DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

krb5_auth_con_getlocalsubkey(3)



KRB5_AUTH_CONTEXT(3)       UNIX Programmer's Manual       KRB5_AUTH_CONTEXT(3)


NAME

     krb5_auth_context, krb5_auth_con_init, krb5_auth_con_free,
     krb5_auth_con_setflags, krb5_auth_con_getflags, krb5_auth_con_setaddrs,
     krb5_auth_con_setaddrs_from_fd, krb5_auth_con_getaddrs,
     krb5_auth_con_genaddrs, krb5_auth_con_getkey, krb5_auth_con_setkey,
     krb5_auth_con_getuserkey, krb5_auth_con_setuserkey,
     krb5_auth_con_getlocalsubkey, krb5_auth_con_setlocalsubkey,
     krb5_auth_con_getremotesubkey, krb5_auth_con_setremotesubkey,
     krb5_auth_setcksumtype, krb5_auth_getcksumtype, krb5_auth_setkeytype,
     krb5_auth_getkeytype, krb5_auth_getlocalseqnumber,
     krb5_auth_setlocalseqnumber, krb5_auth_getremoteseqnumber,
     krb5_auth_setremoteseqnumber, krb5_auth_getauthenticator,
     krb5_auth_con_getrcache, krb5_auth_con_setrcache,
     krb5_auth_con_initivector, krb5_auth_con_setivector - manage authentica-
     tion on connection level


LIBRARY

     Kerberos 5 Library (libkrb5, -lkrb5)


SYNOPSIS

     krb5_error_code
     krb5_auth_con_init(krb5_context context, krb5_auth_context *auth_context)

     void
     krb5_auth_con_free(krb5_context context, krb5_auth_context auth_context)

     krb5_error_code
     krb5_auth_con_setflags(krb5_context context,
             krb5_auth_context auth_context, int32_t flags)

     krb5_error_code
     krb5_auth_con_getflags(krb5_context context,
             krb5_auth_context auth_context, int32_t *flags)

     krb5_error_code
     krb5_auth_con_setaddrs(krb5_context context,
             krb5_auth_context auth_context, krb5_address *local_addr,
             krb5_address *remote_addr)

     krb5_error_code
     krb5_auth_con_getaddrs(krb5_context context,
             krb5_auth_context auth_context, krb5_address **local_addr,
             krb5_address **remote_addr)

     krb5_error_code
     krb5_auth_con_genaddrs(krb5_context context,
             krb5_auth_context auth_context, int fd, int flags)

     krb5_error_code
     krb5_auth_con_setaddrs_from_fd(krb5_context context,
             krb5_auth_context auth_context, void *p_fd)

     krb5_error_code
     krb5_auth_con_getkey(krb5_context context,
             krb5_auth_context auth_context, krb5_keyblock **keyblock)

     krb5_error_code
     krb5_auth_con_getlocalsubkey(krb5_context context,
             krb5_auth_context auth_context, krb5_keyblock **keyblock)

     krb5_error_code
     krb5_auth_con_getremotesubkey(krb5_context context,
             krb5_auth_context auth_context, krb5_keyblock **keyblock)

     krb5_error_code
     krb5_auth_con_initivector(krb5_context context,
             krb5_auth_context auth_context)

     krb5_error_code
     krb5_auth_con_setivector(krb5_context context,
             krb5_auth_context *auth_context, krb5_pointer ivector)


DESCRIPTION

     The krb5_auth_context structure holds all context related to an authenti-
     cated connection, in a similar way to krb5_context that holds the context
     for the thread or process.  krb5_auth_context is used by various func-
     tions that are directly related to authentication between the serv-
     er/client. Example of data that this structure contains are various
     flags, addresses of client and server, port numbers, keyblocks (and sub-
     keys), sequence numbers, replay cache, and checksum-type.

     krb5_auth_con_init() allocates and initializes the krb5_auth_context
     structure. Default values can be changed with
     krb5_auth_con_setcksumtype() and krb5_auth_con_setflags().  The
     auth_context structure must be freed by krb5_auth_con_free().

     krb5_auth_con_getflags() and krb5_auth_con_setflags() gets and modifies
     the flags for a krb5_auth_context structure. Possible flags to set are:

     KRB5_AUTH_CONTEXT_DO_TIME
             check timestamp on incoming packets.

     KRB5_AUTH_CONTEXT_DO_SEQUENCE
             Generate and check sequence-number on each packet.

     krb5_auth_con_setaddrs(), krb5_auth_con_setaddrs_from_fd() and
     krb5_auth_con_getaddrs() gets and sets the addresses that are checked
     when a packet is received.  It is mandatory to set an address for the re-
     mote host. If the local address is not set, it iss deduced from the un-
     derlaying operating system.  krb5_auth_con_getaddrs() will call
     krb5_free_address() on any address that is passed in local_addr or
     remote_addr. krb5_auth_con_setaddr() allows passing in a NULL pointer as
     local_addr and remote_addr, in that case it will just not set that ad-
     dress.

     krb5_auth_con_setaddrs_from_fd() fetches the addresses from a file de-
     scriptor.

     krb5_auth_con_genaddrs() fetches the address information from the given
     file descriptor fd depending on the bitmap argument flags.

     Possible values on flags are:

     KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR
             fetches the local address from fd.

     KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR
             fetches the remote address from fd.

     krb5_auth_con_setkey(), krb5_auth_con_setuserkey() and
     krb5_auth_con_getkey() gets and sets the key used for this auth context.
     The keyblock returned by krb5_auth_con_getkey() should be freed with
     krb5_free_keyblock().  The keyblock send into krb5_auth_con_setkey() is
     copied into the krb5_auth_context, and thus no special handling is need-
     ed.  NULL is not a valid keyblock to krb5_auth_con_setkey().

     krb5_auth_con_setuserkey() is only useful when doing user to user authen-
     tication.  krb5_auth_con_setkey() is equivalent to
     krb5_auth_con_setuserkey().

     krb5_auth_con_getlocalsubkey(), krb5_auth_con_setlocalsubkey(),
     krb5_auth_con_getremotesubkey() and krb5_auth_con_setremotesubkey() gets
     and sets the keyblock for the local and remote subkey. The keyblock re-
     turned by krb5_auth_con_getlocalsubkey() and
     krb5_auth_con_getremotesubkey() must be freed with krb5_free_keyblock().

     krb5_auth_setcksumtype() and krb5_auth_getcksumtype() sets and gets the
     checksum type that should be used for this connection.

     krb5_auth_getremoteseqnumber() krb5_auth_setremoteseqnumber(),
     krb5_auth_getlocalseqnumber() and krb5_auth_setlocalseqnumber() gets and
     sets the sequence-number for the local and remote sequence-number
     counter.

     krb5_auth_setkeytype() and krb5_auth_getkeytype() gets and gets the key-
     type of the keyblock in krb5_auth_context.

     krb5_auth_getauthenticator() Retrieves the authenticator that was used
     during mutual authentication. The authenticator returned should be freed
     by calling krb5_free_authenticator().

     krb5_auth_con_getrcache() and krb5_auth_con_setrcache() gets and sets the
     replay-cache.

     krb5_auth_con_initivector() allocates memory for and zeros the initial
     vector in the auth_context keyblock.

     krb5_auth_con_setivector() sets the i_vector portion of auth_context to
     ivector.


SEE ALSO

     krb5_context(3),  kerberos(8)

 HEIMDAL                       January 21, 2001                              3

Man(1) output converted with man2html