+ +

krb5_mk_priv - Format a KRB-PRIV message.¶

+krb5_error_code krb5_mk_priv(krb5_context context, krb5_auth_context auth_context, const krb5_data * userdata, krb5_data * outbuf, krb5_replay_data * outdata)¶

+ + +++ + + + +

param:

param:	[in] context - Library context + [in] auth_context - Authentication context + [in] userdata - User data for KRB-PRIV message + [out] outbuf - Formatted KRB-PRIV message + [out] outdata - Replay cache handle (NULL if not needed) +

[in] context - Library context

[in] auth_context - Authentication context

[in] userdata - User data for KRB-PRIV message

[out] outbuf - Formatted KRB-PRIV message

[out] outdata - Replay cache handle (NULL if not needed)

+ +++ + + + +

retval:	+ 0 Success; otherwise - Kerberos error codes + +

This function is similar to krb5_mk_safe() , but the message is encrypted and integrity-protected, not just integrity-protected.

The local address in auth_context must be set, and is used to form the sender address used in the KRB-SAFE message. The remote address is optional; if specified, it will be used to form the receiver address used in the message.

+
+
KRB5_AUTH_CONTEXT_DO_TIME - Use timestamps in outdata
+
KRB5_AUTH_CONTEXT_RET_TIME - Copy timestamp to outdata .
+
KRB5_AUTH_CONTEXT_DO_SEQUENCE - Use local sequence numbers from auth_context in replay cache.
+
KRB5_AUTH_CONTEXT_RET_SEQUENCE - Use local sequence numbers from auth_context as a sequence number in the encrypted message outbuf .
+
+

Note

If the KRB5_AUTH_CONTEXT_RET_TIME or KRB5_AUTH_CONTEXT_RET_SEQUENCE flag is set in auth_context , the outdata is required.

The flags from auth_context specify whether sequence numbers or timestamps will be used to identify the message. Valid values are:

+ + +

+ +

MIT Kerberos Documentation

krb5_mk_priv - Format a KRB-PRIV message.¶

On this page

Table of contents

Full Table of Contents

Search