Lines Matching refs:context
73 krb5_rd_req_decrypt_tkt_part(krb5_context context, const krb5_ap_req *req, krb5_keytab keytab) in krb5_rd_req_decrypt_tkt_part() argument
83 if ((retval = krb5_kt_get_entry(context, keytab, req->ticket->server, in krb5_rd_req_decrypt_tkt_part()
97 retval = krb5_decrypt_tkt_part(context, &ktent.key, req->ticket); in krb5_rd_req_decrypt_tkt_part()
104 int kret = krb5_unparse_name(context, princ, &s_name); in krb5_rd_req_decrypt_tkt_part()
106 krb5_set_error_message(context, retval, in krb5_rd_req_decrypt_tkt_part()
112 krb5_free_unparsed_name(context, s_name); in krb5_rd_req_decrypt_tkt_part()
116 (void) krb5_kt_free_entry(context, &ktent); in krb5_rd_req_decrypt_tkt_part()
125 krb5int_check_clockskew2(krb5_context context, in krb5int_check_clockskew2() argument
132 retval = krb5_timeofday(context, ¤ttime); in krb5int_check_clockskew2()
137 if (!(skew < context->clockskew)) { in krb5int_check_clockskew2()
146 krb5_rd_req_decoded_opt(krb5_context context, krb5_auth_context *auth_context, in krb5_rd_req_decoded_opt() argument
160 retval = krb5_get_default_realm(context, &realm); in krb5_rd_req_decoded_opt()
166 if (server && !krb5_principal_compare(context, server, req->ticket->server)) { in krb5_rd_req_decoded_opt()
168 if (krb5_unparse_name(context, server, &wanted_name) == 0 in krb5_rd_req_decoded_opt()
169 && krb5_unparse_name(context, req->ticket->server, &found_name) == 0) in krb5_rd_req_decoded_opt()
170 krb5_set_error_message(context, KRB5KRB_AP_WRONG_PRINC, in krb5_rd_req_decoded_opt()
174 krb5_free_unparsed_name(context, wanted_name); in krb5_rd_req_decoded_opt()
175 krb5_free_unparsed_name(context, found_name); in krb5_rd_req_decoded_opt()
185 if ((retval = krb5_decrypt_tkt_part(context, (*auth_context)->keyblock, in krb5_rd_req_decoded_opt()
188 krb5_free_keyblock(context, (*auth_context)->keyblock); in krb5_rd_req_decoded_opt()
191 if ((retval = krb5_rd_req_decrypt_tkt_part(context, req, keytab))) in krb5_rd_req_decoded_opt()
198 if ((retval = decrypt_authenticator(context, req, in krb5_rd_req_decoded_opt()
203 if (!krb5_principal_compare(context, (*auth_context)->authentp->client, in krb5_rd_req_decoded_opt()
210 !krb5_address_search(context, (*auth_context)->remote_addr, in krb5_rd_req_decoded_opt()
239 realm = krb5_princ_realm(context, req->ticket->enc_part2->client); in krb5_rd_req_decoded_opt()
246 krb5_get_default_realm(context, &lrealm); in krb5_rd_req_decoded_opt()
263 realm = krb5_princ_realm(context, req->ticket->enc_part2->client); in krb5_rd_req_decoded_opt()
272 retval = krb5_check_transited_list(context, &(trans->tr_contents), in krb5_rd_req_decoded_opt()
274 krb5_princ_realm (context, in krb5_rd_req_decoded_opt()
292 if (!(retval = krb5_auth_to_rep(context, &tktauthent, &rep))) { in krb5_rd_req_decoded_opt()
293 retval = krb5_rc_store(context, (*auth_context)->rcache, &rep); in krb5_rd_req_decoded_opt()
305 retval = krb5_validate_times(context, &req->ticket->enc_part2->times); in krb5_rd_req_decoded_opt()
310 if ((retval = krb5int_check_clockskew2(context, in krb5_rd_req_decoded_opt()
317 serr = krb5_unparse_name(context, req->ticket->server, &s_name); in krb5_rd_req_decoded_opt()
318 cerr = krb5_unparse_name(context, req->ticket->enc_part2->client, in krb5_rd_req_decoded_opt()
320 krb5_set_error_message(context, retval, in krb5_rd_req_decoded_opt()
326 context->clockskew > 0 ? context->clockskew/60 : 0); in krb5_rd_req_decoded_opt()
328 krb5_free_unparsed_name(context, s_name); in krb5_rd_req_decoded_opt()
330 krb5_free_unparsed_name(context, c_name); in krb5_rd_req_decoded_opt()
338 int err = krb5_unparse_name(context, req->ticket->server, &s_name); in krb5_rd_req_decoded_opt()
341 krb5_set_error_message(context, retval, in krb5_rd_req_decoded_opt()
345 krb5_free_unparsed_name(context, s_name); in krb5_rd_req_decoded_opt()
360 if ((!krb5_is_permitted_enctype(context, in krb5_rd_req_decoded_opt()
362 (!krb5_is_permitted_enctype(context, in krb5_rd_req_decoded_opt()
365 !krb5_is_permitted_enctype(context, in krb5_rd_req_decoded_opt()
370 krb5_set_error_message(context, retval, in krb5_rd_req_decoded_opt()
389 krb5_set_error_message(context, retval, in krb5_rd_req_decoded_opt()
405 krb5_set_error_message(context, retval, in krb5_rd_req_decoded_opt()
423 krb5_set_error_message(context, retval, in krb5_rd_req_decoded_opt()
436 krb5_free_keyblock(context, (*auth_context)->recv_subkey); in krb5_rd_req_decoded_opt()
440 if ((retval = krb5_copy_keyblock(context, in krb5_rd_req_decoded_opt()
446 krb5_free_keyblock(context, (*auth_context)->send_subkey); in krb5_rd_req_decoded_opt()
450 retval = krb5_copy_keyblock(context, (*auth_context)->authentp->subkey, in krb5_rd_req_decoded_opt()
453 krb5_free_keyblock(context, (*auth_context)->recv_subkey); in krb5_rd_req_decoded_opt()
463 krb5_free_keyblock(context, (*auth_context)->keyblock); in krb5_rd_req_decoded_opt()
466 if ((retval = krb5_copy_keyblock(context, req->ticket->enc_part2->session, in krb5_rd_req_decoded_opt()
482 if ((retval = krb5_copy_ticket(context, req->ticket, ticket))) in krb5_rd_req_decoded_opt()
490 krb5_free_default_realm(context, princ_data.realm.data); in krb5_rd_req_decoded_opt()
495 krb5_free_enc_tkt_part(context, req->ticket->enc_part2); in krb5_rd_req_decoded_opt()
502 krb5_rd_req_decoded(krb5_context context, krb5_auth_context *auth_context, in krb5_rd_req_decoded() argument
508 retval = krb5_rd_req_decoded_opt(context, auth_context, in krb5_rd_req_decoded()
516 krb5_rd_req_decoded_anyflag(krb5_context context, in krb5_rd_req_decoded_anyflag() argument
523 retval = krb5_rd_req_decoded_opt(context, auth_context, in krb5_rd_req_decoded_anyflag()
532 decrypt_authenticator(krb5_context context, const krb5_ap_req *request, in decrypt_authenticator() argument
546 if ((retval = krb5_c_decrypt(context, sesskey, in decrypt_authenticator()
566 krb5int_check_clockskew(krb5_context context, krb5_timestamp date) in krb5int_check_clockskew() argument
571 retval = krb5_timeofday(context, ¤ttime); in krb5int_check_clockskew()
574 if (!(labs((date)-currenttime) < context->clockskew)) in krb5int_check_clockskew()