| /osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/ |
| H A D | decrypt_tk.c | 43 krb5_decrypt_tkt_part(krb5_context context, const krb5_keyblock *srv_key, register krb5_ticket *ticket) argument
49 if (!krb5_c_valid_enctype(ticket->enc_part.enctype))
52 if (!krb5_is_permitted_enctype(context, ticket->enc_part.enctype))
55 scratch.length = ticket->enc_part.ciphertext.length;
56 if (!(scratch.data = malloc(ticket->enc_part.ciphertext.length)))
62 &ticket->enc_part, &scratch))) {
73 ticket->enc_part2 = dec_tkt_part;
|
| H A D | srv_dec_tkt.c | 28 * Server decrypt ticket via keytab or keyblock.
37 * - Does not free ticket->enc_part2 on error.
46 krb5_ticket *ticket)
52 retval = krb5_decrypt_tkt_part(context, key, ticket);
56 trans = &ticket->enc_part2->transited;
57 realm = &ticket->enc_part2->client->realm;
60 realm, &ticket->server->realm);
64 if (ticket->enc_part2->flags & TKT_FLG_INVALID) { /* ie, KDC_OPT_POSTDATED */
77 krb5_ticket *ticket)
86 ticket
44 krb5int_server_decrypt_ticket_keyblock(krb5_context context, const krb5_keyblock *key, krb5_ticket *ticket) argument
75 krb5_server_decrypt_ticket_keytab(krb5_context context, const krb5_keytab keytab, krb5_ticket *ticket) argument
[all...] |
| H A D | copy_creds.c | 81 retval = krb5_copy_data(context, &incred->ticket, &scratch);
84 tempcred->ticket = *scratch;
103 memset(tempcred->ticket.data,0,tempcred->ticket.length);
104 free(tempcred->ticket.data);
|
| H A D | rd_req_dec.c | 53 * server specifies the expected server's name for the ticket; if NULL, then
61 * ticket. If keyproc is non-NULL, keyprocarg is passed to it, and the result
106 server != NULL ? server : req->ticket->server,
107 req->ticket->enc_part.kvno,
108 req->ticket->enc_part.enctype, &ktent);
110 retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket);
128 if (ktent.key.enctype != req->ticket->enc_part.enctype) {
134 req->ticket);
140 * We overwrite ticket->server to be the principal
149 * server as it appeared in the ticket
256 rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, const krb5_data *raw_req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket, int check_valid_flag) argument
726 krb5_rd_req_decoded_ext(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, const krb5_data *raw_req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument
741 krb5_rd_req_decoded(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument
757 krb5_rd_req_decoded_anyflag_ext(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, const krb5_data *raw_req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument
773 krb5_rd_req_decoded_anyflag(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument
[all...] |
| H A D | rd_req.c | 40 * server specifies the expected server's name for the ticket.
43 * ticket. If keyproc is non-NULL, keyprocarg is passed to it, and the result
56 krb5_ticket **ticket)
96 server, keytab, ap_req_options, ticket);
53 krb5_rd_req(krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument
|
| H A D | recvauth.c | 53 krb5_ticket ** ticket,
151 keytab, &ap_option, ticket);
232 krb5_recvauth(krb5_context context, krb5_auth_context *auth_context, krb5_pointer fd, char *appl_version, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket **ticket) argument
235 server, flags, keytab, ticket, 0);
247 krb5_ticket **ticket,
251 server, flags, keytab, ticket, version);
44 recvauth_common(krb5_context context, krb5_auth_context * auth_context, krb5_pointer fd, char *appl_version, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket ** ticket, krb5_data *version) argument
239 krb5_recvauth_version(krb5_context context, krb5_auth_context *auth_context, krb5_pointer fd, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket **ticket, krb5_data *version) argument
|
| H A D | mk_req_ext.c | 48 creds is used to supply the credentials (ticket and session key) needed
51 if creds->ticket has no data (length == 0), then a ticket is obtained
53 kdc_options specifies the options requested for the ticket to be used.
54 If a ticket with appropriate flags is not found in the cache, then these
59 if ap_req_options specifies AP_OPTS_USE_SESSION_KEY, then creds->ticket
60 must contain the appropriate ENC-TKT-IN-SKEY ticket.
106 request.ticket = 0;
108 if (!in_creds->ticket.length)
115 /* we need a native ticket */
[all...] |
| H A D | encode_kdc.c | 130 dec_rep->ticket);
|
| H A D | send_tgs.c | 45 second_ticket, if required by options, is used for the 2nd ticket in the req.
46 in_cred is used for the ticket & session key in the KRB_AP_REQ header " " "
71 request.ticket = 0;
114 if ((retval = decode_krb5_ticket(&(in_cred)->ticket, &request.ticket)))
137 if (request.ticket)
138 krb5_free_ticket(context, request.ticket);
200 if (!in_cred->ticket.length)
|
| H A D | sendauth.c | 105 if (!in_creds || !in_creds->ticket.length) {
132 if (!in_creds->ticket.length) {
|
| H A D | gc_via_tkt.c | 88 if ((retval = encode_krb5_ticket(pkdcrep->ticket, &pdata)))
91 (*ppcreds)->ticket = *pdata;
109 if (!krb5_principal_compare(context, dec_rep->ticket->server,
115 if (krb5_principal_compare(context, dec_rep->ticket->server,
122 /* in_cred server differs from ticket returned, but ticket
137 !IS_TGS_PRINC(context, dec_rep->ticket->server)) {
217 "Requested principal and ticket don't"
219 " and ticket is '%s'"),
229 if (!tkt->ticket
[all...] |
| H A D | fwd_tgt.c | 137 "Requested principal and ticket don't "
151 if (!tgt.ticket.length) {
|
| H A D | rd_cred.c | 144 pcur->ticket = *pdata;
|
| H A D | mk_cred.c | 106 * structure and copy the ticket into the ticket list.
120 if ((retval = decode_krb5_ticket(&ppcreds[i]->ticket,
|
| H A D | authdata.c | 514 ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
530 ap_req->ticket->enc_part2->session,
622 ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
|
| H A D | get_in_tkt.c | 57 All-purpose initial ticket routine, usually called via
60 Attempts to get an initial ticket for creds->client to use server
77 A succesful call will place the ticket in the credentials cache ccache
78 and fill in creds with the ticket information used/returned..
423 || !krb5_principal_compare(context, as_reply->enc_part2->server, as_reply->ticket->server)
526 if ((retval = encode_krb5_ticket(as_reply->ticket, &packet)))
529 creds->ticket = *packet;
555 if (creds->ticket.data) {
556 free(creds->ticket.data);
557 creds->ticket
[all...] |
| /osnet-11/usr/src/lib/pam_modules/tty_tickets/ |
| H A D | tty_tickets.c | 46 * The content of this ticket will be different between 32 bit and 64 bit
54 * the lifetime of a single ticket, it will look exactly like a ticket expiry.
136 int ticket = -1; local
152 ticket = open(ticketname, O_RDONLY|O_NOFOLLOW|O_NOCTTY, 0600);
153 if (ticket == -1) {
156 "pam_tty_tickets: unable to open ticket %s: %m",
162 if (fstat(ticket, &ticketsb) != 0) {
165 "pam_tty_tickets: unable to stat ticket %s: %m",
174 "pam_tty_tickets: invalid ticket
234 int ticket = -1; local
[all...] |
| /osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/ccache/ |
| H A D | ccfns.c | 80 * If creds->server and the server in the decoded ticket differ,
84 ret = decode_krb5_ticket(&creds->ticket, &tkt);
85 /* Bail out on errors in case someone is storing a non-ticket. */
293 cred.ticket.data = malloc(data->length);
294 if (cred.ticket.data == NULL) {
298 cred.ticket.length = data->length;
299 memcpy(cred.ticket.data, data->data, data->length);
339 data->data = malloc(cred.ticket.length);
345 data->length = cred.ticket.length;
346 memcpy(data->data, cred.ticket
[all...] |
| H A D | cc_retr.c | 372 equal = data_eq(in_creds->ticket, in_compare_creds->ticket);
|
| /osnet-11/usr/src/lib/gss_mechs/mech_krb5/mech/ |
| H A D | accept_sec_context.c | 124 krb5_ticket *ticket,
137 krb_creds.client = ticket->enc_part2->client;
138 krb_creds.server = ticket->server;
139 krb_creds.keyblock = *(ticket->enc_part2->session);
140 krb_creds.ticket_flags = ticket->enc_part2->flags;
141 krb_creds.times = ticket->enc_part2->times;
145 code = encode_krb5_ticket(ticket, &data);
151 krb_creds.ticket = *data;
455 krb5_ticket * ticket = NULL; local
630 if ((code = krb5_copy_principal(context, request->ticket
122 create_constrained_deleg_creds(OM_uint32 *minor_status, krb5_gss_cred_id_t verifier_cred_handle, krb5_ticket *ticket, krb5_gss_cred_id_t *out_cred, krb5_context context) argument
[all...] |
| /osnet-11/usr/src/lib/gss_mechs/mech_krb5/dtrace/ |
| H A D | kerberos_dtrace.h | 116 #define KERBEROS_PROBE_KRB_KDC_REP(type, asn1msg, kdcrep, encp, ticket) \
123 ktrace.tkt = k5_kticketinfo_build(ticket); \
142 #define KERBEROS_PROBE_KRB_AP_REQ(type, asn1msg, apreq, authen, ticket) \
149 ktrace.tkt = k5_kticketinfo_build((ticket)); \
|
| /osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/rcache/ |
| H A D | rc_conv.c | 28 if ((retval = krb5_unparse_name(context, auth->ticket->server, &rep->server)))
|
| /osnet-11/usr/src/lib/krb5/kadm5/srv/ |
| H A D | chgpwd.c | 69 krb5_ticket *ticket; local
88 ticket = NULL;
191 NULL, &ticket);
343 client = ticket->enc_part2->client;
381 /* for cpw, verify that this is an AS_REQ ticket */
383 (ticket->enc_part2->flags & TKT_FLG_INITIAL) == 0) {
605 if (ticket)
606 krb5_free_ticket(context, ticket);
|
| /osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/asn.1/ |
| H A D | krb5_decode.c | 397 clear_field(rep,ticket);
422 clear_field(rep,ticket);
444 clear_field(rep,ticket);
459 get_field(rep->ticket,3,asn1_decode_ticket_ptr);
|
| H A D | asn1_k_encode.c | 214 DEFAPPTAGGEDTYPE(ticket, 1, untagged_ticket);
226 DEFPTRTYPE(ticket_ptr, ticket);
814 FIELDOF_NORM(krb5_kdc_rep, ticket_ptr, ticket, 5),
840 FIELDOF_NORM(krb5_kdc_rep, ticket_ptr, ticket, 5),
865 /* ticket[3] Ticket */
866 FIELDOF_NORM(krb5_ap_req, ticket_ptr, ticket, 3),
1032 /* ticket-info[0] SEQUENCE OF KrbCredInfo */
1401 MAKE_FULL_ENCODER(encode_krb5_ticket, ticket);
|