KRB5_MK_REQ(3)           BSD Library Functions Manual           KRB5_MK_REQ(3)

NNAAMMEE
     kkrrbb55__mmkk__rreeqq, kkrrbb55__mmkk__rreeqq__eexxaacctt, kkrrbb55__mmkk__rreeqq__eexxtteennddeedd, kkrrbb55__rrdd__rreeqq,
     kkrrbb55__rrdd__rreeqq__wwiitthh__kkeeyybblloocckk, kkrrbb55__mmkk__rreepp, kkrrbb55__mmkk__rreepp__eexxaacctt,
     kkrrbb55__mmkk__rreepp__eexxtteennddeedd, kkrrbb55__rrdd__rreepp, kkrrbb55__bbuuiilldd__aapp__rreeqq, kkrrbb55__vveerriiffyy__aapp__rreeqq
     -- create and read application authentication request

LLIIBBRRAARRYY
     Kerberos 5 Library (libkrb5, -lkrb5)

SSYYNNOOPPSSIISS
     ##iinncclluuddee <<kkrrbb55..hh>>

     _k_r_b_5___e_r_r_o_r___c_o_d_e
     kkrrbb55__mmkk__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t,
         _c_o_n_s_t _k_r_b_5___f_l_a_g_s _a_p___r_e_q___o_p_t_i_o_n_s, _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e,
         _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e, _k_r_b_5___d_a_t_a _*_i_n___d_a_t_a, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e,
         _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f);

     _k_r_b_5___e_r_r_o_r___c_o_d_e
     kkrrbb55__mmkk__rreeqq__eexxtteennddeedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
         _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___f_l_a_g_s _a_p___r_e_q___o_p_t_i_o_n_s,
         _k_r_b_5___d_a_t_a _*_i_n___d_a_t_a, _k_r_b_5___c_r_e_d_s _*_i_n___c_r_e_d_s, _k_r_b_5___d_a_t_a _*_o_u_t_b_u_f);

     _k_r_b_5___e_r_r_o_r___c_o_d_e
     kkrrbb55__rrdd__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t,
         _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_b_u_f, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _s_e_r_v_e_r,
         _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, _k_r_b_5___f_l_a_g_s _*_a_p___r_e_q___o_p_t_i_o_n_s,
         _k_r_b_5___t_i_c_k_e_t _*_*_t_i_c_k_e_t);

     _k_r_b_5___e_r_r_o_r___c_o_d_e
     kkrrbb55__bbuuiilldd__aapp__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e,
         _k_r_b_5___c_r_e_d_s _*_c_r_e_d, _k_r_b_5___f_l_a_g_s _a_p___o_p_t_i_o_n_s, _k_r_b_5___d_a_t_a _a_u_t_h_e_n_t_i_c_a_t_o_r,
         _k_r_b_5___d_a_t_a _*_r_e_t_d_a_t_a);

     _k_r_b_5___e_r_r_o_r___c_o_d_e
     kkrrbb55__vveerriiffyy__aapp__rreeqq(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t,
         _k_r_b_5___a_p___r_e_q _*_a_p___r_e_q, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _s_e_r_v_e_r,
         _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y_b_l_o_c_k, _k_r_b_5___f_l_a_g_s _f_l_a_g_s,
         _k_r_b_5___f_l_a_g_s _*_a_p___r_e_q___o_p_t_i_o_n_s, _k_r_b_5___t_i_c_k_e_t _*_*_t_i_c_k_e_t);

DDEESSCCRRIIPPTTIIOONN
     The functions documented in this manual page document the functions that
     facilitates the exchange between a Kerberos client and server.  They are
     the core functions used in the authentication exchange between the client
     and the server.

     The kkrrbb55__mmkk__rreeqq and kkrrbb55__mmkk__rreeqq__eexxtteennddeedd creates the Kerberos message
     KRB_AP_REQ that is sent from the client to the server as the first packet
     in a client/server exchange.  The result that should be sent to server is
     stored in _o_u_t_b_u_f.

     _a_u_t_h___c_o_n_t_e_x_t should be allocated with kkrrbb55__aauutthh__ccoonn__iinniitt() or NULL passed
     in, in that case, it will be allocated and freed internally.

     The input data _i_n___d_a_t_a will have a checksum calculated over it and check-
     sum will be transported in the message to the server.

     _a_p___r_e_q___o_p_t_i_o_n_s can be set to one or more of the following flags:

     AP_OPTS_USE_SESSION_KEY
             Use the session key when creating the request, used for user to
             user authentication.

     AP_OPTS_MUTUAL_REQUIRED
             Mark the request as mutual authenticate required so that the
             receiver returns a mutual authentication packet.

     The kkrrbb55__rrdd__rreeqq read the AP_REQ in _i_n_b_u_f and verify and extract the con-
     tent.  If _s_e_r_v_e_r is specified, that server will be fetched from the
     _k_e_y_t_a_b and used unconditionally.  If _s_e_r_v_e_r is NULL, the _k_e_y_t_a_b will be
     search for a matching principal.

     The _k_e_y_t_a_b argument specifies what keytab to search for receiving princi-
     pals.  The arguments _a_p___r_e_q___o_p_t_i_o_n_s and _t_i_c_k_e_t returns the content.

     When the AS-REQ is a user to user request, neither of _k_e_y_t_a_b or _p_r_i_n_c_i_p_a_l
     are used, instead kkrrbb55__rrdd__rreeqq() expects the session key to be set in
     _a_u_t_h___c_o_n_t_e_x_t.

     The kkrrbb55__vveerriiffyy__aapp__rreeqq and kkrrbb55__bbuuiilldd__aapp__rreeqq both constructs and verify
     the AP_REQ message, should not be used by external code.

SSEEEE AALLSSOO
     krb5(3), krb5.conf(5)

HEIMDAL                         August 27, 2005                        HEIMDAL