krb5_sendauth - Client function for sendauth protocol.¶
- krb5_error_code krb5_sendauth(krb5_context context, krb5_auth_context * auth_context, krb5_pointer fd, char * appl_version, krb5_principal client, krb5_principal server, krb5_flags ap_req_options, krb5_data * in_data, krb5_creds * in_creds, krb5_ccache ccache, krb5_error ** error, krb5_ap_rep_enc_part ** rep_result, krb5_creds ** out_creds)¶
param: | [in] context - Library context [inout] auth_context - Authentication context [in] fd - File descriptor that describes network socket [in] appl_version - Application protocol version to be matched with the receiver’s application version [in] client - Client principal [in] server - Server principal [in] ap_req_options - AP_OPTS options [in] in_data - Data to be sent to the server [in] in_creds - Input credentials, or NULL to use ccache [in] ccache - Credential cache [out] error - If non-null, contains KRB_ERROR message returned from server [out] rep_result - If non-null and ap_req_options is AP_OPTS_MUTUAL_REQUIRED , contains the result of mutual authentication exchange [out] out_creds - If non-null, the retrieved credentials |
---|
retval: |
|
---|
This function performs the client side of a sendauth/recvauth exchange by sending and receiving messages over fd .
Credentials may be specified in three ways:
- If in_creds is NULL, credentials are obtained with krb5_get_credentials() using the principals client and server . server must be non-null; client may NULL to use the default principal of ccache .
- If in_creds is non-null, but does not contain a ticket, credentials for the exchange are obtained with krb5_get_credentials() using in_creds . In this case, the values of client and server are unused.
- If in_creds is a complete credentials structure, it used directly. In this case, the values of client , server , and ccache are unused.
If the server is using a different application protocol than that specified in appl_version , an error will be returned.
Use krb5_free_creds() to free out_creds , krb5_free_ap_rep_enc_part() to free rep_result , and krb5_free_error() to free error when they are no longer needed.
See also