MIT Kerberos Documentation

krb5_rd_cred - Read and validate a KRB-CRED message.

krb5_error_code krb5_rd_cred(krb5_context context, krb5_auth_context auth_context, krb5_data * pcreddata, krb5_creds *** pppcreds, krb5_replay_data * outdata)
param:

[in] context - Library context

[inout] auth_context - Authentication context

[in] pcreddata - KRB-CRED message

[out] pppcreds - Null-terminated array of forwarded credentials

[out] outdata - Replay data (NULL if not needed)

retval:
  • 0 Success; otherwise - Kerberos error codes
pcreddata will be decrypted using the receiving subkey if it is present in auth_context , or the session key if the receiving subkey is not present or fails to decrypt the message.

Use krb5_free_tgt_creds() to free pppcreds when it is no longer needed.

Note

The outdata argument is required if KRB5_AUTH_CONTEXT_RET_TIME or KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in the auth_context .`