/osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/krb/ |
H A D | decrypt_tk.c | 43 krb5_decrypt_tkt_part(krb5_context context, const krb5_keyblock *srv_key, register krb5_ticket *ticket) argument 49 if (!krb5_c_valid_enctype(ticket->enc_part.enctype)) 52 if (!krb5_is_permitted_enctype(context, ticket->enc_part.enctype)) 55 scratch.length = ticket->enc_part.ciphertext.length; 56 if (!(scratch.data = malloc(ticket->enc_part.ciphertext.length))) 62 &ticket->enc_part, &scratch))) { 73 ticket->enc_part2 = dec_tkt_part;
|
H A D | srv_dec_tkt.c | 28 * Server decrypt ticket via keytab or keyblock. 37 * - Does not free ticket->enc_part2 on error. 46 krb5_ticket *ticket) 52 retval = krb5_decrypt_tkt_part(context, key, ticket); 56 trans = &ticket->enc_part2->transited; 57 realm = &ticket->enc_part2->client->realm; 60 realm, &ticket->server->realm); 64 if (ticket->enc_part2->flags & TKT_FLG_INVALID) { /* ie, KDC_OPT_POSTDATED */ 77 krb5_ticket *ticket) 86 ticket 44 krb5int_server_decrypt_ticket_keyblock(krb5_context context, const krb5_keyblock *key, krb5_ticket *ticket) argument 75 krb5_server_decrypt_ticket_keytab(krb5_context context, const krb5_keytab keytab, krb5_ticket *ticket) argument [all...] |
H A D | copy_creds.c | 81 retval = krb5_copy_data(context, &incred->ticket, &scratch); 84 tempcred->ticket = *scratch; 103 memset(tempcred->ticket.data,0,tempcred->ticket.length); 104 free(tempcred->ticket.data);
|
H A D | rd_req_dec.c | 53 * server specifies the expected server's name for the ticket; if NULL, then 61 * ticket. If keyproc is non-NULL, keyprocarg is passed to it, and the result 106 server != NULL ? server : req->ticket->server, 107 req->ticket->enc_part.kvno, 108 req->ticket->enc_part.enctype, &ktent); 110 retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket); 128 if (ktent.key.enctype != req->ticket->enc_part.enctype) { 134 req->ticket); 140 * We overwrite ticket->server to be the principal 149 * server as it appeared in the ticket 256 rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, const krb5_data *raw_req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket, int check_valid_flag) argument 726 krb5_rd_req_decoded_ext(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, const krb5_data *raw_req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument 741 krb5_rd_req_decoded(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument 757 krb5_rd_req_decoded_anyflag_ext(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, const krb5_data *raw_req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument 773 krb5_rd_req_decoded_anyflag(krb5_context context, krb5_auth_context *auth_context, const krb5_ap_req *req, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument [all...] |
H A D | rd_req.c | 40 * server specifies the expected server's name for the ticket. 43 * ticket. If keyproc is non-NULL, keyprocarg is passed to it, and the result 56 krb5_ticket **ticket) 96 server, keytab, ap_req_options, ticket); 53 krb5_rd_req(krb5_context context, krb5_auth_context *auth_context, const krb5_data *inbuf, krb5_const_principal server, krb5_keytab keytab, krb5_flags *ap_req_options, krb5_ticket **ticket) argument
|
H A D | recvauth.c | 53 krb5_ticket ** ticket, 151 keytab, &ap_option, ticket); 232 krb5_recvauth(krb5_context context, krb5_auth_context *auth_context, krb5_pointer fd, char *appl_version, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket **ticket) argument 235 server, flags, keytab, ticket, 0); 247 krb5_ticket **ticket, 251 server, flags, keytab, ticket, version); 44 recvauth_common(krb5_context context, krb5_auth_context * auth_context, krb5_pointer fd, char *appl_version, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket ** ticket, krb5_data *version) argument 239 krb5_recvauth_version(krb5_context context, krb5_auth_context *auth_context, krb5_pointer fd, krb5_principal server, krb5_int32 flags, krb5_keytab keytab, krb5_ticket **ticket, krb5_data *version) argument
|
H A D | mk_req_ext.c | 48 creds is used to supply the credentials (ticket and session key) needed 51 if creds->ticket has no data (length == 0), then a ticket is obtained 53 kdc_options specifies the options requested for the ticket to be used. 54 If a ticket with appropriate flags is not found in the cache, then these 59 if ap_req_options specifies AP_OPTS_USE_SESSION_KEY, then creds->ticket 60 must contain the appropriate ENC-TKT-IN-SKEY ticket. 106 request.ticket = 0; 108 if (!in_creds->ticket.length) 115 /* we need a native ticket */ [all...] |
H A D | encode_kdc.c | 130 dec_rep->ticket);
|
H A D | send_tgs.c | 45 second_ticket, if required by options, is used for the 2nd ticket in the req. 46 in_cred is used for the ticket & session key in the KRB_AP_REQ header " " " 71 request.ticket = 0; 114 if ((retval = decode_krb5_ticket(&(in_cred)->ticket, &request.ticket))) 137 if (request.ticket) 138 krb5_free_ticket(context, request.ticket); 200 if (!in_cred->ticket.length)
|
H A D | sendauth.c | 105 if (!in_creds || !in_creds->ticket.length) { 132 if (!in_creds->ticket.length) {
|
H A D | gc_via_tkt.c | 88 if ((retval = encode_krb5_ticket(pkdcrep->ticket, &pdata))) 91 (*ppcreds)->ticket = *pdata; 109 if (!krb5_principal_compare(context, dec_rep->ticket->server, 115 if (krb5_principal_compare(context, dec_rep->ticket->server, 122 /* in_cred server differs from ticket returned, but ticket 137 !IS_TGS_PRINC(context, dec_rep->ticket->server)) { 217 "Requested principal and ticket don't" 219 " and ticket is '%s'"), 229 if (!tkt->ticket [all...] |
H A D | fwd_tgt.c | 137 "Requested principal and ticket don't " 151 if (!tgt.ticket.length) {
|
H A D | rd_cred.c | 144 pcur->ticket = *pdata;
|
H A D | mk_cred.c | 106 * structure and copy the ticket into the ticket list. 120 if ((retval = decode_krb5_ticket(&ppcreds[i]->ticket,
|
H A D | authdata.c | 514 ticket_authdata = ap_req->ticket->enc_part2->authorization_data; 530 ap_req->ticket->enc_part2->session, 622 ticket_authdata = ap_req->ticket->enc_part2->authorization_data;
|
H A D | get_in_tkt.c | 57 All-purpose initial ticket routine, usually called via 60 Attempts to get an initial ticket for creds->client to use server 77 A succesful call will place the ticket in the credentials cache ccache 78 and fill in creds with the ticket information used/returned.. 423 || !krb5_principal_compare(context, as_reply->enc_part2->server, as_reply->ticket->server) 526 if ((retval = encode_krb5_ticket(as_reply->ticket, &packet))) 529 creds->ticket = *packet; 555 if (creds->ticket.data) { 556 free(creds->ticket.data); 557 creds->ticket [all...] |
/osnet-11/usr/src/lib/pam_modules/tty_tickets/ |
H A D | tty_tickets.c | 46 * The content of this ticket will be different between 32 bit and 64 bit 54 * the lifetime of a single ticket, it will look exactly like a ticket expiry. 136 int ticket = -1; local 152 ticket = open(ticketname, O_RDONLY|O_NOFOLLOW|O_NOCTTY, 0600); 153 if (ticket == -1) { 156 "pam_tty_tickets: unable to open ticket %s: %m", 162 if (fstat(ticket, &ticketsb) != 0) { 165 "pam_tty_tickets: unable to stat ticket %s: %m", 174 "pam_tty_tickets: invalid ticket 234 int ticket = -1; local [all...] |
/osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/ccache/ |
H A D | ccfns.c | 80 * If creds->server and the server in the decoded ticket differ, 84 ret = decode_krb5_ticket(&creds->ticket, &tkt); 85 /* Bail out on errors in case someone is storing a non-ticket. */ 293 cred.ticket.data = malloc(data->length); 294 if (cred.ticket.data == NULL) { 298 cred.ticket.length = data->length; 299 memcpy(cred.ticket.data, data->data, data->length); 339 data->data = malloc(cred.ticket.length); 345 data->length = cred.ticket.length; 346 memcpy(data->data, cred.ticket [all...] |
H A D | cc_retr.c | 372 equal = data_eq(in_creds->ticket, in_compare_creds->ticket);
|
/osnet-11/usr/src/lib/gss_mechs/mech_krb5/mech/ |
H A D | accept_sec_context.c | 124 krb5_ticket *ticket, 137 krb_creds.client = ticket->enc_part2->client; 138 krb_creds.server = ticket->server; 139 krb_creds.keyblock = *(ticket->enc_part2->session); 140 krb_creds.ticket_flags = ticket->enc_part2->flags; 141 krb_creds.times = ticket->enc_part2->times; 145 code = encode_krb5_ticket(ticket, &data); 151 krb_creds.ticket = *data; 455 krb5_ticket * ticket = NULL; local 630 if ((code = krb5_copy_principal(context, request->ticket 122 create_constrained_deleg_creds(OM_uint32 *minor_status, krb5_gss_cred_id_t verifier_cred_handle, krb5_ticket *ticket, krb5_gss_cred_id_t *out_cred, krb5_context context) argument [all...] |
/osnet-11/usr/src/lib/gss_mechs/mech_krb5/dtrace/ |
H A D | kerberos_dtrace.h | 116 #define KERBEROS_PROBE_KRB_KDC_REP(type, asn1msg, kdcrep, encp, ticket) \ 123 ktrace.tkt = k5_kticketinfo_build(ticket); \ 142 #define KERBEROS_PROBE_KRB_AP_REQ(type, asn1msg, apreq, authen, ticket) \ 149 ktrace.tkt = k5_kticketinfo_build((ticket)); \
|
/osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/rcache/ |
H A D | rc_conv.c | 28 if ((retval = krb5_unparse_name(context, auth->ticket->server, &rep->server)))
|
/osnet-11/usr/src/lib/krb5/kadm5/srv/ |
H A D | chgpwd.c | 69 krb5_ticket *ticket; local 88 ticket = NULL; 191 NULL, &ticket); 343 client = ticket->enc_part2->client; 381 /* for cpw, verify that this is an AS_REQ ticket */ 383 (ticket->enc_part2->flags & TKT_FLG_INITIAL) == 0) { 605 if (ticket) 606 krb5_free_ticket(context, ticket);
|
/osnet-11/usr/src/lib/gss_mechs/mech_krb5/krb5/asn.1/ |
H A D | krb5_decode.c | 397 clear_field(rep,ticket); 422 clear_field(rep,ticket); 444 clear_field(rep,ticket); 459 get_field(rep->ticket,3,asn1_decode_ticket_ptr);
|
H A D | asn1_k_encode.c | 214 DEFAPPTAGGEDTYPE(ticket, 1, untagged_ticket); 226 DEFPTRTYPE(ticket_ptr, ticket); 814 FIELDOF_NORM(krb5_kdc_rep, ticket_ptr, ticket, 5), 840 FIELDOF_NORM(krb5_kdc_rep, ticket_ptr, ticket, 5), 865 /* ticket[3] Ticket */ 866 FIELDOF_NORM(krb5_ap_req, ticket_ptr, ticket, 3), 1032 /* ticket-info[0] SEQUENCE OF KrbCredInfo */ 1401 MAKE_FULL_ENCODER(encode_krb5_ticket, ticket);
|