_t num_data); +/** + * Compute a checksum (operates on opaque key). + * + * @param [in] context Library context + * @param [in] cksumtype Checksum type (0 for mandatory type) + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] input Input data + * @param [out] cksum Generated checksum + * + * This function computes a checksum of type @a cksumtype over @a input, using + * @a key if the checksum type is a keyed checksum. If @a cksumtype is 0 and + * @a key is non-null, the checksum type will be the mandatory-to-implement + * checksum type for the key's encryption type. The actual checksum key will + * be derived from @a key and @a usage if key derivation is specified for the + * checksum type. The newly created @a cksum must be released by calling + * krb5_free_checksum_contents() when it is no longer needed. + * + * @note This function is similar to krb5_c_make_checksum(), but operates + * on opaque @a key. + * + * @sa krb5_c_verify_checksum() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ +krb5_error_code KRB5_CALLCONV +krb5_k_make_checksum(krb5_context context, krb5_cksumtype cksumtype, krb5_key key, krb5_keyusage usage, const krb5_data *input, krb5_checksum *cksum); +/** + * Fill in a checksum element in IOV array (operates on opaque key) + * + * @param [in] context Library context + * @param [in] cksumtype Checksum type (0 for mandatory type) + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in,out] data IOV array + * @param [in] num_data Size of @a data + * + * Create a checksum in the #KRB5_CRYPTO_TYPE_CHECKSUM element over + * #KRB5_CRYPTO_TYPE_DATA and #KRB5_CRYPTO_TYPE_SIGN_ONLY chunks in @a data. + * Only the #KRB5_CRYPTO_TYPE_CHECKSUM region is modified. + * + * @note This function is similar to krb5_c_make_checksum_iov(), but operates + * on opaque @a key. + * + * @sa krb5_k_verify_checksum_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_k_make_checksum_iov(krb5_context context, krb5_cksumtype cksumtype, krb5_key key, krb5_keyusage usage, krb5_crypto_iov *data, size_t num_data); +/** + * Verify a checksum (operates on opaque key). + * + * @param [in] context Library context + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage @a key usage + * @param [in] data Data to be used to compute a new checksum + * using @a key to compare @a cksum against + * @param [in] cksum Checksum to be verified + * @param [out] valid Non-zero for success, zero for failure + * + * This function verifies that @a cksum is a valid checksum for @a data. If + * the checksum type of @a cksum is a keyed checksum, @a key is used to verify + * the checksum. The actual checksum key will be derived from @a key and @a + * usage if key derivation is specified for the checksum type. + * + * @note This function is similar to krb5_c_verify_checksum(), but operates + * on opaque @a key. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum(krb5_context context, krb5_key key, krb5_keyusage usage, const krb5_data *data, const krb5_checksum *cksum, krb5_boolean *valid); +/** + * Validate a checksum element in IOV array (operates on opaque key). + * + * @param [in] context Library context + * @param [in] cksumtype Checksum type (0 for mandatory type) + * @param [in] key Encryption key for a keyed checksum + * @param [in] usage Key usage (see @ref KRB5_KEYUSAGE types) + * @param [in] data IOV array + * @param [in] num_data Size of @a data + * @param [out] valid Non-zero for success, zero for failure + * + * Confirm that the checksum in the #KRB5_CRYPTO_TYPE_CHECKSUM element is a + * valid checksum of the #KRB5_CRYPTO_TYPE_DATA and #KRB5_CRYPTO_TYPE_SIGN_ONLY + * regions in the iov. + * + * @note This function is similar to krb5_c_verify_checksum_iov(), but operates + * on opaque @a key. + * + * @sa krb5_k_make_checksum_iov() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_k_verify_checksum_iov(krb5_context context, krb5_cksumtype cksumtype, krb5_key key, krb5_keyusage usage, const krb5_crypto_iov *data, size_t num_data, krb5_boolean *valid); +/** + * Generate enctype-specific pseudo-random bytes (operates on opaque key). + * + * @param [in] context Library context + * @param [in] key Key + * @param [in] input Input data + * @param [out] output Output data + * + * This function selects a pseudo-random function based on @a key and + * computes its value over @a input, placing the result into @a output. + * The caller must preinitialize @a output and allocate space for the + * result. + * + * @note This function is similar to krb5_c_prf(), but operates + * on opaque @a key. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV -krb5_k_prf(krb5_context context, krb5_key key, krb5_data *in, krb5_data *out); +krb5_k_prf(krb5_context context, krb5_key key, krb5_data *input, krb5_data *output); #ifdef KRB5_OLD_CRYPTO /* * old cryptosystem routine prototypes. These are now layered * on top of the functions above. */ -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family.*/ krb5_error_code KRB5_CALLCONV krb5_encrypt(krb5_context context, krb5_const_pointer inptr, krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock, krb5_pointer ivec); -/** @deprecated Replaced by krb5_c_decrypt() - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_decrypt(krb5_context context, krb5_const_pointer inptr, krb5_pointer outptr, size_t size, krb5_encrypt_block *eblock, krb5_pointer ivec); -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_process_key(krb5_context context, krb5_encrypt_block *eblock, const krb5_keyblock * key); -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_finish_key(krb5_context context, krb5_encrypt_block * eblock); -/** @deprecated Replaced by krb5_c_string_to_key() - */ +/** @deprecated See krb5_c_string_to_key() */ krb5_error_code KRB5_CALLCONV krb5_string_to_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_keyblock * keyblock, const krb5_data *data, const krb5_data *salt); -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_init_random_key(krb5_context context, const krb5_encrypt_block *eblock, const krb5_keyblock *keyblock, krb5_pointer *ptr); -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_finish_random_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_pointer *ptr); -/** @deprecated Replaced by krb5_c_random_key() - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_random_key(krb5_context context, const krb5_encrypt_block *eblock, krb5_pointer ptr, krb5_keyblock **keyblock); -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_enctype KRB5_CALLCONV krb5_eblock_enctype(krb5_context context, const krb5_encrypt_block *eblock); -/** @deprecated - */ +/** @deprecated Replaced by krb5_c_ API family. */ krb5_error_code KRB5_CALLCONV krb5_use_enctype(krb5_context context, krb5_encrypt_block *eblock, krb5_enctype enctype); -/** @deprecated Replaced by krb5_c_encrypt_length() - */ +/** @deprecated Replaced by krb5_c_ API family. */ size_t KRB5_CALLCONV krb5_encrypt_size(size_t length, krb5_enctype crypto); -/** @deprecated Replaced by krb5_c_checksum_length() - */ +/** @deprecated See krb5_c_checksum_length() */ size_t KRB5_CALLCONV krb5_checksum_size(krb5_context context, krb5_cksumtype ctype); -/** @deprecated Replaced by krb5_c_make_checksum() - */ +/** @deprecated See krb5_c_make_checksum() */ krb5_error_code KRB5_CALLCONV krb5_calculate_checksum(krb5_context context, krb5_cksumtype ctype, krb5_const_pointer in, size_t in_length, krb5_const_pointer seed, size_t seed_length, krb5_checksum * outcksum); -/** @deprecated - */ +/** @deprecated See krb5_c_verify_checksum() */ krb5_error_code KRB5_CALLCONV krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, const krb5_checksum * cksum, krb5_const_pointer in, @@ -1332,11 +1635,22 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, #define KDC_TKT_COMMON_MASK 0x54800000 /* definitions for ap_options fields */ -/* ap_options are 32 bits; each host is responsible to put the 4 bytes - representing these bits into net order before transmission */ -#define AP_OPTS_RESERVED 0x80000000 -#define AP_OPTS_USE_SESSION_KEY 0x40000000 -#define AP_OPTS_MUTUAL_REQUIRED 0x20000000 + +/** @defgroup AP_OPTS AP_OPTS + * + * ap_options are 32 bits; each host is responsible to put the 4 bytes + * representing these bits into net order before transmission + * @{ + */ +#define AP_OPTS_RESERVED 0x80000000 +#define AP_OPTS_USE_SESSION_KEY 0x40000000 /**< Use session key */ +#define AP_OPTS_MUTUAL_REQUIRED 0x20000000 /**< Perform a mutual + authentication exchange */ +#define AP_OPTS_ETYPE_NEGOTIATION 0x00000002 +#define AP_OPTS_USE_SUBKEY 0x00000001 /**< Generate a subsession key + from the current session key + obtained from the + credentials */ /* #define AP_OPTS_RESERVED 0x10000000 */ /* #define AP_OPTS_RESERVED 0x08000000 */ /* #define AP_OPTS_RESERVED 0x04000000 */ @@ -1364,10 +1678,10 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, /* #define AP_OPTS_RESERVED 0x00000010 */ /* #define AP_OPTS_RESERVED 0x00000008 */ /* #define AP_OPTS_RESERVED 0x00000004 */ -#define AP_OPTS_ETYPE_NEGOTIATION 0x00000002 -#define AP_OPTS_USE_SUBKEY 0x00000001 + #define AP_OPTS_WIRE_MASK 0xfffffff0 +/** @} */ /* end of AP_OPTS group */ /* definitions for ad_type fields. */ #define AD_TYPE_RESERVED 0x8000 @@ -1428,21 +1742,21 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, * begin "proto.h" */ -/* Protocol version number */ +/** Protocol version number */ #define KRB5_PVNO 5 /* Message types */ -#define KRB5_AS_REQ ((krb5_msgtype)10) /* Req for initial authentication */ -#define KRB5_AS_REP ((krb5_msgtype)11) /* Response to KRB_AS_REQ request */ -#define KRB5_TGS_REQ ((krb5_msgtype)12) /* TGS request to server */ -#define KRB5_TGS_REP ((krb5_msgtype)13) /* Response to KRB_TGS_REQ req */ -#define KRB5_AP_REQ ((krb5_msgtype)14) /* application request to server */ -#define KRB5_AP_REP ((krb5_msgtype)15) /* Response to KRB_AP_REQ_MUTUAL */ -#define KRB5_SAFE ((krb5_msgtype)20) /* Safe application message */ -#define KRB5_PRIV ((krb5_msgtype)21) /* Private application message */ -#define KRB5_CRED ((krb5_msgtype)22) /* Credential forwarding message */ -#define KRB5_ERROR ((krb5_msgtype)30) /* Error response */ +#define KRB5_AS_REQ ((krb5_msgtype)10) /**< Initial authentication request */ +#define KRB5_AS_REP ((krb5_msgtype)11) /**< Response to AS request */ +#define KRB5_TGS_REQ ((krb5_msgtype)12) /**< Ticket granting server request */ +#define KRB5_TGS_REP ((krb5_msgtype)13) /**< Response to TGS request */ +#define KRB5_AP_REQ ((krb5_msgtype)14) /**< Auth req to application server */ +#define KRB5_AP_REP ((krb5_msgtype)15) /**< Response to mutual AP request */ +#define KRB5_SAFE ((krb5_msgtype)20) /**< Safe application message */ +#define KRB5_PRIV ((krb5_msgtype)21) /**< Private application message */ +#define KRB5_CRED ((krb5_msgtype)22) /**< Cred forwarding message */ +#define KRB5_ERROR ((krb5_msgtype)30) /**< Error response */ /* LastReq types */ #define KRB5_LRQ_NONE 0 @@ -1470,33 +1784,33 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, #if 0 /* Not used */ #define KRB5_PADATA_ENC_ENCKEY 4 /* Key encrypted within itself */ #endif -#define KRB5_PADATA_ENC_UNIX_TIME 5 /* timestamp encrypted in key */ -#define KRB5_PADATA_ENC_SANDIA_SECURID 6 /* SecurId passcode */ -#define KRB5_PADATA_SESAME 7 /* Sesame project */ -#define KRB5_PADATA_OSF_DCE 8 /* OSF DCE */ -#define KRB5_CYBERSAFE_SECUREID 9 /* Cybersafe */ -#define KRB5_PADATA_AFS3_SALT 10 /* Cygnus */ -#define KRB5_PADATA_ETYPE_INFO 11 /* Etype info for preauth */ -#define KRB5_PADATA_SAM_CHALLENGE 12 /* draft challenge system */ -#define KRB5_PADATA_SAM_RESPONSE 13 /* draft challenge system response */ -#define KRB5_PADATA_PK_AS_REQ_OLD 14 /* PKINIT */ -#define KRB5_PADATA_PK_AS_REP_OLD 15 /* PKINIT */ -#define KRB5_PADATA_PK_AS_REQ 16 /* PKINIT */ -#define KRB5_PADATA_PK_AS_REP 17 /* PKINIT */ +#define KRB5_PADATA_ENC_UNIX_TIME 5 /**< timestamp encrypted in key */ +#define KRB5_PADATA_ENC_SANDIA_SECURID 6 /**< SecurId passcode */ +#define KRB5_PADATA_SESAME 7 /**< Sesame project */ +#define KRB5_PADATA_OSF_DCE 8 /**< OSF DCE */ +#define KRB5_CYBERSAFE_SECUREID 9 /**< Cybersafe */ +#define KRB5_PADATA_AFS3_SALT 10 /**< Cygnus */ +#define KRB5_PADATA_ETYPE_INFO 11 /**< Etype info for preauth */ +#define KRB5_PADATA_SAM_CHALLENGE 12 /**< draft challenge system */ +#define KRB5_PADATA_SAM_RESPONSE 13 /**< draft challenge system response */ +#define KRB5_PADATA_PK_AS_REQ_OLD 14 /**< PKINIT */ +#define KRB5_PADATA_PK_AS_REP_OLD 15 /**< PKINIT */ +#define KRB5_PADATA_PK_AS_REQ 16 /**< PKINIT */ +#define KRB5_PADATA_PK_AS_REP 17 /**< PKINIT */ #define KRB5_PADATA_ETYPE_INFO2 19 #define KRB5_PADATA_USE_SPECIFIED_KVNO 20 -#define KRB5_PADATA_SVR_REFERRAL_INFO 20 /* Windows 2000 referrals */ +#define KRB5_PADATA_SVR_REFERRAL_INFO 20 /**< Windows 2000 referrals */ #define KRB5_PADATA_SAM_REDIRECT 21 #define KRB5_PADATA_GET_FROM_TYPED_DATA 22 -#define KRB5_PADATA_REFERRAL 25 /* draft referral system */ -#define KRB5_PADATA_SAM_CHALLENGE_2 30 /* draft challenge system, updated */ -#define KRB5_PADATA_SAM_RESPONSE_2 31 /* draft challenge system, updated */ -#define KRB5_PADATA_PAC_REQUEST 128 /* include Windows PAC */ -#define KRB5_PADATA_FOR_USER 129 /* username protocol transition request */ -#define KRB5_PADATA_S4U_X509_USER 130 /* certificate protocol transition request */ -#define KRB5_PADATA_FX_COOKIE 133 -#define KRB5_PADATA_FX_FAST 136 -#define KRB5_PADATA_FX_ERROR 137 +#define KRB5_PADATA_REFERRAL 25 /**< draft referral system */ +#define KRB5_PADATA_SAM_CHALLENGE_2 30 /**< draft challenge system, updated */ +#define KRB5_PADATA_SAM_RESPONSE_2 31 /**< draft challenge system, updated */ +#define KRB5_PADATA_PAC_REQUEST 128 /**< include Windows PAC */ +#define KRB5_PADATA_FOR_USER 129 /**< username protocol transition request */ +#define KRB5_PADATA_S4U_X509_USER 130 /**< certificate protocol transition request */ +#define KRB5_PADATA_FX_COOKIE 133 +#define KRB5_PADATA_FX_FAST 136 +#define KRB5_PADATA_FX_ERROR 137 #define KRB5_PADATA_ENCRYPTED_CHALLENGE 138 #define KRB5_PADATA_PKINIT_KX 147 #define KRB5_ENCPADATA_REQ_ENC_PA_REP 149 @@ -1505,16 +1819,17 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, #define KRB5_SAM_SEND_ENCRYPTED_SAD 0x40000000 #define KRB5_SAM_MUST_PK_ENCRYPT_SAD 0x20000000 /* currently must be zero */ -/* Reserved for SPX pre-authentication. */ -#define KRB5_PADATA_DASS 16 +/** Transited encoding types */ +#define KRB5_DOMAIN_X500_COMPRESS 1 -/* Transited encoding types */ -#define KRB5_DOMAIN_X500_COMPRESS 1 - -/* alternate authentication types */ +/** alternate authentication types */ #define KRB5_ALTAUTH_ATT_CHALLENGE_RESPONSE 64 -/* authorization data types */ +/* authorization data types. See RFC 4120 section 5.2.6 */ + +/** @defgroup KRB5_AUTHDATA KRB5_AUTHDATA + * @{ + */ #define KRB5_AUTHDATA_IF_RELEVANT 1 #define KRB5_AUTHDATA_KDC_ISSUED 4 #define KRB5_AUTHDATA_AND_OR 5 @@ -1524,15 +1839,16 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, #define KRB5_AUTHDATA_SESAME 65 #define KRB5_AUTHDATA_WIN2K_PAC 128 #define KRB5_AUTHDATA_ETYPE_NEGOTIATION 129 /* RFC 4537 */ -#define KRB5_AUTHDATA_SIGNTICKET 512 /* formerly 142 in krb5 1.8 */ +#define KRB5_AUTHDATA_SIGNTICKET 512 /**< formerly 142 in krb5 1.8 */ #define KRB5_AUTHDATA_FX_ARMOR 71 -/* password change constants */ +/** @} */ /* end of KRB5_AUTHDATA group */ -#define KRB5_KPASSWD_SUCCESS 0 -#define KRB5_KPASSWD_MALFORMED 1 -#define KRB5_KPASSWD_HARDERROR 2 -#define KRB5_KPASSWD_AUTHERROR 3 -#define KRB5_KPASSWD_SOFTERROR 4 +/* password change constants */ +#define KRB5_KPASSWD_SUCCESS 0 /**< Success */ +#define KRB5_KPASSWD_MALFORMED 1 /**< Malformed request */ +#define KRB5_KPASSWD_HARDERROR 2 /**< Server error */ +#define KRB5_KPASSWD_AUTHERROR 3 /**< Authentication error */ +#define KRB5_KPASSWD_SOFTERROR 4 /**< Password change rejected */ /* These are Microsoft's extensions in RFC 3244, and it looks like they'll become standardized, possibly with other additions. */ #define KRB5_KPASSWD_ACCESSDENIED 5 /* unused */ @@ -1544,20 +1860,17 @@ krb5_verify_checksum(krb5_context context, krb5_cksumtype ctype, */ /* Time set */ -/** - * @brief Ticket start time, end time, and renewal duration. - */ - +/** Ticket start time, end time, and renewal duration. */ typedef struct _krb5_ticket_times { krb5_timestamp authtime; /**< Time at which KDC issued the initial ticket that corresponds to this ticket */ - /* XXX ? should ktime in KDC_REP == authtime - in ticket? otherwise client can't get this */ + /* XXX ? should ktime in KDC_REP == authtime + in ticket? otherwise client can't get this */ krb5_timestamp starttime; /**< optional in ticket, if not present, use @a authtime */ krb5_timestamp endtime; /**< Ticket expiration time */ krb5_timestamp renew_till; /**< Latest time at which renewal of ticket can be valid */ } krb5_ticket_times; -/** @brief structure for auth data */ +/** Structure for auth data */ typedef struct _krb5_authdata { krb5_magic magic; krb5_authdatatype ad_type; /**< ADTYPE */ @@ -1565,19 +1878,14 @@ typedef struct _krb5_authdata { krb5_octet *contents; /**< Data */ } krb5_authdata; -/** @brief structure for transited encoding */ +/** Structure for transited encoding */ typedef struct _krb5_transited { krb5_magic magic; krb5_octet tr_type; /**< Transited encoding type */ krb5_data tr_contents; /**< Contents */ } krb5_transited; - /** - * @brief Encrypted part of ticket. - * @sa tktflag - * @sa enctype - * - */ +/** Encrypted part of ticket. */ typedef struct _krb5_enc_tkt_part { krb5_magic magic; /* to-be-encrypted portion */ @@ -1591,12 +1899,10 @@ typedef struct _krb5_enc_tkt_part { } krb5_enc_tkt_part; /** - * @brief Ticket structure. + * Ticket structure. * - * Ticket structure that holds the C representation of the ticket protocol - * message and a pointer to the representation of @c _krb5_enc_tkt_part. - * - * @sa enctype + * The C representation of the ticket message, with a pointer to the + * C representation of the encrypted part. */ typedef struct _krb5_ticket { krb5_magic magic; @@ -1608,15 +1914,10 @@ typedef struct _krb5_ticket { /* the unencrypted version */ /** - * @brief Ticket authenticator. - * - * Ticket authenticator: the @c c representation of @c AP-REQ message with decrypted authenticator. + * Ticket authenticator. * - * @todo ers look up asn.1 types and reformat accordingly - * - * @sa aptops + * The C representation of an unencrypted authenticator. */ - typedef struct _krb5_authenticator { krb5_magic magic; krb5_principal client; /**< client name/realm */ @@ -1625,9 +1926,10 @@ typedef struct _krb5_authenticator { krb5_timestamp ctime; /**< client sec portion */ krb5_keyblock *subkey; /**< true session key, optional */ krb5_ui_4 seq_number; /**< sequence #, optional */ - krb5_authdata **authorization_data; /**< New add by Ari, auth data */ + krb5_authdata **authorization_data; /**< authoriazation data */ } krb5_authenticator; +/** Ticket authentication data. */ typedef struct _krb5_tkt_authent { krb5_magic magic; krb5_ticket *ticket; @@ -1635,12 +1937,7 @@ typedef struct _krb5_tkt_authent { krb5_flags ap_options; } krb5_tkt_authent; -/** - * @brief Credentials structure including ticket, session key, and lifetime info. - * - * @sa tktflag - * - */ +/** Credentials structure including ticket, session key, and lifetime info. */ typedef struct _krb5_creds { krb5_magic magic; krb5_principal client; /**< client's principal identifier */ @@ -1658,216 +1955,184 @@ typedef struct _krb5_creds { krb5_authdata **authdata; /**< authorization data */ } krb5_creds; -/** @brief Last request entry */ +/** Last request entry */ typedef struct _krb5_last_req_entry { krb5_magic magic; - krb5_int32 lr_type; /**< LR type */ - krb5_timestamp value; /**< Timestamp */ + krb5_int32 lr_type; /**< LR type */ + krb5_timestamp value; /**< Timestamp */ } krb5_last_req_entry; -/** @brief Pre-authentication data - * @sa padata - */ +/** Pre-authentication data */ typedef struct _krb5_pa_data { krb5_magic magic; - krb5_preauthtype pa_type; /**< Preauthentication data type */ - unsigned int length; /**< Length of data */ - krb5_octet *contents; /**< Data */ + krb5_preauthtype pa_type; /**< Preauthentication data type */ + unsigned int length; /**< Length of data */ + krb5_octet *contents; /**< Data */ } krb5_pa_data; -/* typed data */ -/** - * The FAST error handling logic currently assumes that this structure and - * krb5_pa_data * can be safely cast to each other if this structure changes, - * that code needs to be updated to copy. - */ +/* Don't use this; use krb5_pa_data instead. */ typedef struct _krb5_typed_data { krb5_magic magic; - krb5_int32 type; + krb5_int32 type; unsigned int length; krb5_octet *data; } krb5_typed_data; -/** - * @brief Representation of KDC-REQ protocol message. - * - * @sa kdcopts - */ +/** C representation of KDC-REQ protocol message, including KDC-REQ-BODY */ typedef struct _krb5_kdc_req { krb5_magic magic; - krb5_msgtype msg_type; /**< krb5_kdc_req AS_REQ or TGS_REQ? */ - krb5_pa_data **padata; /**< krb5_kdc_req e.g. encoded AP_REQ */ + krb5_msgtype msg_type; /**< KRB5_AS_REQ or KRB5_TGS_REQ */ + krb5_pa_data **padata; /**< Preauthentication data */ /* real body */ - krb5_flags kdc_options; /**< requested options */ - krb5_principal client; /**< includes realm; optional */ - krb5_principal server; /**< includes realm (only used if no client) */ - krb5_timestamp from; /**< requested starttime */ - krb5_timestamp till; /**< requested endtime */ - krb5_timestamp rtime; /**< (optional) requested renew_till */ - krb5_int32 nonce; /**< nonce to match request/response */ - int nktypes; /**< # of ktypes, must be positive */ - krb5_enctype *ktype; /**< requested enctype(s) */ - krb5_address **addresses; /**< requested addresses, optional */ - krb5_enc_data authorization_data; /**< encrypted auth data; OPTIONAL */ - krb5_authdata **unenc_authdata; /**< unencrypted auth data, if available */ - krb5_ticket **second_ticket;/**< second ticket array; OPTIONAL */ - /** the following field is added in March 2009; it is a hack so - * that FAST state can be carried to pre-authentication plugins. - * A new plugin interface may be a better long-term approach. It - * is believed to be safe to extend this structure because it is - * not found in any public APIs. - */ - void * kdc_state; + krb5_flags kdc_options; /**< Requested options */ + krb5_principal client; /**< Client principal and realm */ + krb5_principal server; /**< Server principal and realm */ + krb5_timestamp from; /**< Requested start time */ + krb5_timestamp till; /**< Requested end time */ + krb5_timestamp rtime; /**< Requested renewable end time */ + krb5_int32 nonce; /**< Nonce to match request andresponse */ + int nktypes; /**< Number of enctypes */ + krb5_enctype *ktype; /**< Requested enctypes */ + krb5_address **addresses; /**< Requested addresses (optional) */ + krb5_enc_data authorization_data; /**< Encrypted authz data (optional) */ + krb5_authdata **unenc_authdata; /**< Unencrypted authz data */ + krb5_ticket **second_ticket; /**< Second ticket array (optional) */ } krb5_kdc_req; /** - * @brief Representation of @c EncKDCRepPart protocol message. + * C representation of @c EncKDCRepPart protocol message. * * This is the cleartext message that is encrypted and inserted in @c KDC-REP. */ - typedef struct _krb5_enc_kdc_rep_part { krb5_magic magic; /* encrypted part: */ - krb5_msgtype msg_type; /**< krb5 message type */ - krb5_keyblock *session; /**< session key */ - krb5_last_req_entry **last_req; /**< array of ptrs to entries */ - krb5_int32 nonce; /**< nonce from request */ - krb5_timestamp key_exp; /**< expiration date */ - krb5_flags flags; /**< ticket flags */ - krb5_ticket_times times; /**< lifetime info */ - krb5_principal server; /**< server's principal identifier */ - krb5_address **caddrs; /**< array of ptrs to addresses, optional */ - krb5_pa_data **enc_padata; /**< Windows 2000 compat */ + krb5_msgtype msg_type; /**< krb5 message type */ + krb5_keyblock *session; /**< Session key */ + krb5_last_req_entry **last_req; /**< Array of pointers to entries */ + krb5_int32 nonce; /**< Nonce from request */ + krb5_timestamp key_exp; /**< Expiration date */ + krb5_flags flags; /**< Ticket flags */ + krb5_ticket_times times; /**< Lifetime info */ + krb5_principal server; /**< Server's principal identifier */ + krb5_address **caddrs; /**< Array of ptrs to addrs, optional */ + krb5_pa_data **enc_padata; /**< Encrypted preauthentication data */ } krb5_enc_kdc_rep_part; -/** @brief Representation of the @c KDC-REP protocol message. - * - * @sa padata - */ +/** Representation of the @c KDC-REP protocol message. */ typedef struct _krb5_kdc_rep { krb5_magic magic; /* cleartext part: */ - krb5_msgtype msg_type; /**< AS_REP or KDC_REP? */ - krb5_pa_data **padata; /**< preauthentication data from KDC */ - krb5_principal client; /**< client's principal identifier */ - krb5_ticket *ticket; /**< ticket */ - krb5_enc_data enc_part; /**< encryption type, kvno, encrypted encoding */ - krb5_enc_kdc_rep_part *enc_part2; /**< unencrypted version, if available */ + krb5_msgtype msg_type; /**< KRB5_AS_REP or KRB5_KDC_REP */ + krb5_pa_data **padata; /**< Preauthentication data from KDC */ + krb5_principal client; /**< Client principal and realm */ + krb5_ticket *ticket; /**< Ticket */ + krb5_enc_data enc_part; /**< Encrypted part of reply */ + krb5_enc_kdc_rep_part *enc_part2; /**< Unencrypted version, if available */ } krb5_kdc_rep; -/** @brief error message structure */ +/** Error message structure */ typedef struct _krb5_error { krb5_magic magic; /* some of these may be meaningless in certain contexts */ - krb5_timestamp ctime; /**< client sec portion; optional */ - krb5_int32 cusec; /**< client usec portion; optional */ - krb5_int32 susec; /**< server usec portion */ - krb5_timestamp stime; /**< server sec portion */ - krb5_ui_4 error; /**< error code (protocol error #'s) */ - krb5_principal client; /**< client's principal identifier; optional */ - krb5_principal server; /**< server's principal identifier */ - krb5_data text; /**< descriptive text */ - krb5_data e_data; /**< additional error-describing data */ + krb5_timestamp ctime; /**< Client sec portion; optional */ + krb5_int32 cusec; /**< Client usec portion; optional */ + krb5_int32 susec; /**< Server usec portion */ + krb5_timestamp stime; /**< Server sec portion */ + krb5_ui_4 error; /**< Error code (protocol error #'s) */ + krb5_principal client; /**< Client principal and realm */ + krb5_principal server; /**< Server principal and realm */ + krb5_data text; /**< Descriptive text */ + krb5_data e_data; /**< Additional error-describing data */ } krb5_error; -/** @brief Authentication header. */ - +/** Authentication header. */ typedef struct _krb5_ap_req { krb5_magic magic; - krb5_flags ap_options; /**< requested options */ - krb5_ticket *ticket; /**< ticket */ - krb5_enc_data authenticator; /**< authenticator (already encrypted) */ + krb5_flags ap_options; /**< Requested options */ + krb5_ticket *ticket; /**< Ticket */ + krb5_enc_data authenticator; /**< Encrypted authenticator */ } krb5_ap_req; /** - * @brief C representaton of AP-REP message. - * The server's response to a client's request for mutual authentication. + * C representaton of AP-REP message. * + * The server's response to a client's request for mutual authentication. */ - typedef struct _krb5_ap_rep { krb5_magic magic; - krb5_enc_data enc_part; /**< Ciphertext of ApRepEncPart */ + krb5_enc_data enc_part; /**< Ciphertext of ApRepEncPart */ } krb5_ap_rep; -/** @brief Cleartext that is encrypted and put into @c _krb5_ap_rep. */ +/** Cleartext that is encrypted and put into @c _krb5_ap_rep. */ typedef struct _krb5_ap_rep_enc_part { krb5_magic magic; - krb5_timestamp ctime; /**< client time, seconds portion */ - krb5_int32 cusec; /**< client time, microseconds portion */ - krb5_keyblock *subkey; /**< true session key, optional */ - krb5_ui_4 seq_number; /**< sequence #, optional */ + krb5_timestamp ctime; /**< Client time, seconds portion */ + krb5_int32 cusec; /**< Client time, microseconds portion */ + krb5_keyblock *subkey; /**< Subkey (optional) */ + krb5_ui_4 seq_number; /**< Sequence number */ } krb5_ap_rep_enc_part; -/** @brief Unused. */ +/* Unused */ typedef struct _krb5_response { krb5_magic magic; krb5_octet message_type; krb5_data response; - krb5_int32 expected_nonce; /**< The expected nonce for KDC_REP messages */ - krb5_timestamp request_time; /**< When we made the request */ + krb5_int32 expected_nonce; + krb5_timestamp request_time; } krb5_response; -/** - * @brief Credentials information inserted into @c EncKrbCredPart. - * - * @sa tktflag - */ - +/** Credentials information inserted into @c EncKrbCredPart. */ typedef struct _krb5_cred_info { krb5_magic magic; - krb5_keyblock *session; /**< session key used to encrypt ticket */ - krb5_principal client; /**< client name/realm, optional */ - krb5_principal server; /**< server name/realm, optional */ - krb5_flags flags; /**< ticket flags, optional */ - krb5_ticket_times times; /**< auth, start, end, renew_till, optional */ - krb5_address **caddrs; /**< array of ptrs to addresses */ + krb5_keyblock *session; /**< Session key used to encrypt ticket */ + krb5_principal client; /**< Client principal and realm */ + krb5_principal server; /**< Server principal and realm */ + krb5_flags flags; /**< Ticket flags */ + krb5_ticket_times times; /**< Auth, start, end, renew_till */ + krb5_address **caddrs; /**< Array of pointers to addrs (optional) */ } krb5_cred_info; -/** @brief Cleartext credentials information. */ +/** Cleartext credentials information. */ typedef struct _krb5_cred_enc_part { krb5_magic magic; - krb5_int32 nonce; /**< nonce, optional */ - krb5_timestamp timestamp; /**< client time */ - krb5_int32 usec; /**< microsecond portion of time */ - krb5_address *s_address; /**< sender address, optional */ - krb5_address *r_address; /**< recipient address, optional */ + krb5_int32 nonce; /**< Nonce (optional) */ + krb5_timestamp timestamp; /**< Generation time, seconds portion */ + krb5_int32 usec; /**< Generation time, microseconds portion */ + krb5_address *s_address; /**< Sender address (optional) */ + krb5_address *r_address; /**< Recipient address (optional) */ krb5_cred_info **ticket_info; } krb5_cred_enc_part; -/** @brief Credentials data structure.*/ +/** Credentials data structure.*/ typedef struct _krb5_cred { krb5_magic magic; - krb5_ticket **tickets; /**< tickets */ - krb5_enc_data enc_part; /**< encrypted part */ - krb5_cred_enc_part *enc_part2; /**< unencrypted version, if available*/ + krb5_ticket **tickets; /**< Tickets */ + krb5_enc_data enc_part; /**< Encrypted part */ + krb5_cred_enc_part *enc_part2; /**< Unencrypted version, if available */ } krb5_cred; -/** @brief Sandia password generation structure */ +/* Unused, but here for API compatibility. */ typedef struct _passwd_phrase_element { krb5_magic magic; krb5_data *passwd; krb5_data *phrase; } passwd_phrase_element; -/** @brief Password data.*/ +/* Unused, but here for API compatibility. */ typedef struct _krb5_pwd_data { krb5_magic magic; int sequence_count; passwd_phrase_element **element; } krb5_pwd_data; -/* these need to be here so the typedefs are available for the prototypes */ -/* - * Note for Windows 2000 compatibility this is encoded - * in the enc_padata field of the krb5_enc_kdc_rep_part. - */ +/* Unused, but here for API compatibility. */ typedef struct _krb5_pa_svr_referral_data { /** Referred name, only realm is required */ krb5_principal principal; } krb5_pa_svr_referral_data; +/* Unused, but here for API compatibility. */ typedef struct _krb5_pa_server_referral_data { krb5_data *referred_realm; krb5_principal true_principal_name; @@ -1885,32 +2150,48 @@ typedef struct _krb5_pa_pac_req { * begin "safepriv.h" */ +/** @defgroup KRB5_AUTH_CONTEXT KRB5_AUTH_CONTEXT + * @{ + */ +/** Prevent replays with timestamps and replay cache. */ #define KRB5_AUTH_CONTEXT_DO_TIME 0x00000001 +/** Save timestamps for application. */ #define KRB5_AUTH_CONTEXT_RET_TIME 0x00000002 +/** Prevent replays with sequence numbers. */ #define KRB5_AUTH_CONTEXT_DO_SEQUENCE 0x00000004 +/** Save sequence numbers for application. */ #define KRB5_AUTH_CONTEXT_RET_SEQUENCE 0x00000008 #define KRB5_AUTH_CONTEXT_PERMIT_ALL 0x00000010 #define KRB5_AUTH_CONTEXT_USE_SUBKEY 0x00000020 +/** @} */ /* end of KRB5_AUTH_CONTEXT group */ -/** @brief Sequence number and timestamp information output by krb5_read_priv() and krb5_read_safe().*/ +/** + * Replay data. + * + * Sequence number and timestamp information output by krb5_rd_priv() and + * krb5_rd_safe(). + */ typedef struct krb5_replay_data { - krb5_timestamp timestamp; /**< Timestamp, seconds portion */ - krb5_int32 usec; /**< Timestamp, microseconds portion */ - krb5_ui_4 seq; /**< Sequence number */ + krb5_timestamp timestamp; /**< Timestamp, seconds portion */ + krb5_int32 usec; /**< Timestamp, microseconds portion */ + krb5_ui_4 seq; /**< Sequence number */ } krb5_replay_data; -/* flags for krb5_auth_con_genaddrs() */ -#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001 -#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002 -#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004 -#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008 +/* Flags for krb5_auth_con_genaddrs(). */ -/* type of function used as a callback to generate checksum data for - * mk_req */ +/** Generate the local network address. */ +#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR 0x00000001 +/** Generate the remote network address. */ +#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR 0x00000002 +/** Generate the local network address and the local port. */ +#define KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR 0x00000004 +/** Generate the remote network address and the remote port. */ +#define KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR 0x00000008 +/** Type of function used as a callback to generate checksum data for mk_req */ typedef krb5_error_code -(KRB5_CALLCONV * krb5_mk_req_checksum_func) (krb5_context, krb5_auth_context , void *, - krb5_data **); +(KRB5_CALLCONV * krb5_mk_req_checksum_func)(krb5_context, krb5_auth_context, + void *, krb5_data **); /* * end "safepriv.h" @@ -1921,119 +2202,127 @@ typedef krb5_error_code * begin "ccache.h" */ -typedef krb5_pointer krb5_cc_cursor; /* cursor for sequential lookup */ +/** Cursor for sequential lookup */ +typedef krb5_pointer krb5_cc_cursor; struct _krb5_ccache; typedef struct _krb5_ccache *krb5_ccache; struct _krb5_cc_ops; typedef struct _krb5_cc_ops krb5_cc_ops; -/** - * @brief Cursor for iterating over all ccaches - */ struct _krb5_cccol_cursor; +/** Cursor for iterating over all ccaches */ typedef struct _krb5_cccol_cursor *krb5_cccol_cursor; -/* for retrieve_cred */ -#define KRB5_TC_MATCH_TIMES 0x00000001 -#define KRB5_TC_MATCH_IS_SKEY 0x00000002 -#define KRB5_TC_MATCH_FLAGS 0x00000004 -#define KRB5_TC_MATCH_TIMES_EXACT 0x00000008 -#define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010 -#define KRB5_TC_MATCH_AUTHDATA 0x00000020 -#define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 -#define KRB5_TC_MATCH_2ND_TKT 0x00000080 -#define KRB5_TC_MATCH_KTYPE 0x00000100 -#define KRB5_TC_SUPPORTED_KTYPES 0x00000200 - -/* for set_flags and other functions */ -#define KRB5_TC_OPENCLOSE 0x00000001 -#define KRB5_TC_NOTICKET 0x00000002 - -/** - * @brief Retrieve the name but not type of a credential cache. - * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * - * Returns the name of the credential cache as an alias that should not be - * freed or modified by the caller. This name does not include the type - * portion, so cannot be used as input to krb5_cc_resolve(). - * Make sure to free the allocated memory when it is no longer needed. +/* Flags for krb5_cc_retrieve_cred. */ +/** The requested lifetime must be at least as great as the time specified. */ +#define KRB5_TC_MATCH_TIMES 0x00000001 +/** The is_skey field must match exactly. */ +#define KRB5_TC_MATCH_IS_SKEY 0x00000002 +/** All the flags set in the match credentials must be set. */ +#define KRB5_TC_MATCH_FLAGS 0x00000004 +/** All the time fields must match exactly. */ +#define KRB5_TC_MATCH_TIMES_EXACT 0x00000008 +/** All the flags must match exactly. */ +#define KRB5_TC_MATCH_FLAGS_EXACT 0x00000010 +/** The authorization data must match. */ +#define KRB5_TC_MATCH_AUTHDATA 0x00000020 +/** Only the name portion of the principal name must match. */ +#define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 +/** The second ticket must match. */ +#define KRB5_TC_MATCH_2ND_TKT 0x00000080 +/** The encryption key type must match. */ +#define KRB5_TC_MATCH_KTYPE 0x00000100 +/** The supported key types must match. */ +#define KRB5_TC_SUPPORTED_KTYPES 0x00000200 + +/* Flags for krb5_cc_set_flags and similar. */ +/** Open and close the file for each cache operation. */ +#define KRB5_TC_OPENCLOSE 0x00000001 +#define KRB5_TC_NOTICKET 0x00000002 + +/** + * Retrieve the name, but not type of a credential cache. + * + * @param [in] context Library context + * @param [in] cache Credential cache handle + * + * @warning Returns the name of the credential cache. The result is an alias + * into @a cache and should not be freed or modified by the caller. This name + * does not include the cache type, so should not be used as input to + * krb5_cc_resolve(). + * + * @return + * On success - the name of the credential cache. */ const char * KRB5_CALLCONV krb5_cc_get_name(krb5_context context, krb5_ccache cache); /** - * @brief Generate a new handle for a specified (unopened) credentials cache. + * Retrieve the full name of a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input, output] + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [out] fullname_out Full name of cache * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @version First introduced in 1.10 */ krb5_error_code KRB5_CALLCONV +krb5_cc_get_full_name(krb5_context context, krb5_ccache cache, + char **fullname_out); + +#if KRB5_DEPRECATED +krb5_error_code KRB5_CALLCONV krb5_cc_gen_new(krb5_context context, krb5_ccache *cache); +#endif /* KRB5_DEPRECATED */ /** - * @brief Destroy an existing credentials cache and create a new credentials cache by the same name. - * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input, output] - * @param principal Primary principal name for the credentials cache [output] + * Initialize a credential cache. * - * Destroy an existing credentials cache and create a new credentials cache by the same name, - * as specifed by @a cache for specified principal. + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [in] principal Default principal name * - * @note This function also modifies the specified credentials cache. + * Destroy any existing contents of @a cache and initialize it for the default + * principal @a principal. * * @retval * 0 Success * @return - * System errors - * @return - * Permission errors - * @return - * Kerberos error codes + * System errors; Permission errors; Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_initialize(krb5_context context, krb5_ccache cache, krb5_principal principal); /** - * @brief Destroy a credentials cache. + * Destroy a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] + * @param [in] context Library context + * @param [in] cache Credential cache handle * - * This function invalidates @a cache and releases any other resources - * acquired during use of the credentials cache. @a cache must identify a valid credentials cache. - * - * @note After completion, do not use @a cache until it is reinitialized with krb5_cc_resolve() or krb5_cc_gen_new(). + * This function destroys any existing contents of @a cache and closes the + * handle to it. * * @retval - * 0 Success + * 0 Success * @return - * Permission errors - * - * @sa krb5_cc_gen_new() + * Permission errors */ krb5_error_code KRB5_CALLCONV krb5_cc_destroy(krb5_context context, krb5_ccache cache); /** - * @brief Close a credentials cache and invalidate its handle. + * Close a credential cache handle. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input, output] + * @param [in] context Library context + * @param [in] cache Credential cache handle * - * @note Reinitialize @a cache with krb5_cc_resolve() or krb5_cc_gen_new(). + * This function closes a credential cache handle @a cache without affecting + * the contents of the cache. * * @retval - * 0 Success + * 0 Success * @return * Kerberos error codes */ @@ -2041,55 +2330,55 @@ krb5_error_code KRB5_CALLCONV krb5_cc_close(krb5_context context, krb5_ccache cache); /** - * @brief Store credentials in a specified credentials cache. + * Store credentials in a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * @param creds Credentials to be stored in cache [input] + * @param [in] context Library context + * @param [in,out] cache Credential cache handle + * @param [in] creds Credentials to be stored in cache + * + * This function stores @a creds into @a cache. If @a creds->server and the + * server in the decoded ticket @a creds->ticket differ, the credentials will + * be stored under both server principal names. * * @retval * 0 Success - * @return - * Permission errors - * @return - * Storage failure errors - * @return - * Kerberos error codes + * @return Permission errors; storage failure errors; Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_store_cred(krb5_context context, krb5_ccache cache, krb5_creds *creds); /** - * @brief Search a credentials cache for credentials matching @a mcreds and return it if found. + * Retrieve a specified credentials from a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * @param mcreds Credentials to match [input] - * @param creds Credentials that match the requested value [output] - * @param flags Search flags; values should be bitwise ORed together [input] + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [in] flags Flags bit mask + * @param [in] mcreds Credentials to match + * @param [out] creds Credentials matching the requested value * - * Valid values for @a options are: + * This function searches a credential cache for credentials matching @a mcreds + * and returns it if found. * - * @li @c KRB5_TC_MATCH_TIMES The requested lifetime must be at least as great as that specified. - * @li @c KRB5_TC_MATCH_IS_SKEY The @a is_skey field much match exactly. - * @li @c KRB5_TC_MATCH_FLAGS The set bits in @a mcreds must match in @a creds. - * @li @c KRB5_TC_MATCH_TIMES_EXACT The requested lifetime must match exactly. - * @li @c KRB5_TC_MATCH_FLAGS_EXACT All bits in @a mcreds must match exactly. - * @li @c KRB5_TC_MATCH_AUTHDATA The data must match. - * @li @c KRB5_TC_MATCH_SRV_NAMEONLY Only the name portion of the principal name must match. - * - * The realm field can be different. If this flag is not set, the entire principal name must match. - * Valid values are: - * - * @li @c KRB5_TC_MATCH_2ND_TKT The second tickets must match. - * @li @c KRB5_TC_MATCH_KTYPE The encryption key types must match. - * @li @c KRB5_TC_MATCH_SUPPORTED_KTYPES Check all matching entries that have any supported - * encryption type and return the one with the encryption - * type listed earliest. - * @retval - * 0 Success - * @return - * Kerberos error codes + * Valid values for @a flags are: + * + * @li #KRB5_TC_MATCH_TIMES The requested lifetime must be at least as + * great as in @a mcreds . + * @li #KRB5_TC_MATCH_IS_SKEY The @a is_skey field much match exactly. + * @li #KRB5_TC_MATCH_FLAGS Flags set in @a mcreds must be set. + * @li #KRB5_TC_MATCH_TIMES_EXACT The requested lifetime must match exactly. + * @li #KRB5_TC_MATCH_FLAGS_EXACT Flags must match exactly. + * @li #KRB5_TC_MATCH_AUTHDATA The authorization data must match. + * @li #KRB5_TC_MATCH_SRV_NAMEONLY Only the name portion of the principal + * name must match, not the realm. + * @li #KRB5_TC_MATCH_2ND_TKT The second tickets must match. + * @li #KRB5_TC_MATCH_KTYPE The encryption key types must match. + * @li #KRB5_TC_SUPPORTED_KTYPES Check all matching entries that have any + * supported encryption type and return the + * one with the encryption type listed earliest. + * + * Use krb5_free_cred_contents() to free @a creds when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_retrieve_cred(krb5_context context, krb5_ccache cache, @@ -2097,18 +2386,19 @@ krb5_cc_retrieve_cred(krb5_context context, krb5_ccache cache, krb5_creds *creds); /** - * @brief Get the primary principal of a credentials cache. + * Get the default principal of a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * @param principal Primary principal [output] + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [out] principal Primary principal * - * @note The primary principal is set by calling krb5_cc_initialize(). + * Returns the default client principal of a credential cache as set by + * krb5_cc_initialize(). * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_principal() to free @a principal when it is no longer needed. * * @retval - * 0 Success + * 0 Success * @return * Kerberos error codes */ @@ -2117,250 +2407,283 @@ krb5_cc_get_principal(krb5_context context, krb5_ccache cache, krb5_principal *principal); /** - * @brief Prepare to sequentially read every credential in a credentials cache. + * Prepare to sequentially read every credential in a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * @param cursor Cursor [output] + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [out] cursor Cursor * - * Make sure to free the allocated memory when it is no longer needed. + * krb5_cc_end_seq_get() must be called to complete the retrieve operation. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @note If @a cache is modified between the time of the call to this function + * and the time of the final krb5_cc_end_seq_get(), the results are undefined. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_start_seq_get(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor); /** - * @brief Retrieve the next entry from the credentials cache. + * Retrieve the next entry from the credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle - * @param cursor Cursor [input, output] - * @param creds Credentials cache entry corresponding to the cursor [output] + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [in,out] cursor Cursor + * @param [out] creds Next credential cache entry * - * @note The cursor value is updated when the function returns the credentials cache entry. - * Subsequent calls to krb5_cc_next_cred() use the updated value. + * This function fills in @a creds with the next entry in @a cache and advances + * @a cursor. * - * @sa krb5_end_seq_get() + * Use krb5_free_cred_contents() to free @a creds when it is no longer needed. * - * @retval - * 0 Success - * @return - * Error if there are no more cache entries + * @sa krb5_cc_start_seq_get(), krb5_end_seq_get() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor, krb5_creds *creds); /** - * @brief Finish processing credentials cache entries and invalidate @a cursor. + * Finish a series of sequential processing credential cache entries. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input, output] - * @param cursor Cursor [input] + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [in,out] cursor Cursor * - * @note Use krb5_cc_start_seq_get() to create a new @a cursor for the next sequential read operation. + * This function finishes processing credential cache entries and invalidates + * @a cursor. * - * Make sure to free the allocated memory when it is no longer needed. + * @sa krb5_cc_start_seq_get(), krb5_cc_next_cred() * - * @retval - * 0 Success - * @return - * Error if @a cursor is invalid + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV krb5_cc_end_seq_get(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor); /** - * @brief Remove credentials from a credentials cache. - * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * @param flags Search flags [input] - * @param creds Credentials to be matched [input] + * Remove credentials from a credential cache. * - * Remove any credentials that match the principal name (@a cred->server) and the fields - * in the credentials cache masked by @a which. + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [in] flags Bitwise-ORed search flags + * @param [in] creds Credentials to be matched * - * Valid values for search flags are: - * @li @c KRB5_TC_MATCH_TIMES The requested lifetime is required to be at least as great as that specified. - * @li @c KRB5_TC_MATCH_IS_SKEY The @a is_skey field much match exactly. - * @li @c KRB5_TC_MATCH_FLAGS The set bits in @a mcreds must match in @a creds. - * @li @c KRB5_TC_MATCH_TIMES_EXACT The requested lifetime must match exactly. - * @li @c KRB5_TC_MATCH_FLAGS_EXACT All bits in @a mcreds must match exactly. - * @li @c KRB5_TC_MATCH_AUTHDATA The authentication data must match. - * @li @c KRB5_TC_MATCH_SRV_NAMEONLY Only the name portion of the principal name must match. + * @warning This function is not implemented for some cache types. * - * The realm field can be different. By default, the entire principal name must match. + * This function accepts the same flag values as krb5_cc_retrieve_cred(). * - * @li @c KRB5_TC_MATCH_2ND_TKT The second tickets must match. - * @li @c KRB5_TC_MATCH_KTYPE The encryption key types must match. - * @li @c KRB5_TC_MATCH_SUPPORTED_KTYPES Check all matching entries that have any supported encryption type. - * - * @note The values for @a flags should be bitwise-ORed together. - * - * @return - * No matches found - * @return - * Data cannot be deleted - * @return - * Kerberos error codes + * @retval KRB5_CC_NOSUPP Not implemented for this cache type + * @return No matches found; Data cannot be deleted; Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_remove_cred(krb5_context context, krb5_ccache cache, krb5_flags flags, krb5_creds *creds); /** - * @brief Set options flags on a credentials cache. + * Set options flags on a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input, output - * @param flags Set behavior for opening and closing a @a cache. + * @param [in] context Library context + * @param [in,out] cache Credential cache handle + * @param [in] flags Flag bit mask * - * Set @a options to zero to clear a previously set @c KRB5_TC_OPENCLOSE flag. + * This function resets @a cache flags to @a flags. * - * @note Turning on @c OPENCLOSE mode opens and closes the @a cache each time a credentials - * cache routine is called. If this flag is not set, the @a cache stays open until krb5_cc_close() is called. - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_set_flags(krb5_context context, krb5_ccache cache, krb5_flags flags); /** - * @brief Get @a flags from a credentials cache. - * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] - * @param flags A bit mask representing the flags to get [input] + * Retrieve flags from a credential cache structure. * - * @todo what kind of flags?? link to list + * @param [in] context Library context + * @param [in] cache Credential cache handle + * @param [out] flags Flag bit mask * - * Make sure to free the allocated memory when it is no longer needed. + * @warning For memory credential cache always returns a flag mask of 0. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_get_flags(krb5_context context, krb5_ccache cache, krb5_flags *flags); /** - * @brief Retrieve the type of a credential cache. + * Retrieve the type of a credential cache. * - * @param context Context structure [input, output] - * @param cache Credentials cache handle [input] + * @param [in] context Library context + * @param [in] cache Credential cache handle * - * Make sure to free the allocated memory when it is no longer needed. - * - * @return The type of a credential cache as an alias that should not be - * modified or freed by the caller. + * @return The type of a credential cache as an alias that must not be modified + * or freed by the caller. */ const char * KRB5_CALLCONV krb5_cc_get_type(krb5_context context, krb5_ccache cache); -/** Move a credential cache. - * - * @param [in] context Context structure - * @param [in] src The credential cache to move the content from - * @param [in] dst The credential cache to move the content to +/** + * Move a credential cache. * - * This function re-initializes @a dst and populates it with the credentials - * and default principal of @a src, and then, if successful, destroys @a src. + * @param [in] context Library context + * @param [in] src The credential cache to move the content from + * @param [in] dst The credential cache to move the content to * - * krb5_ccache objects are locked internally, so no data corruption - * will result if this routine is called on the same credential caches - * in multiple threads. + * This function reinitializes @a dst and populates it with the credentials and + * default principal of @a src; then, if successful, destroys @a src. * * @retval - * 0 Sucess; @a src is freed. + * 0 Success; @a src is closed. * @return - * Kerberos error codes; @a src is still allocated, while @a dst is freed. + * Kerberos error codes; @a src is still allocated. */ krb5_error_code KRB5_CALLCONV krb5_cc_move(krb5_context context, krb5_ccache src, krb5_ccache dst); +/** + * Return a timestamp of the last modification to a credential cache. + * + * @param [in] context Library context + * @param [in] ccache Credential cache handle + * @param [out] change_time The last change time of @a ccache + * + * If an error occurs, @a change_time is set to 0. + */ krb5_error_code KRB5_CALLCONV krb5_cc_last_change_time(krb5_context context, krb5_ccache ccache, krb5_timestamp *change_time); +/** + * Lock a credential cache. + * + * @param [in] context Library context + * @param [in] ccache Credential cache handle + * + * Use krb5_cc_unlock() to unlock the lock. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_cc_lock(krb5_context context, krb5_ccache ccache); +/** + * Unlock a credential cache. + * + * @param [in] context Library context + * @param [in] ccache Credential cache handle + * + * This function unlocks the @a ccache locked by krb5_cc_lock(). + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_cc_unlock(krb5_context context, krb5_ccache ccache); /** - * @brief Prepare to iterate over a collection of credentials caches. + * Prepare to iterate over the collection of known credential caches. * - * @param context Context structure [input, output] - * @param cursor Cursor [input, output] + * @param [in] context Library context + * @param [in,out] cursor Cursor * - * @retval - * 0 Success - * @return - * Kerberos error codes + * Get a new cache iteration @a cursor that will iterate over all known + * credential caches independent of type. + * + * Use krb5_cccol_cursor_free() to release @a cursor when it is no longer + * needed. + * + * @sa krb5_cccol_cursor_next() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cccol_cursor_new(krb5_context context, krb5_cccol_cursor *cursor); /** - * @brief Get the next credentials cache in the collection. + * Get the next credential cache in the collection. * - * @param context Context structure [input, output] - * @param cursor Cursor [input, output] - * @param ccache Credentials cache handle [input] + * @param [in] context Library context + * @param [in,out] cursor Cursor + * @param [out] ccache Credential cache handle * - * Make sure to free the allocated memory when it is no longer needed. + * @note When all caches are iterated over and the end of the list is reached, + * @a ccache is set to NULL. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * Use krb5_cc_close() to close @a ccache when it is no longer needed. + * + * @sa krb5_cccol_cursor_new(), krb5_cccol_cursor_free() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cccol_cursor_next(krb5_context context, krb5_cccol_cursor cursor, krb5_ccache *ccache); /** - * @brief Free a credentials cache collection cursor. + * Free a credential cache collection cursor. * - * @param context Context structure [input, output] - * @param cursor Cursor [input] + * @param [in] context Library context + * @param [in] cursor Cursor * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @sa krb5_cccol_cursor_new(), krb5_cccol_cursor_next() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cccol_cursor_free(krb5_context context, krb5_cccol_cursor *cursor); +/** + * Return a timestamp of the last modification of any known credential cache. + * + * @param [in] context Library context + * @param [out] change_time Last modification timestamp + * + * This function returns the most recent modification time of any known + * credential cache, ignoring any caches which cannot supply a last + * modification time. + * + * If there are no known credential caches, @a change_time is set to 0. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_cccol_last_change_time(krb5_context context, krb5_timestamp *change_time); +/** + * Acquire a global lock for credential caches. + * + * @param [in] context Library context + * + * This function locks the global credential cache collection, ensuring + * that no ccaches are added to or removed from it until the collection + * lock is released. + * + * Use krb5_cccol_unlock() to unlock the lock. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ + krb5_error_code KRB5_CALLCONV krb5_cccol_lock(krb5_context context); +/** + * Release a global lock for credential caches. + * + * @param [in] context Library context + * + * This function unlocks the lock from krb5_cccol_lock(). + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_cccol_unlock(krb5_context context); /** - * @brief Create a new unique credentials cache of the specified type. + * Create a new credential cache of the specified type with a unique name. * - * @param context Context structure [input, output] - * @param type Credentials cache type [input, output] - * @param hint Unused - * @param id Credentials cache handle [output] + * @param [in] context Library context + * @param [in] type Credential cache type name + * @param [in] hint Unused + * @param [out] id Credential cache handle * * @retval * 0 Success @@ -2394,43 +2717,41 @@ typedef struct krb5_rc_st *krb5_rcache; /* XXX */ #define MAX_KEYTAB_NAME_LEN 1100 /* Long enough for MAXPATHLEN + some extra */ -typedef krb5_pointer krb5_kt_cursor; /* XXX */ +typedef krb5_pointer krb5_kt_cursor; -/** @brief Key table entry. */ +/** A key table entry. */ typedef struct krb5_keytab_entry_st { krb5_magic magic; - krb5_principal principal; /**< principal of this key */ - krb5_timestamp timestamp; /**< time entry written to keytable */ - krb5_kvno vno; /**< key version number */ - krb5_keyblock key; /**< the secret key */ + krb5_principal principal; /**< Principal of this key */ + krb5_timestamp timestamp; /**< Time entry written to keytable */ + krb5_kvno vno; /**< Key version number */ + krb5_keyblock key; /**< The secret key */ } krb5_keytab_entry; struct _krb5_kt; typedef struct _krb5_kt *krb5_keytab; -/** Return the type of a key table. - * - * @param [in] context Context structure - * @param [in] keytab Type of key table handle - * - * The possible results might be "FILE", "MEMORY" etc +/** + * Return the type of a key table. * - * @warning The returned value must not be freed by the caller. + * @param [in] context Library context + * @param [in] keytab Key table handle * - * @return - * The key table prefix string. + * @return The type of a key table as an alias that must not be modified or + * freed by the caller. */ const char * KRB5_CALLCONV krb5_kt_get_type(krb5_context context, krb5_keytab keytab); -/** Get key table name +/** + * Get a key table name. * - * @param [in] context Context structure - * @param [in] keytab Key table handle - * @param [out] name Key table name - * @param [in] namelen Maximum length to fill in name + * @param [in] context Library context + * @param [in] keytab Key table handle + * @param [out] name Key table name + * @param [in] namelen Maximum length to fill in name * - * Zeroes @a name and then copies the key table name including its prefix and trailing delimeter. + * Fills in @a name with the name of @a keytab including the type and delimiter. * * @sa MAX_KEYTAB_NAME_LEN * @@ -2446,57 +2767,57 @@ krb5_error_code KRB5_CALLCONV krb5_kt_get_name(krb5_context context, krb5_keytab keytab, char *name, unsigned int namelen); -/** Close a key table. - * - * @param [in] context Context structure - * @param [in] keytab Key table handle +/** + * Close a key table handle. * - * Close a key table, invalidate its handle, and release any other resources - * acquired during use of the key table. - * Undo anything done by krb5_kt_resolve(). + * @param [in] context Library context + * @param [in] keytab Key table handle * - * @retval - * 0 + * @retval 0 */ krb5_error_code KRB5_CALLCONV krb5_kt_close(krb5_context context, krb5_keytab keytab); -/** Get an entry from a key table. +/** + * Get an entry from a key table. * - * @param [in] context Context structure - * @param [in] keytab Key table handle - * @param [in] principal Principal name - * @param [in] vno Key version number - * @param [in] enctype Encryption type. Use zero for any enctype. - * @param [out] entry Returned entry from key tablele + * @param [in] context Library context + * @param [in] keytab Key table handle + * @param [in] principal Principal name + * @param [in] vno Key version number (0 for highest available) + * @param [in] enctype Encryption type (0 zero for any enctype) + * @param [out] entry Returned entry from key table * - * Retrieve an entry from a key table that matches the @a keytab, @a principal, and @a vno. - * The @a entry must be freed with krb5_kt_free_entry() when it is no longer needed. + * Retrieve an entry from a key table which matches the @a keytab, @a + * principal, @a vno, and @a enctype. If @a vno is zero, retrieve the + * highest-numbered kvno matching the other fields. If @a enctype is 0, match + * any enctype. * - * @note If @a vno is zero, the function retrieves the highest-numbered-kvno entry that - * matches the specified principal. + * Use krb5_free_keytab_entry_contents() to free @a entry when it is no longer + * needed. + * + * @note If @a vno is zero, the function retrieves the highest-numbered-kvno + * entry that matches the specified principal. * * @retval * 0 Success * @retval * Kerberos error codes on failure - * @return - * On success retrieves the entry */ krb5_error_code KRB5_CALLCONV krb5_kt_get_entry(krb5_context context, krb5_keytab keytab, krb5_const_principal principal, krb5_kvno vno, krb5_enctype enctype, krb5_keytab_entry *entry); -/** Start a sequential retrieve of key table entries. +/** + * Start a sequential retrieval of key table entries. * - * @param [in] context Context structure - * @param [in] keytab Key table handle - * @param [out] cursor Cursor + * @param [in] context Library context + * @param [in] keytab Key table handle + * @param [out] cursor Cursor * - * Prepare to read sequentially every key in the specified key table. - * @a cursor is incremented for next call to krb5_kt_next_entry(). - * The function krb5_kt_end_seq_get() should be called to release the cursor. + * Prepare to read sequentially every key in the specified key table. Use + * krb5_kt_end_seq_get() to release the cursor when it is no longer needed. * * @sa krb5_kt_next_entry(), krb5_kt_end_seq_get() * @@ -2509,18 +2830,15 @@ krb5_error_code KRB5_CALLCONV krb5_kt_start_seq_get(krb5_context context, krb5_keytab keytab, krb5_kt_cursor *cursor); -/** Retrieve the next entry from the key table. - * - * @param [in] context Context structure - * @param [in] keytab Key table handle - * @param [out] entry Returned key table entry - * @param [in,out] cursor The cursor created by krb5_kt_start_seq_get() - * and updated by successful runs of this routine +/** + * Retrieve the next entry from the key table. * - * Return the next sequential entry in the specified key table and update @a cursor for - * the next request. + * @param [in] context Library context + * @param [in] keytab Key table handle + * @param [out] entry Returned key table entry + * @param [in,out] cursor Key table cursor * - * If the key table changes during the sequential get, an error is guaranteed. + * Return the next sequential entry in @a keytab and advance @a cursor. * * @sa krb5_kt_start_seq_get(), krb5_kt_end_seq_get() * @@ -2535,13 +2853,15 @@ krb5_error_code KRB5_CALLCONV krb5_kt_next_entry(krb5_context context, krb5_keytab keytab, krb5_keytab_entry *entry, krb5_kt_cursor *cursor); -/** Complete a series of sequential key table entry retrievals and invalidate @a cursor. +/** + * Release a keytab cursor. * - * @param [in] context Context structure - * @param [in] keytab Key table handle - * @param [out] cursor Cursor + * @param [in] context Library context + * @param [in] keytab Key table handle + * @param [out] cursor Cursor * - * This function should be called to release the cursor created by krb5_kt_start_seq_get() + * This function should be called to release the cursor created by + * krb5_kt_start_seq_get(). * * @retval * 0 Success @@ -2560,16 +2880,20 @@ krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab, * begin "func-proto.h" */ -/** Create and intialize a context structure. +#define KRB5_INIT_CONTEXT_SECURE 0x1 /**< Use secure context configuration */ +#define KRB5_INIT_CONTEXT_KDC 0x2 /**< Use KDC configuration if available */ + +/** + * Create a krb5 library context. * - * @param [out] context Context structure + * @param [out] context Library context * - * The context must be released by calling krb5_free_context() routine when + * The @a context must be released by calling krb5_free_context() when * it is no longer needed. * - * @warning Any program or module that needs the Kerberos code to not trust - * the environment must use krb5_init_secure_context(), - * or clean out the environment. + * @warning Any program or module that needs the Kerberos code to not trust the + * environment must use krb5_init_secure_context(), or clean out the + * environment. * * @retval * 0 Success @@ -2579,15 +2903,15 @@ krb5_kt_end_seq_get(krb5_context context, krb5_keytab keytab, krb5_error_code KRB5_CALLCONV krb5_init_context(krb5_context *context); -/** Create and initialize a context structure using only configuration files. +/** + * Create a krb5 library context using only configuration files. * - * @param [out] context Context structure + * @param [out] context Library context * - * Initialize a context structure, using only configuration files that - * are safe for a @c setuid program. - * All information passed through the environment variables is ignored. + * Create a context structure, using only system configuration files. All + * information passed through the environment variables is ignored. * - * The context must be released by calling krb5_free_context() routine when + * The @a context must be released by calling krb5_free_context() when * it is no longer needed. * * @retval @@ -2598,26 +2922,45 @@ krb5_init_context(krb5_context *context); krb5_error_code KRB5_CALLCONV krb5_init_secure_context(krb5_context *context); -/** Free a context structure. +/** + * Create a krb5 library context using a specified profile. * - * @param [in] context Context structure + * @param [in] profile Profile object (NULL to create default profile) + * @param [in] flags Context initialization flags + * @param [out] context Library context * - * This function frees a context that was created by krb5_init_context() - * or krb5_init_secure_context(). + * Create a context structure, optionally using a specified profile and + * initialization flags. If @a profile is NULL, the default profile will be + * created from config files. If @a profile is non-null, a copy of it will be + * made for the new context; the caller should still clean up its copy. Valid + * flag values are: * - * @return - * None + * @li #KRB5_INIT_CONTEXT_SECURE Ignore environment variables + * @li #KRB5_INIT_CONTEXT_KDC Use KDC configuration if creating profile + */ +krb5_error_code KRB5_CALLCONV +krb5_init_context_profile(struct _profile_t *profile, krb5_flags flags, + krb5_context *context); + +/** + * Free a krb5 library context. + * + * @param [in] context Library context + * + * This function frees a @a context that was created by krb5_init_context() + * or krb5_init_secure_context(). */ void KRB5_CALLCONV krb5_free_context(krb5_context context); -/** Copy a @c _krb5_context structure. +/** + * Copy a krb5_context structure. * - * @param [in] ctx Context structure - * @param [out] nctx_out New "cloned" context structure + * @param [in] ctx Library context + * @param [out] nctx_out New context structure * * The newly created context must be released by calling krb5_free_context() - * routine when it is no longer needed. + * when it is no longer needed. * * @retval * 0 Success @@ -2628,59 +2971,46 @@ krb5_error_code KRB5_CALLCONV krb5_copy_context(krb5_context ctx, krb5_context *nctx_out); /** - * @brief Set the default TGS (ticket granting service) encryption types for the context. + * Set default TGS encryption types in a krb5_context structure. + * + * @param [in,out] context Library context + * @param [in] etypes Encryption type(s) to set * - * @param context Context structure [input, output] - * @param etypes Encryption type [input] + * This function sets the default enctype list for TGS requests + * made using @a context to @a etypes. * * @note This overrides the default list (from config file or built-in). * * @retval * 0 Success * @retval - * ENOMEM Insufficient memory - * @retval * KRB5_PROG_ETYPE_NOSUPP Program lacks support for encryption type - * @return * Kerberos error codes - * - * @sa enctype */ krb5_error_code KRB5_CALLCONV krb5_set_default_tgs_enctypes(krb5_context context, const krb5_enctype *etypes); /** - * @brief Return a list of supported encryption types. + * Return a list of encryption types permitted for session keys. * - * @param context Context structure [input, output] - * @param ktypes Pointer to list of encryption types [output] + * @param [in] context Library context + * @param [out] ktypes Zero-terminated list of encryption types * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @retval - * KRB5_PROG_ETYPE_NOSUPP Program lacks support for encryption type - * @return - * Kerberos error codes - * - * @sa enctype + * This function returns the list of encryption types permitted for session + * keys within @a context, as determined by configuration or by a previous call + * to krb5_set_default_tgs_enctypes(). * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_get_permitted_enctypes(krb5_context context, krb5_enctype **ktypes); /** - * @brief Return a value indicating whether the client libraries support multithreading. + * Test whether the Kerberos library was built with multithread support. * * @retval - * TRUE Client libraries are threadsafe - * @retval - * FALSE Client libraries are not threadsafe - * + * TRUE if the library is threadsafe; FALSE otherwise */ krb5_boolean KRB5_CALLCONV krb5_is_thread_safe(void); @@ -2688,188 +3018,121 @@ krb5_is_thread_safe(void); /* libkrb.spec */ /** - * @brief Decrypt a ticket using the specified key table. + * Decrypt a ticket using the specified key table. * - * @param context Context structure [input, output] - * @param kt Key table [input] - * @param ticket Ticket [input, output] + * @param [in] context Library context + * @param [in] kt Key table + * @param [in,out] ticket Ticket to be decrypted * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function takes a @a ticket as input and decrypts it using + * key data from @a kt. The result is placed into @a ticket->enc_part2. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_server_decrypt_ticket_keytab(krb5_context context, const krb5_keytab kt, krb5_ticket *ticket); /** - * @brief Free credentials returned by krb5_get_cred(). + * Free an array of credential structures. * - * @param context Context structure [input, output] - * @param tgts Pointer to credentials to be freed [input, output] + * @param [in] context Library context + * @param [in] tgts Null-terminated array of credentials to free * - * @return - * None + * @note The last entry in the array @a tgts must be a NULL pointer. */ void KRB5_CALLCONV krb5_free_tgt_creds(krb5_context context, krb5_creds **tgts); -#define KRB5_GC_USER_USER 1 /* want user-user ticket */ -#define KRB5_GC_CACHED 2 /* want cached ticket only */ -#define KRB5_GC_CANONICALIZE 4 /* set canonicalize KDC option */ -#define KRB5_GC_NO_STORE 8 /* do not store in credentials cache */ -#define KRB5_GC_FORWARDABLE 16 /* acquire forwardable tickets */ -#define KRB5_GC_NO_TRANSIT_CHECK 32 /* disable transited check */ -#define KRB5_GC_CONSTRAINED_DELEGATION 64 /* constrained delegation */ +/** @defgroup KRB5_GC KRB5_GC + * @{ + */ +#define KRB5_GC_USER_USER 1 /**< Want user-user ticket */ +#define KRB5_GC_CACHED 2 /**< Want cached ticket only */ +#define KRB5_GC_CANONICALIZE 4 /**< Set canonicalize KDC option */ +#define KRB5_GC_NO_STORE 8 /**< Do not store in credential cache */ +#define KRB5_GC_FORWARDABLE 16 /**< Acquire forwardable tickets */ +#define KRB5_GC_NO_TRANSIT_CHECK 32 /**< Disable transited check */ +#define KRB5_GC_CONSTRAINED_DELEGATION 64 /**< Constrained delegation */ +/** @} */ /* end of KRB5_GC group */ /** - * @brief Get an additional ticket. - * - * @param context Context structure [input, output] - * @param options Options [input] - * @param ccache Credentials cache handle [input] - * @param in_creds Input credentials [input] - * @param out_creds Output updated credentials [output] - * - * Valid values for @a options are: - * @li @c KRB5_GC_USER_USER Return a full user to user authentication ticket - * @li @c KRB5_GC_CACHED Search only credentials cache for the ticket - * - * Use the specified credentials cache or a TGS exchange to get an additional ticket and include the following information: - * @li The server specified by @a in_creds->server. - * @li The options specified in @a options. + * Get an additional ticket. * - * If @a options is set to @c KRB5_GC_USER_USER, krb5_get_credentials() searches only the credentials cache - * for a ticket. - * If @a options is set to @c KRB5_GC_CACHED, krb5_get_credentials() will get credentials for a - * user-to-user authentication. In a user-to-user authentication, the secret key for the server is - * the session key from the server's ticket granting ticket (TGT). - * @li The expiration date specified in @a in_creds->times.endtime. - * @li The session key type specified in @a in_creds->keyblock.keytype, if it is nonzero. + * @param [in] context Library context + * @param [in] options Options + * @param [in,out] ccache Credential cache handle + * @param [in] in_creds Input credentials + * @param [out] out_creds Output updated credentials * - * The TGT is passed from the server to the client over the network; this is - * safe because the TGT is encrypted in a key known only by the Kerberos server. - * The client must pass this TGT to krb5_get_credentials() in @a in_creds->second_ticket. - * The Kerberos server uses this TGT to construct a user-to-user ticket that can be verified by the server, - * using the session key from its TGT. + * Use @a ccache or a TGS exchange to get a service ticket matching @a + * in_creds. * - * The effective expiration date is the minimum of the following: + * Valid values for @a options are: + * @li #KRB5_GC_CACHED Search only credential cache for the ticket + * @li #KRB5_GC_USER_USER Return a user to user authentication ticket * - * @li The expiration date as specified in @a in_creds->times.endtime. - * @li The requested start time plus the maximum lifetime of the server - * as specified by the server's entry in the Kerberos database. - * @li The requested start time plus the maximum lifetime of tickets allowed - * in the local site, as specified by the KDC. This is a compile-time option, - * @c KRB5_KDB_MAX_LIFE in @c config.h, and its default value is one day. + * @a in_creds must be non-null. @a in_creds->client and @a in_creds->server + * must be filled in to specify the client and the server respectively. If any + * authorization data needs to be requested for the service ticket (such as + * restrictions on how the ticket can be used), specify it in @a + * in_creds->authdata; otherwise set @a in_creds->authdata to NULL. The + * session key type is specified in @a in_creds->keyblock.enctype, if it is + * nonzero. * - * If any special data needs to be included in the ticket (such as restrictions - * on how the ticket can be used), specify it in @a in_creds->authdata. - * If there is no special data to be passed, set @a in_creds->authdata to NULL. - * Any returned ticket and intermediate ticket-granting tickets are stored in @a ccache. + * The expiration date is specified in @a in_creds->times.endtime. + * The KDC may return tickets with an earlier expiration date. + * If @a in_creds->times.endtime is set to 0, the latest possible + * expiration date will be requested. * - * Make sure to free the allocated memory when it is no longer needed. + * Any returned ticket and intermediate ticket-granting tickets are stored + * in @a ccache. * - * @todo ers clean up verb tense and format + * Use krb5_free_creds() to free @a out_creds when it is no longer needed. * * @retval * 0 Success - * @retval - * ENOMEM Insufficient memory * @return * Kerberos error codes - * */ krb5_error_code KRB5_CALLCONV krb5_get_credentials(krb5_context context, krb5_flags options, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds); -/** - * @brief Contact the KDC to validate a credential. - * - * @param context Context structure [input, output] - * @param options Unused - * @param ccache Credentials cache handle [input, output] - * @param in_creds Input credentials [input] - * @param out_creds Output credentials [output] - * - * Make sure to free the allocated memory when it is no longer needed. - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @retval - * KRB5_PROG_ETYPE_NOSUPP Encryption type is not supported - * @retval - * KRB5_KDCREP_MODIFIED KDC reply did not match expectations - * @return - * Kerberos error codes - * - */ +/** @deprecated Replaced by krb5_get_validated_creds. */ krb5_error_code KRB5_CALLCONV krb5_get_credentials_validate(krb5_context context, krb5_flags options, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds); -/** - * @brief Contact the KDC to renew credentials for a context. - * - * @param context Context structure [input, output] - * @param options Unused - * @param ccache Credentials cache handle [input, output] - * @param in_creds Input credentials [input] - * @param out_creds Output credentials [output] - * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @retval - * KRB5_PROG_ETYPE_NOSUPP Encryption type is not supported - * @retval - * KRB5_KDCREP_MODIFIED KDC reply did not match expectations - * @return - * Kerberos error codes - * - */ +/** @deprecated Replaced by krb5_get_renewed_creds. */ krb5_error_code KRB5_CALLCONV krb5_get_credentials_renew(krb5_context context, krb5_flags options, krb5_ccache ccache, krb5_creds *in_creds, krb5_creds **out_creds); /** - * @brief Format a @c KRB_AP_REQ message. - * - * @param context Context structure [input, output] - * @param auth_context Authentication context, containing the checksum method to be used; a new authentication contextis returned if NULL is specified. [input, output] - * @param in_data Application data with a checksum to be included in the authenticator; specify NULL if no checksum is to be included [input] - * @param ap_req_options - * @param service - * @param hostname - * @param ccache - * @param outbuf Pointer to an existing @c krb5_data structure to be filled [output] + * Create a @c KRB_AP_REQ message. * - * The @a in_creds argument supplies the credentials (ticket and session key) needed to form the request. + * @param [in] context Library context + * @param [in,out] auth_context Pre-existing or newly created auth context + * @param [in] ap_req_options @ref AP_OPTS options + * @param [in] service Service name, or NULL to use @c "host" + * @param [in] hostname Host name, or NULL to use local hostname + * @param [in] in_data Application data to be checksummed in the + * authenticator, or NULL + * @param [in] ccache Credential cache used to obtain credentials + * for the desired service. + * @param [out] outbuf @c AP-REQ message * - * If @a in_creds->ticket has no data (length == 0), an error is returned. + * This function is similar to krb5_mk_req_extended() except that it uses a + * given @a hostname, @a service, and @a ccache to construct a service + * principal name and obtain credentials. * - * A copy of the authenticator is stored in @c _krb5_auth_context, with the - * @a principal and @a checksum fields nulled out, unless an error is returned. - * (This is to prevent pointer-sharing problems) - * - * @note @a in_creds might be freed and reallocated. Make sure all structure fields' pointers point to allocated memory, - * - * @warning Do not alias other pointers to the same memory, since it can be deallocated during this routine call. - * - * @return - * Generated @c AP-REQ message - * @return - * Kerberos error codes + * Use krb5_free_data_contents() to free @a outbuf when it is no longer needed. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_mk_req(krb5_context context, krb5_auth_context *auth_context, @@ -2877,42 +3140,41 @@ krb5_mk_req(krb5_context context, krb5_auth_context *auth_context, krb5_data *in_data, krb5_ccache ccache, krb5_data *outbuf); /** - * @brief Format a @c KRB_AP_REQ message with additional options. - * - * @param context Context structure - * @param auth_context Authentication context, containing the checksum method to be used; a new authentication context is returned if NULL is specified. [input, output] - * @param ap_req_options @c KRB_AP_REQ options desired [input] - * @param in_data Application data with a checksum that should be included in the authenticator; specify NULL if no checksum is to be included [input] - * @param in_creds Credentials for the service [input] - * @param outbuf Pointer to an existing @c krb5_data structure to be filled [output] - * - * Valid values for @a ap_req_options are: - * @li @c AP_OPTS_USE_SESSION_KEY - * @li @c AP_OPTS_MUTUAL_REQUIRED + * Create a @c KRB_AP_REQ message using supplied credentials. * - * The @a outbuf, @a ap_req_options, _krb5_auth_context, and @a ccache arguments are used - * in the same fashion as for krb5_mk_req(). The @a in_creds argument supplies - * the credentials (ticket and session key). + * @param [in] context Library context + * @param [in,out] auth_context Pre-existing or newly created auth context + * @param [in] ap_req_options @ref AP_OPTS options + * @param [in] in_data Application data to be checksummed in the + * authenticator, or NULL + * @param [in] in_creds Credentials for the service with valid ticket + * and key + * @param [out] outbuf @c AP-REQ message * - * If @a in_creds->ticket has no data (length == 0), an error is returned. + * Valid @a ap_req_options are: + * @li #AP_OPTS_USE_SESSION_KEY - Use the session key when creating the + * request used for user to user + * authentication. + * @li #AP_OPTS_MUTUAL_REQUIRED - Request a mutual authentication packet from + * the reciever. + * @li #AP_OPTS_USE_SUBKEY - Generate a subsession key from the current + * session key obtained from the credentials. * - * If @a ap_req_options specifies @c AP_OPTS_USE_SUBKEY, krb5_generate_subkey() generates the subkey if needed. + * This function creates a KRB_AP_REQ message using supplied credentials @a + * in_creds. @a auth_context may point to an existing auth context or to NULL, + * in which case a new one will be created. If @a in_data is non-null, a + * checksum of it will be included in the authenticator contained in the + * KRB_AP_REQ message. Use krb5_free_data_contents() to free @a outbuf when it + * is no longer needed. * - * A copy of the authenticator is stored in @c _krb5_auth_context, with the - * @a principal and @a checksum fields nulled out, unless an error is returned. - * (This is to prevent pointer-sharing problems; the caller should not need - * these fields anyway, since the caller supplied them.) + * On successful return, the authenticator is stored in @a auth_context with + * the @a client and @a checksum fields nulled out. (This is to prevent + * pointer-sharing problems; the caller should not need these fields anyway, + * since the caller supplied them.) * - * @note @a in_creds can be freed and reallocated. Make sure all structure fields pointers point to allocated memory, - * Do not alias other pointers to the same memory, since it may be deallocated during this routine call. + * @sa krb5_mk_req() * - * Make sure to free the allocated memory when it is no longer needed. - * - * @return - * Generated @c AP-REQ message - * @return - * Kerberos error codes - * @sa aptopts + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, @@ -2920,141 +3182,147 @@ krb5_mk_req_extended(krb5_context context, krb5_auth_context *auth_context, krb5_creds *in_creds, krb5_data *outbuf); /** - * @brief Format and encrypt a @c KRB5_AP_REP message. + * Format and encrypt a @c KRB_AP_REP message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param outbuf @c AP-REP message information [output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [out] outbuf @c AP-REP message * - * The @c AP-REP message includes the data in the @a authentp field of @c _krb5_auth_context, - * and it is encrypted using the @a keyblock field from @c _krb5_auth_context. + * This function fills in @a outbuf with an AP-REP message using information + * from @a auth_context. * - * When successful, @a outbuf->length and @a outbuf->data are filled in with the length - * of the @c AP-REQ message and the allocated data holding it. + * If the flags in @a auth_context indicate that a sequence number should be + * used (either #KRB5_AUTH_CONTEXT_DO_SEQUENCE or + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE) and the local sequence number in @a + * auth_context is 0, a new number will be generated with + * krb5_generate_seq_number(). * - * If the flags in @c _krb5_auth_context indicate that a sequence number should be used - * (either @c KRB5_AUTH_CONTEXT_DO_SEQUENCE or @c KRB5_AUTH_CONTEXT_RET_SEQUENCE) - * and the local sequence number in @c _krb5_auth_context is 0, a new number will - * be generated with krb5_generate_seq_number(). + * Use krb5_free_data_contents() to free @a outbuf when it is no longer needed. * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_mk_rep(krb5_context context, krb5_auth_context auth_context, krb5_data *outbuf); +/** + * Format and encrypt a @c KRB_AP_REP message for DCE RPC. + * + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [out] outbuf @c AP-REP message + * + * Use krb5_free_data_contents() to free @a outbuf when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_mk_rep_dce(krb5_context context, krb5_auth_context auth_context, krb5_data *outbuf); /** - * @brief Parse and decrypt a @c KRB5_AP_REP message. + * Parse and decrypt a @c KRB_AP_REP message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param inbuf AP-REP message [input] - * @param repl Parsed message [output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] inbuf AP-REP message + * @param [out] repl Decrypted reply message * - * The keyblock stored in @c _krb5_auth_context is used to decrypt the message - * after establishing any key preprocessing with krb5_process_key(). + * This function parses, decrypts and verifies a message from @a inbuf and + * fills in @a repl with a pointer to allocated memory containing the fields + * from the encrypted response. * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_ap_rep_enc_part() to free @a repl when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_rd_rep(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, krb5_ap_rep_enc_part **repl); +/** + * Parse and decrypt a @c KRB_AP_REP message for DCE RPC. + * + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] inbuf AP-REP message + * @param [out] nonce Sequence number from the decrypted reply + * + * This function parses, decrypts and verifies a message from @a inbuf and + * fills in @a nonce with a decrypted reply sequence number. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_rd_rep_dce(krb5_context context, krb5_auth_context auth_context, const krb5_data *inbuf, krb5_ui_4 *nonce); /** - * @brief Encode a @c KRB5_ERROR message. + * Format and encode a @c KRB_ERROR message. * - * @param context Context structure [input, output] - * @param dec_err Error structure to be encoded [input] - * @param enc_err Encoded error structure [output] + * @param [in] context Library context + * @param [in] dec_err Error structure to be encoded + * @param [out] enc_err Encoded error structure * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function creates a @c KRB_ERROR message in @a enc_err. Use + * krb5_free_data_contents() to free @a enc_err when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_mk_error(krb5_context context, const krb5_error *dec_err, krb5_data *enc_err); /** - * @brief Decode a @c KRB-ERROR message. + * Decode a @c KRB-ERROR message. * - * @param context Context structure [input, output] - * @param enc_errbuf Encoded error message [input] - * @param dec_error Decoded error message [output] + * @param [in] context Library context + * @param [in] enc_errbuf Encoded error message + * @param [out] dec_error Decoded error message * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function processes @c KRB-ERROR message @a enc_errbuf and returns + * an allocated structure @a dec_error containing the error message. + * Use krb5_free_error() to free @a dec_error when it is no longer needed. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_rd_error(krb5_context context, const krb5_data *enc_errbuf, krb5_error **dec_error); /** - * @brief Parse a @c KRB-SAFE message, verify its integrity, and store its data in the specified buffer. + * Process @c KRB-SAFE message. * - * @param context Context structure [input, output] - * @param auth_context Authentication structure [input, output] - * @param inbuf @c KRB-SAFE message to be parsed [input] - * @param outbuf Data parsed from @c KRB-SAFE message [output] - * @param outdata Sequence numbers if @c krb5_auth_context includes @c KRB5_AUTHCONTEXT_RET_SEQUENCE [input, output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication structure + * @param [in] inbuf @c KRB-SAFE message to be parsed + * @param [out] outbuf Data parsed from @c KRB-SAFE message + * @param [out] outdata Replay data. Specify NULL if not needed * - * The keyblock used to verify the integrity of the message is taken from the fields - * @a local_subkey, @a remote_subkey, or @a keyblock in @c _krb5_auth_context. The @a keyblock - * is chosen in the preceding order by the first one that is non-null. + * This function parses a @c KRB-SAFE message, verifies its integrity, and + * stores its data into @a outbuf. * - * @a remote_addr and @a localaddr in @c _krb5_auth_context specify - * the full addresses (host and port) of the sender and receiver, and must be of - * type @c ADDRTYPE_ADDRPORT. + * @note The @a outdata argument is required if #KRB5_AUTH_CONTEXT_RET_TIME or + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in the @a auth_context. * - * The @a remote_addr argument is @a mandatory. It specifies the address of the sender. - * If the address of the sender in the message does not match @a remote_addr, the - * error @c KRB5KRB_AP_ERR_BADADDR will be returned. + * @note @a auth_context must have a remote address set. This address will be + * used to verify the sender address in the KRB-SAFE message. If @a + * auth_context has a local address set, it will be used to verify the + * receiver address in the KRB-SAFE message if the message contains one. + * Both addresses must use type @c ADDRTYPE_ADDRPORT. * - * If @a local_addr is non-null, then the address of the receiver in the message must - * match it. If it is NULL, the receiver address in the message will be checked against the - * list of local addresses as returned by krb5_os_localaddr(). If the check fails, - * @c KRB5KRB_AP_ERR_BADARRD is returned. - * - * If the @a flags field in @c _krb5_auth_context indicates that sequence numbers - * are to be used (if @c KRB5_AUTH_CONTEXT_DOSEQUENCE is set in it), the @c remote_seq_number field - * of @c _krb5_auth_context is compared to the sequence number for the message, and - * @c KRB5_KRB_AP_ERR_BADORDER is returned if it does not match. Otherwise, the sequence - * number is not used. - * - * If timestamps are to be used (if @c KRB5_AUTH_CONTEXT_DO_TIME is set in @c _krb5_auth_context), - * then two additional checks are performed: + * If the #KRB5_AUTH_CONTEXT_DO_SEQUENCE flag is set in @a auth_context, the + * sequence number of the KRB-SAFE message is checked against the remote + * sequence number field of @a auth_context. Otherwise, the sequence number is + * not used. * + * If the #KRB5_AUTH_CONTEXT_DO_TIME flag is set in @a auth_context, + * then two additional checks are performed: * @li The timestamp in the message must be within the permitted clock skew - * (which is usually five minutes), or @c KRB5KRB_AP_ERR_SKEW is returned. - * @li The message must not be a replayed message, according to @a rcache. + * (which is usually five minutes). + * @li The message must not be a replayed message field in @a auth_context. * - * Make sure to free the allocated memory when it is no longer needed - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * Use krb5_free_data_contents() to free @a outbuf when it is no longer needed. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_rd_safe(krb5_context context, krb5_auth_context auth_context, @@ -3062,34 +3330,39 @@ krb5_rd_safe(krb5_context context, krb5_auth_context auth_context, krb5_replay_data *outdata); /** - * @brief Decode and decrypt a @c KRB-PRIV message. + * Process a @c KRB-PRIV message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param inbuf @c KRB-PRIV message[input] - * @param outbuf Application data stored in @c KRB_PRIV message [output] - * @param outdata Sequence numbers [input, output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication structure + * @param [in] inbuf @c KRB-PRIV message to be parsed + * @param [out] outbuf Data parsed from @c KRB-PRIV message + * @param [out] outdata Replay data. Specify NULL if not needed * - * The @a remote_addr field of @c _krb5_auth_context set by krb5_auth_con_setaddrs() is - * @a mandatory; it specifies the address of the sender. If the address of the sender in the - * message does not match the @a remote_addr, @c KRB5KRB_AP_ERR_BADADDR is returned. + * This function parses a @c KRB-PRIV message, verifies its integrity, and + * stores its unencrypted data into @a outbuf. * - * If @c local_addr field of @c _krb5_auth_context is non-null, the address of the - * receiver in the message must match it. If @a local_addr is NULL, the receiver address in the - * message will be checked against the list of local addresses as returned by krb5_os_localaddr(). + * @note If the #KRB5_AUTH_CONTEXT_RET_TIME or @c + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in @a auth_context, @a + * outdata is required. * - * The @a keyblock field of @c _krb5_auth_context specifies the key to be used to decrypt the message. - * If the @a i_vector field is non-null, it is used as an initialization vector - * for the decryption (if the encryption type of the message supports initialization vectors) - * and its contents are replaced with the last block of encrypted data in the message. + * @note @a auth_context must have a remote address set. This address will be + * used to verify the sender address in the KRB-PRIV message. If @a + * auth_context has a local address set, it will be used to verify the + * receiver address in the KRB-PRIV message if the message contains one. + * Both addresses must use type @c ADDRTYPE_ADDRPORT. * - * @a flags in @c _krb5_auth_context specify if timestamps (@c KRB5_AUTH_CONTEXT_DO_TIME) - * and sequence numbers (@c KRB5_AUTH_CONTEXT_DO_SEQUENCE, @c KRB5_AUTHCONTEXT_RET_SEQUENCE) are used. + * If the #KRB5_AUTH_CONTEXT_DO_SEQUENCE flag is set in @a auth_context, the + * sequence number of the KRB-SAFE message is checked against the remote + * sequence number field of @a auth_context. Otherwise, the sequence number is + * not used. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * If the #KRB5_AUTH_CONTEXT_DO_TIME flag is set in @a auth_context, + * then two additional checks are performed: + * @li The timestamp in the message must be within the permitted clock skew + * (which is usually five minutes). + * @li The message must not be a replayed message field in @a auth_context. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_rd_priv(krb5_context context, krb5_auth_context auth_context, @@ -3097,113 +3370,176 @@ krb5_rd_priv(krb5_context context, krb5_auth_context auth_context, krb5_replay_data *outdata); /** - * @brief Convert a single-string representation of a principal name to multi-part principal format used in the protocols. + * Convert a string principal name to a krb5_principal structure. + * + * @param [in] context Library context + * @param [in] name String representation of a principal name + * @param [out] nprincipal Principal * - * @param context Context structure [input, output] - * @param name Single string representation of a Kerberos principal name [input] - * @param nprincipal Multipart principal format used in protocols [output] + * Convert a string representation of a principal name to a krb5_principal + * structure. * - * A single-string representation of a Kerberos name consists of one - * or more principal name components, separated by slashes, optionally followed by - * the \@ character and a realm name. If the realm name is not specified, the local realm is used. + * A string representation of a Kerberos name consists of one or more principal + * name components, separated by slashes, optionally followed by the \@ + * character and a realm name. If the realm name is not specified, the local + * realm is used. * - * To use the slash and \@ symbols as part of a component (quoted) - * instead of using them as a component separator or as a realm prefix), - * put a backslash (\) character in front of the symbol. Similarly, newline, tab, backspace, and NULL characters - * can be included in a component by using @a n, @a t,@a b or @a 0, respectively. + * To use the slash and \@ symbols as part of a component (quoted) instead of + * using them as a component separator or as a realm prefix), put a backslash + * (\) character in front of the symbol. Similarly, newline, tab, backspace, + * and NULL characters can be included in a component by using @c n, @c t, @c b + * or @c 0, respectively. * - * @note The realm in a Kerberos name @a cannot contain slash, colon, or NULL characters. + * @note The realm in a Kerberos @a name cannot contain slash, colon, + * or NULL characters. * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_principal() to free @a nprincipal when it is no longer needed. * * @retval * 0 Success - * @retval - * ENOMEM Insufficient memory * @return * Kerberos error codes - * */ krb5_error_code KRB5_CALLCONV krb5_parse_name(krb5_context context, const char *name, krb5_principal *nprincipal); -#define KRB5_PRINCIPAL_PARSE_NO_REALM 0x1 -#define KRB5_PRINCIPAL_PARSE_REQUIRE_REALM 0x2 -#define KRB5_PRINCIPAL_PARSE_ENTERPRISE 0x4 +#define KRB5_PRINCIPAL_PARSE_NO_REALM 0x1 /**< Error if realm is present */ +#define KRB5_PRINCIPAL_PARSE_REQUIRE_REALM 0x2 /**< Error if realm is not present */ +#define KRB5_PRINCIPAL_PARSE_ENTERPRISE 0x4 /**< Create single-component + enterprise principle */ +/** + * Convert a string principal name to a krb5_principal with flags + * + * @param [in] context Library context + * @param [in] name String representation of a principal name + * @param [in] flags Flag + * @param [out] nprincipal Principal + * + * Similar to krb5_parse_name(), this function converts a single-string + * representation of a principal name to a krb5_principal structure. + * + * The following flags are valid: + * @li #KRB5_PRINCIPAL_PARSE_NO_REALM - no realm must be present in @a name + * @li #KRB5_PRINCIPAL_PARSE_REQUIRE_REALM - realm must be present in @a name + * @li #KRB5_PRINCIPAL_PARSE_ENTERPRISE - create single-component enterprise + * principal + * + * Use krb5_free_principal() to free @a nprincipal when it is no longer needed. + * + * @retval + * 0 Success + * @return + * Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_parse_name_flags(krb5_context context, const char *name, int flags, krb5_principal *nprincipal); /** - * @brief Convert a multipart principal name to a single-string representation of the name. + * Convert a krb5_principal structure to a string representation. * - * @param context Context structure [input, output] - * @param principal Multipart principal format used in the protocols [input] - * @param name Single string representation of a Kerberos principal name [output] + * @param [in] context Library context + * @param [in] principal Principal + * @param [out] name String representation of principal name * - * The resulting single-string representation uses the format and quoting conventions + * The resulting string representation uses the format and quoting conventions * described for krb5_parse_name(). * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_unparsed_name() to free @a name when it is no longer needed. * * @retval * 0 Success * @return * Kerberos error codes - * */ krb5_error_code KRB5_CALLCONV -krb5_unparse_name(krb5_context context, krb5_const_principal principal, register char **name); +krb5_unparse_name(krb5_context context, krb5_const_principal principal, + register char **name); /** - * @brief Convert multiple protocol format principal names to string format. + * Convert krb5_principal structure to string and length. * - * @param context Context structure [input, output] - * @param principal Multipart principal format used in the protocols [input] - * @param name Single string format of principal name [output] - * @param size Size of unparsed name buffer [output] + * @param [in] context Library context + * @param [in] principal Principal + * @param [out] name String representation of principal name + * @param [out] size Size of unparsed name * - * Make sure to free the allocated memory when it is no longer needed. + * This function is similar to krb5_unparse_name(), but also returns the length + * of the string representation. * * @retval * 0 Success * @return - * Kerberos error codes - * - * @sa kb5_unparse_name() + * Kerberos error codes. On failure @a name is set to NULL */ krb5_error_code KRB5_CALLCONV krb5_unparse_name_ext(krb5_context context, krb5_const_principal principal, char **name, unsigned int *size); -#define KRB5_PRINCIPAL_UNPARSE_SHORT 0x1 -#define KRB5_PRINCIPAL_UNPARSE_NO_REALM 0x2 -#define KRB5_PRINCIPAL_UNPARSE_DISPLAY 0x4 +#define KRB5_PRINCIPAL_UNPARSE_SHORT 0x1 /**< Omit realm if it is the local realm */ +#define KRB5_PRINCIPAL_UNPARSE_NO_REALM 0x2 /**< Omit realm always */ +#define KRB5_PRINCIPAL_UNPARSE_DISPLAY 0x4 /**< Don't escape special characters */ +/** + * Convert krb5_principal structure to a string with flags. + * + * @param [in] context Library context + * @param [in] principal Principal + * @param [in] flags Flags + * @param [out] name String representation of principal name + * + * Similar to krb5_unparse_name(), this function converts a krb5_principal + * structure to a string representation. + * + * The following flags are valid: + * @li #KRB5_PRINCIPAL_UNPARSE_SHORT - omit realm if it is the local realm + * @li #KRB5_PRINCIPAL_UNPARSE_NO_REALM - omit realm + * @li #KRB5_PRINCIPAL_UNPARSE_DISPLAY - do not quote special characters + * + * Use krb5_free_unparsed_name() to free @a name when it is no longer needed. + * + * @retval + * 0 Success + * @return + * Kerberos error codes. On failure @a name is set to NULL + */ krb5_error_code KRB5_CALLCONV krb5_unparse_name_flags(krb5_context context, krb5_const_principal principal, int flags, char **name); +/** + * Convert krb5_principal structure to string format with flags. + * + * @param [in] context Library context + * @param [in] principal Principal + * @param [in] flags Flags + * @param [out] name Single string format of principal name + * @param [out] size Size of unparsed name buffer + * + * @sa krb5_unparse_name() krb5_unparse_name_flags() krb5_unparse_name_ext() + * + * @retval + * 0 Success + * @return + * Kerberos error codes. On failure @a name is set to NULL + */ krb5_error_code KRB5_CALLCONV krb5_unparse_name_flags_ext(krb5_context context, krb5_const_principal principal, int flags, char **name, unsigned int *size); /** - * @brief Set the realm name part of @a principal to @a realm. + * Set the realm field of a principal * - * @param context Context structure [input, output] - * @param principal Principal name [input] - * @param realm Realm name [input] + * @param [in,out] context Library context + * @param [in] principal Principal name + * @param [in] realm Realm name * - * @note This function frees the previous realm of @a principal. + * Set the realm name part of @a principal to @a realm, overwriting the + * previous realm. * * @retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @retval - * ENOMEM Insufficient memory + * 0 Success * @return * Kerberos error codes */ @@ -3212,43 +3548,43 @@ krb5_set_principal_realm(krb5_context context, krb5_principal principal, const char *realm); /** - * @brief Search @a addrlist for a specified address. + * Search a list of addresses for a specified address. * - * @param context Context structure [input, output] - * @param addr Address to search for [input] - * @param addrlist Address list to be searched. Specify NULL if there is no address list [input] + * @param [in] context Library context + * @param [in] addr Address to search for + * @param [in] addrlist Address list to be searched (or NULL) * - * @retval - * TRUE @a addr is listed in @a addrlist, or @c addrlist is NULL - * @retval - * FALSE @a addr is not listed in @a addrlist + * @note If @a addrlist contains only a NetBIOS addresses, it will be treated + * as a null list. + * + * @return + * TRUE if @a addr is listed in @a addrlist, or @c addrlist is NULL; FALSE + * otherwise */ krb5_boolean KRB5_CALLCONV_WRONG krb5_address_search(krb5_context context, const krb5_address *addr, krb5_address *const *addrlist); /** - * @brief Compare two Kerberos addresses. + * Compare two Kerberos addresses. * - * @param context Context structure [input, output] - * @param addr1 First address to be compared [input] - * @param addr2 Second address to be compared [input] + * @param [in] context Library context + * @param [in] addr1 First address to be compared + * @param [in] addr2 Second address to be compared * - * @retval - * TRUE The addresses are the same - * @retval - * FALSE The addresses are different + * @return + * TRUE if the addresses are the same, FALSE otherwise */ krb5_boolean KRB5_CALLCONV krb5_address_compare(krb5_context context, const krb5_address *addr1, const krb5_address *addr2); /** - * @brief Return an ordering of the specified addresses. + * Return an ordering of the specified addresses. * - * @param context Context structure [input, output] - * @param addr1 First address [input] - * @param addr2 Second address [input] + * @param [in] context Library context + * @param [in] addr1 First address + * @param [in] addr2 Second address * * @retval * 0 The two addresses are the same @@ -3262,48 +3598,76 @@ krb5_address_order(krb5_context context, const krb5_address *addr1, const krb5_address *addr2); /** - * @brief Compare the realms of two principals. + * Compare the realms of two principals. * - * @param context Context structure [input, output] - * @param princ1 First principal [input] - * @param princ2 Second principal [input] + * @param [in] context Library context + * @param [in] princ1 First principal + * @param [in] princ2 Second principal * * @retval - * TRUE The realms are the same - * @retval - * FALSE The realms are the different + * TRUE if the realm names are the same; FALSE otherwise */ krb5_boolean KRB5_CALLCONV krb5_realm_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2); /** - * @brief Compare two principal names. + * Compare two principals. * - * @param context Context structure [input, output] - * @param princ1 First principal name [input] - * @param princ2 Second principal name [input] + * @param [in] context Library context + * @param [in] princ1 First principal + * @param [in] princ2 Second principal * * @retval - * TRUE The principal names are the same - * @retval - * FALSE The principal names are not the same + * TRUE if the principals are the same; FALSE otherwise */ krb5_boolean KRB5_CALLCONV krb5_principal_compare(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2); +/** + * Compare two principals ignoring realm components. + * + * @param [in] context Library context + * @param [in] princ1 First principal + * @param [in] princ2 Second principal + * + * Similar to krb5_principal_compare(), but do not compare the realm + * components of the principals. + * + * @retval + * TRUE if the principals are the same; FALSE otherwise + */ krb5_boolean KRB5_CALLCONV krb5_principal_compare_any_realm(krb5_context context, krb5_const_principal princ1, krb5_const_principal princ2); -#define KRB5_PRINCIPAL_COMPARE_IGNORE_REALM 1 -#define KRB5_PRINCIPAL_COMPARE_ENTERPRISE 2 /* UPNs as real principals */ -#define KRB5_PRINCIPAL_COMPARE_CASEFOLD 4 /* case-insensitive */ -#define KRB5_PRINCIPAL_COMPARE_UTF8 8 /* treat principals as UTF-8 */ +#define KRB5_PRINCIPAL_COMPARE_IGNORE_REALM 1 /**< ignore realm component */ +#define KRB5_PRINCIPAL_COMPARE_ENTERPRISE 2 /**< UPNs as real principals */ +#define KRB5_PRINCIPAL_COMPARE_CASEFOLD 4 /**< case-insensitive */ +#define KRB5_PRINCIPAL_COMPARE_UTF8 8 /**< treat principals as UTF-8 */ +/** + * Compare two principals with additional flags. + * + * @param [in] context Library context + * @param [in] princ1 First principal + * @param [in] princ2 Second principal + * @param [in] flags Flags + * + * Valid flags are: + * @li #KRB5_PRINCIPAL_COMPARE_IGNORE_REALM - ignore realm component + * @li #KRB5_PRINCIPAL_COMPARE_ENTERPRISE - UPNs as real principals + * @li #KRB5_PRINCIPAL_COMPARE_CASEFOLD case-insensitive + * @li #KRB5_PRINCIPAL_COMPARE_UTF8 - treat principals as UTF-8 + * + * @sa krb5_principal_compare() + * + * @retval + * TRUE if the principal names are the same; FALSE otherwise + */ krb5_boolean KRB5_CALLCONV krb5_principal_compare_flags(krb5_context context, krb5_const_principal princ1, @@ -3311,175 +3675,194 @@ krb5_principal_compare_flags(krb5_context context, int flags); /** - * @brief Initialize an empty @c _krb5_keyblock. + * Initialize an empty @c krb5_keyblock. * - * @param context Context structure [input, output] - * @param enctype Encryption type [input] - * @param length Length of keyblock [input] - * @param out Pointer to empty keyblock [output] + * @param [in] context Library context + * @param [in] enctype Encryption type + * @param [in] length Length of keyblock (or 0) + * @param [out] out New keyblock structure * - * Initialize a new keyblock and allocate storage - * for the contents of the key, which will be freed along - * with the keyblock when krb5_free_keyblock is called. - * It is legal to pass in a length of 0, in which - * case contents are left unallocated. - * - * Make sure to free the allocated memory when it is no longer needed. + * Initialize a new keyblock and allocate storage for the contents of the key. + * It is legal to pass in a length of 0, in which case contents are left + * unallocated. Use krb5_free_keyblock() to free @a out when it is no longer + * needed. * * @note If @a length is set to 0, contents are left unallocated. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_init_keyblock(krb5_context context, krb5_enctype enctype, size_t length, krb5_keyblock **out); /** - * @brief Copy a @c _krb5_keyblock. + * Copy a keyblock. * - * @param context Context structure [input, output] - * @param from Keyblock to be copied [input] - * @param to Pointer to copy of keyblock [output] + * @param [in] context Library context + * @param [in] from Keyblock to be copied + * @param [out] to Copy of keyblock @a from * - * Make sure to free the allocated memory when it is no longer needed. + * This function creates a new keyblock with the same contents as @a from. Use + * krb5_free_keyblock() to free @a to when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_keyblock(krb5_context context, const krb5_keyblock *from, krb5_keyblock **to); /** - * @brief Copy the contents of a keyblock. + * Copy the contents of a keyblock. * - * @param context Context structure [input, output] - * @param from Keyblock [input] - * @param to Pointer to copy of keyblock [output] + * @param [in] context Library context + * @param [in] from Key to be copied + * @param [out] to Output key * - * Make sure to free the allocated memory when it is no longer needed. + * This function copies the contents of @a from to @a to. Use + * krb5_free_keyblock_contents() to free @a to when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_keyblock_contents(krb5_context context, const krb5_keyblock *from, krb5_keyblock *to); /** - * @brief Copy a credentials structure. + * Copy a krb5_creds structure. * - * @param context Context structure [input, output] - * @param incred Credentials structure to be copied [input] - * @param outcred Pointer to copy of credentials structure [output] + * @param [in] context Library context + * @param [in] incred Credentials structure to be copied + * @param [out] outcred Copy of @a incred * - * Make sure to free the allocated memory when it is no longer needed. - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function creates a new credential with the contents of @a incred. Use + * krb5_free_creds() to free @a outcred when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_creds(krb5_context context, const krb5_creds *incred, krb5_creds **outcred); /** - * @brief Copy a Kerberos data structure. + * Copy a krb5_data object. * - * @param context Context structure [input, output] - * @param indata Data structure to be copied [input] - * @param outdata Pointer to copy of data structure [output] + * @param [in] context Library context + * @param [in] indata Data object to be copied + * @param [out] outdata Copy of @a indata * - * Make sure to free the allocated memory when it is no longer needed. - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function creates a new krb5_data object with the contents of @a indata. + * Use krb5_free_data() to free @a outdata when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_data(krb5_context context, const krb5_data *indata, krb5_data **outdata); /** - * @brief Copy a @c _krb5_principal structure. + * Copy a principal. * - * @param context Context structure [input, output] - * @param inprinc Principal to be copied [input] - * @param outprinc Pointer to copy of principal [output] + * @param [in] context Library context + * @param [in] inprinc Principal to be copied + * @param [out] outprinc Copy of @a inprinc * - * Make sure to free the allocated memory when it is no longer needed. + * This function creates a new principal structure with the contents of @a + * inprinc. Use krb5_free_principal() to free @a outprinc when it is no longer + * needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_principal(krb5_context context, krb5_const_principal inprinc, krb5_principal *outprinc); /** - * @brief Copy an array of addresses. + * Copy an array of addresses. * - * @param context Context structure [input, output] - * @param inaddr Array of addresses to be copied [input] - * @param outaddr Pointer to copy of array of addresses [output] + * @param [in] context Library context + * @param [in] inaddr Array of addresses to be copied + * @param [out] outaddr Copy of array of addresses * - * Make sure to free the allocated memory when it is no longer needed. + * This function creates a new address array containing a copy of @a inaddr. + * Use krb5_free_addresses() to free @a outaddr when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_addresses(krb5_context context, krb5_address *const *inaddr, krb5_address ***outaddr); /** - * @brief Copy a krb5_ticket structure. + * Copy a krb5_ticket structure. * - * @param context Context structure [input, output] - * @param from Ticket structure to be copied [input] - * @param pto Pointer to copy of ticket structure [output] + * @param [in] context Library context + * @param [in] from Ticket to be copied + * @param [out] pto Copy of ticket * - * Make sure to free the allocated memory when it is no longer needed. + * This function creates a new krb5_ticket structure containing the contents of + * @a from. Use krb5_free_ticket() to free @a pto when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_ticket(krb5_context context, const krb5_ticket *from, krb5_ticket **pto); /** - * @brief Copy an array of authentication data structures. + * Copy an authorization data list. * - * @param context Context structure [input, output] - * @param in_authdat Array of @a authdata structures [input] - * @param out Pointer to copy of array of @a authdata structures [output] + * @param [in] context Library context + * @param [in] in_authdat List of @a krb5_authdata structures + * @param [out] out New array of @a krb5_authdata structures * - * Make sure to free the allocated memory when it is no longer needed. + * This function creates a new authorization data list containing a copy of @a + * in_authdat, which must be null-terminated. Use krb5_free_authdata() to free + * @a out when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @note The last array entry in @a in_authdat must be a NULL pointer. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_authdata(krb5_context context, krb5_authdata *const *in_authdat, krb5_authdata ***out); -/** @brief Merge two authdata arrays +/** + * Find authorization data elements. + * + * @param [in] context Library context + * @param [in] ticket_authdata Authorization data list from ticket + * @param [in] ap_req_authdata Authorization data list from AP request + * @param [in] ad_type Authorization data type to find + * @param [out] results List of matching entries + * + * This function searches @a ticket_authdata and @a ap_req_authdata for + * elements of type @a ad_type. Either input list may be NULL, in which case + * it will not be searched; otherwise, the input lists must be terminated by + * NULL entries. This function will search inside AD-IF-RELEVANT containers if + * found in either list. Use krb5_free_authdata() to free @a results when it + * is no longer needed. + * + * @version First introduced in 1.10 + */ +krb5_error_code KRB5_CALLCONV +krb5_find_authdata(krb5_context context, krb5_authdata *const *ticket_authdata, + krb5_authdata *const *ap_req_authdata, + krb5_authdatatype ad_type, krb5_authdata ***results); + +/** + * Merge two authorization data lists into a new list. + * + * @param [in] context Library context + * @param [in] inauthdat1 First list of @a krb5_authdata structures + * @param [in] inauthdat2 Second list of @a krb5_authdata structures + * @param [out] outauthdat Merged list of @a krb5_authdata structures * * Merge two authdata arrays, such as the array from a ticket * and authenticator. + * Use krb5_free_authdata() to free @a outauthdat when it is no longer needed. + * + * @note The last array entry in @a inauthdat1 and @a inauthdat2 + * must be a NULL pointer. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_merge_authdata(krb5_context context, @@ -3488,79 +3871,79 @@ krb5_merge_authdata(krb5_context context, krb5_authdata ***outauthdat); /** - * @brief Copy a @c _krb5_authenticator structure. - * - * @param context Context structure [input, output] - * @param authfrom Authentication structure to be copied [input] - * @param authto Copy of authentication structure [output] + * Copy a krb5_authenticator structure. * - * Make sure to free the allocated memory when it is no longer needed. + * @param [in] context Library context + * @param [in] authfrom krb5_authenticator structure to be copied + * @param [out] authto Copy of krb5_authenticator structure * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function creates a new krb5_authenticator structure with the content of + * @a authfrom. Use krb5_free_authenticator() to free @a authto when it is no + * longer needed. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_authenticator(krb5_context context, const krb5_authenticator *authfrom, krb5_authenticator **authto); /** - * @brief Copy a @c _krb5_checksum structure. + * Copy a krb5_checksum structure. * - * @param context Context structure [input, output] - * @param ckfrom Checksum to be copied [input] - * @param ckto Pointer to copy of checksum [output] + * @param [in] context Library context + * @param [in] ckfrom Checksum to be copied + * @param [out] ckto Copy of krb5_checksum structure * - * Make sure to free the allocated memory when it is no longer needed. + * This function creates a new krb5_checksum structure with the contents of @a + * ckfrom. Use krb5_free_checksum() to free @a ckto when it is no longer + * needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_copy_checksum(krb5_context context, const krb5_checksum *ckfrom, krb5_checksum **ckto); /** - * @brief Open a replay cache for server use. + * Generate a replay cache object for server use and open it. * - * @param context Context structure [input, output] - * @param piece Unique identifier for replay cache [input] - * @param rcptr Handle to an open rcache [output] + * @param [in] context Library context + * @param [in] piece Unique identifier for replay cache + * @param [out] rcptr Handle to an open rcache * - * Make sure to free the allocated memory when it is no longer needed. + * This function generates a replay cache name based on @a piece and opens a + * handle to it. Typically @a piece is the first component of the service + * principal name. Use krb5_rc_close() to close @a rcptr when it is no longer + * needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_get_server_rcache(krb5_context context, const krb5_data *piece, krb5_rcache *rcptr); -/** Build a principal name using length-counted strings. +/** + * Build a principal name using length-counted strings. * - * @param [in] context Context structure + * @param [in] context Library context * @param [out] princ Principal name * @param [in] rlen Realm name length * @param [in] realm Realm name - * @param [in] ... List of arguments specifying length and content for each argument - * - * Call krb5_free_principal() to free allocated memory for principal when it is no longer needed. + * @param [in] ... List of unsigned int/char * components, followed by 0 * - * @note krb5_build_principal() and krb5_build_principal_va() perform the same task. - * krb5_build_principal() takes variadic arguments. - * krb5_build_principal_va() takes a pre-computed @a varargs pointer. + * This function creates a principal from a length-counted string and a + * variable-length list of length-counted components. The list of components + * ends with the first 0 length argument (so it is not possible to specify an + * empty component with this function). Call krb5_free_principal() to free + * allocated memory for principal when it is no longer needed. * * @code * Example of how to build principal WELLKNOWN/ANONYMOUS@R * krb5_build_principal_ext(context, &principal, strlen("R"), "R", - * strlen(KRB5_WELLKNOWN_NAMESTR), KRB5_WELLKNOWN_NAMESTR, - * strlen(KRB5_ANONYMOUS_PRINCSTR), KRB5_ANONYMOUS_PRINCSTR, 0); + * (unsigned int)strlen(KRB5_WELLKNOWN_NAMESTR), + * KRB5_WELLKNOWN_NAMESTR, + * (unsigned int)strlen(KRB5_ANONYMOUS_PRINCSTR), + * KRB5_ANONYMOUS_PRINCSTR, 0); * @endcode * * @retval @@ -3572,19 +3955,20 @@ krb5_error_code KRB5_CALLCONV_C krb5_build_principal_ext(krb5_context context, krb5_principal * princ, unsigned int rlen, const char * realm, ...); -/** Build a principal name using null-terminated strings. +/** + * Build a principal name using null-terminated strings. * - * @param [in] context Context structure - * @param [out] princ Principal name - * @param [in] rlen Realm name length - * @param [in] realm Realm name - * @param [in] ... List of len1, sl1, len2, sl2... + * @param [in] context Library context + * @param [out] princ Principal name + * @param [in] rlen Realm name length + * @param [in] realm Realm name + * @param [in] ... List of char * components, ending with NULL * - * Call krb5_free_principal() to free allocated memory for principal when it is no longer needed. + * Call krb5_free_principal() to free @a princ when it is no longer needed. * - * @note krb5_build_principal() and krb5_build_principal_va() perform the same task. - * krb5_build_principal() takes variadic arguments. - * krb5_build_principal_va() takes a pre-computed @a varargs pointer. + * @note krb5_build_principal() and krb5_build_principal_alloc_va() perform the + * same task. krb5_build_principal() takes variadic arguments. + * krb5_build_principal_alloc_va() takes a pre-computed @a varargs pointer. * * @code * Example of how to build principal H/S@R @@ -3607,25 +3991,7 @@ krb5_build_principal(krb5_context context, #endif ; #if KRB5_DEPRECATED -/** Build a principal name, using a precomputed @c va_list. - * - * @param [in] context Context structure - * @param [out] princ Principal structure - * @param [in] rlen Realm name length - * @param [in] realm Realm name - * @param [in] ap @c va_list of argument - * - * @note krb5_build_principal() and krb5_build_principal_va() perform the same task. - * krb5_build_principal() takes variadic arguments. - * krb5_build_principal_va() takes a pre-computed @a varargs pointer. - * - * Call krb5_free_principal() to free allocated memory for principal when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes - */ +/** @deprecated Replaced by krb5_build_principal_alloc_va(). */ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_build_principal_va(krb5_context context, krb5_principal princ, @@ -3634,19 +4000,20 @@ krb5_build_principal_va(krb5_context context, va_list ap); #endif -/** Build a principal name, using a precomputed variable argument list +/** + * Build a principal name, using a precomputed variable argument list * - * @param [in] context Context structure - * @param [out] princ Principal structure. Locally allocated. - * @param [in] rlen Realm name length - * @param [in] realm Realm name - * @param [in] ap @c va_list of arguments + * @param [in] context Library context + * @param [out] princ Principal structure + * @param [in] rlen Realm name length + * @param [in] realm Realm name + * @param [in] ap List of char * components, ending with NULL * - * Similar to krb5_build_principal() this function builds a principal name, - * but its name components are specified as va_list. + * Similar to krb5_build_principal(), this function builds a principal name, + * but its name components are specified as a va_list. * - * Make sure to call krb5_free_principal() to deallocate the principal - * when it is no longer needed. + * Use krb5_free_principal() to deallocate @a princ when it is no longer + * needed. * * @code * Function usage example: @@ -3669,18 +4036,20 @@ krb5_build_principal_alloc_va(krb5_context context, va_list ap); /** - * @brief Convert a Kerberos v4 principal to a Kerberos v5 principal. + * Convert a Kerberos V4 principal to a Kerberos V5 principal. * - * @param context Context structure [input, output] - * @param name Kerberos v4 name [input] - * @param instance Kerberos v4 instance [input] - * @param realm Kerberos v4 realm [input] - * @param princ Kerberos v5 principal name [output] + * @param [in] context Library context + * @param [in] name V4 name + * @param [in] instance V4 instance + * @param [in] realm Realm + * @param [out] princ V5 principal * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function builds a @a princ from V4 specification based on given input + * @a name.instance\@realm. + * + * Use krb5_free_principal() to free @a princ when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_425_conv_principal(krb5_context context, const char *name, @@ -3688,13 +4057,16 @@ krb5_425_conv_principal(krb5_context context, const char *name, krb5_principal *princ); /** - * @brief Convert a Kerberos v.5 principal to a Kerberos v.4 principal. + * Convert a Kerberos V5 principal to a Kerberos V4 principal. * - * @param context Context structure [input, output] - * @param princ Principal [input] - * @param name Principal's name [output] - * @param inst Principal's instance name [output] - * @param realm Principal's realm name [output] + * @param [in] context Library context + * @param [in] princ V5 Principal + * @param [out] name V4 principal's name to be filled in + * @param [out] inst V4 principal's instance name to be filled in + * @param [out] realm Principal's realm name to be filled in + * + * This function separates a V5 principal @a princ into @a name, @a instance, + * and @a realm. * * @retval * 0 Success @@ -3704,7 +4076,6 @@ krb5_425_conv_principal(krb5_context context, const char *name, * KRB5_CONFIG_CANTOPEN Can't open or find Kerberos configuration file * @return * Kerberos error codes - * */ krb5_error_code KRB5_CALLCONV krb5_524_conv_principal(krb5_context context, krb5_const_principal princ, @@ -3715,16 +4086,11 @@ krb5_524_conv_principal(krb5_context context, krb5_const_principal princ, struct credentials; /** - * @brief Convert a Kerberos v.5 principal to a Kerberos v.4 principal. + * Convert a Kerberos V5 credentials to a Kerberos V4 credentials * - * @param context Context structure [input, output] - * @param v5creds Version 5 credentials [input] - * @param v4creds Version 4 credentials Principal's name [output] + * @note Not implemented * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval KRB524_KRB4_DISABLED (always) */ int KRB5_CALLCONV krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds, @@ -3737,17 +4103,19 @@ krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds, /* libkt.spec */ -/** Get a handle for a key table. +/** + * Get a handle for a key table. * - * @param [in] context Context structure - * @param [in] name Name of the key table - * @param [out] ktid Key table handle + * @param [in] context Library context + * @param [in] name Name of the key table + * @param [out] ktid Key table handle * - * Resolve the key table name @a name and fill in a handle identifying the key table. - * The key table is not opened. + * Resolve the key table name @a name and fill in a handle identifying the key + * table. The key table is not opened. * - * @note @a name must be of the form @c type:residual, where @a type must be a type known - * to the library and @a residual portion should be specific to the particular keytab type. + * @note @a name must be of the form @c type:residual, where @a type must be a + * type known to the library and @a residual portion should be specific to the + * particular keytab type. * * @sa krb5_kt_close() * @@ -3763,17 +4131,15 @@ krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds, krb5_error_code KRB5_CALLCONV krb5_kt_resolve(krb5_context context, const char *name, krb5_keytab *ktid); -/** Get default key table name. +/** + * Get default key table name. * - * @param [in] context Context structure - * @param [in,out] name Key table name to be resolved - * @param [in] name_size Size of @a name to return + * @param [in] context Library context + * @param [in,out] name Key table name to be resolved + * @param [in] name_size Size of @a name to return * - * Fill @a name with the first @a name_size bytes of the name of the - * default key table for the current user. The name is obtained either - * from the environment variable KRB5_KTNAME or from @a default_keytab_name - * entry in @a libdefaults section of krb5 configuration file or - * falls back on the default keytab name for the OS. + * Fill @a name with the first @a name_size bytes of the name of the default + * key table for the current user. * * @sa MAX_KEYTAB_NAME_LEN * @@ -3787,10 +4153,11 @@ krb5_kt_resolve(krb5_context context, const char *name, krb5_keytab *ktid); krb5_error_code KRB5_CALLCONV krb5_kt_default_name(krb5_context context, char *name, int name_size); -/** Resolve default key table. +/** + * Resolve default key table. * - * @param [in] context Context structure - * @param [in,out] id Key table handle + * @param [in] context Library context + * @param [in,out] id Key table handle * * Fill @a keytab with the default key table's @a handle. * @@ -3803,24 +4170,19 @@ krb5_error_code KRB5_CALLCONV krb5_kt_default(krb5_context context, krb5_keytab *id); /** - * @brief Free the contents of a key table entry. + * Free the contents of a key table entry. * - * @param context Context structure [input, output] - * @param entry Key table entry whose contents are to be freed [input, output] + * @param [in] context Library context + * @param [in] entry Key table entry whose contents are to be freed * * @note The pointer is not freed. - * @retval - * 0 Success - * @return - * Kerberos error codes + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV -krb5_free_keytab_entry_contents (krb5_context context, krb5_keytab_entry *entry); +krb5_free_keytab_entry_contents(krb5_context context, krb5_keytab_entry *entry); -/** - * @warning Use krb5_free_keytab_entry_contents instead; this does the same thing but is - * misnamed and retained for backward compatability. - */ +/** @deprecated Use krb5_free_keytab_entry_contents instead. */ krb5_error_code KRB5_CALLCONV krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *entry); @@ -3829,14 +4191,14 @@ krb5_kt_free_entry(krb5_context context, krb5_keytab_entry *entry); if not a writable keytab */ /** - * @brief Remove an entry from a key table. + * Remove an entry from a key table. * - * @param context Context structure [input, output] - * @param id Key table handle [input] - * @param entry Entry to remove from key table [input] + * @param [in] context Library context + * @param [in] id Key table handle + * @param [in] entry Entry to remove from key table * * @retval - * 0 Success + * 0 Success * @retval * KRB5_KT_NOWRITE Key table is not writable * @return @@ -3846,11 +4208,11 @@ krb5_error_code KRB5_CALLCONV krb5_kt_remove_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry); /** - * @brief Add a new entry to a key table. + * Add a new entry to a key table. * - * @param context Context structure [input, output] - * @param id Key table handle [input] - * @param entry Entry to be added [input] + * @param [in] context Library context + * @param [in] id Key table handle + * @param [in] entry Entry to be added * * @retval * 0 Success @@ -3865,16 +4227,13 @@ krb5_error_code KRB5_CALLCONV krb5_kt_add_entry(krb5_context context, krb5_keytab id, krb5_keytab_entry *entry); /** - * @brief Convert a principal name into the default salt for that principal. + * Convert a principal name into the default salt for that principal. * - * @param context Context structure [input, output] - * @param pr Principal name [input] - * @param ret Pointer to the default salt for given principal [output] + * @param [in] context Library context + * @param [in] pr Principal name + * @param [out] ret Default salt for @a pr to be filled in * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV_WRONG krb5_principal2salt(krb5_context context, @@ -3883,18 +4242,17 @@ krb5_principal2salt(krb5_context context, /* libcc.spec */ -/** Resolve a credentials cache name. - * - * @param [in] context Context structure - * @param [in] name Credentials cache name to be resolved - * @param [out] cache Credentials cache handle +/** + * Resolve a credential cache name. * - * Fills in @a cache with a @a cache handle that corresponds to the name in @a name. - * @a name should be of the form @c type:residual, - * and @a type must be a type known to the library. - * If the @a name does not contain a colon, interpret it as a file name. + * @param [in] context Library context + * @param [in] name Credential cache name to be resolved + * @param [out] cache Credential cache handle * - * @li When necessary to accommodate file naming differences in @a OpenVMS, the type specifier prefix can be followed by an equal sign, not a colon. + * Fills in @a cache with a @a cache handle that corresponds to the name in @a + * name. @a name should be of the form @c type:residual, and @a type must be a + * type known to the library. If the @a name does not contain a colon, + * interpret it as a file name. * * @code * Example: krb5_cc_resolve(context, "MEMORY:C_", &cache); @@ -3908,11 +4266,12 @@ krb5_principal2salt(krb5_context context, krb5_error_code KRB5_CALLCONV krb5_cc_resolve(krb5_context context, const char *name, krb5_ccache *cache); -/** Duplicate ccache handle. +/** + * Duplicate ccache handle. * - * @param [in] context Context structure - * @param [in] in Credentials cache handle to be duplicated - * @param [out] out Credentials cache handle + * @param [in] context Library context + * @param [in] in Credential cache handle to be duplicated + * @param [out] out Credential cache handle * * Create a new handle referring to the same cache as @a in. * The new handle and @a in can be closed independently. @@ -3920,35 +4279,28 @@ krb5_cc_resolve(krb5_context context, const char *name, krb5_ccache *cache); krb5_error_code KRB5_CALLCONV krb5_cc_dup(krb5_context context, krb5_ccache in, krb5_ccache *out); -/** Return the name of the default credentials cache. +/** + * Return the name of the default credential cache. * - * @param [in] context Context structure + * @param [in] context Library context * - * Try the environment variable KRB5CCNAME first then, if it is not set, + * Try the environment variable @a KRB5CCNAME first then, if it is not set, * fall back on the default ccache name for the OS. * * @return - * Name of default credentials cache for the current user. + * Name of default credential cache for the current user. */ const char *KRB5_CALLCONV krb5_cc_default_name(krb5_context context); /** - * @brief Set the default credentials cache name. - * - * @param context Context structure [input, output] - * @param name Default credentials cache name [input, output] - * - * Passing a null pointer for @a name reverts the default credentials cache name to the system default. + * Set the default credential cache name. * - * @note For OpenVMS only: - * If a default name is not passed in the argument @a name, the default name is the - * first valid entry of the following values: - * @li @c KRB5CCNAME logical name - * @li the file @c krb5cc_\ in a [@c .TMP] directory in the user's login directory - * (where \<@c PID\> is the user's process ID). + * @param [in,out] context Library context + * @param [in] name Default credential cache name * - * @note The @a KRB5CCNAME logical name cannot be defined as a system-wide logical name. + * This function frees the old default credential cache name and then sets it + * to @a name. * * @retval * 0 Success @@ -3960,17 +4312,19 @@ krb5_cc_default_name(krb5_context context); krb5_error_code KRB5_CALLCONV krb5_cc_set_default_name(krb5_context context, const char *name); -/** Resolve the default crendentials cache name. +/** + * Resolve the default crendentials cache name. * - * @param [in,out] context Context structure - * @param [out] ccache Pointer to credentials cache name + * @param [in,out] context Library context + * @param [out] ccache Pointer to credential cache name * * @retval * 0 Success * @retval * KV5M_CONTEXT Bad magic number for @c _krb5_context structure * @retval - * KRB5_FCC_INTERNAL The name of the default credentials cache cannot be obtained + * KRB5_FCC_INTERNAL The name of the default credential cache cannot be + * obtained * @return * Kerberos error codes */ @@ -3978,39 +4332,28 @@ krb5_error_code KRB5_CALLCONV krb5_cc_default(krb5_context context, krb5_ccache *ccache); /** - * @brief Copy a credentials cache. - * - * @param context Context structure [input, output] - * @param incc Credentials cache to be copied [input] - * @param outcc Copy of credentials cache [output] + * Copy a credential cache. * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @param [in] context Library context + * @param [in] incc Credential cache to be copied + * @param [out] outcc Copy of credential cache to be filled in * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_cc_copy_creds(krb5_context context, krb5_ccache incc, krb5_ccache outcc); -/** Get some configuration for the credential cache in the cache. +/** + * Get a configuration value from a credential cache. * - * @param context a Keberos context [input] - * @param id the credential cache to store the data for [input] - * @param principal configuration for a specific principal, if NULL, global for the whole cache.[input] - * @param key name under which the configuraion is stored [input] - * @param data data to be fetched; free with krb5_free_data_contents() [input,output] + * @param [in] context Library context + * @param [in] id Credential cache handle + * @param [in] principal Configuration for this principal; + * if NULL, global for the whole cache + * @param [in] key Name of config variable + * @param [out] data Data to be fetched * - * @code - * Example: - * krb5_data config_data; - * config_data.data = NULL; - * krb5_cc_get_config(context, ccache, target_principal, key, &config_data); - * ... - * krb5_free_data_contents(context, &config_data); - * @endcode + * Use krb5_free_data_contents() to free @a data when it is no longer needed. * * @retval * 0 Success @@ -4022,16 +4365,20 @@ krb5_cc_get_config(krb5_context context, krb5_ccache id, krb5_const_principal principal, const char *key, krb5_data *data); -/** Store some configuration for the credential cache in the cache. +/** + * Store a configuration value in a credential cache. * - * @param [in,out] context a Keberos context - * @param [in] id the credential cache to store the data for. - * @param [in] principal configuration for a specific principal; if NULL, global for the whole cache. - * @param [in] key name under which the configuraion is stored. - * @param [in] data data to store. If NULL, old configuration is removed. + * @param [in] context Library context + * @param [in] id Credential cache handle + * @param [in] principal Configuration for a specific principal; + * if NULL, global for the whole cache + * @param [in] key Name of config variable + * @param [in] data Data to store, or NULL to remove * * @note Existing configuration under the same key is over-written. * + * @warning Before version 1.10 @a data was assumed to be always non-null. + * * @retval * 0 Success * @return @@ -4042,221 +4389,322 @@ krb5_cc_set_config(krb5_context context, krb5_ccache id, krb5_const_principal principal, const char *key, krb5_data *data); -/** Test whether a principal is a configuration principal. +/** + * Test whether a principal is a configuration principal. * - * @param context a Keberos context [input] - * @param principal principal to check if it a configuration principal [input] + * @param [in] context Library context + * @param [in] principal Principal to check * - * @return Return TRUE (non zero) if the principal is a configuration - * principal (generated part of krb5_cc_set_config()). Returns - * FALSE (zero) if not a configuration principal. + * @return + * @c TRUE if the principal is a configuration principal (generated part of + * krb5_cc_set_config()); @c FALSE otherwise. */ krb5_boolean KRB5_CALLCONV krb5_is_config_principal(krb5_context context, krb5_const_principal principal); -/* krb5_free.c */ -/** Free a principal structure. +/** + * Make a credential cache the primary cache for its collection. + * + * @param [in] context Library context + * @param [in] cache Credential cache handle + * + * If the type of @a cache supports it, set @a cache to be the primary + * credential cache for the collection it belongs to. + * + * @retval + * 0 Success, or the type of @a cache doesn't support switching + * @return + * Kerberos error codes + */ +krb5_error_code KRB5_CALLCONV +krb5_cc_switch(krb5_context context, krb5_ccache cache); + +/** + * Determine whether a credential cache type supports switching. + * + * @param [in] context Library context + * @param [in] type Credential cache type + * + * @version First introduced in 1.10 + * + * @retval TRUE if @a type supports switching + * @retval FALSE if it does not or is not a valid credential cache type. + */ +krb5_boolean KRB5_CALLCONV +krb5_cc_support_switch(krb5_context context, const char *type); + +/** + * Find a credential cache with a specified client principal. + * + * @param [in] context Library context + * @param [in] client Client principal + * @param [out] cache_out Credential cache handle + * + * Find a cache within the collection whose default principal is @a client. + * Use @a krb5_cc_close to close @a ccache when it is no longer needed. + * + * @retval 0 Success + * @retval KRB5_CC_NOTFOUND + * + * @sa krb5_cccol_cursor_new * - * @param [in] context Context structure - * @param [in] val Pointer to data structure to be freed + * @version First introduced in 1.10 + */ +krb5_error_code KRB5_CALLCONV +krb5_cc_cache_match(krb5_context context, krb5_principal client, + krb5_ccache *cache_out); + +/** + * Select a credential cache to use with a server principal. + * + * @param [in] context Library context + * @param [in] server Server principal + * @param [out] cache_out Credential cache handle + * @param [out] princ_out Client principal + * + * Select a cache within the collection containing credentials most appropriate + * for use with @a server, according to configured rules and heuristics. + * + * Use krb5_cc_close() to release @a cache_out when it is no longer needed. + * Use krb5_free_principal() to release @a princ_out when it is no longer + * needed. Note that @a princ_out is set in some error conditions. + * + * @return + * If an appropriate cache is found, 0 is returned, @a cache_out is set to the + * selected cache, and @a princ_out is set to the default principal of that + * cache. + * + * If the appropriate client principal can be authoritatively determined but + * the cache collection contains no credentials for that principal, then + * KRB5_CC_NOTFOUND is returned, @a cache_out is set to NULL, and @a princ_out + * is set to the appropriate client principal. + * + * If no configured mechanism can determine the appropriate cache or principal, + * KRB5_CC_NOTFOUND is returned and @a cache_out and @a princ_out are set to + * NULL. + * + * Any other error code indicates a fatal error in the processing of a cache + * selection mechanism. + * + * @version First introduced in 1.10 + */ +krb5_error_code KRB5_CALLCONV +krb5_cc_select(krb5_context context, krb5_principal server, + krb5_ccache *cache_out, krb5_principal *princ_out); + +/* krb5_free.c */ +/** + * Free the storage assigned to a principal. * + * @param [in] context Library context + * @param [in] val Principal to be freed */ void KRB5_CALLCONV krb5_free_principal(krb5_context context, krb5_principal val); -/** Free an authenticator structure, including its pointer. +/** + * Free a krb5_authenticator structure. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Authenticator structure to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_authenticator(krb5_context context, krb5_authenticator *val); -/** Free an array of addresses and its pointer. +/** + * Free the data stored in array of addresses. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input,output] + * @param [in] context Library context + * @param [in] val Array of addresses to be freed * - * @return - * None + * This function frees the contents of @a val and the array itself. + * + * @note The last entry in the array must be a NULL pointer. */ void KRB5_CALLCONV krb5_free_addresses(krb5_context context, krb5_address **val); -/** Free an @c _krb5_auth_data structure. +/** + * Free the storage assigned to array of authentication data. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Array of authentication data to be freed * - * @return - * None + * This function frees the contents of @a val and the array itself. + * + * @note The last entry in the array must be a NULL pointer. */ void KRB5_CALLCONV krb5_free_authdata(krb5_context context, krb5_authdata **val); -/** Free a ticket. +/** + * Free a ticket. * - * @param context Context structure [input, output] - * @param val Pointer to the data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Ticket to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_ticket(krb5_context context, krb5_ticket *val); -/** Free an error allocated by either krb5_read_error() or krb5_sendauth(). +/** + * Free an error allocated by krb5_read_error() or krb5_sendauth(). * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Error data structure to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_error(krb5_context context, register krb5_error *val); -/** Free a credentials structure and invalidate its pointer. +/** + * Free a krb5_creds structure. * - * @param [in] context Context structure - * @param [in] val Pointer to data structure to be freed + * @param [in] context Library context + * @param [in] val Credential structure to be freed. * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_creds(krb5_context context, krb5_creds *val); -/** Zero out the session key and free the credentials structure. - * - * @param [in] context Context structure - * @param [in] val Pointer to the data structure to be freed +/** + * Free the contents of a krb5_creds structure. * - * @note The pointer val is not freed. + * @param [in] context Library context + * @param [in] val Credential structure to free contents of * - * @return - * None + * This function frees the contents of @a val, but not the structure itself. */ void KRB5_CALLCONV krb5_free_cred_contents(krb5_context context, krb5_creds *val); -/** Free a @a checksum structure and its pointer. +/** + * Free a krb5_checksum structure. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Checksum structure to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_checksum(krb5_context context, register krb5_checksum *val); -/** Free the contents of a @a checksum structure. - * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] +/** + * Free the contents of a krb5_checksum structure. * - * @note The pointer is not freed. + * @param [in] context Library context + * @param [in] val Checksum structure to free contents of * - * @return - * None + * This function frees the contents of @a val, but not the structure itself. */ void KRB5_CALLCONV krb5_free_checksum_contents(krb5_context context, register krb5_checksum *val); -/** Free the pointer @a val and zero the contents of the keyblock. +/** + * Free a krb5_keyblock structure. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Keyblock to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_keyblock(krb5_context context, register krb5_keyblock *val); -/** Free the contents of a keyblock. +/** + * Free the contents of a krb5_keyblock structure. * - * @param context Context structure [input, output] - * @param key Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] key Keyblock to be freed * - * @note The pointer is not freed. - * - * @return - * None + * This function frees the contents of @a key, but not the structure itself. */ void KRB5_CALLCONV krb5_free_keyblock_contents(krb5_context context, register krb5_keyblock *key); -/** Free the subkey keyblock (if set)and its pointer. +/** + * Free a krb5_ap_rep_enc_part structure. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val AP-REP enc part to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_ap_rep_enc_part(krb5_context context, krb5_ap_rep_enc_part *val); -/** Free storage associated with a @c krb5_data structure and its pointer. +/** + * Free a krb5_data structure. * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] + * @param [in] context Library context + * @param [in] val Data structure to be freed * - * @return - * None + * This function frees the contents of @a val and the structure itself. */ void KRB5_CALLCONV krb5_free_data(krb5_context context, krb5_data *val); -/** Free the contents of a @c _krb5_data structure and zero the data field. - * - * @param context Context structure [input, output] - * @param val Pointer to data structure to be freed [input, output] +/* Free a krb5_octet_data structure (should be unused). */ +void KRB5_CALLCONV +krb5_free_octet_data(krb5_context context, krb5_octet_data *val); + +/** + * Free the contents of a krb5_data structure and zero the data field. * - * @note The pointer is not freed. + * @param [in] context Library context + * @param [in] val Data structure to free contents of * - * @return - * None + * This function frees the contents of @a val, but not the structure itself. */ void KRB5_CALLCONV krb5_free_data_contents(krb5_context context, krb5_data *val); -/** Free a simple character name string returned by krb5_unparse_name(). - * - * @param context Context structure [input, output] - * @param val Pointer to name string to be freed [input, output] +/** + * Free a string representation of a principal. * - * @note The pointer is not freed. - * @return - * None + * @param [in] context Library context + * @param [in] val Name string to be freed */ void KRB5_CALLCONV krb5_free_unparsed_name(krb5_context context, char *val); -/** Free an array of checksum types. +/** + * Free a string allocated by a krb5 function. * - * @param context Context structure [input, output] - * @param val Pointer to checksum type to be freed [input, output] + * @param [in] context Library context + * @param [in] val String to be freed * - * @note Make sure the checksum contents have already been freed. - * @return - * None + * @version First introduced in 1.10 + */ +void KRB5_CALLCONV +krb5_free_string(krb5_context context, char *val); + +/** + * Free an array of checksum types. + * + * @param [in] context Library context + * @param [in] val Array of checksum types to be freed */ void KRB5_CALLCONV krb5_free_cksumtypes(krb5_context context, krb5_cksumtype *val); -/* From krb5/os but needed but by the outside world */ +/* From krb5/os, but needed by the outside world */ /** - * @brief Retrieve the system time of day, in seconds and microseconds, since the local system's epoch. + * Retrieve the system time of day, in sec and ms, since the epoch. * - * @param context Context structure [input] - * @param seconds System timeofday, seconds portion [output] - * @param microseconds System timeofday, microseconds portion [output] + * @param [in] context Library context + * @param [out] seconds System timeofday, seconds portion + * @param [out] microseconds System timeofday, microseconds portion + * + * This function retrieves the system time of day with the context + * specific time offset adjustment. + * + * @sa krb5_crypto_us_timeofday() * * @retval * 0 Success @@ -4264,15 +4712,17 @@ krb5_free_cksumtypes(krb5_context context, krb5_cksumtype *val); * Kerberos error codes */ krb5_error_code KRB5_CALLCONV -krb5_us_timeofday(krb5_context context, krb5_timestamp *seconds, krb5_int32 *microseconds); +krb5_us_timeofday(krb5_context context, + krb5_timestamp *seconds, krb5_int32 *microseconds); /** - * @brief Get the @a timeofday value for the specified timestamp. + * Retrieve the current time with context specific time offset adjustment. * - * @param context Context structure [input, output] - * @param timeret Pointer to @a timeofday field in timestamp + * @param [in] context Library context + * @param [in,out] timeret Timestamp to fill in * - * Make sure to free the allocated memory when it is no longer needed. + * This function retrieves the system time of day with the context specific + * time offset adjustment. * * @retval * 0 Success @@ -4282,33 +4732,47 @@ krb5_us_timeofday(krb5_context context, krb5_timestamp *seconds, krb5_int32 *mic krb5_error_code KRB5_CALLCONV krb5_timeofday(krb5_context context, register krb5_timestamp *timeret); -/* get all the addresses of this host */ /** - * @brief Return all protocol addresses for this host. + * Check if a timestamp is within the allowed clock skew of the current time. * - * @param context Context structure [input, output] - * @param addr Pointer to array of address pointers [output] + * @param [in] context Library context + * @param [in] date Timestamp to check * - * Compile-time configuration flags indicate which protocol family addresses - * can be returned. + * This function checks if @a date is close enough to the current time + * according to the configured allowable clock skew. * - * Make sure to free the allocated memory when it is no longer needed. + * @version First introduced in 1.10 * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success + * @retval KRB5KRB_AP_ERR_SKEW @a date is not within allowable clock skew + */ +krb5_error_code KRB5_CALLCONV +krb5_check_clockskew(krb5_context context, krb5_timestamp date); + +/** + * Return all interface addresses for this host. + * + * @param [in] context Library context + * @param [out] addr Array of krb5_address pointers, ending with + * NULL + * + * Use krb5_free_addresses() to free @a addr when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_os_localaddr(krb5_context context, krb5_address ***addr); /** - * @brief Retrieve the default realm. + * Retrieve the default realm. * - * @param context Context structure [input, output] - * @param lrealm Pointer to default realm [output] + * @param [in] context Library context + * @param [out] lrealm Default realm name * - * Make sure to free the allocated memory when it is no longer needed. + * Retrieves the default realm to be used if no user-specified realm is + * available. + * + * Use krb5_free_default_realm() to free @a lrealm when it is no longer needed. * * @retval * 0 Success @@ -4319,12 +4783,12 @@ krb5_error_code KRB5_CALLCONV krb5_get_default_realm(krb5_context context, char **lrealm); /** - * @brief Set the default realm. + * Override the default realm for the specified context. * - * @param context Context structure [input, output] - * @param lrealm Default realm [output] + * @param [in] context Library context + * @param [in] lrealm Realm name for the default realm * - * Make sure to free the allocated memory when it is no longer needed. + * If @a lrealm is NULL, clear the default realm setting. * * @retval * 0 Success @@ -4335,44 +4799,37 @@ krb5_error_code KRB5_CALLCONV krb5_set_default_realm(krb5_context context, const char *lrealm); /** - * @brief Free the default realm string returned by krb5_get_default_realm(). - * - * @param context Context structure [input, output] - * @param lrealm Realm to be freed [input, output] + * Free a default realm string returned by krb5_get_default_realm(). * - * @return - * None + * @param [in] context Library context + * @param [in] lrealm Realm to be freed */ void KRB5_CALLCONV krb5_free_default_realm(krb5_context context, char *lrealm); /** - * @brief Generate a full principal name from a service name. - * - * @param context Context structure [input, output] - * @param hostname Host name, or NULL to use local host [input] - * @param sname Service name [input] - * @param type Principal type: either @c KRB5_NT_SRV_HST or @c KRB5_NT_UNKNOWN [input] - * @param ret_princ Full principal name [output] + * Generate a full principal name from a service name. * - * The full (multi-part) principal name tis used to authenticate the principal with the specified service on the - * host, given a hostname @a hostname and a generic service name @a sname. + * @param [in] context Library context + * @param [in] hostname Host name, or NULL to use local host + * @param [in] sname Service name, or NULL to use @c "host" + * @param [in] type Principal type + * @param [out] ret_princ Generated principal * - * @a ret_princ holds the generated full principal name. The realm of the principal - * is determined internally by calling krb5_get_host_realm(). + * This function converts a @a hostname and @a sname into @a krb5_principal + * structure @a ret_princ. The returned principal will be of the form @a + * sname\/hostname\@REALM where REALM is determined by krb5_get_host_realm(). + * In some cases this may be the referral (empty) realm. * - * Make sure to free the allocated memory when it is no longer needed. + * The @a type can be one of the following: * - * The principal type, @a type, controls how krb5_sname_to_principal() generates a principal name for a service. + * @li #KRB5_NT_SRV_HST canonicalizes the host name before looking up the + * realm and generating the principal. * - * @li @c KRB5_NT_SRV_HOST canonicalizes the host name (a fully - * qualified lowercase @a hostname using the primary name and the - * domain name), \b before @a ret_princ is generated in the form - * sname//hostname\@LOCAL.REALM. Most applications should use @a KRB5_NT_SRV_HOST. + * @li #KRB5_NT_UNKNOWN accepts the hostname as given, and does not + * canonicalize it. * - * @li @c KRB5_NT_UNKNOWN generates a principal name with - * the form @a sname\/hostname\@LOCAL.REALM, but the @a hostname \b will \b not be - * canonicalized first. It will appear exactly as it was passed in @a hostname. + * Use krb5_free_principal to free @a ret_princ when it is no longer needed. * * @retval * 0 Success @@ -4383,47 +4840,51 @@ krb5_error_code KRB5_CALLCONV krb5_sname_to_principal(krb5_context context, const char *hostname, const char *sname, krb5_int32 type, krb5_principal *ret_princ); -/** Return true if @a princ matches @a matching, false otherwise. +/** + * Test whether a principal matches a matching principal. + * + * @param [in] context Library context + * @param [in] matching Matching principal + * @param [in] princ Principal to test * - * A matching principal is a host-based principal with an empty realm and/or - * second data component (hostname). Profile configuration may cause the - * hostname to be ignored even if it is present. A principal matches a - * matching principal if the principal has the same non-empty (and non-ignored) - * components of the matching principal. + * @note A matching principal is a host-based principal with an empty realm + * and/or second data component (hostname). Profile configuration may cause + * the hostname to be ignored even if it is present. A principal matches a + * matching principal if the former has the same non-empty (and non-ignored) + * components of the latter. * - * If @a matching is NULL, return true. If @a matching is not a matching + * If @a matching is NULL, return TRUE. If @a matching is not a matching * principal, return the value of krb5_principal_compare(context, matching, * princ). + * + * @return + * TRUE if @a princ matches @a matching, FALSE otherwise. */ krb5_boolean KRB5_CALLCONV krb5_sname_match(krb5_context context, krb5_const_principal matching, krb5_const_principal princ); -/** Change a password for an existing Kerberos account. +/** + * Change a password for an existing Kerberos account. * - * @param [in] context Context structure - * @param [in] creds Kerberos credentials to the kadmin/changepw service - * @param [in] newpw New password - * @param [out] result_code A numeric error code - * @param [out] result_code_string (unused) String equivalent to @a result_code - * @param [out] result_string Change password response from the KDC + * @param [in] context Library context + * @param [in] creds Credentials for kadmin/changepw service + * @param [in] newpw New password + * @param [out] result_code Numeric error code from server + * @param [out] result_code_string String equivalent to @a result_code + * @param [out] result_string Change password response from the KDC * * Change the password for the existing principal identified by @a creds. * * The possible values of the output @a result_code are: * - * @li KRB5_KPASSWD_SUCCESS (0) - success - * @li KRB5_KPASSWD_MALFORMED (1) - Malformed request error - * @li KRB5_KPASSWD_HARDERROR (2) - Server error - * @li KRB5_KPASSWD_AUTHERROR (3) - Authentication error - * @li KRB5_KPASSWD_SOFTERROR (4) - Password change rejected + * @li #KRB5_KPASSWD_SUCCESS (0) - success + * @li #KRB5_KPASSWD_MALFORMED (1) - Malformed request error + * @li #KRB5_KPASSWD_HARDERROR (2) - Server error + * @li #KRB5_KPASSWD_AUTHERROR (3) - Authentication error + * @li #KRB5_KPASSWD_SOFTERROR (4) - Password change rejected * - * @sa krb5_chpw_result_code_string() - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_change_password(krb5_context context, krb5_creds *creds, char *newpw, @@ -4431,24 +4892,34 @@ krb5_change_password(krb5_context context, krb5_creds *creds, char *newpw, krb5_data *result_string); /** - * @brief Implement set password according to RFC 3244, so that it is interoperable with MS Windows implementations. + * Set a password for a principal using specified credentials. + * + * @param [in] context Library context + * @param [in] creds Credentials for kadmin/changepw service + * @param [in] newpw New password + * @param [in] change_password_for Change the password for this principal + * @param [out] result_code Numeric error code from server + * @param [out] result_code_string String equivalent to @a result_code + * @param [out] result_string Data returned from the remote system + * + * This function uses the credentials @a creds to set the password @a newpw for + * the principal @a change_password_for. It implements the set password + * operation of RFC 3244, for interoperability with Microsoft Windows + * implementations. + * + * @note If @a change_password_for is NULL, the change is performed on the + * current principal. If @a change_password_for is non-null, the change is + * performed on the principal name passed in @a change_password_for. * - * @param context Context structure [input, output] - * @param creds Credentials [input - * @param newpw New password [input] - * @param change_password_for Specific principal for password change [input] - * @param result_code Pointer to result code returned by the remote system [output] - * @param result_code_string Pointer to result code translated into a readable message [output] - * @param result_string Pointer to result data returned from the remote system [output] + * The error code and strings are returned in @a result_code, + * @a result_code_string and @a result_string. * - * @note If @a change_password_for is NULL, the change is performed on the current - * principal. If @a change_password_for is non-null, the change is performed on the - * principal name passed in @a change_password_for. + * @sa krb5_set_password_using_ccache() * * @retval - * 0 Success + * 0 Success and result_code is set to #KRB5_KPASSWD_SUCCESS. * @return - * Kerberos error codes + * Kerberos error codes. */ krb5_error_code KRB5_CALLCONV krb5_set_password(krb5_context context, krb5_creds *creds, char *newpw, @@ -4456,19 +4927,29 @@ krb5_set_password(krb5_context context, krb5_creds *creds, char *newpw, krb5_data *result_code_string, krb5_data *result_string); /** - * @brief Implement RFC 3244 set password (interoperable with MS Windows implementations) using the credentials cache instead of explicitly passed credentials. + * Set a password for a principal using cached credentials. + * + * @param [in] context Library context + * @param [in] ccache Credential cache + * @param [in] newpw New password + * @param [in] change_password_for Change the password for this principal + * @param [out] result_code Numeric error code from server + * @param [out] result_code_string String equivalent to @a result_code + * @param [out] result_string Data returned from the remote system + * + * This function uses the cached credentials from @a ccache to set the password + * @a newpw for the principal @a change_password_for. It implements RFC 3244 + * set password operation (interoperable with MS Windows implementations) using + * the credential cache. * - * @param context Context structure [input, output] - * @param ccache Credentials cache [input] - * @param newpw New password [input] - * @param change_password_for Principal for which password is changed [input] - * @param result_code Pointer to result code returned from remote system [output] - * @param result_code_string Pointer to result code returned from remote system translated into a readable message [output] - * @param result_string Pointer to the result data returned from remote system [output] + * The error code and strings are returned in @a result_code, + * @a result_code_string and @a result_string. * - * @note If @a change_password_for is set to NULL, the change is performed - * on the current principal. If @a change_password_for is non null, the change is performed - * on the specified principal. + * @note If @a change_password_for is set to NULL, the change is performed on + * the default principal in @a ccache. If @a change_password_for is non null, + * the change is performed on the specified principal. + * + * @sa krb5_set_password() * * @retval * 0 Success @@ -4482,23 +4963,27 @@ krb5_set_password_using_ccache(krb5_context context, krb5_ccache ccache, krb5_data *result_string); /** - * @brief Retrieve data from a configuration file, typically @c krb5.conf . + * Retrieve configuration profile from the context. + * + * @param [in] context Library context + * @param [out] profile Pointer to data read from a configuration file * - * @param context Context structure [input, output] - * @param profile_t Pointer to data read from a configuration file [input] + * This function creates a new @a profile object that reflects profile + * in the supplied @a context. * - * Make sure to free the allocated memory when it is no longer needed. + * The @a profile object may be freed with profile_release() function. + * See profile.h and profile API for more details. * - * @retval + * @retval * 0 Success * @return * Kerberos error codes */ krb5_error_code KRB5_CALLCONV -krb5_get_profile(krb5_context context, struct _profile_t * /* profile_t */ *); +krb5_get_profile(krb5_context context, struct _profile_t ** profile); #if KRB5_DEPRECATED -/** @deprecated Replaced by krb5_get_init_creds_password() */ +/** @deprecated Replaced by krb5_get_init_creds_password().*/ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, krb5_address *const *addrs, krb5_enctype *ktypes, @@ -4506,7 +4991,7 @@ krb5_get_in_tkt_with_password(krb5_context context, krb5_flags options, const char *password, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep **ret_as_reply); -/** * @deprecated Replaced by krb5_get_init_creds() */ +/** @deprecated Replaced by krb5_get_init_creds(). */ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_skey(krb5_context context, krb5_flags options, krb5_address *const *addrs, krb5_enctype *ktypes, @@ -4514,7 +4999,7 @@ krb5_get_in_tkt_with_skey(krb5_context context, krb5_flags options, const krb5_keyblock *key, krb5_ccache ccache, krb5_creds *creds, krb5_kdc_rep **ret_as_reply); - /** @deprecated Replaced by krb5_get_init_creds_keytab() */ +/** @deprecated Replaced by krb5_get_init_creds_keytab(). */ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, krb5_address *const *addrs, krb5_enctype *ktypes, @@ -4525,65 +5010,50 @@ krb5_get_in_tkt_with_keytab(krb5_context context, krb5_flags options, #endif /* KRB5_DEPRECATED */ /** - * @brief Parse a @c KRB5-AP-REQ message and return its contents. + * Parse and decrypt a @c KRB_AP_REQ message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param inbuf Holds the KRB-AP-REQ message to be parsed [input] - * @param server Expected server's principal name for the ticket - * @param keytab Key table containing decryption key [input] - * @param ap_req_options If non-null, the AP-REQ flags on output [input, output] - * @param ticket Returned ticket from the AP-REQ message. Use NULL to specify no ticket [output] + * @param [in] context Library context + * @param [in,out] auth_context Pre-existing or newly created auth context + * @param [in] inbuf AP-REQ message to be parsed + * @param [in] server Matching principal for server, or NULL to + * allow any principal in keytab + * @param [in] keytab Key table, or NULL to use the default + * @param [out] ap_req_options If non-null, the AP-REQ flags on output + * @param [out] ticket If non-null, ticket from the AP-REQ message * - * If @a ticket is set to non-null, it is modified to point to the ticket information. + * This function parses, decrypts and verifies a AP-REQ message from @a inbuf + * and stores the authenticator in @a auth_context. * - * If @c _krb5_auth_context is set to NULL, an @c _krb5_auth_context is generated and freed internally - * by the function. + * If a keyblock is present in the @a auth_context, it is used to decrypt the + * ticket in AP-REQ message. (This is useful for user-to-user authentication.) + * Otherwise, the decryption key is obtained from the @a keytab. If @a keytab + * is iterable, all of its key entries it will be tried against the ticket; + * otherwise, the server principal in the ticket will be looked up in the + * keytab and that key will be tried. * - * If @a server is set to NULL, any server name with an appropriate key will be accepted. - * Make sure to verify that the server principal name matches some trust - * criterion. + * The client specified in the decrypted authenticator must match the client + * specified in the decrypted ticket. If @a server is non-null, the key in + * which the ticket is encrypted must correspond to a principal in @a keytab + * matching @a server according to the rules of krb5_sname_match(). * - * If @a server is set to non-null and a @a replay detection cache has not - * been established with @c _krb5_auth_context, an @c _krb5_auth_context is generated. + * If the @a remote_addr field of @a auth_context is set, the request must come + * from that address. * - * If a @a keyblock is present in the @c _krb5_auth_context, it is used to decrypt the ticket - * request and then must be freed with krb5_free_keyblock(). This is useful for - * user-to-user authentication. + * If a replay cache handle is provided in the @a auth_context, the + * authenticator and ticket are verified against it. If no conflict is found, + * the new authenticator is then stored in the replay cash of @a auth_context. * - * If no @a keyblock is specified, the key table uses an entry matching the requested @a keytype, - * @a server, and @a version @a number. + * Various other checks are performed on the decoded data, including + * cross-realm policy, clockskew, and ticket validation times. * - * The authenticator in the request is decrypted and stored in @c _krb5_auth_context. - * The client specified in the decrypted authenticator is compared to the client - * specified in the decoded ticket to ensure that the compare was performed. + * On success the authenticator, subkey, and remote sequence number of the + * request are stored in @a auth_context. If the #AP_OPTS_MUTUAL_REQUIRED + * bit is set, the local sequence number is XORed with the remote sequence + * number in the request. * - * If the @a remote_addr field of @c _krb5_auth_context is set, this routine checks - * whether the request came from the right client. + * Use krb5_free_ticket() to free @a ticket when it is no longer needed. * - * The replay cache is checked to see if the ticket and authenticator have been seen - * and, if so, returns an error. If not, the ticket and authenticator are entered into - * the replay cache. - * - * Various other checks are performed on the decoded data, including cross-realm policy, - * clockskew, and ticket validation times. - * - * The @a keyblock, @a subkey, and @a sequence @a number of the request are - * stored in @c _krb5_auth_context for future use. - * - * If the @c AP_OPTS_MUTUAL_REQUIRED bit is set, the local sequence number - * is XORed with the remote sequence number in the request. - * - * @note A new authentication context is returned if NULL is specified. - * - * @note If @a keytab is set to NULL, the default key table is used. - * - * @retval - * 0 Success - * @retval - * KRB5KRB-AP-ERRR-BADADDR Invalid address - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_rd_req(krb5_context context, krb5_auth_context *auth_context, @@ -4592,26 +5062,26 @@ krb5_rd_req(krb5_context context, krb5_auth_context *auth_context, krb5_ticket **ticket); /** - * @brief Retrieve a service key from a key table. + * Retrieve a service key from a key table. * - * @param context Context structure [input, output] - * @param keyprocarg Name of a key table or NULL to use default key table [input] - * @param principal Service principal [input] - * @param vno Key version number; use 0 to specify the key with the highest version number [input] - * @param enctype Key encryption type; use a keytype of 0 if encryption type does not matter [input] - * @param key Returned service key [output] + * @param [in] context Library context + * @param [in] keyprocarg Name of a key table (NULL to use default name) + * @param [in] principal Service principal + * @param [in] vno Key version number (0 for highest available) + * @param [in] enctype Encryption type (0 for any type) + * @param [out] key Service key from key table * - * Open and search the specified key table for the entry identified by @a principal, @a enctype, - * and @a vno. If no key is found, return an error code. + * Open and search the specified key table for the entry identified by @a + * principal, @a enctype, and @a vno. If no key is found, return an error code. * - * The default key table is used, unless @a keyprocarg is non-null. @a keyprocarg designates a specific key table. + * The default key table is used, unless @a keyprocarg is non-null. + * @a keyprocarg designates a specific key table. * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_keyblock() to free @a key when it is no longer needed. * * @retval * 0 Success - * @return - * Kerberos error codes + * @return Kerberos error code if not found or @a keyprocarg is invalid. */ krb5_error_code KRB5_CALLCONV krb5_kt_read_service_key(krb5_context context, krb5_pointer keyprocarg, @@ -4619,43 +5089,42 @@ krb5_kt_read_service_key(krb5_context context, krb5_pointer keyprocarg, krb5_enctype enctype, krb5_keyblock **key); /** - * @brief Format a @c KRB-SAFE message and store in a buffer. + * Format a @c KRB-SAFE message. + * + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] userdata User data in the message + * @param [out] outbuf Formatted @c KRB-SAFE buffer + * @param [out] outdata Replay data. Specify NULL if not needed * - * @param context Context structure [input, output] - * @param auth_context Authentication context - * @param userdata User data in the message [input] - * @param outbuf Formatted @c KRB-SAFE buffer [output] - * @param outdata Sequence numbers if @c KRB5_AUTH_CONTEXT_RET_SEQUENCE is specified in @c _krb5_auth_data + * This function creates an integrity protected @c KRB-SAFE message + * using data supplied by the application. * - * The @a _krb5_auth_context->auth_context_flags specify whether sequence numbers or timestamps will - * be used to identify the message. Valid values are: - * @li @c KRB5_AUTH_CONTEXT_DO_TIME Use timestamps and replay cache. - * @li @c KRB5_AUTH_CONTEXT_RET_TIME Copy timestamp to @a *outdata. - * @li @c KRB5_AUTH_CONTEXT_DO_SEQUENCE Use sequence numbers. - * @li @c KRB5_AUTH_CONTEXT_RET_SEQUENCE Copy sequence numbers to @a *outdata. + * Fields in @a auth_context specify the checksum type, the keyblock that + * can be used to seed the checksum, full addresses (host and port) for + * the sender and receiver, and @ref KRB5_AUTH_CONTEXT flags. * - * The @a userdata argument is formatted as the user data in the message. + * The local address in @a auth_context must be set, and is used to form the + * sender address used in the KRB-SAFE message. The remote address is + * optional; if specified, it will be used to form the receiver address used in + * the message. * - * Fields in @c _krb5_auth_context specify the checksum type, the keyblock that - * can be used to seed the checksum, and full addresses (host and port) for - * the sender and receiver. + * If #KRB5_AUTH_CONTEXT_DO_TIME flag is set in the @a auth_context, an entry + * describing the message is entered in the replay cache @a + * auth_context->rcache which enables the caller to detect if this message is + * reflected by an attacker. If #KRB5_AUTH_CONTEXT_DO_TIME is not set, the + * replay cache is not used. * - * The @a local_addr field of @c _krb5_auth_context is used to - * form the addresses used in the @c KRB-SAFE message. The remote_addr is optional; - * if the receiver's address is unknown, it can be replaced by NULL. - * @note The @a local_addr argument is mandatory. + * If either #KRB5_AUTH_CONTEXT_DO_SEQUENCE or + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE is set, the @a auth_context local sequence + * number will be placed in @a outdata as its sequence number. * - * If @c KRB5_AUTH_CONTEXT_DO_TIME is set, an entry describing the message is - * entered in the replay cache which enables the caller to detect if this message - * is sent back by an attacker. If @c KRB5_AUTH_CONTEXT_DO_TIME is not set, - * the replay cache is not used. + * @note The @a outdata argument is required if #KRB5_AUTH_CONTEXT_RET_TIME or + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in the @a auth_context. * - * If either @c KRB5_AUTH_CONTEXT_DO_SEQUENCE or @c KRB5_AUTH_CONTEXT_RET_SEQUENCE is set, - * the @c _krb5_auth_context local sequence number will be placed in the protected message - * as its sequence number. + * Use krb5_free_data_contents() to free @a outbuf when it is no longer needed. * - * Make sure to free the allocated memory when it is no longer needed. - * @sa rcache + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_mk_safe(krb5_context context, krb5_auth_context auth_context, @@ -4663,115 +5132,92 @@ krb5_mk_safe(krb5_context context, krb5_auth_context auth_context, krb5_replay_data *outdata); /** - * @brief Format a @c KRB-PRIV message into @a outbuf. + * Format a @c KRB-PRIV message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param userdata User data in the message [input] - * @param outbuf Formatted @c KRB-PRIV buffer [output] - * @param outdata Sequence numbers if @c KRB5_AUTH_CONTEXT_RET_SEQUENCE is set [input, output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] userdata User data for @c KRB-PRIV message + * @param [out] outbuf Formatted @c KRB-PRIV message + * @param [out] outdata Replay cache handle (NULL if not needed) * - * This function is similar to krb5_mk_safe(), but the message is encrypted @a and + * This function is similar to krb5_mk_safe(), but the message is encrypted and * integrity-protected, not just integrity-protected. * - * The @a remote_addr and @a remote_port fields of @c _krb5_auth_context are - * optional; @a local_addr, is mandatory. If the receiver's address is unknown, - * it can be replaced by NULL. - * - * The encryption type is taken from the @a keyblock field in @c _krb5_auth_context. + * The local address in @a auth_context must be set, and is used to form the + * sender address used in the KRB-SAFE message. The remote address is + * optional; if specified, it will be used to form the receiver address used in + * the message. * - * If the @a i_vector field in @c _krb5_auth_context is non-null, it is used - * as an initialization vector for the encryption (if the chosen encryption - * type supports initialization vectors), and its contents are replaced with - * the last block of encrypted data upon return. + * @note If the #KRB5_AUTH_CONTEXT_RET_TIME or + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in @a auth_context, the @a + * outdata is required. * - * @note The flags from @c _krb5_auth_context specify whether sequence numbers or timestamps will be used to identify the message. - * Valid values are: - * @li @c KRB5_AUTH_CONTEXT_DO_TIME Use timestamps and replay cache. - * @li @c KRB5_AUTH_CONTEXT_RET_TIME Copy timestamp to @a *outdata. - * @li @c KRB5_AUTH_CONTEXT_DO_SEQUENCE Use sequence numbers in replay cache. - * @li @c KRB5_AUTH_CONTEXT_RET_SEQUENCE Use sequence numbers in replay cache and output data. + * @note The flags from @a auth_context specify whether sequence numbers or + * timestamps will be used to identify the message. Valid values are: * - * Make sure to free the allocated memory when it is no longer needed. + * @li #KRB5_AUTH_CONTEXT_DO_TIME - Use timestamps in @a outdata + * @li #KRB5_AUTH_CONTEXT_RET_TIME - Copy timestamp to @a outdata. + * @li #KRB5_AUTH_CONTEXT_DO_SEQUENCE - Use local sequence numbers from + * @a auth_context in replay cache. + * @li #KRB5_AUTH_CONTEXT_RET_SEQUENCE - Use local sequence numbers from + * @a auth_context as a sequence number + * in the encrypted message @a outbuf. * - * @retval - * 0 Success - * @return - * Kerberos error codes - * - * @sa KRB-PRIV + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_mk_priv(krb5_context context, krb5_auth_context auth_context, const krb5_data *userdata, krb5_data *outbuf, krb5_replay_data *outdata); - /** - * @brief Send an authenticated message. - * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param fd Pointer to file descriptor that describes network socket [input] - * @param appl_version String that describes the application protocol version client is expected to use [input] - * @param client Client principal name; ignored if @a in_creds is non-null [input] - * @param server Server principal name; ignored if @a in_creds is non-null [input] - * @param ap_req_options Specifies @c KRB-AP-REQ flags [input] - * @param in_data Data to be sent to the server [input] - * @param in_creds Input credentials, or NULL [input] - * @param ccache Credentials cache [input, output] - * @param error If non-null, contains error packet returned from server [output] - * @param rep_result If non-null, contains result of mutual authentication exchange [output] - * @param out_creds If non-null, the retrieved credentials [output] - * - * Send an authenticated message from a client program to a server - * program using the network connection specified by @a fd. In the MIT UNIX and - * OpenVMS implementations, @a fd is a pointer to a network socket file descriptor. - * - * Valid values for @a ap_req_options are: - * @li @c AP_OPTS_USE_SESSION_KEY - * @li @c AP_OPTS_MUTUAL_REQUIRED Perform a mutual authentication exchange - * @li @c AP_OPTS_USE_SUBKEY - * - * If @a in_creds is NULL: - * @li @a server must be non-null - * @li @a client can be NULL. If @a client is NULL, the credentials cache default principal is used. - * - * If @a in_creds is non-null, @a in_creds->client and @a in_creds->server must be - * filled in. If the other structure fields are filled in with valid credentials, - * @a in_creds->ticket.length must be zero. +/** + * Client function for @c sendauth protocol. * - * If @a rep_result is non-null, it is filled in with the result of the mutual - * authentication exchange. + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] fd File descriptor that describes network socket + * @param [in] appl_version Application protocol version to be matched + * with the receiver's application version + * @param [in] client Client principal + * @param [in] server Server principal + * @param [in] ap_req_options @ref AP_OPTS options + * @param [in] in_data Data to be sent to the server + * @param [in] in_creds Input credentials, or NULL to use @a ccache + * @param [in] ccache Credential cache + * @param [out] error If non-null, contains KRB_ERROR message + * returned from server + * @param [out] rep_result If non-null and @a ap_req_options is + * #AP_OPTS_MUTUAL_REQUIRED, contains the result + * of mutual authentication exchange + * @param [out] out_creds If non-null, the retrieved credentials * - * If @a in_creds->ticket.length is nonzero, @a in_creds is used - * as the credentials to send to the server, and @a ccache is ignored. Otherwise, - * @a ccache is used. + * This function performs the client side of a sendauth/recvauth exchange by + * sending and receiving messages over @a fd. * - * If @a out_creds, is non-null, it is filled in with the retrieved credentials. + * Credentials may be specified in three ways: * - * @a ccache specifies the credential cache to use @a only when @a in_creds is - * NULL or @a in_creds->ticket.length is zero. + * @li If @a in_creds is NULL, credentials are obtained with + * krb5_get_credentials() using the principals @a client and @a server. @a + * server must be non-null; @a client may NULL to use the default principal of + * @a ccache. * - * If @a in_creds is NULL or @a in_creds->ticket.length is zero and @a ccache is NULL, - * If the default credential cache does not contain the needed credentials, - * the credentials will be retrieved from the KDC and stored in the credential cache. + * @li If @a in_creds is non-null, but does not contain a ticket, credentials + * for the exchange are obtained with krb5_get_credentials() using @a in_creds. + * In this case, the values of @a client and @a server are unused. * - * If mutual authentication is used and @a rep_result is non-null, the sequence number - * for the server is in *rep_result-\>seq_number. If mutual authentication is not - * used, there is no way to negotiate a sequence number for the server. + * @li If @a in_creds is a complete credentials structure, it used directly. + * In this case, the values of @a client, @a server, and @a ccache are unused. * - * If the server is using a different application protocol than that specified in - * @a appl_version, an error will be returned. + * If the server is using a different application protocol than that specified + * in @a appl_version, an error will be returned. * - * If an error occurs during the authenticated message exchange and @a error is non-null, - * the error packet (if any) sent from the server will be placed in it. + * Use krb5_free_creds() to free @a out_creds, krb5_free_ap_rep_enc_part() to + * free @a rep_result, and krb5_free_error() to free @a error when they are no + * longer needed. * - * Make sure to free the allocated memory when it is no longer needed. + * @sa krb5_recvauth() * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_sendauth(krb5_context context, krb5_auth_context *auth_context, @@ -4782,43 +5228,26 @@ krb5_sendauth(krb5_context context, krb5_auth_context *auth_context, krb5_creds **out_creds); /** - * @brief Receive an authenticated message. + * Server function for @a sendauth protocol. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param fd Pointer to file descriptor of network socket [input] - * @param appl_version String describing the expected application protocol version. [input] - * @param server Server principal [input] - * @param flags Additional specifications; nonlibrary callers should use 0. [input] - * @param keytab Decryption key [input] - * @param ticket Ticket (optional); only filled in with client ticket data if non-null [output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] fd File descriptor + * @param [in] appl_version Application protocol version to be matched + * against the client's application version + * @param [in] server Server principal (NULL for any in @a keytab) + * @param [in] flags Additional specifications + * @param [in] keytab Key table containing service keys + * @param [out] ticket Ticket (NULL if not needed) * - * This routine, paired with krb5_sendauth(), provides a way for client and server programs to - * send authenticated messages to one another through network connections. + * This function performs the srever side of a sendauth/recvauth exchange by + * sending and receiving messages over @a fd. * - * krb5_recvauth() engages in an authentication dialog with the client program running krb5_sendauth() - * to authenticate the client to the server. + * Use krb5_free_ticket() to free @a ticket when it is no longer needed. * - * Upon request from the client, krb5_recvauth() provides mutual authentication - * to ensure the legitimacy of the server represented by krb5_recvauth(). + * @sa krb5_sendauth() * - * The @a fd argument is a pointer to the network connection. As in krb5_sendauth() - * in the MIT UNIX and OpenVMS implementations, @a fd is a pointer to a file descriptor. - * - * @a server, @c _krb5_auth_context, and @a keytab are used to obtain the server's private key. - * - * @note - * @li if client uses a different application protocol than that specified in @a appl_version, - * an error is returned and the authentication exchange is aborted. - * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes - * - * @todo link to flags? + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_recvauth(krb5_context context, krb5_auth_context *auth_context, @@ -4826,97 +5255,78 @@ krb5_recvauth(krb5_context context, krb5_auth_context *auth_context, krb5_int32 flags, krb5_keytab keytab, krb5_ticket **ticket); /** - * @brief Send authentication messages between client and server using the network. - * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param fd Socket from which to read the client response [input] - * @param server Verify the server principal is the same as requested by client; if NULL, an error is returned and the exchange is aborted [input] - * @param flags - * @param keytab Decryption key [input] - * @param ticket Optional, if non-null, filled with ticket data sent by the client [output] - * @param version Pointer to application version string [output] - * - * This routine provides a convenient means for client and server programs to send authenticated messages to - * one another through network connections. (k5b5_sendauth() is the matching routine to krb5_recvauth_version() for the server.) - * - * krb5_recvauth_version() engages in an authentication dialog with the client program running - * krb5_sendauth() to authenticate the client to the server. In addition, if requested by the client, - * krb5_recvauth_version() provides mutual authentication to prove to the client that the server represented by - * krb5_recvauth_version() is legitimate. + * Server function for @a sendauth protocol with version parameter. * - * @a fd is a pointer to the network connection. As in krb5_sendauth(), in the MIT UNIX and - * OpenVMS implementations, @a fd is a pointer to a file descriptor. + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] fd File descriptor + * @param [in] server Server principal (NULL for any in @a keytab) + * @param [in] flags Additional specifications + * @param [in] keytab Decryption key + * @param [out] ticket Ticket (NULL if not needed) + * @param [out] version sendauth protocol version (NULL if not needed) * - * The arguments @a server, @c _krb5_auth_context, and @a keytab are used by @c krb5_rd_req() to obtain the - * server's private key. + * This function is similar to krb5_recvauth() with the additional output + * information place into @a version. * - * If server is non-null, the principal component of it is used to determine - * the replay cache to use. Otherwise, @c krb5_recvauth_version uses the default - * replay cache. - * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @retval - * KRB5_SENDAUTH_BADAUTHVERS Bad sendauth version was sent - * @retval - * KRB5_SENDAUTH_BADAPPLVERS Bad application version was sent - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_recvauth_version(krb5_context context, krb5_auth_context *auth_context, - /* IN */ krb5_pointer fd, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, - /* OUT */ krb5_ticket **ticket, krb5_data *version); /** -* @brief Take an array of credentials and format a @c KRB-CRED message to pass to krb5_rd_cred(). -* -* @param context Context structure [input, output] -* @param auth_context Authentication context [input, output] -* @param ppcreds Pointer to an array of credentials [input] -* @param ppdata Unused -* @param outdata Pointer to @c KRB-CRED message [output] -* -* @todo Described ppdata as not used, cut " A pointer to a krb5_data structure -* -* @retval -* 0 Success -* @retval -* ENOMEM Insufficient memory -* @retval -* KRB5_RC_REQUIRED Message replay detection requires @a rcache parameter -* @return -* Kerberos error codes -*/ + * Format a @c KRB-CRED message for an array of credentials. + * + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] ppcreds Null-terminated array of credentials + * @param [out] ppdata Encoded credentials + * @param [out] outdata Replay cache information (NULL if not needed) + * + * This function takes an array of credentials @a ppcreds and formats + * a @c KRB-CRED message @a ppdata to pass to krb5_rd_cred(). + * + * @note If the #KRB5_AUTH_CONTEXT_RET_TIME or #KRB5_AUTH_CONTEXT_RET_SEQUENCE + * flag is set in @a auth_context, @a outdata is required. + * + * The message will be encrypted using the send subkey of @a auth_context if it + * is present, or the session key otherwise. + * + * @retval + * 0 Success + * @retval + * ENOMEM Insufficient memory + * @retval + * KRB5_RC_REQUIRED Message replay detection requires @a rcache parameter + * @return + * Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_mk_ncred(krb5_context context, krb5_auth_context auth_context, krb5_creds **ppcreds, krb5_data **ppdata, krb5_replay_data *outdata); /** - * @brief Encode a @c KRB-CRED message to pass to krb5_rd_cred(). + * Format a @c KRB-CRED message for a single set of credentials. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input} - * @param pcreds Pointer to credentials [input] - * @param ppdata Unused - * @param outdata Pointer to @c KRB-CRED message [output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] pcreds Pointer to credentials + * @param [out] ppdata Encoded credentials + * @param [out] outdata Replay cache data (NULL if not needed) * * This is a convenience function that calls krb5_mk_ncred() with a single set * of credentials. * * @retval - * 0 Success + * 0 Success * @retval * ENOMEM Insufficient memory * @retval @@ -4930,28 +5340,24 @@ krb5_mk_1cred(krb5_context context, krb5_auth_context auth_context, krb5_replay_data *outdata); /** - * @brief Read a @c KRB-CRED message, validate it, and output the nonce and an array of the forwarded credentials. + * Read and validate a @c KRB-CRED message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param pcreddata @c KRB-CRED message [input] - * @param pppcreds Array of forwarded credentials [output] - * @param outdata Replay data information [output] + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] pcreddata @c KRB-CRED message + * @param [out] pppcreds Null-terminated array of forwarded credentials + * @param [out] outdata Replay data (NULL if not needed) * - * Make sure to free the allocated memory when it is no longer needed. + * @note The @a outdata argument is required if #KRB5_AUTH_CONTEXT_RET_TIME or + * #KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in the @a auth_context.` * - * @retval - * 0 Success - * @retval - * KRB5_RC_REQUIRED Message replay detection requires @a rcache parameter - * @retval - * KRB5KRB-AP-ERR-SKEW Clock skew too great - * @retval - * KRB5KRB-AP-ERR-BADORDER Message out of order - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @a pcreddata will be decrypted using the receiving subkey if it is present + * in @a auth_context, or the session key if the receiving subkey is not + * present or fails to decrypt the message. + * + * Use krb5_free_tgt_creds() to free @a pppcreds when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_rd_cred(krb5_context context, krb5_auth_context auth_context, @@ -4959,21 +5365,23 @@ krb5_rd_cred(krb5_context context, krb5_auth_context auth_context, krb5_replay_data *outdata); /** - * @brief Get a forwarded ticket and format a KRB-CRED message. + * Get a forwarded TGT and format a @c KRB-CRED message. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param rhost Remote host [input, output] - * @param client Client principal [input] - * @param server Server principal [input] - * @param cc Credentials cache handle [input] - * @param forwardable Boolean indicating whether TGT should be forwardable [input] - * @param outbuf Output buffer containing the TGT + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] rhost Remote host + * @param [in] client Client principal of TGT + * @param [in] server Principal of server to receive TGT + * @param [in] cc Credential cache handle (NULL to use default) + * @param [in] forwardable Whether TGT should be forwardable + * @param [out] outbuf KRB-CRED message * - * Make sure to free the allocated memory when it is no longer needed. + * Get a TGT for use at the remote host @a rhost and format it into a KRB-CRED + * message. If @a rhost is NULL and @a server is of type #KRB5_NT_SRV_HST, + * the second component of @a server will be used. * * @retval - * 0 Success + * 0 Success * @retval * ENOMEM Insufficient memory * @retval @@ -4991,104 +5399,90 @@ krb5_fwd_tgt_creds(krb5_context context, krb5_auth_context auth_context, krb5_ccache cc, int forwardable, krb5_data *outbuf); /** - * @brief Initialize a @c _krb5_auth_context structure. + * Create and initialize an authentication context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [output] + * @param [in] context Library context + * @param [out] auth_context Authentication context * - * The @c _krb5_auth_context contains all data pertinent to the various authentication routines. + * This function creates an authentication context to hold configuration and + * state relevant to krb5 functions for authenticating principals and + * protecting messages once authentication has occurred. * - * By default, @a flags for the context are set to enable the use of the replay cache - * (krb5_auth_context_do_time()) but not sequence numbers. Use krb5_auth_con_setflags() to change the flags. + * By default, flags for the context are set to enable the use of the replay + * cache (#KRB5_AUTH_CONTEXT_DO_TIME), but not sequence numbers. Use + * krb5_auth_con_setflags() to change the flags. * - * By default, @a checksum type is set to @c CKSUMTYPE_RSA_MD4_DES. Use krb5_auth_con_setcksumtype() - * to change the @a checksum type. - * - * Make sure to free the allocated memory when it is no longer needed. + * The allocated @a auth_context must be freed with krb5_auth_con_free() when + * it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_init(krb5_context context, krb5_auth_context *auth_context); /** - * @brief Free a @c _krb5_auth_context structure. + * Free a krb5_auth_context structure. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [output] + * @param [in] context Library context + * @param [in] auth_context Authentication context to be freed * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function frees an auth context allocated by krb5_auth_con_init(). * - * @sa krb5_auth_con_init() + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV krb5_auth_con_free(krb5_context context, krb5_auth_context auth_context); /** - * @brief Set the flags for an @c _krb5_auth_context structure. + * Set a flags field in a krb5_auth_context structure. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [output} - * @param flags Bit mask representing values set in @c _krb5_auth_context + * @param [in] context Library context + * @param [in,out] auth_context Authentication context + * @param [in] flags Flags bit mask * * Valid values for @a flags are: - * @li @c KRB5_AUTH_CONTEXT_DO_TIME Use timestamps - * @li @c KRB5_AUTH_CONTEXT_RET_TIME Save timestamps to output structure - * @li @c KRB5_AUTH_CONTEXT_DO_SEQUENCE Use sequence numbers - * @li @c KRB5_AUTH_RET_SEQUENCE Copy sequence numbers to output structure - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @li #KRB5_AUTH_CONTEXT_DO_TIME Use timestamps + * @li #KRB5_AUTH_CONTEXT_RET_TIME Save timestamps + * @li #KRB5_AUTH_CONTEXT_DO_SEQUENCE Use sequence numbers + * @li #KRB5_AUTH_CONTEXT_RET_SEQUENCE Save sequence numbers * + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setflags(krb5_context context, krb5_auth_context auth_context, krb5_int32 flags); /** - * @brief Retrieve flags from an @c _krb5_auth_context structure. + * Retrieve flags from a krb5_auth_context structure. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param flags Bit mask representing flags set in @c _krb5_auth_context [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] flags Flags bit mask * - * Valid values for @a flags are: - * @li @c KRB5_AUTH_CONTEXT_DO_TIME Use timestamps. - * @li @c KRB5_AUTH_CONTEXT_RET_TIME Save timestamps to output structure. - * @li @c KRB5_AUTH_CONTEXT_DO_SEQUENCE Use sequence numbers. - * @li @c KRB5_AUTH_RET_SEQUENCE Copy sequence numbers to output structure. - * - * Make sure to free the allocated memory when it is no longer needed. + * Valid values for @a flags are: + * @li #KRB5_AUTH_CONTEXT_DO_TIME Use timestamps + * @li #KRB5_AUTH_CONTEXT_RET_TIME Save timestamps + * @li #KRB5_AUTH_CONTEXT_DO_SEQUENCE Use sequence numbers + * @li #KRB5_AUTH_CONTEXT_RET_SEQUENCE Save sequence numbers * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV -krb5_auth_con_getflags(krb5_context context, krb5_auth_context auth_context, krb5_int32 *flags); +krb5_auth_con_getflags(krb5_context context, krb5_auth_context auth_context, + krb5_int32 *flags); /** - * @brief Set the checksum function and set up the data structure used to hold the checksum data. + * Set a checksum callback in an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param func Function to perform the checksum [input] - * @param data Pointer to arbitrary to be received by @a func [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] func Checksum callback + * @param [in] data Callback argument * - * The checksum data is received when krb5_mk_req_extended() calls it. - * @retval - * 0 Success - * @return - * Kerberos error codes - * @sa krb5_mk_req_extended() + * Set a callback to obtain checksum data in krb5_mk_req(). The callback will + * be invoked after the subkey and local sequence number are stored in @a + * auth_context. + * + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV krb5_auth_con_set_checksum_func( krb5_context context, @@ -5097,19 +5491,14 @@ krb5_auth_con_set_checksum_func( krb5_context context, void *data); /** - * @brief Get the checksum function and the data structure used to hold the checksum data. - * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param func Pointer to krb5 function that performs the checksum [output] - * @param data Pointer to data [output] + * Get the checksum callback from an auth context. * - * Make sure to free the allocated memory when it is no longer needed. + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] func Checksum callback + * @param [out] data Callback argument * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV krb5_auth_con_get_checksum_func( krb5_context context, @@ -5118,291 +5507,350 @@ krb5_auth_con_get_checksum_func( krb5_context context, void **data); /** - * @brief Copy the @a local_addr and @a remote_addr into an @c _krb5_auth_context structure. + * Set the local and remote addresses in an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param local_addr Local address [input] - * @param remote_addr Remote address [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] local_addr Local address + * @param [in] remote_addr Remote address * - * If either address is NULL, the previous address remains in place. + * This function releases the storage assigned to the contents of the local and + * remote addresses of @a auth_context and then sets them to @a local_addr and + * @a remote_addr respectively. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @sa krb5_auth_con_genaddrs() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_setaddrs(krb5_context context, krb5_auth_context auth_context, krb5_address *local_addr, krb5_address *remote_addr); /** - * @brief Retrieve address fields from an @c _krb5_auth_con structure. - * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param local_addr Local address [output] - * @param remote_addr Remote address [output] + * Retrieve address fields from an auth context. * - * If @a local_addr or @a remote_addr is non-null, the memory is freed by krb5_free_address() and then newly allocated. + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] local_addr Local address (NULL if not needed) + * @param [out] remote_addr Remote address (NULL if not needed) * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getaddrs(krb5_context context, krb5_auth_context auth_context, krb5_address **local_addr, krb5_address **remote_addr); /** - * @brief Set @a port fields in a @c _krb5_auth_context structure. + * Set local and remote port fields in an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output] - * @param local_port Local address [input] - * @param remote_port Remote address [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] local_port Local port + * @param [in] remote_port Remote port * - * Copy the @a local_port and @a remote_port addresses into an @c _krb5_auth_context structure. - * If either address is NULL, the previous address remains in place. - * These addresses are created by krb5_auth_con_genaddrs(). - * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * This function releases the storage assigned to the contents of the local and + * remote ports of @a auth_context and then sets them to @a local_port and @a + * remote_port respectively. * * @sa krb5_auth_con_genaddrs() + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setports(krb5_context context, krb5_auth_context auth_context, krb5_address *local_port, krb5_address *remote_port); /** - * @brief Set @a keyblock field in an @c _krb5_auth_context structure to a temporary key. + * Set the session key in an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param keyblock Server key for incoming request [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] keyblock User key * - * Use before calling krb5_rd_req_decode() for user-to-user - * authentication when the server has the key and needs it to decrypt - * the incoming request. Once decrypted, the temporary key is no longer - * valid, and it is overwritten by the session key sent by the client. - * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setuseruserkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock *keyblock); /** - * @brief Retrieve key from a @c _krb5_auth_context structure. + * Retrieve the session key from an auth context as a keyblock. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param keyblock Key stored in @c _krb5_auth_context [output] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] keyblock Session key * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function creates a keyblock containing the session key from @a + * auth_context. Use krb5_free_keyblock() to free @a keyblock when it is no + * longer needed * + * @retval 0 Success. Otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock); +/** + * Retrieve the session key from an auth context. + * + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] key Session key + * + * This function sets @a key to the session key from @a auth_context. Use + * krb5_k_free_key() to release @a key when it is no longer needed. + * + * @retval 0 (always) + */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getkey_k(krb5_context context, krb5_auth_context auth_context, krb5_key *key); /** - * @deprecated Replaced by krb5_auth_con_getsendsubkey() + * Retrieve the send subkey from an auth context as a keyblock. + * + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [out] keyblock Send subkey + * + * This function creates a keyblock containing the send subkey from @a + * auth_context. Use krb5_free_keyblock() to free @a keyblock when it is no + * longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock); +/** + * Retrieve the send subkey from an auth context. + * + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [out] key Send subkey + * + * This function sets @a key to the send subkey from @a auth_context. Use + * krb5_k_free_key() to release @a key when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey_k(krb5_context ctx, krb5_auth_context ac, krb5_key *key); +/** + * Retrieve the receiving subkey from an auth context as a keyblock. + * + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [out] keyblock Receiving subkey + * + * This function creates a keyblock containing the receiving subkey from @a + * auth_context. Use krb5_free_keyblock() to free @a keyblock when it is no + * longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock); /** - * @brief Retrieve a @a recv_subkey keyblock from a _kb5_auth_context structure. + * Retrieve the receiving subkey from an auth context as a keyblock. * - * @param ctx Context structure [input, output] - * @param ac Authentication context [input, output} - * @param key @a recv_subkey keyblock stored in @c _krb5_auth_context + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [out] key Receiving subkey * - * Make sure to free the allocated memory when it is no longer needed. + * This function sets @a key to the receiving subkey from @a auth_context. Use + * krb5_k_free_key() to release @a key when it is no longer needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey_k(krb5_context ctx, krb5_auth_context ac, krb5_key *key); /** - * @param ctx - * @param ac Authentication context [input, output] - * @param keyblock Key + * Set the send subkey in an auth context with a keyblock. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [in] keyblock Send subkey + * + * This function sets the send subkey in @a ac to a copy of @a keyblock. + * + * @retval 0 Success. Otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock); +/** + * Set the send subkey in an auth context. + * + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [out] key Send subkey + * + * This function sets the send subkey in @a ac to @a key, incrementing its + * reference count. + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey_k(krb5_context ctx, krb5_auth_context ac, krb5_key key); /** - * @brief Set the @a recv_subkey keyblock in a @c _krb5_auth_context structure. + * Set the receiving subkey in an auth context with a keyblock. * - * @param ctx Context structure [input, output] - * @param ac Authentication context [input, output} - * @param keyblock @a recv_subkey stored in @c _krb5_auth_context [input, output] + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [in] keyblock Receiving subkey * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function sets the receiving subkey in @a ac to a copy of @a keyblock. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock); +/** + * Set the receiving subkey in an auth context. + * + * @param [in] ctx Library context + * @param [in] ac Authentication context + * @param [in] key Receiving subkey + * + * This function sets the receiving subkey in @a ac to @a key, incrementing its + * reference count. + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey_k(krb5_context ctx, krb5_auth_context ac, krb5_key key); #if KRB5_DEPRECATED - /** @deprecated */ +/** @deprecated Replaced by krb5_auth_con_getsendsubkey(). */ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock); - /** @deprecated Replaced by krb5_auth_con_getrecvsubkey() */ +/** @deprecated Replaced by krb5_auth_con_getrecvsubkey(). */ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock); #endif /** - * @brief Retrieve the local sequence number used during authentication and store - * it in the @a seqnumber field of a @c _krb5_auth_context structure. + * Retrieve the local sequence number from an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param seqnumber Pointer to memory allocated for storage of local sequence number [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] seqnumber Local sequence number * - * Make sure to free the allocated memory when it is no longer needed. + * Retrieve the local sequence number from @a auth_context and return it in @a + * seqnumber. The #KRB5_AUTH_CONTEXT_DO_SEQUENCE flag must be set in @a + * auth_context for this function to be useful. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ - krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalseqnumber(krb5_context context, krb5_auth_context auth_context, krb5_int32 *seqnumber); /** - * @brief Retrieve the remote sequence number used during authentication, and store it in a @c _krb5_auth_context structure. + * Retrieve the remote sequence number from an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param seqnumber Pointer to memorary allocated to store the remote sequence number [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] seqnumber Remote sequence number * - * Make sure to free the allocated memory when it is no longer needed. + * Retrieve the remote sequence number from @a auth_context and return it in @a + * seqnumber. The #KRB5_AUTH_CONTEXT_DO_SEQUENCE flag must be set in @a + * auth_context for this function to be useful. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getremoteseqnumber(krb5_context context, krb5_auth_context auth_context, krb5_int32 *seqnumber); #if KRB5_DEPRECATED -/** @deprecated Replaced by krb5_auth_con_mk_prv() */ +/** @deprecated Not replaced. + * + * RFC 4120 doesn't have anything like the initvector concept; + * only really old protocols may need this API. + */ KRB5_ATTR_DEPRECATED krb5_error_code KRB5_CALLCONV krb5_auth_con_initivector(krb5_context context, krb5_auth_context auth_context); #endif /** - * @brief Set the replay cache used by the authentication routine. + * Set the replay cache in an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param rcache Replay cache to be set [input] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] rcache Replay cache haddle * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function sets the replay cache in @a auth_context to @a rcache. @a + * rcache will be closed when @a auth_context is freed, so the caller should + * relinguish that responsibility. + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_setrcache(krb5_context context, krb5_auth_context auth_context, krb5_rcache rcache); /** - * @brief Get an IP address and port and generate a full IP address. + * Retrieve the replay cache from an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param rcache @a rccache field from @c _krb5_ auth_context [output] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] rcache Replay cache handle * - * Make sure to free the allocated memory when it is no longer needed. + * This function fetches the replay cache from @a auth_context. The caller + * should not close @a rcache. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV_WRONG krb5_auth_con_getrcache(krb5_context context, krb5_auth_context auth_context, krb5_rcache *rcache); /** - * @brief Retrieve the authenticator used during mutual authentication. + * Retrieve the authenticator from an auth context. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param authenticator Authenticator used during mutual authentication [output] + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [out] authenticator Authenticator * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_authenticator() to free @a authenticator when it is no longer + * needed. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success. Otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_getauthenticator(krb5_context context, krb5_auth_context auth_context, krb5_authenticator **authenticator); +/** + * Set checksum type in an an auth context. + * + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] cksumtype Checksum type + * + * This function sets the checksum type in @a auth_context to be used by + * krb5_mk_req() for the authenticator checksum. + * + * @retval 0 Success. Otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype(krb5_context context, krb5_auth_context auth_context, krb5_cksumtype cksumtype); @@ -5418,30 +5866,26 @@ krb5_auth_con_set_req_cksumtype(krb5_context context, krb5_auth_context auth_con */ /** - * @brief Read a password from the keyboard input. - * - * @param context Context structure [input] - * @param prompt First user prompt when reading password [input] - * @param prompt2 Second user prompt, or NULL to read password only once [input] - * @param return_pwd Returned password [output] - * @param size_return During input, maximum size of password; - * during output, total number of bytes in @a return_pwd [input, output] + * @brief Read a password from keyboard input. * - * The first *size_return bytes of the password entered are - * returned in @a return_pwd. If fewer than *size_return bytes are entered as a password, - * the remainder of @a return_pwd is zeroed. - * Upon success, the total number of bytes filled in is stored in *size_return. + * @param [in] context Library context + * @param [in] prompt First user prompt when reading password + * @param [in] prompt2 Second user prompt (NULL to prompt only once) + * @param [out] return_pwd Returned password + * @param [in,out] size_return On input, maximum size of password; on output, + * size of password read * - * @a prompt is the prompt for the first reading of a password. It is printed - * to the terminal, and then a password is read from the keyboard. No newlines - * or spaces are emitted between the prompt and the cursor, unless the newline/space - * is included in the prompt. + * This function reads a password from keyboard input and stores it in @a + * return_pwd. @a size_return should be set by the caller to the amount of + * storage space available in @a return_pwd; on successful return, it will be + * set to the length of the password read. * - * If @a prompt2 is a NULL pointer, the password is read only once. + * @a prompt is printed to the terminal, followed by ": ", and then a password + * is read from the keyboard. * - * If @a prompt2 is set, it is used as a prompt to read another - * password in the same manner as described for the first password. After the - * second password is read, the two passwords are compared, and an error is returned if they are not identical. + * If @a prompt2 is NULL, the password is read only once. Otherwise, @a + * prompt2 is printed to the terminal and a second password is read. If the + * two passwords entered are not identical, KRB5_LIBOS_BADPWDMATCH is returned. * * Echoing is turned off when the password is read. * @@ -5458,16 +5902,20 @@ krb5_read_password(krb5_context context, char *return_pwd, unsigned int *size_return); /** - * @brief Convert a principal name to a local name. + * Convert a principal name to a local name. * - * @param context Context structure [input, output] - * @param aname Principal name [input] - * @param lnsize_in Maximum length name to be filled into @a lname [input] - * @param lname Local name [output] + * @param [in] context Library context + * @param [in] aname Principal name + * @param [in] lnsize_in Space available in @a lname + * @param [out] lname Local name buffer to be filled in + * + * If @a aname does not correspond to any local account, KRB5_LNAME_NOTRANS is + * returned. If @a lnsize_in is too small for the local name, + * KRB5_CONFIG_NOTENUFSPACE is returned. * * Local names, rather than principal names, can be used by programs that - * translate to an environment-specific name (for example, a user account - * name). The translation is null-terminated in all non-error returns. + * translate to an environment-specific name (for example, a user account + * name). * * @retval * 0 Success @@ -5481,21 +5929,20 @@ krb5_aname_to_localname(krb5_context context, krb5_const_principal aname, int lnsize_in, char *lname); /** - * @brief Get the Kerberos realm names for a host. - * - * @param context Context structure [input] - * @param host Host name [input] - * @param realmsp Pointer to list of realm names [output] + * Get the Kerberos realm names for a host. * + * @param [in] context Library context + * @param [in] host Host name (or NULL) + * @param [out] realmsp Null-terminated list of realm names * - * Fill in @a realmsp with a pointer to an @c argv style list of names, terminated with a NULL pointer. + * Fill in @a realmsp with a pointer to a null-terminated list of realm names. + * If there are no known realms for the host, a list containing the referral + * (empty) realm is returned. * - * If host is NULL, the local host's realms are determined. + * If @a host is NULL, the local host's realms are determined. * - * If there are no known realms for the host, the filled-in pointer is - * set to NULL. - * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_host_realm() to release @a realmsp when it is no longer + * needed. * * @retval * 0 Success @@ -5509,291 +5956,260 @@ krb5_get_host_realm(krb5_context context, const char *host, char ***realmsp); /** * - * @param context Context structure [input, output] - * @param hdata - * @param realmsp + * @param [in] context Library context + * @param [in] hdata Host name (or NULL) + * @param [out] realmsp Null-terminated list of realm names + * + * Fill in @a realmsp with a pointer to a null-terminated list of realm names + * obtained through heuristics or insecure resolution methods which have lower + * priority than KDC referrals. * - * @todo part of referrals support? param descriptions? added pointer descr. + * If @a host is NULL, the local host's realms are determined. * - * Make sure to free the allocated memory when it is no longer needed. + * Use krb5_free_host_realm() to release @a realmsp when it is no longer + * needed. */ krb5_error_code KRB5_CALLCONV krb5_get_fallback_host_realm(krb5_context context, krb5_data *hdata, char ***realmsp); /** - * @brief Free memory allocated by krb5_get_host_realm(). + * Free the memory allocated by krb5_get_host_realm(). * - * @param context Context structure [input] - * @param realmlist Pointer to list of realm names [output] + * @param [in] context Library context + * @param [in] realmlist List of realm names to be released * * @retval * 0 Success * @return - * Kerberos error codes + * Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_free_host_realm(krb5_context context, char *const *realmlist); /** - * @brief Determine if the local user is authorized to log into an account with a designated principal and username. + * Determine if a principal is authorized to log in as a local user. * - * @param context Context structure [input] - * @param principal Principal name [input] - * @param luser Local username [input] + * @param [in] context Library context + * @param [in] principal Principal name + * @param [in] luser Local username + * + * Determine whether @a principal is authorized to log in as a local user @a + * luser. * * @retval - * TRUE User is authorized to log in - * @retval - * FALSE User is not authorized to log in + * TRUE Principal is authorized to log in as user; FALSE otherwise. */ krb5_boolean KRB5_CALLCONV krb5_kuserok(krb5_context context, krb5_principal principal, const char *luser); /** - * @brief Generate a full IP address from @a address and port. + * Generate auth context addresses from a connected socket. * - * @param context Context structure [input, output] - * @param auth_context Authentication context [input, output} - * @param infd Input socket file descriptor [input] - * @param flags Input flags, defined in @c KRB\$ROOT:[INCLUDE]KRB5. + * @param [in] context Library context + * @param [in] auth_context Authentication context + * @param [in] infd Connected socket descriptor + * @param [in] flags Flags * - * The values for the symbols can be OR'd together. Valid values are: + * This function sets the local and/or remote addresses in @a auth_context + * based on the local and remote endpoints of the socket @a infd. The + * following flags determine the operations performed: * - * @li @c KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR - * @li @c KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR - * @li @c KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR - * @li @c KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR + * @li #KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR Generate local address. + * @li #KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR Generate remote address. + * @li #KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR Generate local address and port. + * @li #KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR Generate remote address and port. * - * Make sure to free the allocated memory when it is no longer needed. - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs(krb5_context context, krb5_auth_context auth_context, int infd, int flags); /** - * @brief Set time offset field in a @c _krb5_context structure. + * Set time offset field in a krb5_context structure. * - * @param context Context structure [input, output] - * @param seconds Number of seconds to set in @c time_offset field in @a context [input] - * @param microseconds Number of microseconds to set in @c usec_offset field in context [input] + * @param [in] context Library context + * @param [in] seconds Real time, seconds portion + * @param [in] microseconds Real time, microseconds portion * - * Take the @a real @a time as input, and set the time offset fields in the - * context structure so the @c krb5_time routines return the correct time, as corrected by the difference - * between the system time and the @a real @a time as passed to this routine. + * This function sets the time offset in @a context to the difference between + * the system time and the real time as determined by @a seconds and @a + * microseconds. * - * Make sure to free the allocated memory when it is no longer needed. - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV -krb5_set_real_time(krb5_context context, krb5_timestamp seconds, krb5_int32 microseconds); +krb5_set_real_time(krb5_context context, krb5_timestamp seconds, + krb5_int32 microseconds); /** - * @brief Return the time offsets from the OS context. + * Return the time offsets from the os context. * - * @param context Context structure [input, output] - * @param seconds Time offset from the OS context, seconds portion [output] - * @param microseconds Time offset from the OS context, microseconds portion [output] + * @param [in] context Library context + * @param [out] seconds Time offset, seconds portion + * @param [out] microseconds Time offset, microseconds portion * - * Make sure to free the allocated memory when it is no longer needed. + * This function returns the time offsets in @a context. * - * @retval - * 0 Success - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_get_time_offsets(krb5_context context, krb5_timestamp *seconds, krb5_int32 *microseconds); /* str_conv.c */ /** - * @brief Convert a string to an encryption type. + * Convert a string to an encryption type. * - * @param string Pointer to string to convert to an encryption type [input] - * @param enctypep Pointer to encryption type [output] + * @param [in] string String to convert to an encryption type + * @param [out] enctypep Encryption type * - * @retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @return - * Kerberos error codes - * @sa enctype + * @retval 0 Success; otherwise - EINVAL */ krb5_error_code KRB5_CALLCONV krb5_string_to_enctype(char *string, krb5_enctype *enctypep); /** - * @brief Convert a string to a salt type. + * Convert a string to a salt type. * - * @param string Pointer to string to convert [input] - * @param salttypep Pointer to salt type [output] + * @param [in] string String to convert to an encryption type + * @param [out] salttypep Salt type to be filled in * - * @retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - EINVAL */ krb5_error_code KRB5_CALLCONV krb5_string_to_salttype(char *string, krb5_int32 *salttypep); /** - * @brief Convert a string to a checksum type. + * Convert a string to a checksum type. * - * @param string Pointer to the string value to be converted [input] - * @param cksumtypep Pointer to checksum type [output] + * @param [in] string String to be converted + * @param [out] cksumtypep Checksum type to be filled in * - * @retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @return - * Kerberos error codes - * - * @sa cksumtype + * @retval 0 Success; otherwise - EINVAL */ krb5_error_code KRB5_CALLCONV krb5_string_to_cksumtype(char *string, krb5_cksumtype *cksumtypep); /** - * @brief Convert a string to a timestamp. + * Convert a string to a timestamp. * - * @param string Pointer to string to convert [input] - * @param timestampp Pointer to timestamp [output] + * @param [in] string String to be converted + * @param [out] timestampp Pointer to timestamp * - * @retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - EINVAL */ krb5_error_code KRB5_CALLCONV krb5_string_to_timestamp(char *string, krb5_timestamp *timestampp); /** - * @brief Convert a string to a delta time value. + * Convert a string to a delta time value. * - * @param string Pointer to string to convert [input] - * @param deltatp Pointer to delta time [output] + * @param [in] string String to be converted + * @param [out] deltatp Delta time to be filled in * - * @retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @retval - * Kerberos error codes + * @retval 0 Success; otherwise - KRB5_DELTAT_BADFORMAT */ krb5_error_code KRB5_CALLCONV krb5_string_to_deltat(char *string, krb5_deltat *deltatp); /** - * @brief Convert a Kerberos encryption type value to a string. + * Convert an encryption type to a string. * - * @param enctype Encrytion type value to convert [input] - * @param buffer Pointer to a buffer to hold encryption type string [output] - * @param buflen Maximum length of the string that can fit in @a buffer [input] + * @param [in] enctype Encryption type + * @param [out] buffer Buffer to hold encryption type string + * @param [in] buflen Storage available in @a buffer * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes - * - * @sa enctype + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_enctype_to_string(krb5_enctype enctype, char *buffer, size_t buflen); +/** + * Convert an encryption type to a name or alias. + * + * @param [in] enctype Encryption type + * @param [in] shortest Flag + * @param [out] buffer Buffer to hold encryption type string + * @param [in] buflen Storage available in @a buffer + * + * If @a shortest is FALSE, this function returns the enctype's canonical name + * (like "aes128-cts-hmac-sha1-96"). If @a shortest is TRUE, it return the + * enctype's shortest alias (like "aes128-cts"). + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_enctype_to_name(krb5_enctype enctype, krb5_boolean shortest, char *buffer, size_t buflen); /** - * @brief Convert a @a salttype to a string. + * Convert a salt type to a string. * - * @param salttype Salttype to convert [input] - * @param buffer Pointer to buffer to receive the converted string [output] - * @param buflen Length of buffer [input] + * @param [in] salttype Salttype to convert + * @param [out] buffer Buffer to receive the converted string + * @param [in] buflen Storage available in @a buffer * - *@retval - * 0 Success - * @retval - * EINVAL Invalid parameter - * @retval - * ENOMEM Insufficient memory (buffer length less than output size) - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_salttype_to_string(krb5_int32 salttype, char *buffer, size_t buflen); +/** + * Convert a checksum type to a string. + * + * @param [in] cksumtype Checksum type + * @param [out] buffer Buffer to hold converted checksum type + * @param [in] buflen Storage available in @a buffer + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_cksumtype_to_string(krb5_cksumtype cksumtype, char *buffer, size_t buflen); /** - *@brief Convert a timestamp to a string. + * Convert a timestamp to a string. * - * @param timestamp Timestamp to be converted [input] - * @param buffer Buffer to hold converted timestamp [output] - * @param buflen Maximum length of buffer [input] + * @param [in] timestamp Timestamp to convert + * @param [out] buffer Buffer to hold converted timestamp + * @param [in] buflen Storage available in @a buffer * - * The string is returned in the locale's appropriate date and time representation. + * The string is returned in the locale's appropriate date and time + * representation. * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_timestamp_to_string(krb5_timestamp timestamp, char *buffer, size_t buflen); /** - * @brief Convert a timestamp to a string, allowing optional padding in the output buffer. + * Convert a timestamp to a string, with optional output padding * - * @param timestamp Timestamp to convert [input] - * @param buffer Buffer to hold the converted timestamp [output] - * @param buflen Length of buffer [input] - * @param pad Optional value to pad @a buffer if converted timestamp does not fill it [input] + * @param [in] timestamp Timestamp to convert + * @param [out] buffer Buffer to hold the converted timestamp + * @param [in] buflen Length of buffer + * @param [in] pad Optional value to pad @a buffer if converted + * timestamp does not fill it * - * This function also tries multiple possible formats if the default locale-specific fails. + * If @a pad is not NULL, @a buffer is padded out to @a buflen - 1 characters + * with the value of *@a pad. * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV -krb5_timestamp_to_sfstring(krb5_timestamp timestamp, char *buffer, size_t buflen, char *pad); +krb5_timestamp_to_sfstring(krb5_timestamp timestamp, char *buffer, + size_t buflen, char *pad); /** - * @brief Convert a relative time value to a string. + * Convert a relative time value to a string. * - * @param deltat Relative time value to convert [input] - * @param buffer Pointer to buffer to hold time string [output] - * @param buflen Maximum length of string that fits in @a buffer [input] + * @param [in] deltat Relative time value to convert + * @param [out] buffer Buffer to hold time string + * @param [in] buflen Storage available in @a buffer * - * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @return - * Kerberos error codes + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_deltat_to_string(krb5_deltat deltat, char *buffer, size_t buflen); @@ -5807,37 +6223,37 @@ krb5_deltat_to_string(krb5_deltat deltat, char *buffer, size_t buflen); #define KRB5_RECVAUTH_BADAUTHVERS 0x0002 /* initial ticket api functions */ -/** - * @brief Text for prompt used in prompter callback function. - */ +/** Text for prompt used in prompter callback function. */ typedef struct _krb5_prompt { - char *prompt; - int hidden; - krb5_data *reply; + char *prompt; /**< The prompt to show to the user */ + int hidden; /**< Boolean; informative prompt or hidden (e.g. PIN) */ + krb5_data *reply; /**< Must be allocated before call to prompt routine */ } krb5_prompt; -/** - * @brief Pointer to a prompter callback function. - */ +/** Pointer to a prompter callback function. */ typedef krb5_error_code (KRB5_CALLCONV *krb5_prompter_fct)(krb5_context context, void *data, const char *name, const char *banner, int num_prompts, krb5_prompt prompts[]); /** - * @brief Prompt user for password. + * Prompt user for password. * - * @param context Context structure [input, output] - * @param data Unused - * @param name Name to output during prompt [input] - * @param banner Banner to output during prompt [input] - * @param num_prompts Number of prompts passed in @a prompts [input] - * @param prompts Array of krb5_prompt structures containing output prompts and replies [input, output] + * @param [in] context Library context + * @param data Unused (callback argument) + * @param [in] name Name to output during prompt + * @param [in] banner Banner to output during prompt + * @param [in] num_prompts Number of prompts in @a prompts + * @param [in,out] prompts Array of output prompts and replies * - * Prompt the user for the password associated with the given principal name, - * and set the reply field of the @a prompts argument to the password input. The hidden - * flag in the @c prompts structure controls whether the password input is echoed back - * to the terminal. + * This function is intended to be used as a prompter callback for + * krb5_get_init_creds_password() or krb5_init_creds_init(). + * + * Writes @a name and @a banner to stdout, each followed by a newline, then + * writes each prompt field in the @a prompts array, followed by ": ", and sets + * the reply field of the entry to a line of input read from stdin. If the + * hidden flag is set for a prompt, then terminal echoing is turned off when + * input is read. * * @retval * 0 Success @@ -5850,9 +6266,7 @@ krb5_prompter_posix(krb5_context context, void *data, const char *name, const char *banner, int num_prompts, krb5_prompt prompts[]); - /** - * @brief Store options for @c _krb5_get_init_creds - */ +/** Store options for @c _krb5_get_init_creds */ typedef struct _krb5_get_init_creds_opt { krb5_flags flags; krb5_deltat tkt_life; @@ -5877,139 +6291,113 @@ typedef struct _krb5_get_init_creds_opt { #define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080 #define KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT 0x0100 #define KRB5_GET_INIT_CREDS_OPT_CANONICALIZE 0x0200 -#define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0400 +#define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0400 /** - * @brief Provide extended functionality to krb5_get_init_creds_opt_init() functionality + * Allocate a new initial credential options structure. * - * @param context Context structure [input, output] - * @param opt Pointer to @a opts field in @c _krb5_get_init_creds_opt [input] + * @param [in] context Library context + * @param [out] opt New options structure * - * Make sure to free the allocated memory when it is no longer needed. + * This function is the preferred way to create an options structure for + * getting initial credentials, and is required to make use of certain options. + * Use krb5_get_init_creds_opt_free() to free @a opt when it is no longer + * needed. * - * @sa getinitcreds + * @retval 0 - Success; Kerberos errors otherwise. */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_alloc(krb5_context context, krb5_get_init_creds_opt **opt); /** - * @brief Free the extended options allocated by krb5_get_init_creds_opt_alloc(). + * Free initial credential options. * - * @param context Context structure [input, output] - * @param opt Pointer to extended options field in @c _krb5_get_init_creds_opt [input] + * @param [in] context Library context + * @param [in] opt Options structure to free * - * @return - * None + * @sa krb5_get_init_creds_opt_alloc() */ void KRB5_CALLCONV krb5_get_init_creds_opt_free(krb5_context context, krb5_get_init_creds_opt *opt); -/** - * @brief Set @a opt field of @c _krb5_get_init_creds_opt to zero. - * - * @param opt Pointer to @c _krb5_get_init_creds_opt [input, output] - * - * @note Call this function on an options structure on which krb5_init_creds_opt_alloc() has been called. - * - * Make sure to free the allocated memory when it is no longer needed. - * @return - * None - */ +/** @deprecated Use krb5_get_init_creds_opt_alloc() instead. */ void KRB5_CALLCONV krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt); /** - * @brief Initialize the ticket lifetime field in @c _krb5_get_init_creds_opt. + * Set the ticket lifetime in initial credential options. * - * @param opt Pointer to structure containing flags and options [input, output] - * @param tkt_life Ticket lifetime [input] - * - * Make sure to free the allocated memory when it is no longer needed. - * @return - * None + * @param [in] opt Options structure + * @param [in] tkt_life Ticket lifetime */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt, krb5_deltat tkt_life); /** - * @brief Set the ticket renewal lifetime field in @c _krb5_get_init_creds_opt. + * Set the ticket renewal lifetime in initial credential options. * - * @param opt Pointer to @a options field [output] - * @param renew_life Ticket renewal lifetime [input] - * - * Make sure to free the allocated memory when it is no longer needed. - * @return - * None + * @param [in] opt Pointer to @a options field + * @param [in] renew_life Ticket renewal lifetime */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_renew_life(krb5_get_init_creds_opt *opt, krb5_deltat renew_life); /** - * @brief Set the forwardable field in @c _krb5_get_init_creds_opt. + * Set or unset the forwardable flag in initial credential options. * - * @param opt Pointer to options field [output] - * @param forwardable Flag indicating whether credentials are forwardable [input] - * - * Make sure to free the allocated memory when it is no longer needed. - * @return - * None + * @param [in] opt Options structure + * @param [in] forwardable Whether credentials should be forwardable */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_forwardable(krb5_get_init_creds_opt *opt, int forwardable); /** - * @brief Set the proxiable field in @c _krb5_get_init_creds_opt. - * - * @param opt Pointer to options field [output] - * @param proxiable Flag indicating whether credentials are proxiable [input] - * - * Make sure to free the allocated memory when it is no longer needed. + * Set or unset the proxiable flag in initial credential options. * - * @return - * None + * @param [in] opt Options structure + * @param [in] proxiable Whether credentials should be proxiable */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_proxiable(krb5_get_init_creds_opt *opt, int proxiable); +/** + * Set or unset the canonicalize flag in initial credential options. + * + * @param [in] opt Options structure + * @param [in] canonicalize Whether to canonicalize client principal + */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_canonicalize(krb5_get_init_creds_opt *opt, int canonicalize); /** - * Request anonymous credentials from the KDC. If the client name looks like - * "@REALM" (an empty principal name), then fully anonymous credentials are - * requested. If the client name looks like "name@REALM," then credentials - * tied to a specific realm are requested. + * Set or unset the anonymous flag in initial credential options. * - * Credentials tied to a specific realm are not supported in this version. + * @param [in] opt Options structure + * @param [in] anonymous Whether to make an anonymous request * - * Note that anonymous credentials are only a request; clients must verify that - * credentials are anonymous if that is a requirement. + * This function may be used to request anonymous credentials from the KDC by + * setting @a anonymous to non-zero. Note that anonymous credentials are only + * a request; clients must verify that credentials are anonymous if that is a + * requirement. */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_anonymous(krb5_get_init_creds_opt *opt, int anonymous); /** - *@brief Set the encryption list field in the @c _krb5_get_init_creds_opt. + * Set allowable encryption types in initial credential options. * - * @param opt Pointer to options field [output] - * @param etype_list Pointer to the encryption type to set [input] - * @param etype_list_length Length of the etype_list field [input] - * - * Make sure to free the allocated memory when it is no longer needed. - * - * @return - * None - * - * @sa enctype + * @param [in] opt Options structure + * @param [in] etype_list Array of encryption types + * @param [in] etype_list_length Length of @a etype_list */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, @@ -6017,79 +6405,77 @@ krb5_get_init_creds_opt_set_etype_list(krb5_get_init_creds_opt *opt, int etype_list_length); /** - * @brief Set the address list in @c _krb5_get_init_creds_opt. + * Set address restrictions in initial credential options. * - * @param opt Pointer to options field [output] - * @param addresses Pointer to the address to set [input] - * - * @return - * None + * @param [in] opt Options structure + * @param [in] addresses Null-terminated array of addresses */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt, krb5_address **addresses); /** - * @brief Set the @a preauth_list field in @c _krb5_get_init_creds_opt. + * Set preauthentication types in initial credential options. * - * @param opt Pointer to options field [output] - * @param preauth_list Pointer to Pre-athentication type [input] - * @param preauth_list_length Length of @a preauth_list field [input] + * @param [in] opt Options structure + * @param [in] preauth_list Array of preauthentication types + * @param [in] preauth_list_length Length of @a preauth_list * - * @sa padata + * This function can be used to perform optimistic preauthentication when + * getting initial credentials, in combination with + * krb5_get_init_creds_opt_set_salt() and krb5_get_init_creds_opt_set_pa(). */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt, krb5_preauthtype *preauth_list, int preauth_list_length); +/** + * Set salt for optimistic preauthentication in initial credential options. + * + * @param [in] opt Options structure + * @param [in] salt Salt data + * + * When getting initial credentials with a password, a salt string it used to + * convert the password to a key. Normally this salt is obtained from the + * first KDC reply, but when performing optimistic preauthentication, the + * client may need to supply the salt string with this function. + */ void KRB5_CALLCONV krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt, krb5_data *salt); /** - * @brief Set flag in @c _krb5_get_init_creds_opt that determines whether to prompt for a password + * Set or unset change-password-prompt flag in initial credential options. * - * @param opt Pointer to @c _krb5_get_init_creds_opt - * @param prompt Prompt to change password + * @param [in] opt Options structure + * @param [in] prompt Whether to prompt to change password * - * change for an expired password. - * - * @return - * None - * @sa getinitcreds + * This flag is on by default. It controls whether + * krb5_get_init_creds_password() will react to an expired-password error by + * prompting for a new password and attempting to change the old one. */ void KRB5_CALLCONV -krb5_get_init_creds_opt_set_change_password_prompt(krb5_get_init_creds_opt - *opt, int prompt); +krb5_get_init_creds_opt_set_change_password_prompt(krb5_get_init_creds_opt *opt, + int prompt); -/** @brief Generic preauth option attribute/value pairs */ +/** Generic preauth option attribute/value pairs */ typedef struct _krb5_gic_opt_pa_data { char *attr; char *value; } krb5_gic_opt_pa_data; /** - * @brief Validate options passed to @a preauth plugins by krb5_get_init_creds_opt_alloc(). - * - * @param context Context structure [input, output] - * @param opt Pre options [input] - * @param attr Pre attribute [input] - * @param value Pre value [input] - * - * @retval - * 0 Success - * @return - * Kerberos error codes + * Supply options for preauthentication in initial credential options. * - * Make sure to free the allocated memory when it is no longer needed. + * @param [in] context Library context + * @param [in] opt Options structure + * @param [in] attr Preauthentication option name + * @param [in] value Preauthentication option value * - * This function allows the caller to supply options to preauth - * plugins. Preauth plugin modules are given a chance to look - * at each option at the time this function is called in ordre - * to check the validity of the option. - * The 'opt' pointer supplied to this function must have been - * obtained using krb5_get_init_creds_opt_alloc() + * This function allows the caller to supply options for preauthentication. + * The values of @a attr and @a value are supplied to each preauthentication + * module available within @a context. */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_pa(krb5_context context, @@ -6097,47 +6483,88 @@ krb5_get_init_creds_opt_set_pa(krb5_context context, const char *value); /** - * This API sets a ccache name that will contain some TGT on calls to - * t_init_creds functions. If set, this ccache will be used for FAST - * (draft-ietf-krb-wg-preauth-framework) to protect the AS-REQ from observation - * and active attack. If the fast_ccache_name is set, then FAST may be - * required by the client library. In this and future versions, FAST will be - * used if available; krb5_get_init_creds_opt_set_fast_flags() may be used to - * require that the request fail is FAST is unavailable. In MIT Kerberos 1.7 - * setting the fast ccache at all required that FAST be present or the request - * would fail. + * Set location of FAST armor ccache in initial credential options. + * + * @param [in] context Library context + * @param [in] opt Options + * @param [in] fast_ccache_name Credential cache name + * + * Sets the location of a credential cache containing an armor ticket to + * protect an initial credential exchange using the FAST protocol extension. + * + * In version 1.7, setting an armor ccache requires that FAST be used for the + * exchange. In version 1.8 or later, setting the armor ccache causes FAST to + * be used if the KDC supports it; krb5_get_init_creds_opt_set_fast_flags() + * must be used to require that FAST be used. */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_fast_ccache_name(krb5_context context, krb5_get_init_creds_opt *opt, const char *fast_ccache_name); -/** Set the FAST ccache name as in - * krb5_get_init_creds_opt_set_fast_ccache_name() but using a krb5_ccache - * rather than a name. +/** + * Set FAST armor cache in initial credential options. + * + * @param [in] context Library context + * @param [in] opt Options + * @param [in] ccache Credential cache handle + * + * This function is similar to krb5_get_init_creds_opt_set_fast_ccache_name(), + * but uses a credential cache handle instead of a name. + * + * @version First introduced in 1.9 */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_fast_ccache(krb5_context context, krb5_get_init_creds_opt *opt, - krb5_ccache fast_ccache_name); + krb5_ccache ccache); /** - * Set a ccache where resulting credentials will be stored. If set, then the - * krb5_get_init_creds family of APIs will write out credentials to the given - * ccache. Setting an output ccache is desirable both because it simplifies - * calling code and because it permits the krb5_get_init_creds APIs to write - * out configuration information about the realm to the ccache. + * Set an output credential cache in initial credential options. + * + * @param [in] context Library context + * @param [in] opt Options + * @param [in] ccache Credential cache handle + * + * If an output credential cache is set, then the krb5_get_init_creds family of + * APIs will write credentials to it. Setting an output ccache is desirable + * both because it simplifies calling code and because it permits the + * krb5_get_init_creds APIs to write out configuration information about the + * realm to the ccache. */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_out_ccache(krb5_context context, krb5_get_init_creds_opt *opt, krb5_ccache ccache); +/** + * Set FAST flags in initial credential options. + * + * @param [in] context Library context + * @param [in] opt Options + * @param [in] flags FAST flags + * + * The following flag values are valid: + * @li #KRB5_FAST_REQUIRED - Require FAST to be used + * + * @retval + * 0 - Success; Kerberos errors otherwise. + */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_fast_flags(krb5_context context, krb5_get_init_creds_opt *opt, krb5_flags flags); +/** + * Retrieve FAST flags from initial credential options. + * + * @param [in] context Library context + * @param [in] opt Options + * @param [out] out_flags FAST flags + * + * @retval + * 0 - Success; Kerberos errors otherwise. + */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_get_fast_flags(krb5_context context, krb5_get_init_creds_opt *opt, @@ -6153,7 +6580,14 @@ typedef void krb5_boolean is_last_req); /** - * @brief Set a callback to receive password and account expiration times. + * Set an expiration callback in initial credential options. + * + * @param [in] context Library context + * @param [in] opt Options structure + * @param [in] cb Callback function + * @param [in] data Callback argument + * + * Set a callback to receive password and account expiration times. * * This option only applies to krb5_get_init_creds_password(). @a cb will be * invoked if and only if credentials are successfully acquired. The callback @@ -6178,9 +6612,11 @@ typedef void * caller's responsibility to avoid displaying a password expiry warning in * this case. * - * Setting an expire callback with this API will cause + * @warning Setting an expire callback with this API will cause * krb5_get_init_creds_password() not to send password expiry warnings to the * prompter, as it ordinarily may. + * + * @version First introduced in 1.9 */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_opt_set_expire_callback(krb5_context context, @@ -6189,19 +6625,25 @@ krb5_get_init_creds_opt_set_expire_callback(krb5_context context, void *data); /** - * @brief Get initial credentials using a password. + * Get initial credentials using a password. + * + * @param [in] context Library context + * @param [out] creds New credentials + * @param [in] client Client principal + * @param [in] password Password (or NULL) + * @param [in] prompter Prompter function + * @param [in] data Prompter callback data + * @param [in] start_time Time when ticket becomes valid (0 for now) + * @param [in] in_tkt_service Service name of initial credentials (or NULL) + * @param [in] k5_gic_options Initial credential options * - * @param context Context structure [input, output] - * @param creds Pointer to credentials structure [output] - * @param client Client principal [input] - * @param password Password associated with initial credentials [input, output] - * @param prompter Pointer to password prompt routine [input] - * @param data Data for password prompt routine [input] - * @param start_time Time that credentials first became valid [input] - * @param in_tkt_service Pointer to output buffer containing the TGT [input] - * @param k5_gic_options Pointer to structure containing flags and options [input] + * This function requests KDC for an initial credentials for @a client using @a + * password. If @a password is NULL, a password will be prompted for using @a + * prompter if necessary. If @a in_tkt_service is specified, it is parsed as a + * principal name (with the realm ignored) and used as the service principal + * for the request; otherwise the ticket-granting service is used. * - * Make sure to free the allocated memory when it is no longer needed. + * @sa krb5_verify_init_creds() * * @retval * 0 Success @@ -6236,49 +6678,178 @@ krb5_get_init_creds_password(krb5_context context, krb5_creds *creds, struct _krb5_init_creds_context; typedef struct _krb5_init_creds_context *krb5_init_creds_context; -#define KRB5_INIT_CREDS_STEP_FLAG_CONTINUE 0x1 /* More responses needed */ +#define KRB5_INIT_CREDS_STEP_FLAG_CONTINUE 0x1 /**< More responses needed */ +/** + * Free an initial credentials context. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + */ void KRB5_CALLCONV krb5_init_creds_free(krb5_context context, krb5_init_creds_context ctx); +/** + * Acquire credentials using an initial credentials context. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * + * This function synchronously obtains credentials using a context created by + * krb5_init_creds_init(). On successful return, the credentials can be + * retrieved with krb5_init_creds_get_creds(). + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_get(krb5_context context, krb5_init_creds_context ctx); +/** + * Retrieve acquired credentials from an initial credentials context. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [out] creds Acquired credentials + * + * This function copies the acquired initial credentials from @a ctx into @a + * creds, after the successful completion of krb5_init_creds_get() or + * krb5_init_creds_step(). Use krb5_free_cred_contents() to free @a creds when + * it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_get_creds(krb5_context context, krb5_init_creds_context ctx, krb5_creds *creds); +/** + * Get the last error from KDC from an initial credentials context. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [out] error Error from KDC, or NULL if none was received + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_get_error(krb5_context context, krb5_init_creds_context ctx, krb5_error **error); +/** + * Create a context for acquiring initial credentials. + * + * @param [in] context Library context + * @param [in] client Client principal to get initial creds for + * @param [in] prompter Prompter callback + * @param [in] data Prompter callback argument + * @param [in] start_time Time when credentials become valid (0 for now) + * @param [in] options Options structure (NULL for default) + * @param [out] ctx New initial credentials context + * + * This function creates a new context for acquiring initial credentials. Use + * krb5_init_creds_free() to free @a ctx when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_init(krb5_context context, krb5_principal client, krb5_prompter_fct prompter, void *data, krb5_deltat start_time, krb5_get_init_creds_opt *options, krb5_init_creds_context *ctx); -krb5_error_code KRB5_CALLCONV -krb5_init_creds_set_keyblock(krb5_context context, krb5_init_creds_context ctx, - krb5_keyblock *keyblock); - +/** + * Specify a keytab to use for acquiring initial credentials. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [in] keytab Key table handle + * + * This function supplies a keytab containing the client key for an initial + * credentials request. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_set_keytab(krb5_context context, krb5_init_creds_context ctx, krb5_keytab keytab); +/** + * Get the next KDC request for acquiring initial credentials. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [in] in KDC response (empty on the first call) + * @param [out] out Next KDC request + * @param [out] realm Realm for next KDC request + * @param [out] flags Output flags + * + * This function constructs the next KDC request in an initial credential + * exchange, allowing the caller to control the transport of KDC requests and + * replies. On the first call, @a in should be set to an empty buffer; on + * subsequent calls, it should be set to the KDC's reply to the previous + * request. + * + * If more requests are needed, @a flags will be set to + * #KRB5_INIT_CREDS_STEP_FLAG_CONTINUE and the next request will be placed in + * @a out. If no more requests are needed, @a flags will not contain + * #KRB5_INIT_CREDS_STEP_FLAG_CONTINUE and @a out will be empty. + * + * If this function returns @c KRB5KRB_ERR_RESPONSE_TOO_BIG, the caller should + * transmit the next request using TCP rather than UDP. If this function + * returns any other error, the initial credential exchange has failed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_step(krb5_context context, krb5_init_creds_context ctx, krb5_data *in, krb5_data *out, krb5_data *realm, unsigned int *flags); +/** + * Set a password for acquiring initial credentials. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [in] password Password + * + * This function supplies a password to be used to construct the client key for + * an initial credentials request. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_set_password(krb5_context context, krb5_init_creds_context ctx, const char *password); +/** + * Specify a service principal for acquiring initial credentials. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [in] service Service principal string + * + * This function supplies a service principal string to acquire initial + * credentials for instead of the default krbtgt service. @a service is parsed + * as a principal name; any realm part is ignored. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_set_service(krb5_context context, krb5_init_creds_context ctx, const char *service); +/** + * Retrieve ticket times from an initial credentials context. + * + * @param [in] context Library context + * @param [in] ctx Initial credentials context + * @param [out] times Ticket times for acquired credentials + * + * The initial credentials context must have completed obtaining credentials + * via either krb5_init_creds_get() or krb5_init_creds_step(). + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_init_creds_get_times(krb5_context context, krb5_init_creds_context ctx, krb5_ticket_times *times); @@ -6287,20 +6858,28 @@ struct _krb5_tkt_creds_context; typedef struct _krb5_tkt_creds_context *krb5_tkt_creds_context; /** - * @brief Create a context to get credentials from a KDC's Ticket Granting Service. + * Create a context to get credentials from a KDC's Ticket Granting Service. + * + * @param[in] context Library context + * @param[in] ccache Credential cache handle + * @param[in] creds Input credentials + * @param[in] options @ref KRB5_GC options for this request. + * @param[out] ctx New TGS request context * - * @param[in] context A krb5 library context (see krb5_init_context()) - * @param[in] ccache A credentials cache containing the desired credentials - * or a Ticket Granting Ticket (TGT) for the client realm. - * TGT and service credentials may be stored into this - * cache as they are acquired. - * @param creds - * @param[in] options KRB5_GC_* options for this request. - * @param[out] ctx The TGS acquisition context. + * This function prepares to obtain credentials matching @a creds, either by + * retrieving them from @a ccache or by making requests to ticket-granting + * services beginning with a ticket-granting ticket for the client principal's + * realm. * * The resulting TGS acquisition context can be used asynchronously with * krb5_tkt_creds_step() or synchronously with krb5_tkt_creds_get(). See also - * krb5_get_credentials() for synchrous use. + * krb5_get_credentials() for synchronous use. + * + * Use krb5_tkt_creds_free() to free @a ctx when it is no longer needed. + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_tkt_creds_init(krb5_context context, krb5_ccache ccache, @@ -6308,58 +6887,82 @@ krb5_tkt_creds_init(krb5_context context, krb5_ccache ccache, krb5_tkt_creds_context *ctx); /** - * @brief Synchronously obtain credentials within an acquisition context. + * Synchronously obtain credentials using a TGS request context. + * + * @param[in] context Library context + * @param[in] ctx TGS request context * - * @param[in] context A krb5 library context (see krb5_init_context()) - * @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init()) + * This function synchronously obtains credentials using a context created by + * krb5_tkt_creds_init(). On successful return, the credentials can be + * retrieved with krb5_tkt_creds_get_creds(). * - * This function repeatedly generates requests, sends them to the appropriate - * realms' KDCs, and processes the replies until credentials are available for - * retrieval with krb5_tkt_creds_get_creds(). + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_tkt_creds_get(krb5_context context, krb5_tkt_creds_context ctx); /** - * @brief Retrieve credentials from an acquisition context, filling in @a creds. + * Retrieve acquired credentials from a TGS request context. * - * @param[in] context A krb5 library context (see krb5_init_context()) - * @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init()) - * @param[out] creds The acquired credentials + * @param[in] context Library context + * @param[in] ctx TGS request context + * @param[out] creds Acquired credentials * - * The acquisition context must have completed obtaining credentials via either - * krb5_tkt_creds_get() or krb5_tkt_creds_step(). + * This function copies the acquired initial credentials from @a ctx into @a + * creds, after the successful completion of krb5_tkt_creds_get() or + * krb5_tkt_creds_step(). Use krb5_free_cred_contents() to free @a creds when + * it is no longer needed. + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_tkt_creds_get_creds(krb5_context context, krb5_tkt_creds_context ctx, krb5_creds *creds); /** - * @brief Release the resources used by an acquisition context. + * Free a TGS request context. + * + * @param[in] context Library context + * @param[in] ctx TGS request context * - * @param[in] context A krb5 library context (see krb5_init_context()) - * @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init()) + * @version First introduced in 1.9 */ void KRB5_CALLCONV krb5_tkt_creds_free(krb5_context context, krb5_tkt_creds_context ctx); -#define KRB5_TKT_CREDS_STEP_FLAG_CONTINUE 0x1 /* More responses needed. */ +#define KRB5_TKT_CREDS_STEP_FLAG_CONTINUE 0x1 /**< More responses needed */ /** - * @brief Process a response and generate the next request to acquire credentials. + * Get the next KDC request in a TGS exchange. + * + * @param[in] context Library context + * @param[in] ctx TGS request context + * @param[in] in KDC response (empty on the first call) + * @param[out] out Next KDC request + * @param[out] realm Realm for next KDC request + * @param[out] flags Output flags + * + * This function constructs the next KDC request for a TGS exchange, allowing + * the caller to control the transport of KDC requests and replies. On the + * first call, @a in should be set to an empty buffer; on subsequent calls, it + * should be set to the KDC's reply to the previous request. * - * @param[in] context A krb5 library context (see krb5_init_context()) - * @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init()) - * @param[in] in The last response (empty or NULL for first call) - * @param[out] out The next request to be sent - * @param[out] realm The realm to which the next request should be sent - * @param[out] flags Indicates whether more responses are needed + * If more requests are needed, @a flags will be set to + * #KRB5_TKT_CREDS_STEP_FLAG_CONTINUE and the next request will be placed in @a + * out. If no more requests are needed, @a flags will not contain + * #KRB5_TKT_CREDS_STEP_FLAG_CONTINUE and @a out will be empty. * - * On the first call, @a in should be empty or NULL. If more responses are - * needed, the @a flags output parameter will contain @a - * KRB5_TKT_CREDS_STEP_FLAG_CONTINUE. In that case, the caller must transport - * @a out to a KDC for @a realm and receive a response, which should be - * provided as @a in to the next call. + * If this function returns @c KRB5KRB_ERR_RESPONSE_TOO_BIG, the caller should + * transmit the next request using TCP rather than UDP. If this function + * returns any other error, the TGS exchange has failed. + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_tkt_creds_step(krb5_context context, krb5_tkt_creds_context ctx, @@ -6367,39 +6970,46 @@ krb5_tkt_creds_step(krb5_context context, krb5_tkt_creds_context ctx, unsigned int *flags); /** - * @brief Retrieve ticket times for obtained credentials, filling in @a times. + * Retrieve ticket times from a TGS request context. * - * @param[in] context A krb5 library context (see krb5_init_context()) - * @param[in] ctx A TGS acquisition context (see krb5_tkt_creds_init()) - * @param[out] times Ticket times for the acquired credentials + * @param[in] context Library context + * @param[in] ctx TGS request context + * @param[out] times Ticket times for acquired credentials * - * The acquisition context must have completed obtaining credentials via either + * The TGS request context must have completed obtaining credentials via either * krb5_tkt_creds_get() or krb5_tkt_creds_step(). + * + * @version First introduced in 1.9 + * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_tkt_creds_get_times(krb5_context context, krb5_tkt_creds_context ctx, krb5_ticket_times *times); /** - * @brief Get initial credentials using a key table. + * Get initial credentials using a key table. * - * @param context Context structure [input, output] - * @param creds Pointer to credentials structure [output] - * @param client Client princiapl [input] - * @param arg_keytab Key table handle [input] - * @param start_time Time when a ticket becomes valid [input] - * @param in_tkt_service Requesting server's principal name [input] - * @param k5_gic_options Pointer to a structure containing flags and options [input] + * @param [in] context Library context + * @param [out] creds New credentials + * @param [in] client Client principal + * @param [in] arg_keytab Key table handle + * @param [in] start_time Time when ticket becomes valid (0 for now) + * @param [in] in_tkt_service Service name of initial credentials (or NLUL) + * @param [in] k5_gic_options Initial credential options * - * Make sure to free the allocated memory when it is no longer needed. + * This function requests KDC for an initial credentials for @a client using a + * client key stored in @a arg_keytab. If @a in_tkt_service is specified, it + * is parsed as a principal name (with the realm ignored) and used as the + * service principal for the request; otherwise the ticket-granting service is + * used. + * + * @sa krb5_verify_init_creds() * * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory + * 0 Success * @return * Kerberos error codes - * */ krb5_error_code KRB5_CALLCONV krb5_get_init_creds_keytab(krb5_context context, krb5_creds *creds, @@ -6409,84 +7019,104 @@ krb5_get_init_creds_keytab(krb5_context context, krb5_creds *creds, typedef struct _krb5_verify_init_creds_opt { krb5_flags flags; - int ap_req_nofail; + int ap_req_nofail; /**< boolean */ } krb5_verify_init_creds_opt; #define KRB5_VERIFY_INIT_CREDS_OPT_AP_REQ_NOFAIL 0x0001 /** - * @brief Initialize the @a flags field in @c _krb5_verify_init_creds_opt. + * Initialize a credential verification options structure. * - * @param k5_vic_options Pointer to options field [output] - * - * @return - * None + * @param [in] k5_vic_options Verification options structure */ void KRB5_CALLCONV krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *k5_vic_options); /** - * @brief Initialize the @a ap_req_nofail field in @c _krb5_verify_init_creds_opt. + * Set whether credential verification is required. * - * @param k5_vic_options Pointer to options field [output] - * @param ap_req_nofail Value to set for the ap_req_nofail field [input] + * @param [in] k5_vic_options Verification options structure + * @param [in] ap_req_nofail Whether to require successful verification * - * @return - * None - * @todo is @c ap_req_nofail parameter description accurate? + * This function determines how krb5_verify_init_creds() behaves if no keytab + * information is available. If @a ap_req_nofail is @c FALSE, verification + * will be skipped in this case and krb5_verify_init_creds() will return + * successfully. If @a ap_req_nofail is @c TRUE, krb5_verify_init_creds() will + * not return successfully unless verification can be performed. + * + * If this function is not used, the behavior of krb5_verify_init_creds() is + * determined through configuration. */ void KRB5_CALLCONV -krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt * - k5_vic_options, +krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt * k5_vic_options, int ap_req_nofail); /** - * @brief Verify initial credentials and store them in the credentials cache. + * Verify initial credentials against a keytab. * - * @param context Context structure [input, output] - * @param creds Pointer to initial credentials [input] - * @param ap_req_server Server principal [input] - * @param ap_req_keytab Key table entry [input] - * @param ccache Pointer to credentials cache [input, output] - * @param k5_vic_options Pointer to structure containing flags and options [input] + * @param [in] context Library context + * @param [in] creds Initial credentials to be verified + * @param [in] server_arg Server principal (or NULL) + * @param [in] keytab_arg Key table (NULL to use default keytab) + * @param [in,out] ccache_arg Credential cache for fetched creds (or NULL) + * @param [in] options Verification options (NULL for default options) * - * @retval - * 0 Success - * @return - * Kerberos error codes + * This function attempts to verify that @a creds were obtained from a KDC with + * knowledge of a key in @a keytab_arg. If @a server_arg is provided, the + * highest-kvno key entry for that principal name is used to verify the + * credentials; otherwise, the highest-kvno key entry for the first principal + * listed in @a keytab_arg is used. + * + * If the specified keytab does not exist, or is empty, or cannot be read, or + * does not contain an entry for @a server_arg, then credential verification + * may be skipped unless configuration demands that it succeed. The caller can + * control this behavior by providing a verification options structure; see + * krb5_verify_init_creds_opt_init() and + * krb5_verify_init_creds_opt_set_ap_req_nofail(). + * + * If @a ccache_arg is NULL, any additional credentials fetched during the + * verification process will be destroyed. If @a ccache_arg points to NULL, a + * memory ccache will be created for the additional credentials and returned in + * @a ccache_arg. If @a ccache_arg points to a valid credential cache handle, + * the additional credentials will be stored in that cache. * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_verify_init_creds(krb5_context context, krb5_creds *creds, - krb5_principal ap_req_server, krb5_keytab ap_req_keytab, - krb5_ccache *ccache, - krb5_verify_init_creds_opt *k5_vic_options); + krb5_principal server_arg, krb5_keytab keytab_arg, + krb5_ccache *ccache_arg, krb5_verify_init_creds_opt *options); /** - * @brief Get validated credentials from the KDC. + * Get validated credentials from the KDC. * - * @param context Context structure [input, output] - * @param creds Pointer to credentials structure [output] - * @param client Client principal [input] - * @param ccache Credentials cache [input] - * @param in_tkt_service Pointer to principal name of requesting server. + * @param [in] context Library context + * @param [out] creds Validated credentials + * @param [in] client Client principal name + * @param [in] ccache Credential cache + * @param [in] in_tkt_service Server principal string (or NULL) * - * Make sure to free the allocated memory when it is no longer needed. + * This function gets a validated credential using a postdated credential from + * @a ccache. If @a in_tkt_service is specified, it is parsed (with the realm + * part ignored) and used as the server principal of the credential; + * otherwise, the ticket-granting service is used. + * + * If successful, the validated credential is placed in @a creds. + * + * @sa krb5_get_renewed_creds() * * @retval - * 0 Success + * 0 Success * @retval - * KRB5_NO_2ND_TKT Request missing second ticket + * KRB5_NO_2ND_TKT Request missing second ticket * @retval - * KRB5_NO_TKT_SUPPLIED Request did not supply a ticket + * KRB5_NO_TKT_SUPPLIED Request did not supply a ticket * @retval * KRB5_PRINC_NOMATCH Requested principal and ticket do not match * @retval * KRB5_KDCREP_MODIFIED KDC reply did not match expectations * @retval * KRB5_KDCREP_SKEW Clock skew too great in KDC reply - * @retval - * ENOMEM Insufficient memory * @return * Kerberos error codes */ @@ -6496,22 +7126,23 @@ krb5_get_validated_creds(krb5_context context, krb5_creds *creds, char *in_tkt_service); /** - * @brief Renew a set of existing Kerberos credentials. + * Get renewed credential from KDC using an existing credential. * - * @param context Context structure [input, output] - * @param creds Pointer to credentials structure [output] - * @param client Client principal name [input] - * @param ccache Credentials cache [input] - * @param in_tkt_service Pointer to principal name of requesting server [input] + * @param [in] context Library context + * @param [out] creds Renewed credentials + * @param [in] client Client principal name + * @param [in] ccache Credential cache + * @param [in] in_tkt_service Server principal string (or NULL) * - * Make sure to free the allocated memory when it is no longer needed. + * This function gets a renewed credential using an existing one from @a + * ccache. If @a in_tkt_service is specified, it is parsed (with the realm + * part ignored) and used as the server principal of the credential; otherwise, + * the ticket-granting service is used. + * + * If successful, the renewed credential is placed in @a creds. * * @retval - * 0 Success - * @retval - * ENOMEM Insufficient memory - * @retval - * KRB5_PROG_ETYPE_NOSUPP Encryption type is not supported + * 0 Success * @return * Kerberos error codes */ @@ -6521,37 +7152,30 @@ krb5_get_renewed_creds(krb5_context context, krb5_creds *creds, char *in_tkt_service); /** - * @brief Decode a formatted ticket. - * - * @param code Formatted ticket [input] - * @param rep Decoded ticket information [output] + * Decode an ASN.1-formatted ticket. * - * @retval - * 0 Success - * @retval - * KRB5KDC_ERR_BAD_PVNO Bad key version number - * @return - * Kerberos error codes + * @param [in] code ASN.1-formatted ticket + * @param [out] rep Decoded ticket information * + * @retval 0 Success; otherwise - Kerberos error codes */ krb5_error_code KRB5_CALLCONV krb5_decode_ticket(const krb5_data *code, krb5_ticket **rep); /** - * @brief Check the @a appdefaults section of the @c krb5.conf file. + * Retrieve a string value from the appdefaults section of krb5.conf. * - * @param context Context structure [input, output] - * @param appname Pointer to application name [input] - * @param realm Pointer to realm name [input] - * @param option Pointer to option to be checked [input] - * @param default_value Default Boolean value to return if no match is found [input] - * @param ret_value Pointer to returned string value of @a option [output] + * @param [in] context Library context + * @param [in] appname Application name + * @param [in] realm Realm name + * @param [in] option Option to be checked + * @param [in] default_value Default value to return if no match is found + * @param [out] ret_value String value of @a option * - * Use @a krb5_appdefault_boolean to check Boolean values in the @a [appdefaults] section - * of @c krb5.conf. + * This function gets the application defaults for @a option based on the given + * @a appname and/or @a realm. * - * @return - * None + * @sa krb5_appdefault_boolean() */ void KRB5_CALLCONV krb5_appdefault_string(krb5_context context, const char *appname, @@ -6559,24 +7183,19 @@ krb5_appdefault_string(krb5_context context, const char *appname, const char *default_value, char ** ret_value); /** - * @brief Check Boolean values in @a [appdefaults] section of @c krb5.config file. - * - * @param context Context structure [input] - * @param appname Pointer to application name [input] - * @param realm Pointer to realm name [input] - * @param option Pointer to option to be checked [input] - * @param default_value Default Boolean value to return if no match is found [input] - * @param ret_value Pointer to returned Boolean value [output] + * Retrieve a boolean value from the appdefaults section of krb5.conf. * - * @a ret_value returns the Boolean value of the specified option - * passed in the @a option argument. @a appname specifies the - * application name (for example, Telnet) for the option being checked. + * @param [in] context Library context + * @param [in] appname Application name + * @param [in] realm Realm name + * @param [in] option Option to be checked + * @param [in] default_value Default value to return if no match is found + * @param [out] ret_value Boolean value of @a option * - * Use krb5_appdefault_string() to check string values in the @a [appdefaults] section of - * @c krb5.conf. + * This function gets the application defaults for @a option based on the given + * @a appname and/or @a realm. * - * @return - * None + * @sa krb5_appdefault_string() */ void KRB5_CALLCONV krb5_appdefault_boolean(krb5_context context, const char *appname, @@ -6586,38 +7205,41 @@ krb5_appdefault_boolean(krb5_context context, const char *appname, /* * Prompter enhancements */ - +/** Prompt for password */ #define KRB5_PROMPT_TYPE_PASSWORD 0x1 +/** Prompt for new password (during password change) */ #define KRB5_PROMPT_TYPE_NEW_PASSWORD 0x2 +/** Prompt for new password again */ #define KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN 0x3 +/** Prompt for preauthentication data (such as an OTP value) */ #define KRB5_PROMPT_TYPE_PREAUTH 0x4 typedef krb5_int32 krb5_prompt_type; /** - * @brief Get @a prompt_types field from a context. + * Get prompt types array from a context. * - * @param context Context structure [input, output] - * - * Make sure to free the allocated memory when it is no longer needed. + * @param [in] context Library context * * @return - * Pointer to the @a krb5_prompt_type field, which contains one of the following values: - * @li @c KRB5_PROMPT_TYPE_PASSWORD - * @li @c KRB5_PROMPT_TYPE_NEW_PASSWORD - * @li @c KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN - * @li @c KRB5_PROMPT_TYPE_PREAUTH -*/ + * Pointer to an array of prompt types corresponding to the prompter's @a + * prompts arguments. Each type has one of the following values: + * @li #KRB5_PROMPT_TYPE_PASSWORD + * @li #KRB5_PROMPT_TYPE_NEW_PASSWORD + * @li #KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN + * @li #KRB5_PROMPT_TYPE_PREAUTH + */ krb5_prompt_type* KRB5_CALLCONV krb5_get_prompt_types(krb5_context context); /* Error reporting */ -/** Set error message state in a context structure. +/** + * Set an extended error message for an error code. * - * @param [in,out] ctx Context structure - * @param [in] code Error code - * @param [in] fmt Error string for the error code - * @param [in] ... printf(3) style parameters + * @param [in] ctx Library context + * @param [in] code Error code + * @param [in] fmt Error string for the error code + * @param [in] ... printf(3) style parameters */ void KRB5_CALLCONV_C krb5_set_error_message(krb5_context ctx, krb5_error_code code, const char *fmt, ...) @@ -6626,41 +7248,44 @@ krb5_set_error_message(krb5_context ctx, krb5_error_code code, const char *fmt, #endif ; -/** Set error message state in a context structure using a precomputed va_list. +/** + * Set an extended error message for an error code using a va_list. * - * @param [in,out] ctx Context structure - * @param [in] code Error code - * @param [in] fmt Error string for the error code - * @param [in] args @c va_list of arguments + * @param [in] ctx Library context + * @param [in] code Error code + * @param [in] fmt Error string for the error code + * @param [in] args List of vprintf(3) style arguments */ void KRB5_CALLCONV krb5_vset_error_message(krb5_context ctx, krb5_error_code code, - const char *fmt, va_list args) + const char *fmt, va_list args) #if !defined(__cplusplus) && (__GNUC__ > 2) __attribute__((__format__(__printf__, 3, 0))) #endif ; -/** Set the error message state of dest_ctx to that of src_ctx. +/** + * Copy the most recent extended error message from one context to another. * - * @param [in] dest_ctx Context structure where the error message state is copied to - * @param [in] src_ctx Context structure where the error message state is copied from + * @param [in] dest_ctx Library context to copy message to + * @param [in] src_ctx Library context with current message */ void KRB5_CALLCONV krb5_copy_error_message(krb5_context dest_ctx, krb5_context src_ctx); -/** Get error message state specific to the context. +/** + * Get the (possibly extended) error message for a code. * - * @param [in] ctx Context structure - * @param [in] code Error code + * @param [in] ctx Library context + * @param [in] code Error code * - * The behavior of krb5_get_error_message() is only defined the first - * time it is called after a failed call to a krb5 function using the - * same context, and only when the error code passed in is the same as - * that returned by the krb5 function. + * The behavior of krb5_get_error_message() is only defined the first time it + * is called after a failed call to a krb5 function using the same context, and + * only when the error code passed in is the same as that returned by the krb5 + * function. * - * This function never returns NULL, so its result may be used - * unconditionally as a C string. + * This function never returns NULL, so its result may be used unconditionally + * as a C string. * * The string returned by this function must be freed using * krb5_free_error_message() @@ -6671,31 +7296,57 @@ krb5_copy_error_message(krb5_context dest_ctx, krb5_context src_ctx); const char * KRB5_CALLCONV krb5_get_error_message(krb5_context ctx, krb5_error_code code); -/** Free an error message state generated by krb5_get_error_message(). +/** + * Free an error message generated by krb5_get_error_message(). * - * @param [in] ctx Context structure - * @param [in] msg Pointer to error message + * @param [in] ctx Library context + * @param [in] msg Pointer to error message */ void KRB5_CALLCONV -krb5_free_error_message(krb5_context cxt, const char *msg); +krb5_free_error_message(krb5_context ctx, const char *msg); -/** Clear the error message state. - * - * @param [in,out] cxt Context structure +/** + * Clear the extended error message in a context. * - * Similar to krb5_free_error_message() but @a ctx->msg is set to NULL. + * @param [in] ctx Library context * - * @todo link to extended message state + * This function unsets the extended error message in a context, to ensure that + * it is not mistakenly applied to another occurrence of the same error code. */ void KRB5_CALLCONV krb5_clear_error_message(krb5_context ctx); +/** + * Unwrap authorization data. + * + * @param [in] context Library context + * @param [in] type @ref KRB5_AUTHDATA type of @a container + * @param [in] container Authorization data to be decoded + * @param [out] authdata List of decoded authorization data + * + * @sa krb5_encode_authdata_container() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_decode_authdata_container(krb5_context context, krb5_authdatatype type, const krb5_authdata *container, krb5_authdata ***authdata); - +/** + * Wrap authorization data in a container. + * + * @param [in] context Library context + * @param [in] type @ref KRB5_AUTHDATA type of @a container + * @param [in] authdata List of authorization data to be encoded + * @param [out] container List of encoded authorization data + * + * The result is returned in @a container as a single-element list. + * + * @sa krb5_decode_authdata_container() + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_encode_authdata_container(krb5_context context, krb5_authdatatype type, @@ -6705,6 +7356,19 @@ krb5_encode_authdata_container(krb5_context context, /* * AD-KDCIssued */ +/** + * Encode and sign AD-KDCIssued authorization data. + * + * @param [in] context Library context + * @param [in] key Session key + * @param [in] issuer The name of the issuing principal + * @param [in] authdata List of authorization data to be signed + * @param [out] ad_kdcissued List containing AD-KDCIssued authdata + * + * This function wraps a list of authorization data entries @a authdata in an + * AD-KDCIssued container (see RFC 4120 section 5.2.6.2) signed with @a key. + * The result is returned in @a ad_kdcissued as a single-element list. + */ krb5_error_code KRB5_CALLCONV krb5_make_authdata_kdc_issued(krb5_context context, const krb5_keyblock *key, @@ -6712,6 +7376,20 @@ krb5_make_authdata_kdc_issued(krb5_context context, krb5_authdata *const *authdata, krb5_authdata ***ad_kdcissued); +/** + * Unwrap and verify AD-KDCIssued authorization data. + * + * @param [in] context Library context + * @param [in] key Session key + * @param [in] ad_kdcissued AD-KDCIssued authorization data to be unwrapped + * @param [out] issuer Name of issuing principal (or NULL) + * @param [out] authdata Unwrapped list of authorization data + * + * This function unwraps an AD-KDCIssued authdatum (see RFC 4120 section + * 5.2.6.2) and verifies its signature against @a key. The issuer field of the + * authdatum element is returned in @a issuer, and the unwrapped list of + * authdata is returned in @a authdata. + */ krb5_error_code KRB5_CALLCONV krb5_verify_authdata_kdc_issued(krb5_context context, const krb5_keyblock *key, @@ -6722,40 +7400,180 @@ krb5_verify_authdata_kdc_issued(krb5_context context, /* * Windows PAC */ + +/* Microsoft defined types of data */ +#define KRB5_PAC_LOGON_INFO 1 /**< Logon information */ +#define KRB5_PAC_CREDENTIALS_INFO 2 /**< Credentials information */ +#define KRB5_PAC_SERVER_CHECKSUM 6 /**< Server checksum */ +#define KRB5_PAC_PRIVSVR_CHECKSUM 7 /**< KDC checksum */ +#define KRB5_PAC_CLIENT_INFO 10 /**< Client name and ticket info */ +#define KRB5_PAC_DELEGATION_INFO 11 /**< Constrained delegation info */ +#define KRB5_PAC_UPN_DNS_INFO 12 /**< User principal name and DNS info */ + struct krb5_pac_data; +/** PAC data structure to convey authorization information */ typedef struct krb5_pac_data *krb5_pac; +/** + * Add a buffer to a PAC handle. + * + * @param [in] context Library context + * @param [in] pac PAC handle + * @param [in] type Buffer type + * @param [in] data contents + * + * This function adds a buffer of type @a type and contents @a data to @a pac + * if there isn't already a buffer of this type present. + * + * The valid values of @a type is one of the following: + * @li #KRB5_PAC_LOGON_INFO - Logon information + * @li #KRB5_PAC_CREDENTIALS_INFO - Credentials information + * @li #KRB5_PAC_SERVER_CHECKSUM - Server checksum + * @li #KRB5_PAC_PRIVSVR_CHECKSUM - KDC checksum + * @li #KRB5_PAC_CLIENT_INFO - Client name and ticket information + * @li #KRB5_PAC_DELEGATION_INFO - Constrained delegation information + * @li #KRB5_PAC_UPN_DNS_INFO - User principal name and DNS information + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_pac_add_buffer(krb5_context context, krb5_pac pac, krb5_ui_4 type, const krb5_data *data); +/** + * Free a PAC handle. + * + * @param [in] context Library context + * @param [in] pac PAC to be freed + * + * This function frees the contents of @a pac and the structure itself. + */ void KRB5_CALLCONV krb5_pac_free(krb5_context context, krb5_pac pac); +/** + * Retrieve a buffer value from a PAC. + * + * @param [in] context Library context + * @param [in] pac PAC handle + * @param [in] type Type of buffer to retrieve + * @param [out] data Buffer value + * + * Use krb5_free_data_contents() to free @a data when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_pac_get_buffer(krb5_context context, krb5_pac pac, krb5_ui_4 type, krb5_data *data); +/** + * Return an array of buffer types in a PAC handle. + * + * @param [in] context Library context + * @param [in] pac PAC handle + * @param [out] len Number of entries in @a types + * @param [out] types Array of buffer types + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_pac_get_types(krb5_context context, krb5_pac pac, size_t *len, krb5_ui_4 **types); +/** + * Create an empty Privilege Attribute Certificate (PAC) handle. + * + * @param [in] context Library context + * @param [out] pac New PAC handle + * + * Use krb5_pac_free() to free @a pac when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_pac_init(krb5_context context, krb5_pac *pac); +/** + * Unparse an encoded PAC into a new handle. + * + * @param [in] context Library context + * @param [in] ptr PAC buffer + * @param [in] len Length of @a ptr + * @param [out] pac PAC handle + * + * Use krb5_pac_free() to free @a pac when it is no longer needed. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_pac_parse(krb5_context context, const void *ptr, size_t len, krb5_pac *pac); +/** + * Verify a PAC. + * + * @param [in] context Library context + * @param [in] pac PAC handle + * @param [in] authtime Expected timestamp + * @param [in] principal Expected principal name (or NULL) + * @param [in] server Key to validate server checksum (or NULL) + * @param [in] privsvr Key to validate KDC checksum (or NULL) + * + * This function validates @a pac against the supplied @a server, @a privsvr, + * @a principal and @a authtime. If @a principal is NULL, the principal and + * authtime are not verified. If @a server or @a privsvr is NULL, the + * corresponding checksum is not verified. + * + * If successful, @a pac is marked as verified. + * + * @note A checksum mismatch can occur if the PAC was copied from a cross-realm + * TGT by an ignorant KDC; also Apple Mac OS X Server Open Directory (as of + * 10.6) generates PACs with no server checksum at all. One should consider + * not failing the whole authentication because of this reason, but, instead, + * treating the ticket as if it did not contain a PAC or marking the PAC + * information as non-verified. + * + * @retval 0 Success; otherwise - Kerberos error codes + */ krb5_error_code KRB5_CALLCONV krb5_pac_verify(krb5_context context, const krb5_pac pac, krb5_timestamp authtime, krb5_const_principal principal, const krb5_keyblock *server, const krb5_keyblock *privsvr); /** - * @brief Allows the appplication to override the profile's allow_weak_crypto setting. + * Sign a PAC. + * + * @param [in] context Library context + * @param [in] pac PAC handle + * @param [in] authtime Expected timestamp + * @param [in] principal Expected principal name (or NULL) + * @param [in] server_key Key for server checksum + * @param [in] privsvr_key Key for KDC checksum + * @param [out] data Signed PAC encoding + * + * This function signs @a pac using the keys @a server_key and @a privsvr_key + * and returns the signed encoding in @a data. @a pac is modified to include + * the server and KDC checksum buffers. Use krb5_free_data_contents() to free + * @a data when it is no longer needed. + * + * @version First introduced in 1.10 + */ +krb5_error_code KRB5_CALLCONV +krb5_pac_sign(krb5_context context, krb5_pac pac, krb5_timestamp authtime, + krb5_const_principal principal, const krb5_keyblock *server_key, + const krb5_keyblock *privsvr_key, krb5_data *data); + +/** + * Allow the appplication to override the profile's allow_weak_crypto setting. * - * Primarily for use by aklog. + * @param [in] context Library context + * @param [in] enable Boolean flag + * + * This function allows an application to override the allow_weak_crypto + * setting. It is primarily for use by aklog. + * + * @retval 0 (always) */ krb5_error_code KRB5_CALLCONV krb5_allow_weak_crypto(krb5_context context, krb5_boolean enable); @@ -6771,25 +7589,47 @@ typedef void void *cb_data); /** + * Specify a callback function for trace events. + * + * @param [in] context Library context + * @param [in] fn Callback function + * @param [in] cb_data Callback data + * * Specify a callback for trace events occurring in krb5 operations performed * within @a context. @a fn will be invoked with @a context as the first * argument, @a cb_data as the last argument, and a pointer to a struct * krb5_trace_info as the second argument. If the trace callback is reset via * this function or @a context is destroyed, @a fn will be invoked with a NULL - * second argument to allow cleanup of @a cb_data. Supply a NULL value for @a + * second argument so it can clean up @a cb_data. Supply a NULL value for @a * fn to disable trace callbacks within @a context. * - * @return Returns KRB5_TRACE_NOSUPP if tracing is not supported in the library (unless - * @a fn is NULL). + * @note This function overrides the information passed through the + * @a KRB5_TRACE environment variable. + * + * @version First introduced in 1.9 + * + * @return Returns KRB5_TRACE_NOSUPP if tracing is not supported in the library + * (unless @a fn is NULL). */ krb5_error_code KRB5_CALLCONV krb5_set_trace_callback(krb5_context context, krb5_trace_callback fn, void *cb_data); /** + * Specify a file name for directing trace events. + * + * @param [in] context Library context + * @param [in] filename File name + * * Open @a filename for appending (creating it, if necessary) and set up a - * callback to write trace events to it. Returns KRB5_TRACE_NOSUPP if tracing - * is not supported in the library. + * callback to write trace events to it. + * + * @note This function overrides the information passed through the + * @a KRB5_TRACE environment variable. + * + * @version First introduced in 1.9 + * + * @retval KRB5_TRACE_NOSUPP Tracing is not supported in the library. */ krb5_error_code KRB5_CALLCONV krb5_set_trace_filename(krb5_context context, const char *filename); @@ -6806,4 +7646,6 @@ KRB5INT_END_DECLS #undef KRB5_ATTR_DEPRECATED +/** @} */ /* end of KRB5_H group */ + #endif /* KRB5_GENERAL__ */