kdc_context
krb5_free_kdc_req(kdc_context, as_req);
krb5_c_random_os_entropy(kdc_context, 0, NULL);
krb5_c_random_add_entropy(kdc_context,
if ((errcode = krb5_unparse_name(kdc_context, request->client, &cname))) {
if ((errcode = krb5_unparse_name(kdc_context, request->server, &sname))) {
if ((errcode = krb5_db_get_principal(kdc_context, request->client,
if ((errcode = krb5_db_get_principal(kdc_context, request->server, &server,
if ((errcode = krb5_timeofday(kdc_context, &kdc_time))) {
if ((useenctype = select_session_keytype(kdc_context, &server,
if ((errcode = krb5_c_make_random_key(kdc_context, useenctype,
errcode = check_padata(kdc_context, &client, req_pkt, request,
if ((errcode = krb5_dbe_find_enctype(kdc_context, &server,
if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context, &master_keyblock,
errcode = krb5_encrypt_tkt_part(kdc_context, &encrypting_key, &ticket_reply);
krb5_free_keyblock_contents(kdc_context, &encrypting_key);
if (!krb5_dbe_find_enctype(kdc_context, &client, useenctype, -1,
if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context, &master_keyblock,
errcode = return_padata(kdc_context, &client, req_pkt, request,
errcode = krb5_encode_kdc_rep(kdc_context, KRB5_AS_REP, &reply_encpart,
krb5_free_keyblock_contents(kdc_context, &encrypting_key);
free_padata_context(kdc_context, &pa_context);
emsg = krb5_get_error_message (kdc_context, errcode);
krb5_free_error_message (kdc_context, emsg);
status = krb5_get_error_message (kdc_context, errcode);
krb5_free_error_message (kdc_context, status);
krb5_free_authdata(kdc_context, enc_tkt_reply.authorization_data);
krb5_free_keyblock_contents(kdc_context, &encrypting_key);
krb5_free_pa_data(kdc_context, reply.padata);
krb5_db_put_principal(kdc_context, &client, &c_nprincs);
krb5_db_fini(kdc_context);
krb5_db_init(kdc_context);
krb5_db_set_mkey(kdc_context, &kdc_active_realm->realm_mkey);
krb5_db_free_principal(kdc_context, &client, c_nprincs);
krb5_db_free_principal(kdc_context, &server, s_nprincs);
krb5_free_keyblock_contents(kdc_context, &session_key);
krb5_free_data_contents(kdc_context, &e_data);
if ((retval = krb5_us_timeofday(kdc_context, &errpkt.stime,
retval = krb5_mk_error(kdc_context, &errpkt, scratch);
if ((errcode = krb5_unparse_name(kdc_context, request->server, &sname))) {
(errcode2 = krb5_unparse_name(kdc_context,
if ((errcode = krb5_db_get_principal(kdc_context, request->server, &server,
if (krb5_princ_size(kdc_context, request->server) == 2) {
krb5_princ_component(kdc_context, request->server, 1);
krb5_princ_component(kdc_context, tgs_server, 1);
krb5_db_free_principal(kdc_context, &server, nprincs);
krb5_db_free_principal(kdc_context, &server, nprincs);
if ((errcode = krb5_timeofday(kdc_context, &kdc_time))) {
errcode = krb5_decrypt_tkt_part(kdc_context, st_sealing_key,
krb5_free_keyblock(kdc_context, st_sealing_key);
(useenctype = select_session_keytype(kdc_context, &server,
errcode = krb5_c_make_random_key(kdc_context, useenctype, &session_key);
if ((errcode = krb5_c_decrypt(kdc_context,
errcode = krb5_check_transited_list (kdc_context,
krb5_princ_realm (kdc_context, header_ticket->enc_part2->client),
krb5_princ_realm (kdc_context, request->server));
const char *emsg = krb5_get_error_message(kdc_context, errcode);
krb5_free_error_message(kdc_context, emsg);
if (!krb5_principal_compare(kdc_context, request->server, client2)) {
if ((errcode = krb5_unparse_name(kdc_context, client2, &tmp)))
if ((errcode = krb5_encrypt_tkt_part(kdc_context, t2enc->session,
if ((errcode = krb5_dbe_find_enctype(kdc_context, &server,
if ((errcode = krb5_dbekd_decrypt_key_data(kdc_context,
errcode = krb5_encrypt_tkt_part(kdc_context, &encrypting_key,
krb5_free_keyblock_contents(kdc_context, &encrypting_key);
errcode = krb5_encode_kdc_rep(kdc_context, KRB5_TGS_REP, &reply_encpart,
emsg = krb5_get_error_message (kdc_context, errcode);
krb5_free_error_message (kdc_context, emsg);
status = krb5_get_error_message (kdc_context, errcode);
krb5_free_error_message (kdc_context, status);
krb5_free_ticket(kdc_context, header_ticket);
krb5_free_kdc_req(kdc_context, request);
krb5_db_free_principal(kdc_context, &server, 1);
krb5_free_keyblock_contents(kdc_context, &session_key);
if ((retval = krb5_us_timeofday(kdc_context, &errpkt.stime,
retval = krb5_mk_error(kdc_context, &errpkt, scratch);
if ((retval = krb5_walk_realm_tree(kdc_context,
krb5_princ_realm(kdc_context, request->server),
krb5_princ_component(kdc_context, request->server, 1),
tmp = *krb5_princ_realm(kdc_context, *pl2);
krb5_princ_set_realm(kdc_context, *pl2,
krb5_princ_realm(kdc_context, tgs_server));
retval = krb5_db_get_principal(kdc_context, *pl2, server, nprincs, more);
krb5_princ_set_realm(kdc_context, *pl2, &tmp);
krb5_free_realm_tree(kdc_context, plist);
krb5_db_free_principal(kdc_context, server, *nprincs);
tmp = *krb5_princ_realm(kdc_context, *pl2);
krb5_princ_set_realm(kdc_context, *pl2,
krb5_princ_realm(kdc_context, tgs_server));
if ((retval = krb5_copy_principal(kdc_context, *pl2, &tmpprinc))) {
krb5_db_free_principal(kdc_context, server, *nprincs);
krb5_princ_set_realm(kdc_context, *pl2, &tmp);
krb5_princ_set_realm(kdc_context, *pl2, &tmp);
krb5_free_principal(kdc_context, request->server);
if (krb5_unparse_name(kdc_context, request->server, &sname)) {
krb5_db_free_principal(kdc_context, server, *nprincs);
krb5_free_realm_tree(kdc_context, plist);
if ((retval = krb5_principal2salt_norealm(kdc_context,
scratch = krb5_princ_realm(kdc_context, request->client);
scratch = krb5_princ_realm(kdc_context, request->client);
retval = krb5_copy_principal(kdc_context, request->client, &newp);
krb5_princ_name(kdc_context, newp) =
realloc(krb5_princ_name(kdc_context, newp),
krb5_princ_component(kdc_context,newp,probeslot)->data = sam_ptr->name;
krb5_princ_component(kdc_context,newp,probeslot)->length =
retval = krb5_db_get_principal(kdc_context, newp, &assoc, &npr, (uint *)&more);
krb5_princ_component(kdc_context,newp,probeslot)->data = 0;
krb5_princ_component(kdc_context,newp,probeslot)->length = 0;
krb5_free_principal(kdc_context, newp);
retval = krb5_dbe_find_enctype(kdc_context, &assoc,
krb5_unparse_name(kdc_context, request->client, &sname);
retval = krb5_dbekd_decrypt_key_data(kdc_context,
retval = krb5_c_make_random_key(kdc_context, ENCTYPE_DES_CBC_CRC,
krb5_free_keyblock_contents(kdc_context, &session_key);
if ((retval = krb5_c_encrypt(kdc_context, &encrypting_key,
retval = krb5_rc_store(kdc_context, kdc_rcache, &rep);
retval = (ap->get_edata)(kdc_context, request, client, server,
krb5_free_pa_data(kdc_context, pa_data);
if (!krb5_principal_compare(kdc_context, ticket->server, request->server)) {
if (krb5_princ_size(kdc_context, ticket->server) != 2) {
krb5_free_authdata(kdc_context, retdata);
if ((krb5_princ_size(kdc_context, ticket->server) <= 1) ||
(krb5_princ_component(kdc_context, ticket->server, 1)->length !=
krb5_princ_realm(kdc_context, request->server)->length) ||
memcmp(krb5_princ_component(kdc_context, ticket->server, 1)->data,
krb5_princ_realm(kdc_context, request->server)->data,
krb5_princ_realm(kdc_context, request->server)->length)) {
krb5_free_authdata(kdc_context, retdata);
if (!krb5_principal_compare(kdc_context, request->second_ticket[st_idx]->server,
krb5_data *realm1 = krb5_princ_realm(kdc_context, princ1);
krb5_data *realm2 = krb5_princ_realm(kdc_context, princ2);
if ((krb5_princ_size(kdc_context, principal) > 0) &&
(krb5_princ_component(kdc_context, principal, 0)->length ==
(!memcmp(krb5_princ_component(kdc_context, principal, 0)->data,
if ((krb5_princ_realm(kdc_context, apreq->ticket->server)->length !=
krb5_princ_realm(kdc_context, tgs_server)->length) ||
memcmp(krb5_princ_realm(kdc_context, apreq->ticket->server)->data,
krb5_princ_realm(kdc_context, tgs_server)->data,
krb5_princ_realm(kdc_context, tgs_server)->length))
if ((retval = krb5_auth_con_init(kdc_context, &auth_context)))
if ((retval = krb5_auth_con_setaddrs(kdc_context, auth_context, NULL,
if ((retval = krb5_auth_con_setrcache(kdc_context, auth_context,
if ((retval = krb5_rd_req_decoded_anyflag(kdc_context, &auth_context, apreq,
(void) krb5_rc_close(kdc_context, kdc_rcache);
if (!(retval = kdc_initialize_rcache(kdc_context, (char *) NULL))) {
if ((retval = krb5_auth_con_setrcache(kdc_context, auth_context,
(retval = krb5_rd_req_decoded_anyflag(kdc_context, &auth_context,
if ((retval = krb5_auth_con_getrecvsubkey(kdc_context,
if ((retval = krb5_auth_con_getauthenticator(kdc_context, auth_context,
krb5_data *tkt_realm = krb5_princ_realm(kdc_context,
krb5_data *tgs_realm = krb5_princ_realm(kdc_context, tgs_server);
if (comp_cksum(kdc_context, &scratch1, *ticket, his_cksum)) {
retval = comp_cksum(kdc_context, scratch, *ticket, his_cksum);
krb5_free_data(kdc_context, scratch);
krb5_free_authenticator(kdc_context, authenticator);
(void) krb5_auth_con_setrcache(kdc_context, auth_context, 0);
krb5_auth_con_free(kdc_context, auth_context);
krb5_free_ap_req(kdc_context, apreq);
if ((retval = krb5_db_get_principal(kdc_context, ticket->server,
krb5_db_free_principal(kdc_context, &server, nprincs);
krb5_db_free_principal(kdc_context, &server, nprincs);
if (!krb5_unparse_name(kdc_context, ticket->server, &sname)) {
retval = krb5_dbe_find_enctype(kdc_context, &server,
retval = krb5_dbekd_decrypt_key_data(kdc_context, &master_keyblock,
krb5_db_free_principal(kdc_context, &server, nprincs);
realm = data2string(krb5_princ_realm(kdc_context, tgs));
added = (krb5_princ_realm(kdc_context, client)->length == strlen(realm) &&
!strncmp(krb5_princ_realm(kdc_context, client)->data, realm, strlen(realm))) ||
(krb5_princ_realm(kdc_context, server)->length == strlen(realm) &&
!strncmp(krb5_princ_realm(kdc_context, server)->data, realm, strlen(realm)));
return krb5_c_make_random_key(kdc_context, ENCTYPE_DES_CBC_MD5, &psr_key);
krb5_klog_close(kdc_context);
krb5_klog_reopen(kdc_context);
krb5_free_data(kdc_context, response);
krb5_free_data(kdc_context, response);
krb5_free_data(kdc_context, response);
krb5_free_data(kdc_context, conn->u.tcp.response);
retval = krb5_us_timeofday(kdc_context, &errpkt.stime, &errpkt.susec);
retval = krb5_mk_error(kdc_context, &errpkt, scratch);
krb5_free_data(kdc_context, eptr->req_packet);
krb5_free_data(kdc_context, eptr->reply_packet);
if (krb5_timeofday(kdc_context, &timenow) ||
krb5_db_get_age(kdc_context, 0, &db_age))
if (krb5_copy_data(kdc_context, inpkt, &eptr->req_packet)) {
if (krb5_copy_data(kdc_context, outpkt, &eptr->reply_packet)) {
krb5_free_data(kdc_context, eptr->req_packet);
if (krb5_timeofday(kdc_context, &timenow) ||
krb5_db_get_age(kdc_context, 0, &db_age))
if (krb5_copy_data(kdc_context, eptr->reply_packet, outpkt))