| KRB5_MK_REQ(3) | Library Functions Manual | KRB5_MK_REQ(3) | 
krb5_mk_req, krb5_mk_req_exact,
  krb5_mk_req_extended,
  krb5_rd_req,
  krb5_rd_req_with_keyblock,
  krb5_mk_rep,
  krb5_mk_rep_exact,
  krb5_mk_rep_extended,
  krb5_rd_rep,
  krb5_build_ap_req,
  krb5_verify_ap_req —
#include <krb5/krb5.h>
krb5_error_code
  
  krb5_mk_req(krb5_context
    context, krb5_auth_context *auth_context,
    const krb5_flags ap_req_options, const
    char *service, const char *hostname,
    krb5_data *in_data, krb5_ccache
    ccache, krb5_data *outbuf);
krb5_error_code
  
  krb5_mk_req_extended(krb5_context
    context, krb5_auth_context *auth_context,
    const krb5_flags ap_req_options,
    krb5_data *in_data, krb5_creds
    *in_creds, krb5_data *outbuf);
krb5_error_code
  
  krb5_rd_req(krb5_context
    context, krb5_auth_context *auth_context,
    const krb5_data *inbuf,
    krb5_const_principal server,
    krb5_keytab keytab, krb5_flags
    *ap_req_options, krb5_ticket **ticket);
krb5_error_code
  
  krb5_build_ap_req(krb5_context
    context, krb5_enctype enctype,
    krb5_creds *cred, krb5_flags
    ap_options, krb5_data authenticator,
    krb5_data *retdata);
krb5_error_code
  
  krb5_verify_ap_req(krb5_context
    context, krb5_auth_context *auth_context,
    krb5_ap_req *ap_req,
    krb5_const_principal server,
    krb5_keyblock *keyblock, krb5_flags
    flags, krb5_flags *ap_req_options,
    krb5_ticket **ticket);
The krb5_mk_req and
    krb5_mk_req_extended creates the Kerberos message
    KRB_AP_REQ that is sent from the client to the
    server as the first packet in a client/server exchange. The result that
    should be sent to server is stored in outbuf.
auth_context should be allocated with
    krb5_auth_con_init() or NULL
    passed in, in that case, it will be allocated and freed internally.
The input data in_data will have a checksum calculated over it and checksum will be transported in the message to the server.
ap_req_options can be set to one or more of the following flags:
AP_OPTS_USE_SESSION_KEYAP_OPTS_MUTUAL_REQUIREDThe krb5_rd_req read the AP_REQ in
    inbuf and verify and extract the content. If
    server is specified, that server will be fetched from
    the keytab and used unconditionally. If
    server is NULL, the
    keytab will be search for a matching principal.
The keytab argument specifies what keytab to search for receiving principals. The arguments ap_req_options and ticket returns the content.
When the AS-REQ is a user to user request, neither of
    keytab or principal are used,
    instead krb5_rd_req() expects the session key to be
    set in auth_context.
The krb5_verify_ap_req and
    krb5_build_ap_req both constructs and verify the
    AP_REQ message, should not be used by external code.
| August 27, 2005 | NetBSD 10.0 |