krb5-protos.h source code [netbsd/objdir.amd64/destdir.amd64/usr/include/krb5/krb5-protos.h]

1	/ This is a generated file /
2	#ifndef __krb5_protos_h__
3	#define __krb5_protos_h__
4	#ifndef DOXY
5
6	#include <stdarg.h>
7
8	#if !defined(__GNUC__) && !defined(__attribute__)
9	#define __attribute__(x)
10	#endif
11
12	#ifndef KRB5_DEPRECATED_FUNCTION
13	#ifndef __has_extension
14	#define __has_extension(x) 0
15	#define KRB5_DEPRECATED_FUNCTIONhas_extension 1
16	#endif
17	#if __has_extension(attribute_deprecated_with_message)
18	#define KRB5_DEPRECATED_FUNCTION(x) __attribute__((__deprecated__(x)))
19	#elif defined(__GNUC__) && ((__GNUC__ > 3) \|\| ((__GNUC__ == 3) && (__GNUC_MINOR__ >= 1 )))
20	#define KRB5_DEPRECATED_FUNCTION(X) __attribute__((__deprecated__))
21	#else
22	#define KRB5_DEPRECATED_FUNCTION(X)
23	#endif
24	#ifdef KRB5_DEPRECATED_FUNCTIONhas_extension
25	#undef __has_extension
26	#undef KRB5_DEPRECATED_FUNCTIONhas_extension
27	#endif
28	#endif /* KRB5_DEPRECATED_FUNCTION */
29
30
31	#ifdef __cplusplus
32	extern "C" {
33	#endif
34
35	#ifndef KRB5_LIB
36	#ifndef KRB5_LIB_FUNCTION
37	#if defined(_WIN32)
38	#define KRB5_LIB_FUNCTION __declspec(dllimport)
39	#define KRB5_LIB_CALL __stdcall
40	#define KRB5_LIB_VARIABLE __declspec(dllimport)
41	#else
42	#define KRB5_LIB_FUNCTION
43	#define KRB5_LIB_CALL
44	#define KRB5_LIB_VARIABLE
45	#endif
46	#endif
47	#endif
48	/**
49	* Convert the v5 credentials in in_cred to v4-dito in v4creds. This
50	* is done by sending them to the 524 function in the KDC. If
51	* `in_cred' doesn't contain a DES session key, then a new one is
52	* gotten from the KDC and stored in the cred cache `ccache'.
53	*
54	* @param context Kerberos 5 context.
55	* @param in_cred the credential to convert
56	* @param v4creds the converted credential
57	*
58	* @return Returns 0 to indicate success. Otherwise an kerberos et
59	* error code is returned, see krb5_get_error_message().
60	*
61	* @ingroup krb5_v4compat
62	*/
63
64	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
65	krb524_convert_creds_kdc (
66	krb5_context /context/,
67	krb5_creds */in_cred/,
68	struct credentials */v4creds/)
69	KRB5_DEPRECATED_FUNCTION("Use X instead");
70
71	/**
72	* Convert the v5 credentials in in_cred to v4-dito in v4creds,
73	* check the credential cache ccache before checking with the KDC.
74	*
75	* @param context Kerberos 5 context.
76	* @param ccache credential cache used to check for des-ticket.
77	* @param in_cred the credential to convert
78	* @param v4creds the converted credential
79	*
80	* @return Returns 0 to indicate success. Otherwise an kerberos et
81	* error code is returned, see krb5_get_error_message().
82	*
83	* @ingroup krb5_v4compat
84	*/
85
86	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
87	krb524_convert_creds_kdc_ccache (
88	krb5_context /context/,
89	krb5_ccache /ccache/,
90	krb5_creds */in_cred/,
91	struct credentials */v4creds/)
92	KRB5_DEPRECATED_FUNCTION("Use X instead");
93
94	/**
95	* Log a warning to the log, default stderr, include the error from
96	* the last failure and then abort.
97	*
98	* @param context A Kerberos 5 context
99	* @param code error code of the last error
100	* @param fmt message to print
101	* @param ... arguments for format string
102	*
103	* @ingroup krb5_error
104	*/
105
106	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
107	krb5_abort (
108	krb5_context /context/,
109	krb5_error_code /code/,
110	const char */fmt/,
111	...)
112	__attribute__ ((__noreturn__, __format__ (__printf__, `3`, `4`)));
113
114	/**
115	* Log a warning to the log, default stderr, and then abort.
116	*
117	* @param context A Kerberos 5 context
118	* @param fmt printf format string of message to print
119	* @param ... arguments for format string
120	*
121	* @ingroup krb5_error
122	*/
123
124	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
125	krb5_abortx (
126	krb5_context /context/,
127	const char */fmt/,
128	...)
129	__attribute__ ((__noreturn__, __format__ (__printf__, `2`, `3`)));
130
131	/**
132	* krb5_acl_match_file matches ACL format against each line in a file
133	* using krb5_acl_match_string(). Lines starting with # are treated
134	* like comments and ignored.
135	*
136	* @param context Kerberos 5 context.
137	* @param file file with acl listed in the file.
138	* @param format format to match.
139	* @param ... parameter to format string.
140	*
141	* @return Return an error code or 0.
142	*
143	* @sa krb5_acl_match_string
144	* @ingroup krb5_support
145	*/
146
147	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
148	krb5_acl_match_file (
149	krb5_context /context/,
150	const char */file/,
151	const char */format/,
152	...);
153
154	/**
155	* krb5_acl_match_string matches ACL format against a string.
156	*
157	* The ACL format has three format specifiers: s, f, and r. Each
158	* specifier will retrieve one argument from the variable arguments
159	* for either matching or storing data. The input string is split up
160	* using " " (space) and "\t" (tab) as a delimiter; multiple and "\t"
161	* in a row are considered to be the same.
162	*
163	* List of format specifiers:
164	* - s Matches a string using strcmp(3) (case sensitive).
165	* - f Matches the string with fnmatch(3). Theflags
166	* argument (the last argument) passed to the fnmatch function is 0.
167	* - r Returns a copy of the string in the char ** passed in; the copy
168	* must be freed with free(3). There is no need to free(3) the
169	* string on error: the function will clean up and set the pointer
170	* to NULL.
171	*
172	* @param context Kerberos 5 context
173	* @param string string to match with
174	* @param format format to match
175	* @param ... parameter to format string
176	*
177	* @return Return an error code or 0.
178	*
179	*
180	* @code
181	* char *s;
182	*
183	* ret = krb5_acl_match_string(context, "foo", "s", "foo");
184	* if (ret)
185	* krb5_errx(context, 1, "acl didn't match");
186	* ret = krb5_acl_match_string(context, "foo foo baz/kaka",
187	* "ss", "foo", &s, "foo/\\*");
188	* if (ret) {
189	* // no need to free(s) on error
190	* assert(s == NULL);
191	* krb5_errx(context, 1, "acl didn't match");
192	* }
193	* free(s);
194	* @endcode
195	*
196	* @sa krb5_acl_match_file
197	* @ingroup krb5_support
198	*/
199
200	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
201	krb5_acl_match_string (
202	krb5_context /context/,
203	const char */string/,
204	const char */format/,
205	...);
206
207	/**
208	* Add a specified list of error messages to the et list in context.
209	* Call func (probably a comerr-generated function) with a pointer to
210	* the current et_list.
211	*
212	* @param context A kerberos context.
213	* @param func The generated com_err et function.
214	*
215	* @return Returns 0 to indicate success. Otherwise an kerberos et
216	* error code is returned, see krb5_get_error_message().
217	*
218	* @ingroup krb5
219	*/
220
221	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
222	krb5_add_et_list (
223	krb5_context /context/,
224	void (*/func/)(struct et_list **));
225
226	/**
227	* Add extra address to the address list that the library will add to
228	* the client's address list when communicating with the KDC.
229	*
230	* @param context Kerberos 5 context.
231	* @param addresses addreses to add
232	*
233	* @return Returns 0 to indicate success. Otherwise an kerberos et
234	* error code is returned, see krb5_get_error_message().
235	*
236	* @ingroup krb5
237	*/
238
239	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
240	krb5_add_extra_addresses (
241	krb5_context /context/,
242	krb5_addresses */addresses/);
243
244	/**
245	* Add extra addresses to ignore when fetching addresses from the
246	* underlaying operating system.
247	*
248	* @param context Kerberos 5 context.
249	* @param addresses addreses to ignore
250	*
251	* @return Returns 0 to indicate success. Otherwise an kerberos et
252	* error code is returned, see krb5_get_error_message().
253	*
254	* @ingroup krb5
255	*/
256
257	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
258	krb5_add_ignore_addresses (
259	krb5_context /context/,
260	krb5_addresses */addresses/);
261
262	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
263	krb5_addlog_dest (
264	krb5_context /context/,
265	krb5_log_facility */f/,
266	const char */orig/);
267
268	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
269	krb5_addlog_func (
270	krb5_context /context/,
271	krb5_log_facility */fac/,
272	int /min/,
273	int /max/,
274	krb5_log_log_func_t /log_func/,
275	krb5_log_close_func_t /close_func/,
276	void */data/);
277
278	/**
279	* krb5_addr2sockaddr sets the "struct sockaddr sockaddr" from addr
280	* and port. The argument sa_size should initially contain the size of
281	* the sa and after the call, it will contain the actual length of the
282	* address. In case of the sa is too small to fit the whole address,
283	* the up to sa_size will be stored, and then sa_size will be set to
284	* the required length.
285	*
286	* @param context a Keberos context
287	* @param addr the address to copy the from
288	* @param sa the struct sockaddr that will be filled in
289	* @param sa_size pointer to length of sa, and after the call, it will
290	* contain the actual length of the address.
291	* @param port set port in sa.
292	*
293	* @return Return an error code or 0. Will return
294	* KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.
295	*
296	* @ingroup krb5_address
297	*/
298
299	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
300	krb5_addr2sockaddr (
301	krb5_context /context/,
302	const krb5_address */addr/,
303	struct sockaddr */sa/,
304	krb5_socklen_t */sa_size/,
305	int /port/);
306
307	/**
308	* krb5_address_compare compares the addresses addr1 and addr2.
309	* Returns TRUE if the two addresses are the same.
310	*
311	* @param context a Keberos context
312	* @param addr1 address to compare
313	* @param addr2 address to compare
314	*
315	* @return Return an TRUE is the address are the same FALSE if not
316	*
317	* @ingroup krb5_address
318	*/
319
320	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
321	krb5_address_compare (
322	krb5_context /context/,
323	const krb5_address */addr1/,
324	const krb5_address */addr2/);
325
326	/**
327	* krb5_address_order compares the addresses addr1 and addr2 so that
328	* it can be used for sorting addresses. If the addresses are the same
329	* address krb5_address_order will return 0. Behavies like memcmp(2).
330	*
331	* @param context a Keberos context
332	* @param addr1 krb5_address to compare
333	* @param addr2 krb5_address to compare
334	*
335	* @return < 0 if address addr1 in "less" then addr2. 0 if addr1 and
336	* addr2 is the same address, > 0 if addr2 is "less" then addr1.
337	*
338	* @ingroup krb5_address
339	*/
340
341	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
342	krb5_address_order (
343	krb5_context /context/,
344	const krb5_address */addr1/,
345	const krb5_address */addr2/);
346
347	/**
348	* Calculate the boundary addresses of `inaddr'/`prefixlen' and store
349	* them in `low' and `high'.
350	*
351	* @param context a Keberos context
352	* @param inaddr address in prefixlen that the bondery searched
353	* @param prefixlen width of boundery
354	* @param low lowest address
355	* @param high highest address
356	*
357	* @return Return an error code or 0.
358	*
359	* @ingroup krb5_address
360	*/
361
362	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
363	krb5_address_prefixlen_boundary (
364	krb5_context /context/,
365	const krb5_address */inaddr/,
366	unsigned long /prefixlen/,
367	krb5_address */low/,
368	krb5_address */high/);
369
370	/**
371	* krb5_address_search checks if the address addr is a member of the
372	* address set list addrlist .
373	*
374	* @param context a Keberos context.
375	* @param addr address to search for.
376	* @param addrlist list of addresses to look in for addr.
377	*
378	* @return Return an error code or 0.
379	*
380	* @ingroup krb5_address
381	*/
382
383	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
384	krb5_address_search (
385	krb5_context /context/,
386	const krb5_address */addr/,
387	const krb5_addresses */addrlist/);
388
389	/**
390	* Enable or disable all weak encryption types
391	*
392	* @param context Kerberos 5 context
393	* @param enable true to enable, false to disable
394	*
395	* @return Return an error code or 0.
396	*
397	* @ingroup krb5_crypto
398	*/
399
400	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
401	krb5_allow_weak_crypto (
402	krb5_context /context/,
403	krb5_boolean /enable/);
404
405	/**
406	* Map a principal name to a local username.
407	*
408	* Returns 0 on success, KRB5_NO_LOCALNAME if no mapping was found, or
409	* some Kerberos or system error.
410	*
411	* Inputs:
412	*
413	* @param context A krb5_context
414	* @param aname A principal name
415	* @param lnsize The size of the buffer into which the username will be written
416	* @param lname The buffer into which the username will be written
417	*
418	* @ingroup krb5_support
419	*/
420
421	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
422	krb5_aname_to_localname (
423	krb5_context /context/,
424	krb5_const_principal /aname/,
425	size_t /lnsize/,
426	char */lname/);
427
428	/**
429	* krb5_anyaddr fills in a "struct sockaddr sa" that can be used to
430	* bind(2) to. The argument sa_size should initially contain the size
431	* of the sa, and after the call, it will contain the actual length
432	* of the address.
433	*
434	* @param context a Keberos context
435	* @param af address family
436	* @param sa sockaddr
437	* @param sa_size lenght of sa.
438	* @param port for to fill into sa.
439	*
440	* @return Return an error code or 0.
441	*
442	* @ingroup krb5_address
443	*/
444
445	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
446	krb5_anyaddr (
447	krb5_context /context/,
448	int /af/,
449	struct sockaddr */sa/,
450	krb5_socklen_t */sa_size/,
451	int /port/);
452
453	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
454	krb5_appdefault_boolean (
455	krb5_context /context/,
456	const char */appname/,
457	krb5_const_realm /realm/,
458	const char */option/,
459	krb5_boolean /def_val/,
460	krb5_boolean */ret_val/);
461
462	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
463	krb5_appdefault_string (
464	krb5_context /context/,
465	const char */appname/,
466	krb5_const_realm /realm/,
467	const char */option/,
468	const char */def_val/,
469	char **/ret_val/);
470
471	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
472	krb5_appdefault_time (
473	krb5_context /context/,
474	const char */appname/,
475	krb5_const_realm /realm/,
476	const char */option/,
477	time_t /def_val/,
478	time_t */ret_val/);
479
480	/**
481	* krb5_append_addresses adds the set of addresses in source to
482	* dest. While copying the addresses, duplicates are also sorted out.
483	*
484	* @param context a Keberos context
485	* @param dest destination of copy operation
486	* @param source adresses that are going to be added to dest
487	*
488	* @return Return an error code or 0.
489	*
490	* @ingroup krb5_address
491	*/
492
493	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
494	krb5_append_addresses (
495	krb5_context /context/,
496	krb5_addresses */dest/,
497	const krb5_addresses */source/);
498
499	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
500	krb5_auth_con_add_AuthorizationData (
501	krb5_context /context/,
502	krb5_auth_context /auth_context/,
503	int /type/,
504	krb5_data */data/);
505
506	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
507	krb5_auth_con_addflags (
508	krb5_context /context/,
509	krb5_auth_context /auth_context/,
510	int32_t /addflags/,
511	int32_t */flags/);
512
513	/**
514	* Deallocate an authentication context previously initialized with
515	* krb5_auth_con_init().
516	*
517	* @param context A kerberos context.
518	* @param auth_context The authentication context to be deallocated.
519	*
520	* @return An krb5 error code, see krb5_get_error_message().
521	*/
522
523	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
524	krb5_auth_con_free (
525	krb5_context /context/,
526	krb5_auth_context /auth_context/);
527
528	/**
529	* Update the authentication context \a auth_context with the local
530	* and remote addresses from socket \a fd, according to \a flags.
531	*
532	* @return An krb5 error code, see krb5_get_error_message().
533	*/
534
535	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
536	krb5_auth_con_genaddrs (
537	krb5_context /context/,
538	krb5_auth_context /auth_context/,
539	krb5_socket_t /fd/,
540	int /flags/);
541
542	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
543	krb5_auth_con_generatelocalsubkey (
544	krb5_context /context/,
545	krb5_auth_context /auth_context/,
546	krb5_keyblock */key/);
547
548	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
549	krb5_auth_con_getaddrs (
550	krb5_context /context/,
551	krb5_auth_context /auth_context/,
552	krb5_address **/local_addr/,
553	krb5_address **/remote_addr/);
554
555	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
556	krb5_auth_con_getauthenticator (
557	krb5_context /context/,
558	krb5_auth_context /auth_context/,
559	krb5_authenticator */authenticator/);
560
561	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
562	krb5_auth_con_getcksumtype (
563	krb5_context /context/,
564	krb5_auth_context /auth_context/,
565	krb5_cksumtype */cksumtype/);
566
567	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
568	krb5_auth_con_getflags (
569	krb5_context /context/,
570	krb5_auth_context /auth_context/,
571	int32_t */flags/);
572
573	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
574	krb5_auth_con_getkey (
575	krb5_context /context/,
576	krb5_auth_context /auth_context/,
577	krb5_keyblock **/keyblock/);
578
579	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
580	krb5_auth_con_getkeytype (
581	krb5_context /context/,
582	krb5_auth_context /auth_context/,
583	krb5_keytype */keytype/);
584
585	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
586	krb5_auth_con_getlocalseqnumber (
587	krb5_context /context/,
588	krb5_auth_context /auth_context/,
589	int32_t */seqnumber/);
590
591	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
592	krb5_auth_con_getlocalsubkey (
593	krb5_context /context/,
594	krb5_auth_context /auth_context/,
595	krb5_keyblock **/keyblock/);
596
597	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
598	krb5_auth_con_getrcache (
599	krb5_context /context/,
600	krb5_auth_context /auth_context/,
601	krb5_rcache */rcache/);
602
603	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
604	krb5_auth_con_getrecvsubkey (
605	krb5_context /context/,
606	krb5_auth_context /auth_context/,
607	krb5_keyblock **/keyblock/);
608
609	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
610	krb5_auth_con_getremoteseqnumber (
611	krb5_context /context/,
612	krb5_auth_context /auth_context/,
613	int32_t */seqnumber/);
614
615	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
616	krb5_auth_con_getremotesubkey (
617	krb5_context /context/,
618	krb5_auth_context /auth_context/,
619	krb5_keyblock **/keyblock/);
620
621	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
622	krb5_auth_con_getsendsubkey (
623	krb5_context /context/,
624	krb5_auth_context /auth_context/,
625	krb5_keyblock **/keyblock/);
626
627	/**
628	* Allocate and initialize an autentication context.
629	*
630	* @param context A kerberos context.
631	* @param auth_context The authentication context to be initialized.
632	*
633	* Use krb5_auth_con_free() to release the memory when done using the context.
634	*
635	* @return An krb5 error code, see krb5_get_error_message().
636	*/
637
638	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
639	krb5_auth_con_init (
640	krb5_context /context/,
641	krb5_auth_context */auth_context/);
642
643	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
644	krb5_auth_con_removeflags (
645	krb5_context /context/,
646	krb5_auth_context /auth_context/,
647	int32_t /removeflags/,
648	int32_t */flags/);
649
650	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
651	krb5_auth_con_setaddrs (
652	krb5_context /context/,
653	krb5_auth_context /auth_context/,
654	krb5_address */local_addr/,
655	krb5_address */remote_addr/);
656
657	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
658	krb5_auth_con_setaddrs_from_fd (
659	krb5_context /context/,
660	krb5_auth_context /auth_context/,
661	void */p_fd/);
662
663	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
664	krb5_auth_con_setcksumtype (
665	krb5_context /context/,
666	krb5_auth_context /auth_context/,
667	krb5_cksumtype /cksumtype/);
668
669	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
670	krb5_auth_con_setflags (
671	krb5_context /context/,
672	krb5_auth_context /auth_context/,
673	int32_t /flags/);
674
675	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
676	krb5_auth_con_setkey (
677	krb5_context /context/,
678	krb5_auth_context /auth_context/,
679	krb5_keyblock */keyblock/);
680
681	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
682	krb5_auth_con_setkeytype (
683	krb5_context /context/,
684	krb5_auth_context /auth_context/,
685	krb5_keytype /keytype/);
686
687	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
688	krb5_auth_con_setlocalseqnumber (
689	krb5_context /context/,
690	krb5_auth_context /auth_context/,
691	int32_t /seqnumber/);
692
693	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
694	krb5_auth_con_setlocalsubkey (
695	krb5_context /context/,
696	krb5_auth_context /auth_context/,
697	krb5_keyblock */keyblock/);
698
699	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
700	krb5_auth_con_setrcache (
701	krb5_context /context/,
702	krb5_auth_context /auth_context/,
703	krb5_rcache /rcache/);
704
705	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
706	krb5_auth_con_setrecvsubkey (
707	krb5_context /context/,
708	krb5_auth_context /auth_context/,
709	krb5_keyblock */keyblock/);
710
711	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
712	krb5_auth_con_setremoteseqnumber (
713	krb5_context /context/,
714	krb5_auth_context /auth_context/,
715	int32_t /seqnumber/);
716
717	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
718	krb5_auth_con_setremotesubkey (
719	krb5_context /context/,
720	krb5_auth_context /auth_context/,
721	krb5_keyblock */keyblock/);
722
723	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
724	krb5_auth_con_setsendsubkey (
725	krb5_context /context/,
726	krb5_auth_context /auth_context/,
727	krb5_keyblock */keyblock/);
728
729	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
730	krb5_auth_con_setuserkey (
731	krb5_context /context/,
732	krb5_auth_context /auth_context/,
733	krb5_keyblock */keyblock/);
734
735	/**
736	* Deprecated: use krb5_auth_con_getremoteseqnumber()
737	*
738	* @ingroup krb5_deprecated
739	*/
740
741	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
742	krb5_auth_getremoteseqnumber (
743	krb5_context /context/,
744	krb5_auth_context /auth_context/,
745	int32_t */seqnumber/)
746	KRB5_DEPRECATED_FUNCTION("Use X instead");
747
748	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
749	krb5_build_ap_req (
750	krb5_context /context/,
751	krb5_enctype /enctype/,
752	krb5_creds */cred/,
753	krb5_flags /ap_options/,
754	krb5_data /authenticator/,
755	krb5_data */retdata/);
756
757	/**
758	* Build a principal using vararg style building
759	*
760	* @param context A Kerberos context.
761	* @param principal returned principal
762	* @param rlen length of realm
763	* @param realm realm name
764	* @param ... a list of components ended with NULL.
765	*
766	* @return An krb5 error code, see krb5_get_error_message().
767	*
768	* @ingroup krb5_principal
769	*/
770
771	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
772	krb5_build_principal (
773	krb5_context /context/,
774	krb5_principal */principal/,
775	int /rlen/,
776	krb5_const_realm /realm/,
777	...);
778
779	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
780	krb5_build_principal_ext (
781	krb5_context /context/,
782	krb5_principal */principal/,
783	int /rlen/,
784	krb5_const_realm /realm/,
785	...);
786
787	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
788	krb5_build_principal_va (
789	krb5_context /context/,
790	krb5_principal */principal/,
791	int /rlen/,
792	krb5_const_realm /realm/,
793	va_list /ap/);
794
795	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
796	krb5_build_principal_va_ext (
797	krb5_context /context/,
798	krb5_principal */principal/,
799	int /rlen/,
800	krb5_const_realm /realm/,
801	va_list /ap/);
802
803	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
804	krb5_c_block_size (
805	krb5_context /context/,
806	krb5_enctype /enctype/,
807	size_t */blocksize/);
808
809	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
810	krb5_c_checksum_length (
811	krb5_context /context/,
812	krb5_cksumtype /cksumtype/,
813	size_t */length/);
814
815	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
816	krb5_c_decrypt (
817	krb5_context /context/,
818	const krb5_keyblock /key/,
819	krb5_keyusage /usage/,
820	const krb5_data */ivec/,
821	krb5_enc_data */input/,
822	krb5_data */output/);
823
824	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
825	krb5_c_encrypt (
826	krb5_context /context/,
827	const krb5_keyblock */key/,
828	krb5_keyusage /usage/,
829	const krb5_data */ivec/,
830	const krb5_data */input/,
831	krb5_enc_data */output/);
832
833	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
834	krb5_c_encrypt_length (
835	krb5_context /context/,
836	krb5_enctype /enctype/,
837	size_t /inputlen/,
838	size_t */length/);
839
840	/**
841	* Deprecated: keytypes doesn't exists, they are really enctypes.
842	*
843	* @ingroup krb5_deprecated
844	*/
845
846	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
847	krb5_c_enctype_compare (
848	krb5_context /context/,
849	krb5_enctype /e1/,
850	krb5_enctype /e2/,
851	krb5_boolean */similar/)
852	KRB5_DEPRECATED_FUNCTION("Use X instead");
853
854	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
855	krb5_c_get_checksum (
856	krb5_context /context/,
857	const krb5_checksum */cksum/,
858	krb5_cksumtype */type/,
859	krb5_data **/data/);
860
861	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
862	krb5_c_is_coll_proof_cksum (krb5_cksumtype /ctype/);
863
864	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
865	krb5_c_is_keyed_cksum (krb5_cksumtype /ctype/);
866
867	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
868	krb5_c_keylengths (
869	krb5_context /context/,
870	krb5_enctype /enctype/,
871	size_t */ilen/,
872	size_t */keylen/);
873
874	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
875	krb5_c_make_checksum (
876	krb5_context /context/,
877	krb5_cksumtype /cksumtype/,
878	const krb5_keyblock */key/,
879	krb5_keyusage /usage/,
880	const krb5_data */input/,
881	krb5_checksum */cksum/);
882
883	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
884	krb5_c_make_random_key (
885	krb5_context /context/,
886	krb5_enctype /enctype/,
887	krb5_keyblock */random_key/);
888
889	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
890	krb5_c_prf (
891	krb5_context /context/,
892	const krb5_keyblock */key/,
893	const krb5_data */input/,
894	krb5_data */output/);
895
896	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
897	krb5_c_prf_length (
898	krb5_context /context/,
899	krb5_enctype /type/,
900	size_t */length/);
901
902	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
903	krb5_c_random_make_octets (
904	krb5_context /context/,
905	krb5_data * /data/);
906
907	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
908	krb5_c_set_checksum (
909	krb5_context /context/,
910	krb5_checksum */cksum/,
911	krb5_cksumtype /type/,
912	const krb5_data */data/);
913
914	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
915	krb5_c_valid_cksumtype (krb5_cksumtype /ctype/);
916
917	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
918	krb5_c_valid_enctype (krb5_enctype /etype/);
919
920	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
921	krb5_c_verify_checksum (
922	krb5_context /context/,
923	const krb5_keyblock */key/,
924	krb5_keyusage /usage/,
925	const krb5_data */data/,
926	const krb5_checksum */cksum/,
927	krb5_boolean */valid/);
928
929	/**
930	* Destroy the cursor `cursor'.
931	*
932	* @return Return an error code or 0, see krb5_get_error_message().
933	*
934	* @ingroup krb5_ccache
935	*/
936
937	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
938	krb5_cc_cache_end_seq_get (
939	krb5_context /context/,
940	krb5_cc_cache_cursor /cursor/);
941
942	/**
943	* Start iterating over all caches of specified type. See also
944	* krb5_cccol_cursor_new().
945
946	* @param context A Kerberos 5 context
947	* @param type optional type to iterate over, if NULL, the default cache is used.
948	* @param cursor cursor should be freed with krb5_cc_cache_end_seq_get().
949	*
950	* @return Return an error code or 0, see krb5_get_error_message().
951	*
952	* @ingroup krb5_ccache
953	*/
954
955	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
956	krb5_cc_cache_get_first (
957	krb5_context /context/,
958	const char */type/,
959	krb5_cc_cache_cursor */cursor/);
960
961	/**
962	* Search for a matching credential cache that have the
963	* `principal' as the default principal. On success, `id' needs to be
964	* freed with krb5_cc_close() or krb5_cc_destroy().
965	*
966	* @param context A Kerberos 5 context
967	* @param client The principal to search for
968	* @param id the returned credential cache
969	*
970	* @return On failure, error code is returned and `id' is set to NULL.
971	*
972	* @ingroup krb5_ccache
973	*/
974
975	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
976	krb5_cc_cache_match (
977	krb5_context /context/,
978	krb5_principal /client/,
979	krb5_ccache */id/);
980
981	/**
982	* Retrieve the next cache pointed to by (`cursor') in `id'
983	* and advance `cursor'.
984	*
985	* @param context A Kerberos 5 context
986	* @param cursor the iterator cursor, returned by krb5_cc_cache_get_first()
987	* @param id next ccache
988	*
989	* @return Return 0 or an error code. Returns KRB5_CC_END when the end
990	* of caches is reached, see krb5_get_error_message().
991	*
992	* @ingroup krb5_ccache
993	*/
994
995	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
996	krb5_cc_cache_next (
997	krb5_context /context/,
998	krb5_cc_cache_cursor /cursor/,
999	krb5_ccache */id/);
1000
1001	/**
1002	* Clear `mcreds' so it can be used with krb5_cc_retrieve_cred
1003	*
1004	* @ingroup krb5_ccache
1005	*/
1006
1007	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
1008	krb5_cc_clear_mcred (krb5_creds */mcred/);
1009
1010	/**
1011	* Stop using the ccache `id' and free the related resources.
1012	*
1013	* @return Return an error code or 0, see krb5_get_error_message().
1014	*
1015	* @ingroup krb5_ccache
1016	*/
1017
1018	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1019	krb5_cc_close (
1020	krb5_context /context/,
1021	krb5_ccache /id/);
1022
1023	/**
1024	* Just like krb5_cc_copy_match_f(), but copy everything.
1025	*
1026	* @ingroup @krb5_ccache
1027	*/
1028
1029	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1030	krb5_cc_copy_cache (
1031	krb5_context /context/,
1032	const krb5_ccache /from/,
1033	krb5_ccache /to/);
1034
1035	/**
1036	* MIT compat glue
1037	*
1038	* @ingroup krb5_ccache
1039	*/
1040
1041	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1042	krb5_cc_copy_creds (
1043	krb5_context /context/,
1044	const krb5_ccache /from/,
1045	krb5_ccache /to/);
1046
1047	/**
1048	* Copy the contents of `from' to `to' if the given match function
1049	* return true.
1050	*
1051	* @param context A Kerberos 5 context.
1052	* @param from the cache to copy data from.
1053	* @param to the cache to copy data to.
1054	* @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied.
1055	* @param matchctx context passed to match function.
1056	* @param matched set to true if there was a credential that matched, may be NULL.
1057	*
1058	* @return Return an error code or 0, see krb5_get_error_message().
1059	*
1060	* @ingroup krb5_ccache
1061	*/
1062
1063	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1064	krb5_cc_copy_match_f (
1065	krb5_context /context/,
1066	const krb5_ccache /from/,
1067	krb5_ccache /to/,
1068	krb5_boolean (*/match/)(krb5_context, void , const* krb5_creds *),
1069	void */matchctx/,
1070	unsigned int */matched/);
1071
1072	/**
1073	* Open the default ccache in `id'.
1074	*
1075	* @return Return an error code or 0, see krb5_get_error_message().
1076	*
1077	* @ingroup krb5_ccache
1078	*/
1079
1080	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1081	krb5_cc_default (
1082	krb5_context /context/,
1083	krb5_ccache */id/);
1084
1085	/**
1086	* Return a pointer to a context static string containing the default
1087	* ccache name.
1088	*
1089	* @return String to the default credential cache name.
1090	*
1091	* @ingroup krb5_ccache
1092	*/
1093
1094	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
1095	krb5_cc_default_name (krb5_context /context/);
1096
1097	/**
1098	* Remove the ccache `id'.
1099	*
1100	* @return Return an error code or 0, see krb5_get_error_message().
1101	*
1102	* @ingroup krb5_ccache
1103	*/
1104
1105	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1106	krb5_cc_destroy (
1107	krb5_context /context/,
1108	krb5_ccache /id/);
1109
1110	/**
1111	* Destroy the cursor `cursor'.
1112	*
1113	* @ingroup krb5_ccache
1114	*/
1115
1116	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1117	krb5_cc_end_seq_get (
1118	krb5_context /context/,
1119	const krb5_ccache /id/,
1120	krb5_cc_cursor */cursor/);
1121
1122	/**
1123	* Generate a new ccache of type `ops' in `id'.
1124	*
1125	* Deprecated: use krb5_cc_new_unique() instead.
1126	*
1127	* @return Return an error code or 0, see krb5_get_error_message().
1128	*
1129	* @ingroup krb5_ccache
1130	*/
1131
1132	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1133	krb5_cc_gen_new (
1134	krb5_context /context/,
1135	const krb5_cc_ops */ops/,
1136	krb5_ccache */id/)
1137	KRB5_DEPRECATED_FUNCTION("Use X instead");
1138
1139	/**
1140	* Get some configuration for the credential cache in the cache.
1141	*
1142	* @param context a Keberos context
1143	* @param id the credential cache to store the data for
1144	* @param principal configuration for a specific principal, if
1145	* NULL, global for the whole cache.
1146	* @param name name under which the configuraion is stored.
1147	* @param data data to fetched, free with krb5_data_free()
1148	*
1149	* @ingroup krb5_ccache
1150	*/
1151
1152	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1153	krb5_cc_get_config (
1154	krb5_context /context/,
1155	krb5_ccache /id/,
1156	krb5_const_principal /principal/,
1157	const char */name/,
1158	krb5_data */data/);
1159
1160	/**
1161	* Get the flags of `id', store them in `flags'.
1162	*
1163	* @ingroup krb5_ccache
1164	*/
1165
1166	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1167	krb5_cc_get_flags (
1168	krb5_context /context/,
1169	krb5_ccache /id/,
1170	krb5_flags */flags/);
1171
1172	/**
1173	* Return a friendly name on credential cache. Free the result with krb5_xfree().
1174	*
1175	* @return Return an error code or 0, see krb5_get_error_message().
1176	*
1177	* @ingroup krb5_ccache
1178	*/
1179
1180	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1181	krb5_cc_get_friendly_name (
1182	krb5_context /context/,
1183	krb5_ccache /id/,
1184	char **/name/);
1185
1186	/**
1187	* Return the complete resolvable name the cache
1188
1189	* @param context a Keberos context
1190	* @param id return pointer to a found credential cache
1191	* @param str the returned name of a credential cache, free with krb5_xfree()
1192	*
1193	* @return Returns 0 or an error (and then *str is set to NULL).
1194	*
1195	* @ingroup krb5_ccache
1196	*/
1197
1198	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1199	krb5_cc_get_full_name (
1200	krb5_context /context/,
1201	krb5_ccache /id/,
1202	char **/str/);
1203
1204	/**
1205	* Get the time offset betwen the client and the KDC
1206	*
1207	* If the backend doesn't support KDC offset, use the context global setting.
1208	*
1209	* @param context A Kerberos 5 context.
1210	* @param id a credential cache
1211	* @param offset the offset in seconds
1212	*
1213	* @return Return an error code or 0, see krb5_get_error_message().
1214	*
1215	* @ingroup krb5_ccache
1216	*/
1217
1218	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1219	krb5_cc_get_kdc_offset (
1220	krb5_context /context/,
1221	krb5_ccache /id/,
1222	krb5_deltat */offset/);
1223
1224	/**
1225	* Get the lifetime of the initial ticket in the cache
1226	*
1227	* Get the lifetime of the initial ticket in the cache, if the initial
1228	* ticket was not found, the error code KRB5_CC_END is returned.
1229	*
1230	* @param context A Kerberos 5 context.
1231	* @param id a credential cache
1232	* @param t the relative lifetime of the initial ticket
1233	*
1234	* @return Return an error code or 0, see krb5_get_error_message().
1235	*
1236	* @ingroup krb5_ccache
1237	*/
1238
1239	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1240	krb5_cc_get_lifetime (
1241	krb5_context /context/,
1242	krb5_ccache /id/,
1243	time_t */t/);
1244
1245	/**
1246	* Return the name of the ccache `id'
1247	*
1248	* @ingroup krb5_ccache
1249	*/
1250
1251	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
1252	krb5_cc_get_name (
1253	krb5_context /context/,
1254	krb5_ccache /id/);
1255
1256	/**
1257	* Return krb5_cc_ops of a the ccache `id'.
1258	*
1259	* @ingroup krb5_ccache
1260	*/
1261
1262	KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL
1263	krb5_cc_get_ops (
1264	krb5_context /context/,
1265	krb5_ccache /id/);
1266
1267	/**
1268	* Get the cc ops that is registered in `context' to handle the
1269	* prefix. prefix can be a complete credential cache name or a
1270	* prefix, the function will only use part up to the first colon (:)
1271	* if there is one. If prefix the argument is NULL, the default ccache
1272	* implemtation is returned.
1273	*
1274	* @return Returns NULL if ops not found.
1275	*
1276	* @ingroup krb5_ccache
1277	*/
1278
1279	KRB5_LIB_FUNCTION const krb5_cc_ops * KRB5_LIB_CALL
1280	krb5_cc_get_prefix_ops (
1281	krb5_context /context/,
1282	const char */prefix/);
1283
1284	/**
1285	* Return the principal of `id' in `principal'.
1286	*
1287	* @return Return an error code or 0, see krb5_get_error_message().
1288	*
1289	* @ingroup krb5_ccache
1290	*/
1291
1292	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1293	krb5_cc_get_principal (
1294	krb5_context /context/,
1295	krb5_ccache /id/,
1296	krb5_principal */principal/);
1297
1298	/**
1299	* Return the type of the ccache `id'.
1300	*
1301	* @ingroup krb5_ccache
1302	*/
1303
1304	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
1305	krb5_cc_get_type (
1306	krb5_context /context/,
1307	krb5_ccache /id/);
1308
1309	/**
1310	* Return the version of `id'.
1311	*
1312	* @ingroup krb5_ccache
1313	*/
1314
1315	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1316	krb5_cc_get_version (
1317	krb5_context /context/,
1318	const krb5_ccache /id/);
1319
1320	/**
1321	* Create a new ccache in `id' for `primary_principal'.
1322	*
1323	* @return Return an error code or 0, see krb5_get_error_message().
1324	*
1325	* @ingroup krb5_ccache
1326	*/
1327
1328	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1329	krb5_cc_initialize (
1330	krb5_context /context/,
1331	krb5_ccache /id/,
1332	krb5_principal /primary_principal/);
1333
1334	/**
1335	* Return the last time the credential cache was modified.
1336	*
1337	* @param context A Kerberos 5 context
1338	* @param id The credential cache to probe
1339	* @param mtime the last modification time, set to 0 on error.
1340
1341	* @return Return 0 or and error. See krb5_get_error_message().
1342	*
1343	* @ingroup krb5_ccache
1344	*/
1345
1346	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1347	krb5_cc_last_change_time (
1348	krb5_context /context/,
1349	krb5_ccache /id/,
1350	krb5_timestamp */mtime/);
1351
1352	/**
1353	* Move the content from one credential cache to another. The
1354	* operation is an atomic switch.
1355	*
1356	* @param context a Keberos context
1357	* @param from the credential cache to move the content from
1358	* @param to the credential cache to move the content to
1359
1360	* @return On sucess, from is freed. On failure, error code is
1361	* returned and from and to are both still allocated, see krb5_get_error_message().
1362	*
1363	* @ingroup krb5_ccache
1364	*/
1365
1366	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1367	krb5_cc_move (
1368	krb5_context /context/,
1369	krb5_ccache /from/,
1370	krb5_ccache /to/);
1371
1372	/**
1373	* Generates a new unique ccache of `type` in `id'. If `type' is NULL,
1374	* the library chooses the default credential cache type. The supplied
1375	* `hint' (that can be NULL) is a string that the credential cache
1376	* type can use to base the name of the credential on, this is to make
1377	* it easier for the user to differentiate the credentials.
1378	*
1379	* @return Return an error code or 0, see krb5_get_error_message().
1380	*
1381	* @ingroup krb5_ccache
1382	*/
1383
1384	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1385	krb5_cc_new_unique (
1386	krb5_context /context/,
1387	const char */type/,
1388	const char */hint/,
1389	krb5_ccache */id/);
1390
1391	/**
1392	* Retrieve the next cred pointed to by (`id', `cursor') in `creds'
1393	* and advance `cursor'.
1394	*
1395	* @return Return an error code or 0, see krb5_get_error_message().
1396	*
1397	* @ingroup krb5_ccache
1398	*/
1399
1400	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1401	krb5_cc_next_cred (
1402	krb5_context /context/,
1403	const krb5_ccache /id/,
1404	krb5_cc_cursor */cursor/,
1405	krb5_creds */creds/);
1406
1407	/**
1408	* Add a new ccache type with operations `ops', overwriting any
1409	* existing one if `override'.
1410	*
1411	* @param context a Keberos context
1412	* @param ops type of plugin symbol
1413	* @param override flag to select if the registration is to overide
1414	* an existing ops with the same name.
1415	*
1416	* @return Return an error code or 0, see krb5_get_error_message().
1417	*
1418	* @ingroup krb5_ccache
1419	*/
1420
1421	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1422	krb5_cc_register (
1423	krb5_context /context/,
1424	const krb5_cc_ops */ops/,
1425	krb5_boolean /override/);
1426
1427	/**
1428	* Remove the credential identified by `cred', `which' from `id'.
1429	*
1430	* @ingroup krb5_ccache
1431	*/
1432
1433	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1434	krb5_cc_remove_cred (
1435	krb5_context /context/,
1436	krb5_ccache /id/,
1437	krb5_flags /which/,
1438	krb5_creds */cred/);
1439
1440	/**
1441	* Find and allocate a ccache in `id' from the specification in `residual'.
1442	* If the ccache name doesn't contain any colon, interpret it as a file name.
1443	*
1444	* @param context a Keberos context.
1445	* @param name string name of a credential cache.
1446	* @param id return pointer to a found credential cache.
1447	*
1448	* @return Return 0 or an error code. In case of an error, id is set
1449	* to NULL, see krb5_get_error_message().
1450	*
1451	* @ingroup krb5_ccache
1452	*/
1453
1454	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1455	krb5_cc_resolve (
1456	krb5_context /context/,
1457	const char */name/,
1458	krb5_ccache */id/);
1459
1460	/**
1461	* Retrieve the credential identified by `mcreds' (and `whichfields')
1462	* from `id' in `creds'. 'creds' must be free by the caller using
1463	* krb5_free_cred_contents.
1464	*
1465	* @param context A Kerberos 5 context
1466	* @param id a Kerberos 5 credential cache
1467	* @param whichfields what fields to use for matching credentials, same
1468	* flags as whichfields in krb5_compare_creds()
1469	* @param mcreds template credential to use for comparing
1470	* @param creds returned credential, free with krb5_free_cred_contents()
1471	*
1472	* @return Return an error code or 0, see krb5_get_error_message().
1473	*
1474	* @ingroup krb5_ccache
1475	*/
1476
1477	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1478	krb5_cc_retrieve_cred (
1479	krb5_context /context/,
1480	krb5_ccache /id/,
1481	krb5_flags /whichfields/,
1482	const krb5_creds */mcreds/,
1483	krb5_creds */creds/);
1484
1485	/**
1486	* Store some configuration for the credential cache in the cache.
1487	* Existing configuration under the same name is over-written.
1488	*
1489	* @param context a Keberos context
1490	* @param id the credential cache to store the data for
1491	* @param principal configuration for a specific principal, if
1492	* NULL, global for the whole cache.
1493	* @param name name under which the configuraion is stored.
1494	* @param data data to store, if NULL, configure is removed.
1495	*
1496	* @ingroup krb5_ccache
1497	*/
1498
1499	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1500	krb5_cc_set_config (
1501	krb5_context /context/,
1502	krb5_ccache /id/,
1503	krb5_const_principal /principal/,
1504	const char */name/,
1505	krb5_data */data/);
1506
1507	/**
1508	* Set the default cc name for `context' to `name'.
1509	*
1510	* @ingroup krb5_ccache
1511	*/
1512
1513	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1514	krb5_cc_set_default_name (
1515	krb5_context /context/,
1516	const char */name/);
1517
1518	/**
1519	* Set the flags of `id' to `flags'.
1520	*
1521	* @ingroup krb5_ccache
1522	*/
1523
1524	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1525	krb5_cc_set_flags (
1526	krb5_context /context/,
1527	krb5_ccache /id/,
1528	krb5_flags /flags/);
1529
1530	/**
1531	* Set the friendly name on credential cache.
1532	*
1533	* @return Return an error code or 0, see krb5_get_error_message().
1534	*
1535	* @ingroup krb5_ccache
1536	*/
1537
1538	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1539	krb5_cc_set_friendly_name (
1540	krb5_context /context/,
1541	krb5_ccache /id/,
1542	const char */name/);
1543
1544	/**
1545	* Set the time offset betwen the client and the KDC
1546	*
1547	* If the backend doesn't support KDC offset, use the context global setting.
1548	*
1549	* @param context A Kerberos 5 context.
1550	* @param id a credential cache
1551	* @param offset the offset in seconds
1552	*
1553	* @return Return an error code or 0, see krb5_get_error_message().
1554	*
1555	* @ingroup krb5_ccache
1556	*/
1557
1558	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1559	krb5_cc_set_kdc_offset (
1560	krb5_context /context/,
1561	krb5_ccache /id/,
1562	krb5_deltat /offset/);
1563
1564	/**
1565	* Start iterating over `id', `cursor' is initialized to the
1566	* beginning. Caller must free the cursor with krb5_cc_end_seq_get().
1567	*
1568	* @return Return an error code or 0, see krb5_get_error_message().
1569	*
1570	* @ingroup krb5_ccache
1571	*/
1572
1573	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1574	krb5_cc_start_seq_get (
1575	krb5_context /context/,
1576	const krb5_ccache /id/,
1577	krb5_cc_cursor */cursor/);
1578
1579	/**
1580	* Store `creds' in the ccache `id'.
1581	*
1582	* @return Return an error code or 0, see krb5_get_error_message().
1583	*
1584	* @ingroup krb5_ccache
1585	*/
1586
1587	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1588	krb5_cc_store_cred (
1589	krb5_context /context/,
1590	krb5_ccache /id/,
1591	krb5_creds */creds/);
1592
1593	/**
1594	* Return true if the default credential cache support switch
1595	*
1596	* @ingroup krb5_ccache
1597	*/
1598
1599	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1600	krb5_cc_support_switch (
1601	krb5_context /context/,
1602	const char */type/);
1603
1604	/**
1605	* Switch the default default credential cache for a specific
1606	* credcache type (and name for some implementations).
1607	*
1608	* @return Return an error code or 0, see krb5_get_error_message().
1609	*
1610	* @ingroup krb5_ccache
1611	*/
1612
1613	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1614	krb5_cc_switch (
1615	krb5_context /context/,
1616	krb5_ccache /id/);
1617
1618	/**
1619	* End an iteration and free all resources, can be done before end is reached.
1620	*
1621	* @param context A Kerberos 5 context
1622	* @param cursor the iteration cursor to be freed.
1623	*
1624	* @return Return 0 or and error, KRB5_CC_END is returned at the end
1625	* of iteration. See krb5_get_error_message().
1626	*
1627	* @ingroup krb5_ccache
1628	*/
1629
1630	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1631	krb5_cccol_cursor_free (
1632	krb5_context /context/,
1633	krb5_cccol_cursor */cursor/);
1634
1635	/**
1636	* Get a new cache interation cursor that will interate over all
1637	* credentials caches independent of type.
1638	*
1639	* @param context a Keberos context
1640	* @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free().
1641	*
1642	* @return Returns 0 or and error code, see krb5_get_error_message().
1643	*
1644	* @ingroup krb5_ccache
1645	*/
1646
1647	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1648	krb5_cccol_cursor_new (
1649	krb5_context /context/,
1650	krb5_cccol_cursor */cursor/);
1651
1652	/**
1653	* Get next credential cache from the iteration.
1654	*
1655	* @param context A Kerberos 5 context
1656	* @param cursor the iteration cursor
1657	* @param cache the returned cursor, pointer is set to NULL on failure
1658	* and a cache on success. The returned cache needs to be freed
1659	* with krb5_cc_close() or destroyed with krb5_cc_destroy().
1660	* MIT Kerberos behavies slightly diffrent and sets cache to NULL
1661	* when all caches are iterated over and return 0.
1662	*
1663	* @return Return 0 or and error, KRB5_CC_END is returned at the end
1664	* of iteration. See krb5_get_error_message().
1665	*
1666	* @ingroup krb5_ccache
1667	*/
1668
1669	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1670	krb5_cccol_cursor_next (
1671	krb5_context /context/,
1672	krb5_cccol_cursor /cursor/,
1673	krb5_ccache */cache/);
1674
1675	/**
1676	* Return the last modfication time for a cache collection. The query
1677	* can be limited to a specific cache type. If the function return 0
1678	* and mtime is 0, there was no credentials in the caches.
1679	*
1680	* @param context A Kerberos 5 context
1681	* @param type The credential cache to probe, if NULL, all type are traversed.
1682	* @param mtime the last modification time, set to 0 on error.
1683
1684	* @return Return 0 or and error. See krb5_get_error_message().
1685	*
1686	* @ingroup krb5_ccache
1687	*/
1688
1689	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1690	krb5_cccol_last_change_time (
1691	krb5_context /context/,
1692	const char */type/,
1693	krb5_timestamp */mtime/);
1694
1695	/**
1696	* Deprecated: krb5_change_password() is deprecated, use krb5_set_password().
1697	*
1698	* @param context a Keberos context
1699	* @param creds
1700	* @param newpw
1701	* @param result_code
1702	* @param result_code_string
1703	* @param result_string
1704	*
1705	* @return On sucess password is changed.
1706
1707	* @ingroup @krb5_deprecated
1708	*/
1709
1710	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1711	krb5_change_password (
1712	krb5_context /context/,
1713	krb5_creds */creds/,
1714	const char */newpw/,
1715	int */result_code/,
1716	krb5_data */result_code_string/,
1717	krb5_data */result_string/)
1718	KRB5_DEPRECATED_FUNCTION("Use X instead");
1719
1720	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1721	krb5_check_transited (
1722	krb5_context /context/,
1723	krb5_const_realm /client_realm/,
1724	krb5_const_realm /server_realm/,
1725	krb5_realm */realms/,
1726	unsigned int /num_realms/,
1727	int */bad_realm/);
1728
1729	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1730	krb5_check_transited_realms (
1731	krb5_context /context/,
1732	const char *const */realms/,
1733	unsigned int /num_realms/,
1734	int */bad_realm/);
1735
1736	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1737	krb5_checksum_disable (
1738	krb5_context /context/,
1739	krb5_cksumtype /type/);
1740
1741	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
1742	krb5_checksum_free (
1743	krb5_context /context/,
1744	krb5_checksum */cksum/);
1745
1746	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1747	krb5_checksum_is_collision_proof (
1748	krb5_context /context/,
1749	krb5_cksumtype /type/);
1750
1751	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1752	krb5_checksum_is_keyed (
1753	krb5_context /context/,
1754	krb5_cksumtype /type/);
1755
1756	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1757	krb5_checksumsize (
1758	krb5_context /context/,
1759	krb5_cksumtype /type/,
1760	size_t */size/);
1761
1762	/**
1763	* Return the coresponding encryption type for a checksum type.
1764	*
1765	* @param context Kerberos context
1766	* @param ctype The checksum type to get the result enctype for
1767	* @param etype The returned encryption, when the matching etype is
1768	* not found, etype is set to ETYPE_NULL.
1769	*
1770	* @return Return an error code for an failure or 0 on success.
1771	* @ingroup krb5_crypto
1772	*/
1773
1774	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1775	krb5_cksumtype_to_enctype (
1776	krb5_context /context/,
1777	krb5_cksumtype /ctype/,
1778	krb5_enctype */etype/);
1779
1780	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1781	krb5_cksumtype_valid (
1782	krb5_context /context/,
1783	krb5_cksumtype /ctype/);
1784
1785	/**
1786	* Clears the error message from the Kerberos 5 context.
1787	*
1788	* @param context The Kerberos 5 context to clear
1789	*
1790	* @ingroup krb5_error
1791	*/
1792
1793	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
1794	krb5_clear_error_message (krb5_context /context/);
1795
1796	/**
1797	* Clear the error message returned by krb5_get_error_string().
1798	*
1799	* Deprecated: use krb5_clear_error_message()
1800	*
1801	* @param context Kerberos context
1802	*
1803	* @ingroup krb5_deprecated
1804	*/
1805
1806	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
1807	krb5_clear_error_string (krb5_context /context/)
1808	KRB5_DEPRECATED_FUNCTION("Use X instead");
1809
1810	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1811	krb5_closelog (
1812	krb5_context /context/,
1813	krb5_log_facility */fac/);
1814
1815	/**
1816	* Return TRUE if `mcreds' and `creds' are equal (`whichfields'
1817	* determines what equal means).
1818	*
1819	*
1820	* The following flags, set in whichfields affects the comparison:
1821	* - KRB5_TC_MATCH_SRV_NAMEONLY Consider all realms equal when comparing the service principal.
1822	* - KRB5_TC_MATCH_KEYTYPE Compare enctypes.
1823	* - KRB5_TC_MATCH_FLAGS_EXACT Make sure that the ticket flags are identical.
1824	* - KRB5_TC_MATCH_FLAGS Make sure that all ticket flags set in mcreds are also present in creds .
1825	* - KRB5_TC_MATCH_TIMES_EXACT Compares the ticket times exactly.
1826	* - KRB5_TC_MATCH_TIMES Compares only the expiration times of the creds.
1827	* - KRB5_TC_MATCH_AUTHDATA Compares the authdata fields.
1828	* - KRB5_TC_MATCH_2ND_TKT Compares the second tickets (used by user-to-user authentication).
1829	* - KRB5_TC_MATCH_IS_SKEY Compares the existance of the second ticket.
1830	*
1831	* @param context Kerberos 5 context.
1832	* @param whichfields which fields to compare.
1833	* @param mcreds cred to compare with.
1834	* @param creds cred to compare with.
1835	*
1836	* @return return TRUE if mcred and creds are equal, FALSE if not.
1837	*
1838	* @ingroup krb5
1839	*/
1840
1841	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1842	krb5_compare_creds (
1843	krb5_context /context/,
1844	krb5_flags /whichfields/,
1845	const krb5_creds * /mcreds/,
1846	const krb5_creds * /creds/);
1847
1848	/**
1849	* Free configuration file section, the result of
1850	* krb5_config_parse_file() and krb5_config_parse_file_multi().
1851	*
1852	* @param context A Kerberos 5 context
1853	* @param s the configuration section to free
1854	*
1855	* @return returns 0 on successes, otherwise an error code, see
1856	* krb5_get_error_message()
1857	*
1858	* @ingroup krb5_support
1859	*/
1860
1861	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1862	krb5_config_file_free (
1863	krb5_context /context/,
1864	krb5_config_section */s/);
1865
1866	/**
1867	* Free the resulting strings from krb5_config-get_strings() and
1868	* krb5_config_vget_strings().
1869	*
1870	* @param strings strings to free
1871	*
1872	* @ingroup krb5_support
1873	*/
1874
1875	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
1876	krb5_config_free_strings (char **/strings/);
1877
1878	/**
1879	* Like krb5_config_get_bool() but with a va_list list of
1880	* configuration selection.
1881	*
1882	* Configuration value to a boolean value, where yes/true and any
1883	* non-zero number means TRUE and other value is FALSE.
1884	*
1885	* @param context A Kerberos 5 context.
1886	* @param c a configuration section, or NULL to use the section from context
1887	* @param ... a list of names, terminated with NULL.
1888	*
1889	* @return TRUE or FALSE
1890	*
1891	* @ingroup krb5_support
1892	*/
1893
1894	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1895	krb5_config_get_bool (
1896	krb5_context /context/,
1897	const krb5_config_section */c/,
1898	...);
1899
1900	/**
1901	* krb5_config_get_bool_default() will convert the configuration
1902	* option value to a boolean value, where yes/true and any non-zero
1903	* number means TRUE and other value is FALSE.
1904	*
1905	* @param context A Kerberos 5 context.
1906	* @param c a configuration section, or NULL to use the section from context
1907	* @param def_value the default value to return if no configuration
1908	* found in the database.
1909	* @param ... a list of names, terminated with NULL.
1910	*
1911	* @return TRUE or FALSE
1912	*
1913	* @ingroup krb5_support
1914	*/
1915
1916	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1917	krb5_config_get_bool_default (
1918	krb5_context /context/,
1919	const krb5_config_section */c/,
1920	krb5_boolean /def_value/,
1921	...);
1922
1923	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
1924	krb5_config_get_int (
1925	krb5_context /context/,
1926	const krb5_config_section */c/,
1927	...);
1928
1929	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
1930	krb5_config_get_int_default (
1931	krb5_context /context/,
1932	const krb5_config_section */c/,
1933	int /def_value/,
1934	...);
1935
1936	/**
1937	* Get a list of configuration binding list for more processing
1938	*
1939	* @param context A Kerberos 5 context.
1940	* @param c a configuration section, or NULL to use the section from context
1941	* @param ... a list of names, terminated with NULL.
1942	*
1943	* @return NULL if configuration list is not found, a list otherwise
1944	*
1945	* @ingroup krb5_support
1946	*/
1947
1948	KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL
1949	krb5_config_get_list (
1950	krb5_context /context/,
1951	const krb5_config_section */c/,
1952	...);
1953
1954	/**
1955	* Returns a "const char *" to a string in the configuration database.
1956	* The string may not be valid after a reload of the configuration
1957	* database so a caller should make a local copy if it needs to keep
1958	* the string.
1959	*
1960	* @param context A Kerberos 5 context.
1961	* @param c a configuration section, or NULL to use the section from context
1962	* @param ... a list of names, terminated with NULL.
1963	*
1964	* @return NULL if configuration string not found, a string otherwise
1965	*
1966	* @ingroup krb5_support
1967	*/
1968
1969	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
1970	krb5_config_get_string (
1971	krb5_context /context/,
1972	const krb5_config_section */c/,
1973	...);
1974
1975	/**
1976	* Like krb5_config_get_string(), but instead of returning NULL,
1977	* instead return a default value.
1978	*
1979	* @param context A Kerberos 5 context.
1980	* @param c a configuration section, or NULL to use the section from context
1981	* @param def_value the default value to return if no configuration
1982	* found in the database.
1983	* @param ... a list of names, terminated with NULL.
1984	*
1985	* @return a configuration string
1986	*
1987	* @ingroup krb5_support
1988	*/
1989
1990	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
1991	krb5_config_get_string_default (
1992	krb5_context /context/,
1993	const krb5_config_section */c/,
1994	const char */def_value/,
1995	...);
1996
1997	/**
1998	* Get a list of configuration strings, free the result with
1999	* krb5_config_free_strings().
2000	*
2001	* @param context A Kerberos 5 context.
2002	* @param c a configuration section, or NULL to use the section from context
2003	* @param ... a list of names, terminated with NULL.
2004	*
2005	* @return TRUE or FALSE
2006	*
2007	* @ingroup krb5_support
2008	*/
2009
2010	KRB5_LIB_FUNCTION char** KRB5_LIB_CALL
2011	krb5_config_get_strings (
2012	krb5_context /context/,
2013	const krb5_config_section */c/,
2014	...);
2015
2016	/**
2017	* Get the time from the configuration file using a relative time, for example: 1h30s
2018	*
2019	* @param context A Kerberos 5 context.
2020	* @param c a configuration section, or NULL to use the section from context
2021	* @param ... a list of names, terminated with NULL.
2022	*
2023	* @return parsed the time or -1 on error
2024	*
2025	* @ingroup krb5_support
2026	*/
2027
2028	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2029	krb5_config_get_time (
2030	krb5_context /context/,
2031	const krb5_config_section */c/,
2032	...);
2033
2034	/**
2035	* Get the time from the configuration file using a relative time, for example: 1h30s
2036	*
2037	* @param context A Kerberos 5 context.
2038	* @param c a configuration section, or NULL to use the section from context
2039	* @param def_value the default value to return if no configuration
2040	* found in the database.
2041	* @param ... a list of names, terminated with NULL.
2042	*
2043	* @return parsed the time (or def_value on parse error)
2044	*
2045	* @ingroup krb5_support
2046	*/
2047
2048	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2049	krb5_config_get_time_default (
2050	krb5_context /context/,
2051	const krb5_config_section */c/,
2052	int /def_value/,
2053	...);
2054
2055	/**
2056	* If the fname starts with "~/" parse configuration file in the
2057	* current users home directory. The behavior can be disabled and
2058	* enabled by calling krb5_set_home_dir_access().
2059	*/
2060
2061	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2062	krb5_config_parse_file (
2063	krb5_context /context/,
2064	const char */fname/,
2065	krb5_config_section **/res/);
2066
2067	/**
2068	* Parse a configuration file and add the result into res. This
2069	* interface can be used to parse several configuration files into one
2070	* resulting krb5_config_section by calling it repeatably.
2071	*
2072	* @param context a Kerberos 5 context.
2073	* @param fname a file name to a Kerberos configuration file
2074	* @param res the returned result, must be free with krb5_free_config_files().
2075	* @return Return an error code or 0, see krb5_get_error_message().
2076	*
2077	* @ingroup krb5_support
2078	*/
2079
2080	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2081	krb5_config_parse_file_multi (
2082	krb5_context /context/,
2083	const char */fname/,
2084	krb5_config_section **/res/);
2085
2086	/**
2087	* Deprecated: configuration files are not strings
2088	*
2089	* @ingroup krb5_deprecated
2090	*/
2091
2092	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2093	krb5_config_parse_string_multi (
2094	krb5_context /context/,
2095	const char */string/,
2096	krb5_config_section **/res/)
2097	KRB5_DEPRECATED_FUNCTION("Use X instead");
2098
2099	/**
2100	* krb5_config_get_bool() will convert the configuration
2101	* option value to a boolean value, where yes/true and any non-zero
2102	* number means TRUE and other value is FALSE.
2103	*
2104	* @param context A Kerberos 5 context.
2105	* @param c a configuration section, or NULL to use the section from context
2106	* @param args a va_list of arguments
2107	*
2108	* @return TRUE or FALSE
2109	*
2110	* @ingroup krb5_support
2111	*/
2112
2113	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
2114	krb5_config_vget_bool (
2115	krb5_context /context/,
2116	const krb5_config_section */c/,
2117	va_list /args/);
2118
2119	/**
2120	* Like krb5_config_get_bool_default() but with a va_list list of
2121	* configuration selection.
2122	*
2123	* Configuration value to a boolean value, where yes/true and any
2124	* non-zero number means TRUE and other value is FALSE.
2125	*
2126	* @param context A Kerberos 5 context.
2127	* @param c a configuration section, or NULL to use the section from context
2128	* @param def_value the default value to return if no configuration
2129	* found in the database.
2130	* @param args a va_list of arguments
2131	*
2132	* @return TRUE or FALSE
2133	*
2134	* @ingroup krb5_support
2135	*/
2136
2137	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
2138	krb5_config_vget_bool_default (
2139	krb5_context /context/,
2140	const krb5_config_section */c/,
2141	krb5_boolean /def_value/,
2142	va_list /args/);
2143
2144	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2145	krb5_config_vget_int (
2146	krb5_context /context/,
2147	const krb5_config_section */c/,
2148	va_list /args/);
2149
2150	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2151	krb5_config_vget_int_default (
2152	krb5_context /context/,
2153	const krb5_config_section */c/,
2154	int /def_value/,
2155	va_list /args/);
2156
2157	/**
2158	* Get a list of configuration binding list for more processing
2159	*
2160	* @param context A Kerberos 5 context.
2161	* @param c a configuration section, or NULL to use the section from context
2162	* @param args a va_list of arguments
2163	*
2164	* @return NULL if configuration list is not found, a list otherwise
2165	*
2166	* @ingroup krb5_support
2167	*/
2168
2169	KRB5_LIB_FUNCTION const krb5_config_binding * KRB5_LIB_CALL
2170	krb5_config_vget_list (
2171	krb5_context /context/,
2172	const krb5_config_section */c/,
2173	va_list /args/);
2174
2175	/**
2176	* Like krb5_config_get_string(), but uses a va_list instead of ...
2177	*
2178	* @param context A Kerberos 5 context.
2179	* @param c a configuration section, or NULL to use the section from context
2180	* @param args a va_list of arguments
2181	*
2182	* @return NULL if configuration string not found, a string otherwise
2183	*
2184	* @ingroup krb5_support
2185	*/
2186
2187	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
2188	krb5_config_vget_string (
2189	krb5_context /context/,
2190	const krb5_config_section */c/,
2191	va_list /args/);
2192
2193	/**
2194	* Like krb5_config_vget_string(), but instead of returning NULL,
2195	* instead return a default value.
2196	*
2197	* @param context A Kerberos 5 context.
2198	* @param c a configuration section, or NULL to use the section from context
2199	* @param def_value the default value to return if no configuration
2200	* found in the database.
2201	* @param args a va_list of arguments
2202	*
2203	* @return a configuration string
2204	*
2205	* @ingroup krb5_support
2206	*/
2207
2208	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
2209	krb5_config_vget_string_default (
2210	krb5_context /context/,
2211	const krb5_config_section */c/,
2212	const char */def_value/,
2213	va_list /args/);
2214
2215	/**
2216	* Get a list of configuration strings, free the result with
2217	* krb5_config_free_strings().
2218	*
2219	* @param context A Kerberos 5 context.
2220	* @param c a configuration section, or NULL to use the section from context
2221	* @param args a va_list of arguments
2222	*
2223	* @return TRUE or FALSE
2224	*
2225	* @ingroup krb5_support
2226	*/
2227
2228	KRB5_LIB_FUNCTION char ** KRB5_LIB_CALL
2229	krb5_config_vget_strings (
2230	krb5_context /context/,
2231	const krb5_config_section */c/,
2232	va_list /args/);
2233
2234	/**
2235	* Get the time from the configuration file using a relative time, for example: 1h30s
2236	*
2237	* @param context A Kerberos 5 context.
2238	* @param c a configuration section, or NULL to use the section from context
2239	* @param args a va_list of arguments
2240	*
2241	* @return parsed the time or -1 on error
2242	*
2243	* @ingroup krb5_support
2244	*/
2245
2246	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2247	krb5_config_vget_time (
2248	krb5_context /context/,
2249	const krb5_config_section */c/,
2250	va_list /args/);
2251
2252	/**
2253	* Get the time from the configuration file using a relative time.
2254	*
2255	* Like krb5_config_get_time_default() but with a va_list list of
2256	* configuration selection.
2257	*
2258	* @param context A Kerberos 5 context.
2259	* @param c a configuration section, or NULL to use the section from context
2260	* @param def_value the default value to return if no configuration
2261	* found in the database.
2262	* @param args a va_list of arguments
2263	*
2264	* @return parsed the time (or def_value on parse error)
2265	*
2266	* @ingroup krb5_support
2267	*/
2268
2269	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2270	krb5_config_vget_time_default (
2271	krb5_context /context/,
2272	const krb5_config_section */c/,
2273	int /def_value/,
2274	va_list /args/);
2275
2276	/**
2277	* krb5_copy_address copies the content of address
2278	* inaddr to outaddr.
2279	*
2280	* @param context a Keberos context
2281	* @param inaddr pointer to source address
2282	* @param outaddr pointer to destination address
2283	*
2284	* @return Return an error code or 0.
2285	*
2286	* @ingroup krb5_address
2287	*/
2288
2289	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2290	krb5_copy_address (
2291	krb5_context /context/,
2292	const krb5_address */inaddr/,
2293	krb5_address */outaddr/);
2294
2295	/**
2296	* krb5_copy_addresses copies the content of addresses
2297	* inaddr to outaddr.
2298	*
2299	* @param context a Keberos context
2300	* @param inaddr pointer to source addresses
2301	* @param outaddr pointer to destination addresses
2302	*
2303	* @return Return an error code or 0.
2304	*
2305	* @ingroup krb5_address
2306	*/
2307
2308	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2309	krb5_copy_addresses (
2310	krb5_context /context/,
2311	const krb5_addresses */inaddr/,
2312	krb5_addresses */outaddr/);
2313
2314	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2315	krb5_copy_checksum (
2316	krb5_context /context/,
2317	const krb5_checksum */old/,
2318	krb5_checksum **/new/);
2319
2320	/**
2321	* Make a copy for the Kerberos 5 context, the new krb5_context shoud
2322	* be freed with krb5_free_context().
2323	*
2324	* @param context the Kerberos context to copy
2325	* @param out the copy of the Kerberos, set to NULL error.
2326	*
2327	* @return Returns 0 to indicate success. Otherwise an kerberos et
2328	* error code is returned, see krb5_get_error_message().
2329	*
2330	* @ingroup krb5
2331	*/
2332
2333	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2334	krb5_copy_context (
2335	krb5_context /context/,
2336	krb5_context */out/);
2337
2338	/**
2339	* Copy krb5_creds.
2340	*
2341	* @param context Kerberos 5 context.
2342	* @param incred source credential
2343	* @param outcred destination credential, free with krb5_free_creds().
2344	*
2345	* @return Returns 0 to indicate success. Otherwise an kerberos et
2346	* error code is returned, see krb5_get_error_message().
2347	*
2348	* @ingroup krb5
2349	*/
2350
2351	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2352	krb5_copy_creds (
2353	krb5_context /context/,
2354	const krb5_creds */incred/,
2355	krb5_creds **/outcred/);
2356
2357	/**
2358	* Copy content of krb5_creds.
2359	*
2360	* @param context Kerberos 5 context.
2361	* @param incred source credential
2362	* @param c destination credential, free with krb5_free_cred_contents().
2363	*
2364	* @return Returns 0 to indicate success. Otherwise an kerberos et
2365	* error code is returned, see krb5_get_error_message().
2366	*
2367	* @ingroup krb5
2368	*/
2369
2370	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2371	krb5_copy_creds_contents (
2372	krb5_context /context/,
2373	const krb5_creds */incred/,
2374	krb5_creds */c/);
2375
2376	/**
2377	* Copy the data into a newly allocated krb5_data.
2378	*
2379	* @param context Kerberos 5 context.
2380	* @param indata the krb5_data data to copy
2381	* @param outdata new krb5_date to copy too. Free with krb5_free_data().
2382	*
2383	* @return Returns 0 to indicate success. Otherwise an kerberos et
2384	* error code is returned.
2385	*
2386	* @ingroup krb5
2387	*/
2388
2389	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2390	krb5_copy_data (
2391	krb5_context /context/,
2392	const krb5_data */indata/,
2393	krb5_data **/outdata/);
2394
2395	/**
2396	* Copy the list of realms from `from' to `to'.
2397	*
2398	* @param context Kerberos 5 context.
2399	* @param from list of realms to copy from.
2400	* @param to list of realms to copy to, free list of krb5_free_host_realm().
2401	*
2402	* @return Returns 0 to indicate success. Otherwise an kerberos et
2403	* error code is returned, see krb5_get_error_message().
2404	*
2405	* @ingroup krb5
2406	*/
2407
2408	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2409	krb5_copy_host_realm (
2410	krb5_context /context/,
2411	const krb5_realm */from/,
2412	krb5_realm **/to/);
2413
2414	/**
2415	* Copy a keyblock, free the output keyblock with
2416	* krb5_free_keyblock().
2417	*
2418	* @param context a Kerberos 5 context
2419	* @param inblock the key to copy
2420	* @param to the output key.
2421	*
2422	* @return 0 on success or a Kerberos 5 error code
2423	*
2424	* @ingroup krb5_crypto
2425	*/
2426
2427	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2428	krb5_copy_keyblock (
2429	krb5_context /context/,
2430	const krb5_keyblock */inblock/,
2431	krb5_keyblock **/to/);
2432
2433	/**
2434	* Copy a keyblock, free the output keyblock with
2435	* krb5_free_keyblock_contents().
2436	*
2437	* @param context a Kerberos 5 context
2438	* @param inblock the key to copy
2439	* @param to the output key.
2440	*
2441	* @return 0 on success or a Kerberos 5 error code
2442	*
2443	* @ingroup krb5_crypto
2444	*/
2445
2446	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2447	krb5_copy_keyblock_contents (
2448	krb5_context /context/,
2449	const krb5_keyblock */inblock/,
2450	krb5_keyblock */to/);
2451
2452	/**
2453	* Copy a principal
2454	*
2455	* @param context A Kerberos context.
2456	* @param inprinc principal to copy
2457	* @param outprinc copied principal, free with krb5_free_principal()
2458	*
2459	* @return An krb5 error code, see krb5_get_error_message().
2460	*
2461	* @ingroup krb5_principal
2462	*/
2463
2464	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2465	krb5_copy_principal (
2466	krb5_context /context/,
2467	krb5_const_principal /inprinc/,
2468	krb5_principal */outprinc/);
2469
2470	/**
2471	* Copy ticket and content
2472	*
2473	* @param context a Kerberos 5 context
2474	* @param from ticket to copy
2475	* @param to new copy of ticket, free with krb5_free_ticket()
2476	*
2477	* @return Returns 0 to indicate success. Otherwise an kerberos et
2478	* error code is returned, see krb5_get_error_message().
2479	*
2480	* @ingroup krb5
2481	*/
2482
2483	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2484	krb5_copy_ticket (
2485	krb5_context /context/,
2486	const krb5_ticket */from/,
2487	krb5_ticket **/to/);
2488
2489	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2490	krb5_create_checksum (
2491	krb5_context /context/,
2492	krb5_crypto /crypto/,
2493	krb5_key_usage /usage/,
2494	int /type/,
2495	void */data/,
2496	size_t /len/,
2497	Checksum */result/);
2498
2499	/**
2500	* Create a Kerberos message checksum.
2501	*
2502	* @param context Kerberos context
2503	* @param crypto Kerberos crypto context
2504	* @param usage Key usage for this buffer
2505	* @param data array of buffers to process
2506	* @param num_data length of array
2507	* @param type output data
2508	*
2509	* @return Return an error code or 0.
2510	* @ingroup krb5_crypto
2511	*/
2512
2513	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2514	krb5_create_checksum_iov (
2515	krb5_context /context/,
2516	krb5_crypto /crypto/,
2517	unsigned /usage/,
2518	krb5_crypto_iov */data/,
2519	unsigned int /num_data/,
2520	krb5_cksumtype */type/);
2521
2522	/**
2523	* Returns the ticket flags for the credentials in creds.
2524	* See also krb5_ticket_get_flags().
2525	*
2526	* @param creds credential to get ticket flags from
2527	*
2528	* @return ticket flags
2529	*
2530	* @ingroup krb5
2531	*/
2532
2533	KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL
2534	krb5_creds_get_ticket_flags (krb5_creds */creds/);
2535
2536	/**
2537	* Free a crypto context created by krb5_crypto_init().
2538	*
2539	* @param context Kerberos context
2540	* @param crypto crypto context to free
2541	*
2542	* @return Return an error code or 0.
2543	*
2544	* @ingroup krb5_crypto
2545	*/
2546
2547	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2548	krb5_crypto_destroy (
2549	krb5_context /context/,
2550	krb5_crypto /crypto/);
2551
2552	/**
2553	* The FX-CF2 key derivation function, used in FAST and preauth framework.
2554	*
2555	* @param context Kerberos 5 context
2556	* @param crypto1 first key to combine
2557	* @param crypto2 second key to combine
2558	* @param pepper1 factor to combine with first key to garante uniqueness
2559	* @param pepper2 factor to combine with second key to garante uniqueness
2560	* @param enctype the encryption type of the resulting key
2561	* @param res allocated key, free with krb5_free_keyblock_contents()
2562	*
2563	* @return Return an error code or 0.
2564	*
2565	* @ingroup krb5_crypto
2566	*/
2567
2568	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2569	krb5_crypto_fx_cf2 (
2570	krb5_context /context/,
2571	const krb5_crypto /crypto1/,
2572	const krb5_crypto /crypto2/,
2573	krb5_data */pepper1/,
2574	krb5_data */pepper2/,
2575	krb5_enctype /enctype/,
2576	krb5_keyblock */res/);
2577
2578	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2579	krb5_crypto_get_checksum_type (
2580	krb5_context /context/,
2581	krb5_crypto /crypto/,
2582	krb5_cksumtype */type/);
2583
2584	/**
2585	* Return the blocksize used algorithm referenced by the crypto context
2586	*
2587	* @param context Kerberos context
2588	* @param crypto crypto context to query
2589	* @param blocksize the resulting blocksize
2590	*
2591	* @return Return an error code or 0.
2592	*
2593	* @ingroup krb5_crypto
2594	*/
2595
2596	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2597	krb5_crypto_getblocksize (
2598	krb5_context /context/,
2599	krb5_crypto /crypto/,
2600	size_t */blocksize/);
2601
2602	/**
2603	* Return the confounder size used by the crypto context
2604	*
2605	* @param context Kerberos context
2606	* @param crypto crypto context to query
2607	* @param confoundersize the returned confounder size
2608	*
2609	* @return Return an error code or 0.
2610	*
2611	* @ingroup krb5_crypto
2612	*/
2613
2614	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2615	krb5_crypto_getconfoundersize (
2616	krb5_context /context/,
2617	krb5_crypto /crypto/,
2618	size_t */confoundersize/);
2619
2620	/**
2621	* Return the encryption type used by the crypto context
2622	*
2623	* @param context Kerberos context
2624	* @param crypto crypto context to query
2625	* @param enctype the resulting encryption type
2626	*
2627	* @return Return an error code or 0.
2628	*
2629	* @ingroup krb5_crypto
2630	*/
2631
2632	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2633	krb5_crypto_getenctype (
2634	krb5_context /context/,
2635	krb5_crypto /crypto/,
2636	krb5_enctype */enctype/);
2637
2638	/**
2639	* Return the padding size used by the crypto context
2640	*
2641	* @param context Kerberos context
2642	* @param crypto crypto context to query
2643	* @param padsize the return padding size
2644	*
2645	* @return Return an error code or 0.
2646	*
2647	* @ingroup krb5_crypto
2648	*/
2649
2650	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2651	krb5_crypto_getpadsize (
2652	krb5_context /context/,
2653	krb5_crypto /crypto/,
2654	size_t */padsize/);
2655
2656	/**
2657	* Create a crypto context used for all encryption and signature
2658	* operation. The encryption type to use is taken from the key, but
2659	* can be overridden with the enctype parameter. This can be useful
2660	* for encryptions types which is compatiable (DES for example).
2661	*
2662	* To free the crypto context, use krb5_crypto_destroy().
2663	*
2664	* @param context Kerberos context
2665	* @param key the key block information with all key data
2666	* @param etype the encryption type
2667	* @param crypto the resulting crypto context
2668	*
2669	* @return Return an error code or 0.
2670	*
2671	* @ingroup krb5_crypto
2672	*/
2673
2674	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2675	krb5_crypto_init (
2676	krb5_context /context/,
2677	const krb5_keyblock */key/,
2678	krb5_enctype /etype/,
2679	krb5_crypto */crypto/);
2680
2681	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2682	krb5_crypto_length (
2683	krb5_context /context/,
2684	krb5_crypto /crypto/,
2685	int /type/,
2686	size_t */len/);
2687
2688	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2689	krb5_crypto_length_iov (
2690	krb5_context /context/,
2691	krb5_crypto /crypto/,
2692	krb5_crypto_iov */data/,
2693	unsigned int /num_data/);
2694
2695	KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL
2696	krb5_crypto_overhead (
2697	krb5_context /context/,
2698	krb5_crypto /crypto/);
2699
2700	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2701	krb5_crypto_prf (
2702	krb5_context /context/,
2703	const krb5_crypto /crypto/,
2704	const krb5_data */input/,
2705	krb5_data */output/);
2706
2707	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2708	krb5_crypto_prf_length (
2709	krb5_context /context/,
2710	krb5_enctype /type/,
2711	size_t */length/);
2712
2713	/**
2714	* Allocate data of and krb5_data.
2715	*
2716	* @param p krb5_data to allocate.
2717	* @param len size to allocate.
2718	*
2719	* @return Returns 0 to indicate success. Otherwise an kerberos et
2720	* error code is returned.
2721	*
2722	* @ingroup krb5
2723	*/
2724
2725	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2726	krb5_data_alloc (
2727	krb5_data */p/,
2728	int /len/);
2729
2730	/**
2731	* Compare to data.
2732	*
2733	* @param data1 krb5_data to compare
2734	* @param data2 krb5_data to compare
2735	*
2736	* @return return the same way as memcmp(), useful when sorting.
2737	*
2738	* @ingroup krb5
2739	*/
2740
2741	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2742	krb5_data_cmp (
2743	const krb5_data */data1/,
2744	const krb5_data */data2/);
2745
2746	/**
2747	* Copy the data of len into the krb5_data.
2748	*
2749	* @param p krb5_data to copy into.
2750	* @param data data to copy..
2751	* @param len new size.
2752	*
2753	* @return Returns 0 to indicate success. Otherwise an kerberos et
2754	* error code is returned.
2755	*
2756	* @ingroup krb5
2757	*/
2758
2759	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2760	krb5_data_copy (
2761	krb5_data */p/,
2762	const void */data/,
2763	size_t /len/);
2764
2765	/**
2766	* Compare to data not exposing timing information from the checksum data
2767	*
2768	* @param data1 krb5_data to compare
2769	* @param data2 krb5_data to compare
2770	*
2771	* @return returns zero for same data, otherwise non zero.
2772	*
2773	* @ingroup krb5
2774	*/
2775
2776	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
2777	krb5_data_ct_cmp (
2778	const krb5_data */data1/,
2779	const krb5_data */data2/);
2780
2781	/**
2782	* Free the content of krb5_data structure, its ok to free a zeroed
2783	* structure (with memset() or krb5_data_zero()). When done, the
2784	* structure will be zeroed. The same function is called
2785	* krb5_free_data_contents() in MIT Kerberos.
2786	*
2787	* @param p krb5_data to free.
2788	*
2789	* @ingroup krb5
2790	*/
2791
2792	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
2793	krb5_data_free (krb5_data */p/);
2794
2795	/**
2796	* Grow (or shrink) the content of krb5_data to a new size.
2797	*
2798	* @param p krb5_data to free.
2799	* @param len new size.
2800	*
2801	* @return Returns 0 to indicate success. Otherwise an kerberos et
2802	* error code is returned.
2803	*
2804	* @ingroup krb5
2805	*/
2806
2807	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2808	krb5_data_realloc (
2809	krb5_data */p/,
2810	int /len/);
2811
2812	/**
2813	* Reset the (potentially uninitalized) krb5_data structure.
2814	*
2815	* @param p krb5_data to reset.
2816	*
2817	* @ingroup krb5
2818	*/
2819
2820	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
2821	krb5_data_zero (krb5_data */p/);
2822
2823	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2824	krb5_decode_Authenticator (
2825	krb5_context /context/,
2826	const void */data/,
2827	size_t /length/,
2828	Authenticator */t/,
2829	size_t */len/)
2830	KRB5_DEPRECATED_FUNCTION("Use X instead");
2831
2832	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2833	krb5_decode_ETYPE_INFO (
2834	krb5_context /context/,
2835	const void */data/,
2836	size_t /length/,
2837	ETYPE_INFO */t/,
2838	size_t */len/)
2839	KRB5_DEPRECATED_FUNCTION("Use X instead");
2840
2841	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2842	krb5_decode_ETYPE_INFO2 (
2843	krb5_context /context/,
2844	const void */data/,
2845	size_t /length/,
2846	ETYPE_INFO2 */t/,
2847	size_t */len/)
2848	KRB5_DEPRECATED_FUNCTION("Use X instead");
2849
2850	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2851	krb5_decode_EncAPRepPart (
2852	krb5_context /context/,
2853	const void */data/,
2854	size_t /length/,
2855	EncAPRepPart */t/,
2856	size_t */len/)
2857	KRB5_DEPRECATED_FUNCTION("Use X instead");
2858
2859	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2860	krb5_decode_EncASRepPart (
2861	krb5_context /context/,
2862	const void */data/,
2863	size_t /length/,
2864	EncASRepPart */t/,
2865	size_t */len/)
2866	KRB5_DEPRECATED_FUNCTION("Use X instead");
2867
2868	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2869	krb5_decode_EncKrbCredPart (
2870	krb5_context /context/,
2871	const void */data/,
2872	size_t /length/,
2873	EncKrbCredPart */t/,
2874	size_t */len/)
2875	KRB5_DEPRECATED_FUNCTION("Use X instead");
2876
2877	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2878	krb5_decode_EncTGSRepPart (
2879	krb5_context /context/,
2880	const void */data/,
2881	size_t /length/,
2882	EncTGSRepPart */t/,
2883	size_t */len/)
2884	KRB5_DEPRECATED_FUNCTION("Use X instead");
2885
2886	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2887	krb5_decode_EncTicketPart (
2888	krb5_context /context/,
2889	const void */data/,
2890	size_t /length/,
2891	EncTicketPart */t/,
2892	size_t */len/)
2893	KRB5_DEPRECATED_FUNCTION("Use X instead");
2894
2895	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2896	krb5_decode_ap_req (
2897	krb5_context /context/,
2898	const krb5_data */inbuf/,
2899	krb5_ap_req */ap_req/);
2900
2901	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2902	krb5_decrypt (
2903	krb5_context /context/,
2904	krb5_crypto /crypto/,
2905	unsigned /usage/,
2906	void */data/,
2907	size_t /len/,
2908	krb5_data */result/);
2909
2910	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2911	krb5_decrypt_EncryptedData (
2912	krb5_context /context/,
2913	krb5_crypto /crypto/,
2914	unsigned /usage/,
2915	const EncryptedData */e/,
2916	krb5_data */result/);
2917
2918	/**
2919	* Inline decrypt a Kerberos message.
2920	*
2921	* @param context Kerberos context
2922	* @param crypto Kerberos crypto context
2923	* @param usage Key usage for this buffer
2924	* @param data array of buffers to process
2925	* @param num_data length of array
2926	* @param ivec initial cbc/cts vector
2927	*
2928	* @return Return an error code or 0.
2929	* @ingroup krb5_crypto
2930	*
2931	* 1. KRB5_CRYPTO_TYPE_HEADER
2932	* 2. one KRB5_CRYPTO_TYPE_DATA and array [0,...] of KRB5_CRYPTO_TYPE_SIGN_ONLY in
2933	* any order, however the receiver have to aware of the
2934	* order. KRB5_CRYPTO_TYPE_SIGN_ONLY is commonly used unencrypoted
2935	* protocol headers and trailers. The output data will be of same
2936	* size as the input data or shorter.
2937	*/
2938
2939	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2940	krb5_decrypt_iov_ivec (
2941	krb5_context /context/,
2942	krb5_crypto /crypto/,
2943	unsigned /usage/,
2944	krb5_crypto_iov */data/,
2945	unsigned int /num_data/,
2946	void */ivec/);
2947
2948	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2949	krb5_decrypt_ivec (
2950	krb5_context /context/,
2951	krb5_crypto /crypto/,
2952	unsigned /usage/,
2953	void */data/,
2954	size_t /len/,
2955	krb5_data */result/,
2956	void */ivec/);
2957
2958	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2959	krb5_decrypt_ticket (
2960	krb5_context /context/,
2961	Ticket */ticket/,
2962	krb5_keyblock */key/,
2963	EncTicketPart */out/,
2964	krb5_flags /flags/);
2965
2966	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2967	krb5_derive_key (
2968	krb5_context /context/,
2969	const krb5_keyblock */key/,
2970	krb5_enctype /etype/,
2971	const void */constant/,
2972	size_t /constant_len/,
2973	krb5_keyblock **/derived_key/);
2974
2975	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2976	krb5_digest_alloc (
2977	krb5_context /context/,
2978	krb5_digest */digest/);
2979
2980	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
2981	krb5_digest_free (krb5_digest /digest/);
2982
2983	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
2984	krb5_digest_get_client_binding (
2985	krb5_context /context/,
2986	krb5_digest /digest/,
2987	char **/type/,
2988	char **/binding/);
2989
2990	KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL
2991	krb5_digest_get_identifier (
2992	krb5_context /context/,
2993	krb5_digest /digest/);
2994
2995	KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL
2996	krb5_digest_get_opaque (
2997	krb5_context /context/,
2998	krb5_digest /digest/);
2999
3000	KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL
3001	krb5_digest_get_rsp (
3002	krb5_context /context/,
3003	krb5_digest /digest/);
3004
3005	KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL
3006	krb5_digest_get_server_nonce (
3007	krb5_context /context/,
3008	krb5_digest /digest/);
3009
3010	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3011	krb5_digest_get_session_key (
3012	krb5_context /context/,
3013	krb5_digest /digest/,
3014	krb5_data */data/);
3015
3016	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3017	krb5_digest_get_tickets (
3018	krb5_context /context/,
3019	krb5_digest /digest/,
3020	Ticket **/tickets/);
3021
3022	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3023	krb5_digest_init_request (
3024	krb5_context /context/,
3025	krb5_digest /digest/,
3026	krb5_realm /realm/,
3027	krb5_ccache /ccache/);
3028
3029	/**
3030	* Get the supported/allowed mechanism for this principal.
3031	*
3032	* @param context A Keberos context.
3033	* @param realm The realm of the KDC.
3034	* @param ccache The credential cache to use when talking to the KDC.
3035	* @param flags The supported mechanism.
3036	*
3037	* @return Return an error code or 0.
3038	*
3039	* @ingroup krb5_digest
3040	*/
3041
3042	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3043	krb5_digest_probe (
3044	krb5_context /context/,
3045	krb5_realm /realm/,
3046	krb5_ccache /ccache/,
3047	unsigned */flags/);
3048
3049	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
3050	krb5_digest_rep_get_status (
3051	krb5_context /context/,
3052	krb5_digest /digest/);
3053
3054	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3055	krb5_digest_request (
3056	krb5_context /context/,
3057	krb5_digest /digest/,
3058	krb5_realm /realm/,
3059	krb5_ccache /ccache/);
3060
3061	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3062	krb5_digest_set_authentication_user (
3063	krb5_context /context/,
3064	krb5_digest /digest/,
3065	krb5_principal /authentication_user/);
3066
3067	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3068	krb5_digest_set_authid (
3069	krb5_context /context/,
3070	krb5_digest /digest/,
3071	const char */authid/);
3072
3073	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3074	krb5_digest_set_client_nonce (
3075	krb5_context /context/,
3076	krb5_digest /digest/,
3077	const char */nonce/);
3078
3079	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3080	krb5_digest_set_digest (
3081	krb5_context /context/,
3082	krb5_digest /digest/,
3083	const char */dgst/);
3084
3085	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3086	krb5_digest_set_hostname (
3087	krb5_context /context/,
3088	krb5_digest /digest/,
3089	const char */hostname/);
3090
3091	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3092	krb5_digest_set_identifier (
3093	krb5_context /context/,
3094	krb5_digest /digest/,
3095	const char */id/);
3096
3097	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3098	krb5_digest_set_method (
3099	krb5_context /context/,
3100	krb5_digest /digest/,
3101	const char */method/);
3102
3103	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3104	krb5_digest_set_nonceCount (
3105	krb5_context /context/,
3106	krb5_digest /digest/,
3107	const char */nonce_count/);
3108
3109	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3110	krb5_digest_set_opaque (
3111	krb5_context /context/,
3112	krb5_digest /digest/,
3113	const char */opaque/);
3114
3115	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3116	krb5_digest_set_qop (
3117	krb5_context /context/,
3118	krb5_digest /digest/,
3119	const char */qop/);
3120
3121	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3122	krb5_digest_set_realm (
3123	krb5_context /context/,
3124	krb5_digest /digest/,
3125	const char */realm/);
3126
3127	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
3128	krb5_digest_set_responseData (
3129	krb5_context /context/,
3130	krb5_digest /digest/,
3131	const char */response/);
3132
3133	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3134	krb5_digest_set_server_cb (
3135	krb5_context /context/,
3136	krb5_digest /digest/,
3137	const char */type/,
3138	const char */binding/);
3139
3140	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3141	krb5_digest_set_server_nonce (
3142	krb5_context /context/,
3143	krb5_digest /digest/,
3144	const char */nonce/);
3145
3146	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3147	krb5_digest_set_type (
3148	krb5_context /context/,
3149	krb5_digest /digest/,
3150	const char */type/);
3151
3152	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3153	krb5_digest_set_uri (
3154	krb5_context /context/,
3155	krb5_digest /digest/,
3156	const char */uri/);
3157
3158	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3159	krb5_digest_set_username (
3160	krb5_context /context/,
3161	krb5_digest /digest/,
3162	const char */username/);
3163
3164	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3165	krb5_domain_x500_decode (
3166	krb5_context /context/,
3167	krb5_data /tr/,
3168	char ***/realms/,
3169	unsigned int */num_realms/,
3170	const char */client_realm/,
3171	const char */server_realm/);
3172
3173	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3174	krb5_domain_x500_encode (
3175	char **/realms/,
3176	unsigned int /num_realms/,
3177	krb5_data */encoding/);
3178
3179	/**
3180	* Convert the getaddrinfo() error code to a Kerberos et error code.
3181	*
3182	* @param eai_errno contains the error code from getaddrinfo().
3183	* @param system_error should have the value of errno after the failed getaddrinfo().
3184	*
3185	* @return Kerberos error code representing the EAI errors.
3186	*
3187	* @ingroup krb5_error
3188	*/
3189
3190	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3191	krb5_eai_to_heim_errno (
3192	int /eai_errno/,
3193	int /system_error/);
3194
3195	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3196	krb5_encode_Authenticator (
3197	krb5_context /context/,
3198	void */data/,
3199	size_t /length/,
3200	Authenticator */t/,
3201	size_t */len/)
3202	KRB5_DEPRECATED_FUNCTION("Use X instead");
3203
3204	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3205	krb5_encode_ETYPE_INFO (
3206	krb5_context /context/,
3207	void */data/,
3208	size_t /length/,
3209	ETYPE_INFO */t/,
3210	size_t */len/)
3211	KRB5_DEPRECATED_FUNCTION("Use X instead");
3212
3213	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3214	krb5_encode_ETYPE_INFO2 (
3215	krb5_context /context/,
3216	void */data/,
3217	size_t /length/,
3218	ETYPE_INFO2 */t/,
3219	size_t */len/)
3220	KRB5_DEPRECATED_FUNCTION("Use X instead");
3221
3222	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3223	krb5_encode_EncAPRepPart (
3224	krb5_context /context/,
3225	void */data/,
3226	size_t /length/,
3227	EncAPRepPart */t/,
3228	size_t */len/)
3229	KRB5_DEPRECATED_FUNCTION("Use X instead");
3230
3231	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3232	krb5_encode_EncASRepPart (
3233	krb5_context /context/,
3234	void */data/,
3235	size_t /length/,
3236	EncASRepPart */t/,
3237	size_t */len/)
3238	KRB5_DEPRECATED_FUNCTION("Use X instead");
3239
3240	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3241	krb5_encode_EncKrbCredPart (
3242	krb5_context /context/,
3243	void */data/,
3244	size_t /length/,
3245	EncKrbCredPart */t/,
3246	size_t */len/)
3247	KRB5_DEPRECATED_FUNCTION("Use X instead");
3248
3249	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3250	krb5_encode_EncTGSRepPart (
3251	krb5_context /context/,
3252	void */data/,
3253	size_t /length/,
3254	EncTGSRepPart */t/,
3255	size_t */len/)
3256	KRB5_DEPRECATED_FUNCTION("Use X instead");
3257
3258	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3259	krb5_encode_EncTicketPart (
3260	krb5_context /context/,
3261	void */data/,
3262	size_t /length/,
3263	EncTicketPart */t/,
3264	size_t */len/)
3265	KRB5_DEPRECATED_FUNCTION("Use X instead");
3266
3267	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3268	krb5_encrypt (
3269	krb5_context /context/,
3270	krb5_crypto /crypto/,
3271	unsigned /usage/,
3272	const void */data/,
3273	size_t /len/,
3274	krb5_data */result/);
3275
3276	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3277	krb5_encrypt_EncryptedData (
3278	krb5_context /context/,
3279	krb5_crypto /crypto/,
3280	unsigned /usage/,
3281	void */data/,
3282	size_t /len/,
3283	int /kvno/,
3284	EncryptedData */result/);
3285
3286	/**
3287	* Inline encrypt a kerberos message
3288	*
3289	* @param context Kerberos context
3290	* @param crypto Kerberos crypto context
3291	* @param usage Key usage for this buffer
3292	* @param data array of buffers to process
3293	* @param num_data length of array
3294	* @param ivec initial cbc/cts vector
3295	*
3296	* @return Return an error code or 0.
3297	* @ingroup krb5_crypto
3298	*
3299	* Kerberos encrypted data look like this:
3300	*
3301	* 1. KRB5_CRYPTO_TYPE_HEADER
3302	* 2. array [1,...] KRB5_CRYPTO_TYPE_DATA and array [0,...]
3303	* KRB5_CRYPTO_TYPE_SIGN_ONLY in any order, however the receiver
3304	* have to aware of the order. KRB5_CRYPTO_TYPE_SIGN_ONLY is
3305	* commonly used headers and trailers.
3306	* 3. KRB5_CRYPTO_TYPE_PADDING, at least on padsize long if padsize > 1
3307	* 4. KRB5_CRYPTO_TYPE_TRAILER
3308	*/
3309
3310	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3311	krb5_encrypt_iov_ivec (
3312	krb5_context /context/,
3313	krb5_crypto /crypto/,
3314	unsigned /usage/,
3315	krb5_crypto_iov */data/,
3316	int /num_data/,
3317	void */ivec/);
3318
3319	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3320	krb5_encrypt_ivec (
3321	krb5_context /context/,
3322	krb5_crypto /crypto/,
3323	unsigned /usage/,
3324	const void */data/,
3325	size_t /len/,
3326	krb5_data */result/,
3327	void */ivec/);
3328
3329	/**
3330	* Disable encryption type
3331	*
3332	* @param context Kerberos 5 context
3333	* @param enctype encryption type to disable
3334	*
3335	* @return Return an error code or 0.
3336	*
3337	* @ingroup krb5_crypto
3338	*/
3339
3340	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3341	krb5_enctype_disable (
3342	krb5_context /context/,
3343	krb5_enctype /enctype/);
3344
3345	/**
3346	* Enable encryption type
3347	*
3348	* @param context Kerberos 5 context
3349	* @param enctype encryption type to enable
3350	*
3351	* @return Return an error code or 0.
3352	*
3353	* @ingroup krb5_crypto
3354	*/
3355
3356	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3357	krb5_enctype_enable (
3358	krb5_context /context/,
3359	krb5_enctype /enctype/);
3360
3361	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3362	krb5_enctype_keybits (
3363	krb5_context /context/,
3364	krb5_enctype /type/,
3365	size_t */keybits/);
3366
3367	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3368	krb5_enctype_keysize (
3369	krb5_context /context/,
3370	krb5_enctype /type/,
3371	size_t */keysize/);
3372
3373	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3374	krb5_enctype_to_keytype (
3375	krb5_context /context/,
3376	krb5_enctype /etype/,
3377	krb5_keytype */keytype/);
3378
3379	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3380	krb5_enctype_to_string (
3381	krb5_context /context/,
3382	krb5_enctype /etype/,
3383	char **/string/);
3384
3385	/**
3386	* Check if a enctype is valid, return 0 if it is.
3387	*
3388	* @param context Kerberos context
3389	* @param etype enctype to check if its valid or not
3390	*
3391	* @return Return an error code for an failure or 0 on success (enctype valid).
3392	* @ingroup krb5_crypto
3393	*/
3394
3395	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3396	krb5_enctype_valid (
3397	krb5_context /context/,
3398	krb5_enctype /etype/);
3399
3400	/**
3401	* Deprecated: keytypes doesn't exists, they are really enctypes.
3402	*
3403	* @ingroup krb5_deprecated
3404	*/
3405
3406	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
3407	krb5_enctypes_compatible_keys (
3408	krb5_context /context/,
3409	krb5_enctype /etype1/,
3410	krb5_enctype /etype2/)
3411	KRB5_DEPRECATED_FUNCTION("Use X instead");
3412
3413	krb5_error_code
3414	krb5_enomem (krb5_context /context/);
3415
3416	/**
3417	* Log a warning to the log, default stderr, include bthe error from
3418	* the last failure and then exit.
3419	*
3420	* @param context A Kerberos 5 context
3421	* @param eval the exit code to exit with
3422	* @param code error code of the last error
3423	* @param fmt message to print
3424	*
3425	* @ingroup krb5_error
3426	*/
3427
3428	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3429	krb5_err (
3430	krb5_context /context/,
3431	int /eval/,
3432	krb5_error_code /code/,
3433	const char */fmt/,
3434	...)
3435	__attribute__ ((__noreturn__, __format__ (__printf__, `4`, `5`)));
3436
3437	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3438	krb5_error_from_rd_error (
3439	krb5_context /context/,
3440	const krb5_error */error/,
3441	const krb5_creds */creds/);
3442
3443	/**
3444	* Log a warning to the log, default stderr, and then exit.
3445	*
3446	* @param context A Kerberos 5 context
3447	* @param eval the exit code to exit with
3448	* @param fmt message to print
3449	*
3450	* @ingroup krb5_error
3451	*/
3452
3453	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3454	krb5_errx (
3455	krb5_context /context/,
3456	int /eval/,
3457	const char */fmt/,
3458	...)
3459	__attribute__ ((__noreturn__, __format__ (__printf__, `3`, `4`)));
3460
3461	/**
3462	* krb5_expand_hostname() tries to make orig_hostname into a more
3463	* canonical one in the newly allocated space returned in
3464	* new_hostname.
3465
3466	* @param context a Keberos context
3467	* @param orig_hostname hostname to canonicalise.
3468	* @param new_hostname output hostname, caller must free hostname with
3469	* krb5_xfree().
3470	*
3471	* @return Return an error code or 0, see krb5_get_error_message().
3472	*
3473	* @ingroup krb5_support
3474	*/
3475
3476	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3477	krb5_expand_hostname (
3478	krb5_context /context/,
3479	const char */orig_hostname/,
3480	char **/new_hostname/);
3481
3482	/**
3483	* krb5_expand_hostname_realms() expands orig_hostname to a name we
3484	* believe to be a hostname in newly allocated space in new_hostname
3485	* and return the realms new_hostname is believed to belong to in
3486	* realms.
3487	*
3488	* @param context a Keberos context
3489	* @param orig_hostname hostname to canonicalise.
3490	* @param new_hostname output hostname, caller must free hostname with
3491	* krb5_xfree().
3492	* @param realms output possible realms, is an array that is terminated
3493	* with NULL. Caller must free with krb5_free_host_realm().
3494	*
3495	* @return Return an error code or 0, see krb5_get_error_message().
3496	*
3497	* @ingroup krb5_support
3498	*/
3499
3500	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3501	krb5_expand_hostname_realms (
3502	krb5_context /context/,
3503	const char */orig_hostname/,
3504	char **/new_hostname/,
3505	char ***/realms/);
3506
3507	KRB5_LIB_FUNCTION PA_DATA * KRB5_LIB_CALL
3508	krb5_find_padata (
3509	PA_DATA */val/,
3510	unsigned /len/,
3511	int /type/,
3512	int */idx/);
3513
3514	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3515	krb5_format_time (
3516	krb5_context /context/,
3517	time_t /t/,
3518	char */s/,
3519	size_t /len/,
3520	krb5_boolean /include_time/);
3521
3522	/**
3523	* krb5_free_address frees the data stored in the address that is
3524	* alloced with any of the krb5_address functions.
3525	*
3526	* @param context a Keberos context
3527	* @param address addresss to be freed.
3528	*
3529	* @return Return an error code or 0.
3530	*
3531	* @ingroup krb5_address
3532	*/
3533
3534	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3535	krb5_free_address (
3536	krb5_context /context/,
3537	krb5_address */address/);
3538
3539	/**
3540	* krb5_free_addresses frees the data stored in the address that is
3541	* alloced with any of the krb5_address functions.
3542	*
3543	* @param context a Keberos context
3544	* @param addresses addressses to be freed.
3545	*
3546	* @return Return an error code or 0.
3547	*
3548	* @ingroup krb5_address
3549	*/
3550
3551	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3552	krb5_free_addresses (
3553	krb5_context /context/,
3554	krb5_addresses */addresses/);
3555
3556	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3557	krb5_free_ap_rep_enc_part (
3558	krb5_context /context/,
3559	krb5_ap_rep_enc_part */val/);
3560
3561	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3562	krb5_free_authenticator (
3563	krb5_context /context/,
3564	krb5_authenticator */authenticator/);
3565
3566	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3567	krb5_free_checksum (
3568	krb5_context /context/,
3569	krb5_checksum */cksum/);
3570
3571	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3572	krb5_free_checksum_contents (
3573	krb5_context /context/,
3574	krb5_checksum */cksum/);
3575
3576	/**
3577	* Free a list of configuration files.
3578	*
3579	* @param filenames list, terminated with a NULL pointer, to be
3580	* freed. NULL is an valid argument.
3581	*
3582	* @return Returns 0 to indicate success. Otherwise an kerberos et
3583	* error code is returned, see krb5_get_error_message().
3584	*
3585	* @ingroup krb5
3586	*/
3587
3588	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3589	krb5_free_config_files (char **/filenames/);
3590
3591	/**
3592	* Frees the krb5_context allocated by krb5_init_context().
3593	*
3594	* @param context context to be freed.
3595	*
3596	* @ingroup krb5
3597	*/
3598
3599	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3600	krb5_free_context (krb5_context /context/);
3601
3602	/**
3603	* Free content of krb5_creds.
3604	*
3605	* @param context Kerberos 5 context.
3606	* @param c krb5_creds to free.
3607	*
3608	* @return Returns 0 to indicate success. Otherwise an kerberos et
3609	* error code is returned, see krb5_get_error_message().
3610	*
3611	* @ingroup krb5
3612	*/
3613
3614	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3615	krb5_free_cred_contents (
3616	krb5_context /context/,
3617	krb5_creds */c/);
3618
3619	/**
3620	* Free krb5_creds.
3621	*
3622	* @param context Kerberos 5 context.
3623	* @param c krb5_creds to free.
3624	*
3625	* @return Returns 0 to indicate success. Otherwise an kerberos et
3626	* error code is returned, see krb5_get_error_message().
3627	*
3628	* @ingroup krb5
3629	*/
3630
3631	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3632	krb5_free_creds (
3633	krb5_context /context/,
3634	krb5_creds */c/);
3635
3636	/**
3637	* Deprecated: use krb5_free_cred_contents()
3638	*
3639	* @ingroup krb5_deprecated
3640	*/
3641
3642	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3643	krb5_free_creds_contents (
3644	krb5_context /context/,
3645	krb5_creds */c/)
3646	KRB5_DEPRECATED_FUNCTION("Use X instead");
3647
3648	/**
3649	* Free krb5_data (and its content).
3650	*
3651	* @param context Kerberos 5 context.
3652	* @param p krb5_data to free.
3653	*
3654	* @ingroup krb5
3655	*/
3656
3657	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3658	krb5_free_data (
3659	krb5_context /context/,
3660	krb5_data */p/);
3661
3662	/**
3663	* Same as krb5_data_free(). MIT compat.
3664	*
3665	* Deprecated: use krb5_data_free().
3666	*
3667	* @param context Kerberos 5 context.
3668	* @param data krb5_data to free.
3669	*
3670	* @ingroup krb5_deprecated
3671	*/
3672
3673	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3674	krb5_free_data_contents (
3675	krb5_context /context/,
3676	krb5_data */data/)
3677	KRB5_DEPRECATED_FUNCTION("Use X instead");
3678
3679	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3680	krb5_free_default_realm (
3681	krb5_context /context/,
3682	krb5_realm /realm/);
3683
3684	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3685	krb5_free_error (
3686	krb5_context /context/,
3687	krb5_error */error/);
3688
3689	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3690	krb5_free_error_contents (
3691	krb5_context /context/,
3692	krb5_error */error/);
3693
3694	/**
3695	* Free the error message returned by krb5_get_error_message().
3696	*
3697	* @param context Kerberos context
3698	* @param msg error message to free, returned byg
3699	* krb5_get_error_message().
3700	*
3701	* @ingroup krb5_error
3702	*/
3703
3704	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3705	krb5_free_error_message (
3706	krb5_context /context/,
3707	const char */msg/);
3708
3709	/**
3710	* Free the error message returned by krb5_get_error_string().
3711	*
3712	* Deprecated: use krb5_free_error_message()
3713	*
3714	* @param context Kerberos context
3715	* @param str error message to free
3716	*
3717	* @ingroup krb5_deprecated
3718	*/
3719
3720	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3721	krb5_free_error_string (
3722	krb5_context /context/,
3723	char */str/)
3724	KRB5_DEPRECATED_FUNCTION("Use X instead");
3725
3726	/**
3727	* Free all memory allocated by `realmlist'
3728	*
3729	* @param context A Kerberos 5 context.
3730	* @param realmlist realmlist to free, NULL is ok
3731	*
3732	* @return a Kerberos error code, always 0.
3733	*
3734	* @ingroup krb5_support
3735	*/
3736
3737	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3738	krb5_free_host_realm (
3739	krb5_context /context/,
3740	krb5_realm */realmlist/);
3741
3742	/**
3743	* Variable containing the FILE based credential cache implemention.
3744	*
3745	* @ingroup krb5_ccache
3746	*/
3747
3748	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3749	krb5_free_kdc_rep (
3750	krb5_context /context/,
3751	krb5_kdc_rep */rep/);
3752
3753	/**
3754	* Free a keyblock, also zero out the content of the keyblock, uses
3755	* krb5_free_keyblock_contents() to free the content.
3756	*
3757	* @param context a Kerberos 5 context
3758	* @param keyblock keyblock to free, NULL is valid argument
3759	*
3760	* @ingroup krb5_crypto
3761	*/
3762
3763	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3764	krb5_free_keyblock (
3765	krb5_context /context/,
3766	krb5_keyblock */keyblock/);
3767
3768	/**
3769	* Free a keyblock's content, also zero out the content of the keyblock.
3770	*
3771	* @param context a Kerberos 5 context
3772	* @param keyblock keyblock content to free, NULL is valid argument
3773	*
3774	* @ingroup krb5_crypto
3775	*/
3776
3777	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3778	krb5_free_keyblock_contents (
3779	krb5_context /context/,
3780	krb5_keyblock */keyblock/);
3781
3782	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3783	krb5_free_krbhst (
3784	krb5_context /context/,
3785	char **/hostlist/);
3786
3787	/**
3788	* Free a name canonicalization rule iterator.
3789	*/
3790
3791	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3792	krb5_free_name_canon_iterator (
3793	krb5_context /context/,
3794	krb5_name_canon_iterator /iter/);
3795
3796	/**
3797	* Frees a Kerberos principal allocated by the library with
3798	* krb5_parse_name(), krb5_make_principal() or any other related
3799	* principal functions.
3800	*
3801	* @param context A Kerberos context.
3802	* @param p a principal to free.
3803	*
3804	* @return An krb5 error code, see krb5_get_error_message().
3805	*
3806	* @ingroup krb5_principal
3807	*/
3808
3809	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3810	krb5_free_principal (
3811	krb5_context /context/,
3812	krb5_principal /p/);
3813
3814	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3815	krb5_free_salt (
3816	krb5_context /context/,
3817	krb5_salt /salt/);
3818
3819	/**
3820	* Free ticket and content
3821	*
3822	* @param context a Kerberos 5 context
3823	* @param ticket ticket to free
3824	*
3825	* @return Returns 0 to indicate success. Otherwise an kerberos et
3826	* error code is returned, see krb5_get_error_message().
3827	*
3828	* @ingroup krb5
3829	*/
3830
3831	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3832	krb5_free_ticket (
3833	krb5_context /context/,
3834	krb5_ticket */ticket/);
3835
3836	/**
3837	* Deprecated: use krb5_xfree().
3838	*
3839	* @ingroup krb5_deprecated
3840	*/
3841
3842	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3843	krb5_free_unparsed_name (
3844	krb5_context /context/,
3845	char */str/)
3846	KRB5_DEPRECATED_FUNCTION("Use X instead");
3847
3848	/**
3849	* Forward credentials for client to host hostname , making them
3850	* forwardable if forwardable, and returning the blob of data to sent
3851	* in out_data. If hostname == NULL, pick it from server.
3852	*
3853	* @param context A kerberos 5 context.
3854	* @param auth_context the auth context with the key to encrypt the out_data.
3855	* @param hostname the host to forward the tickets too.
3856	* @param client the client to delegate from.
3857	* @param server the server to delegate the credential too.
3858	* @param ccache credential cache to use.
3859	* @param forwardable make the forwarded ticket forwabledable.
3860	* @param out_data the resulting credential.
3861	*
3862	* @return Return an error code or 0.
3863	*
3864	* @ingroup krb5_credential
3865	*/
3866
3867	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3868	krb5_fwd_tgt_creds (
3869	krb5_context /context/,
3870	krb5_auth_context /auth_context/,
3871	const char */hostname/,
3872	krb5_principal /client/,
3873	krb5_principal /server/,
3874	krb5_ccache /ccache/,
3875	int /forwardable/,
3876	krb5_data */out_data/);
3877
3878	/**
3879	* Fill buffer buf with len bytes of PRNG randomness that is ok to use
3880	* for key generation, padding and public diclosing the randomness w/o
3881	* disclosing the randomness source.
3882	*
3883	* This function can fail, and callers must check the return value.
3884	*
3885	* @param buf a buffer to fill with randomness
3886	* @param len length of memory that buf points to.
3887	*
3888	* @return return 0 on success or HEIM_ERR_RANDOM_OFFLINE if the
3889	* funcation failed to initialize the randomness source.
3890	*
3891	* @ingroup krb5_crypto
3892	*/
3893
3894	HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3895	krb5_generate_random (
3896	void */buf/,
3897	size_t /len/);
3898
3899	/**
3900	* Fill buffer buf with len bytes of PRNG randomness that is ok to use
3901	* for key generation, padding and public diclosing the randomness w/o
3902	* disclosing the randomness source.
3903	*
3904	* This function can NOT fail, instead it will abort() and program will crash.
3905	*
3906	* If this function is called after a successful krb5_init_context(),
3907	* the chance of it failing is low due to that krb5_init_context()
3908	* pulls out some random, and quite commonly the randomness sources
3909	* will not fail once it have started to produce good output,
3910	* /dev/urandom behavies that way.
3911	*
3912	* @param buf a buffer to fill with randomness
3913	* @param len length of memory that buf points to.
3914	*
3915	* @ingroup krb5_crypto
3916	*/
3917
3918	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
3919	krb5_generate_random_block (
3920	void */buf/,
3921	size_t /len/);
3922
3923	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3924	krb5_generate_random_keyblock (
3925	krb5_context /context/,
3926	krb5_enctype /type/,
3927	krb5_keyblock */key/);
3928
3929	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3930	krb5_generate_seq_number (
3931	krb5_context /context/,
3932	const krb5_keyblock */key/,
3933	uint32_t */seqno/);
3934
3935	/**
3936	* Deprecated: use krb5_generate_subkey_extended()
3937	*
3938	* @ingroup krb5_deprecated
3939	*/
3940
3941	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3942	krb5_generate_subkey (
3943	krb5_context /context/,
3944	const krb5_keyblock */key/,
3945	krb5_keyblock **/subkey/)
3946	KRB5_DEPRECATED_FUNCTION("Use X instead");
3947
3948	/**
3949	* Generate subkey, from keyblock
3950	*
3951	* @param context kerberos context
3952	* @param key session key
3953	* @param etype encryption type of subkey, if ETYPE_NULL, use key's enctype
3954	* @param subkey returned new, free with krb5_free_keyblock().
3955	*
3956	* @return 0 on success or a Kerberos 5 error code
3957	*
3958	* @ingroup krb5_crypto
3959	*/
3960
3961	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3962	krb5_generate_subkey_extended (
3963	krb5_context /context/,
3964	const krb5_keyblock */key/,
3965	krb5_enctype /etype/,
3966	krb5_keyblock **/subkey/);
3967
3968	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3969	krb5_get_all_client_addrs (
3970	krb5_context /context/,
3971	krb5_addresses */res/);
3972
3973	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3974	krb5_get_all_server_addrs (
3975	krb5_context /context/,
3976	krb5_addresses */res/);
3977
3978	/**
3979	* Deprecated: use krb5_get_credentials_with_flags().
3980	*
3981	* @ingroup krb5_deprecated
3982	*/
3983
3984	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
3985	krb5_get_cred_from_kdc (
3986	krb5_context /context/,
3987	krb5_ccache /ccache/,
3988	krb5_creds */in_creds/,
3989	krb5_creds **/out_creds/,
3990	krb5_creds ***/ret_tgts/)
3991	KRB5_DEPRECATED_FUNCTION("Use X instead");
3992
3993	/**
3994	* Deprecated: use krb5_get_credentials_with_flags().
3995	*
3996	* @ingroup krb5_deprecated
3997	*/
3998
3999	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4000	krb5_get_cred_from_kdc_opt (
4001	krb5_context /context/,
4002	krb5_ccache /ccache/,
4003	krb5_creds */in_creds/,
4004	krb5_creds **/out_creds/,
4005	krb5_creds ***/ret_tgts/,
4006	krb5_flags /flags/)
4007	KRB5_DEPRECATED_FUNCTION("Use X instead");
4008
4009	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4010	krb5_get_credentials (
4011	krb5_context /context/,
4012	krb5_flags /options/,
4013	krb5_ccache /ccache/,
4014	krb5_creds */in_creds/,
4015	krb5_creds **/out_creds/);
4016
4017	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4018	krb5_get_credentials_with_flags (
4019	krb5_context /context/,
4020	krb5_flags /options/,
4021	krb5_kdc_flags /flags/,
4022	krb5_ccache /ccache/,
4023	krb5_creds */in_creds/,
4024	krb5_creds **/out_creds/);
4025
4026	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4027	krb5_get_creds (
4028	krb5_context /context/,
4029	krb5_get_creds_opt /opt/,
4030	krb5_ccache /ccache/,
4031	krb5_const_principal /inprinc/,
4032	krb5_creds **/out_creds/);
4033
4034	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4035	krb5_get_creds_opt_add_options (
4036	krb5_context /context/,
4037	krb5_get_creds_opt /opt/,
4038	krb5_flags /options/);
4039
4040	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4041	krb5_get_creds_opt_alloc (
4042	krb5_context /context/,
4043	krb5_get_creds_opt */opt/);
4044
4045	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4046	krb5_get_creds_opt_free (
4047	krb5_context /context/,
4048	krb5_get_creds_opt /opt/);
4049
4050	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4051	krb5_get_creds_opt_set_enctype (
4052	krb5_context /context/,
4053	krb5_get_creds_opt /opt/,
4054	krb5_enctype /enctype/);
4055
4056	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4057	krb5_get_creds_opt_set_impersonate (
4058	krb5_context /context/,
4059	krb5_get_creds_opt /opt/,
4060	krb5_const_principal /self/);
4061
4062	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4063	krb5_get_creds_opt_set_options (
4064	krb5_context /context/,
4065	krb5_get_creds_opt /opt/,
4066	krb5_flags /options/);
4067
4068	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4069	krb5_get_creds_opt_set_ticket (
4070	krb5_context /context/,
4071	krb5_get_creds_opt /opt/,
4072	const Ticket */ticket/);
4073
4074	/**
4075	* Get the global configuration list.
4076	*
4077	* @param pfilenames return array of filenames, should be freed with krb5_free_config_files().
4078	*
4079	* @return Returns 0 to indicate success. Otherwise an kerberos et
4080	* error code is returned, see krb5_get_error_message().
4081	*
4082	* @ingroup krb5
4083	*/
4084
4085	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4086	krb5_get_default_config_files (char ***/pfilenames/);
4087
4088	/**
4089	* Get the default encryption types that will be use in communcation
4090	* with the KDC, clients and servers.
4091	*
4092	* @param context Kerberos 5 context.
4093	* @param pdu_type request type (AS, TGS or none)
4094	* @param etypes Encryption types, array terminated with
4095	* ETYPE_NULL(0), caller should free array with krb5_xfree():
4096	*
4097	* @return Returns 0 to indicate success. Otherwise an kerberos et
4098	* error code is returned, see krb5_get_error_message().
4099	*
4100	* @ingroup krb5
4101	*/
4102
4103	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4104	krb5_get_default_in_tkt_etypes (
4105	krb5_context /context/,
4106	krb5_pdu /pdu_type/,
4107	krb5_enctype **/etypes/);
4108
4109	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4110	krb5_get_default_principal (
4111	krb5_context /context/,
4112	krb5_principal */princ/);
4113
4114	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4115	krb5_get_default_realm (
4116	krb5_context /context/,
4117	krb5_realm */realm/);
4118
4119	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4120	krb5_get_default_realms (
4121	krb5_context /context/,
4122	krb5_realm **/realms/);
4123
4124	/**
4125	* Get if the library uses DNS to canonicalize hostnames.
4126	*
4127	* @param context Kerberos 5 context.
4128	*
4129	* @return return non zero if the library uses DNS to canonicalize hostnames.
4130	*
4131	* @ingroup krb5
4132	*/
4133
4134	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
4135	krb5_get_dns_canonicalize_hostname (krb5_context /context/);
4136
4137	/**
4138	* Return the error string for the error code. The caller must not
4139	* free the string.
4140	*
4141	* This function is deprecated since its not threadsafe.
4142	*
4143	* @param context Kerberos 5 context.
4144	* @param code Kerberos error code.
4145	*
4146	* @return the error message matching code
4147	*
4148	* @ingroup krb5
4149	*/
4150
4151	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
4152	krb5_get_err_text (
4153	krb5_context /context/,
4154	krb5_error_code /code/)
4155	KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead");
4156
4157	/**
4158	* Return the error message for `code' in context. On memory
4159	* allocation error the function returns NULL.
4160	*
4161	* @param context Kerberos 5 context
4162	* @param code Error code related to the error
4163	*
4164	* @return an error string, needs to be freed with
4165	* krb5_free_error_message(). The functions return NULL on error.
4166	*
4167	* @ingroup krb5_error
4168	*/
4169
4170	KRB5_LIB_FUNCTION const char * KRB5_LIB_CALL
4171	krb5_get_error_message (
4172	krb5_context /context/,
4173	krb5_error_code /code/);
4174
4175	/**
4176	* Return the error message in context. On error or no error string,
4177	* the function returns NULL.
4178	*
4179	* @param context Kerberos 5 context
4180	*
4181	* @return an error string, needs to be freed with
4182	* krb5_free_error_message(). The functions return NULL on error.
4183	*
4184	* @ingroup krb5_error
4185	*/
4186
4187	KRB5_LIB_FUNCTION char * KRB5_LIB_CALL
4188	krb5_get_error_string (krb5_context /context/)
4189	KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead");
4190
4191	/**
4192	* Get extra address to the address list that the library will add to
4193	* the client's address list when communicating with the KDC.
4194	*
4195	* @param context Kerberos 5 context.
4196	* @param addresses addreses to set
4197	*
4198	* @return Returns 0 to indicate success. Otherwise an kerberos et
4199	* error code is returned, see krb5_get_error_message().
4200	*
4201	* @ingroup krb5
4202	*/
4203
4204	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4205	krb5_get_extra_addresses (
4206	krb5_context /context/,
4207	krb5_addresses */addresses/);
4208
4209	/**
4210	* Get version of fcache that the library should use.
4211	*
4212	* @param context Kerberos 5 context.
4213	* @param version version number.
4214	*
4215	* @return Returns 0 to indicate success. Otherwise an kerberos et
4216	* error code is returned, see krb5_get_error_message().
4217	*
4218	* @ingroup krb5
4219	*/
4220
4221	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4222	krb5_get_fcache_version (
4223	krb5_context /context/,
4224	int */version/);
4225
4226	/**
4227	* Gets tickets forwarded to hostname. If the tickets that are
4228	* forwarded are address-less, the forwarded tickets will also be
4229	* address-less.
4230	*
4231	* If the ticket have any address, hostname will be used for figure
4232	* out the address to forward the ticket too. This since this might
4233	* use DNS, its insecure and also doesn't represent configured all
4234	* addresses of the host. For example, the host might have two
4235	* adresses, one IPv4 and one IPv6 address where the later is not
4236	* published in DNS. This IPv6 address might be used communications
4237	* and thus the resulting ticket useless.
4238	*
4239	* @param context A kerberos 5 context.
4240	* @param auth_context the auth context with the key to encrypt the out_data.
4241	* @param ccache credential cache to use
4242	* @param flags the flags to control the resulting ticket flags
4243	* @param hostname the host to forward the tickets too.
4244	* @param in_creds the in client and server ticket names. The client
4245	* and server components forwarded to the remote host.
4246	* @param out_data the resulting credential.
4247	*
4248	* @return Return an error code or 0.
4249	*
4250	* @ingroup krb5_credential
4251	*/
4252
4253	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4254	krb5_get_forwarded_creds (
4255	krb5_context /context/,
4256	krb5_auth_context /auth_context/,
4257	krb5_ccache /ccache/,
4258	krb5_flags /flags/,
4259	const char */hostname/,
4260	krb5_creds */in_creds/,
4261	krb5_data */out_data/);
4262
4263	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4264	krb5_get_host_realm (
4265	krb5_context /context/,
4266	const char */targethost/,
4267	krb5_realm **/realms/);
4268
4269	/**
4270	* Get extra addresses to ignore when fetching addresses from the
4271	* underlaying operating system.
4272	*
4273	* @param context Kerberos 5 context.
4274	* @param addresses list addreses ignored
4275	*
4276	* @return Returns 0 to indicate success. Otherwise an kerberos et
4277	* error code is returned, see krb5_get_error_message().
4278	*
4279	* @ingroup krb5
4280	*/
4281
4282	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4283	krb5_get_ignore_addresses (
4284	krb5_context /context/,
4285	krb5_addresses */addresses/);
4286
4287	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4288	krb5_get_in_cred (
4289	krb5_context /context/,
4290	krb5_flags /options/,
4291	const krb5_addresses */addrs/,
4292	const krb5_enctype */etypes/,
4293	const krb5_preauthtype */ptypes/,
4294	const krb5_preauthdata */preauth/,
4295	krb5_key_proc /key_proc/,
4296	krb5_const_pointer /keyseed/,
4297	krb5_decrypt_proc /decrypt_proc/,
4298	krb5_const_pointer /decryptarg/,
4299	krb5_creds */creds/,
4300	krb5_kdc_rep */ret_as_reply/)
4301	KRB5_DEPRECATED_FUNCTION("Use X instead");
4302
4303	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4304	krb5_get_in_tkt (
4305	krb5_context /context/,
4306	krb5_flags /options/,
4307	const krb5_addresses */addrs/,
4308	const krb5_enctype */etypes/,
4309	const krb5_preauthtype */ptypes/,
4310	krb5_key_proc /key_proc/,
4311	krb5_const_pointer /keyseed/,
4312	krb5_decrypt_proc /decrypt_proc/,
4313	krb5_const_pointer /decryptarg/,
4314	krb5_creds */creds/,
4315	krb5_ccache /ccache/,
4316	krb5_kdc_rep */ret_as_reply/)
4317	KRB5_DEPRECATED_FUNCTION("Use X instead");
4318
4319	/**
4320	* Deprecated: use krb5_get_init_creds() and friends.
4321	*
4322	* @ingroup krb5_deprecated
4323	*/
4324
4325	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4326	krb5_get_in_tkt_with_keytab (
4327	krb5_context /context/,
4328	krb5_flags /options/,
4329	krb5_addresses */addrs/,
4330	const krb5_enctype */etypes/,
4331	const krb5_preauthtype */pre_auth_types/,
4332	krb5_keytab /keytab/,
4333	krb5_ccache /ccache/,
4334	krb5_creds */creds/,
4335	krb5_kdc_rep */ret_as_reply/)
4336	KRB5_DEPRECATED_FUNCTION("Use X instead");
4337
4338	/**
4339	* Deprecated: use krb5_get_init_creds() and friends.
4340	*
4341	* @ingroup krb5_deprecated
4342	*/
4343
4344	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4345	krb5_get_in_tkt_with_password (
4346	krb5_context /context/,
4347	krb5_flags /options/,
4348	krb5_addresses */addrs/,
4349	const krb5_enctype */etypes/,
4350	const krb5_preauthtype */pre_auth_types/,
4351	const char */password/,
4352	krb5_ccache /ccache/,
4353	krb5_creds */creds/,
4354	krb5_kdc_rep */ret_as_reply/)
4355	KRB5_DEPRECATED_FUNCTION("Use X instead");
4356
4357	/**
4358	* Deprecated: use krb5_get_init_creds() and friends.
4359	*
4360	* @ingroup krb5_deprecated
4361	*/
4362
4363	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4364	krb5_get_in_tkt_with_skey (
4365	krb5_context /context/,
4366	krb5_flags /options/,
4367	krb5_addresses */addrs/,
4368	const krb5_enctype */etypes/,
4369	const krb5_preauthtype */pre_auth_types/,
4370	const krb5_keyblock */key/,
4371	krb5_ccache /ccache/,
4372	krb5_creds */creds/,
4373	krb5_kdc_rep */ret_as_reply/)
4374	KRB5_DEPRECATED_FUNCTION("Use X instead");
4375
4376	/**
4377	* Get new credentials using keyblock.
4378	*
4379	* @ingroup krb5_credential
4380	*/
4381
4382	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4383	krb5_get_init_creds_keyblock (
4384	krb5_context /context/,
4385	krb5_creds */creds/,
4386	krb5_principal /client/,
4387	krb5_keyblock */keyblock/,
4388	krb5_deltat /start_time/,
4389	const char */in_tkt_service/,
4390	krb5_get_init_creds_opt */options/);
4391
4392	/**
4393	* Get new credentials using keytab.
4394	*
4395	* @ingroup krb5_credential
4396	*/
4397
4398	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4399	krb5_get_init_creds_keytab (
4400	krb5_context /context/,
4401	krb5_creds */creds/,
4402	krb5_principal /client/,
4403	krb5_keytab /keytab/,
4404	krb5_deltat /start_time/,
4405	const char */in_tkt_service/,
4406	krb5_get_init_creds_opt */options/);
4407
4408	/**
4409	* Allocate a new krb5_get_init_creds_opt structure, free with
4410	* krb5_get_init_creds_opt_free().
4411	*
4412	* @ingroup krb5_credential
4413	*/
4414
4415	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4416	krb5_get_init_creds_opt_alloc (
4417	krb5_context /context/,
4418	krb5_get_init_creds_opt **/opt/);
4419
4420	/**
4421	* Free krb5_get_init_creds_opt structure.
4422	*
4423	* @ingroup krb5_credential
4424	*/
4425
4426	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4427	krb5_get_init_creds_opt_free (
4428	krb5_context /context/,
4429	krb5_get_init_creds_opt */opt/);
4430
4431	/**
4432	* Deprecated: use the new krb5_init_creds_init() and
4433	* krb5_init_creds_get_error().
4434	*
4435	* @ingroup krb5_deprecated
4436	*/
4437
4438	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4439	krb5_get_init_creds_opt_get_error (
4440	krb5_context /context/,
4441	krb5_get_init_creds_opt */opt/,
4442	KRB_ERROR **/error/)
4443	KRB5_DEPRECATED_FUNCTION("Use X instead");
4444
4445	/**
4446	* Deprecated: use krb5_get_init_creds_opt_alloc().
4447	*
4448	* The reason krb5_get_init_creds_opt_init() is deprecated is that
4449	* krb5_get_init_creds_opt is a static structure and for ABI reason it
4450	* can't grow, ie can't add new functionality.
4451	*
4452	* @ingroup krb5_deprecated
4453	*/
4454
4455	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4456	krb5_get_init_creds_opt_init (krb5_get_init_creds_opt */opt/)
4457	KRB5_DEPRECATED_FUNCTION("Use X instead");
4458
4459	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4460	krb5_get_init_creds_opt_set_address_list (
4461	krb5_get_init_creds_opt */opt/,
4462	krb5_addresses */addresses/);
4463
4464	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4465	krb5_get_init_creds_opt_set_addressless (
4466	krb5_context /context/,
4467	krb5_get_init_creds_opt */opt/,
4468	krb5_boolean /addressless/);
4469
4470	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4471	krb5_get_init_creds_opt_set_anonymous (
4472	krb5_get_init_creds_opt */opt/,
4473	int /anonymous/);
4474
4475	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4476	krb5_get_init_creds_opt_set_canonicalize (
4477	krb5_context /context/,
4478	krb5_get_init_creds_opt */opt/,
4479	krb5_boolean /req/);
4480
4481	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4482	krb5_get_init_creds_opt_set_change_password_prompt (
4483	krb5_get_init_creds_opt */opt/,
4484	int /change_password_prompt/);
4485
4486	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4487	krb5_get_init_creds_opt_set_default_flags (
4488	krb5_context /context/,
4489	const char */appname/,
4490	krb5_const_realm /realm/,
4491	krb5_get_init_creds_opt */opt/);
4492
4493	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4494	krb5_get_init_creds_opt_set_etype_list (
4495	krb5_get_init_creds_opt */opt/,
4496	krb5_enctype */etype_list/,
4497	int /etype_list_length/);
4498
4499	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4500	krb5_get_init_creds_opt_set_forwardable (
4501	krb5_get_init_creds_opt */opt/,
4502	int /forwardable/);
4503
4504	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4505	krb5_get_init_creds_opt_set_pa_password (
4506	krb5_context /context/,
4507	krb5_get_init_creds_opt */opt/,
4508	const char */password/,
4509	krb5_s2k_proc /key_proc/);
4510
4511	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4512	krb5_get_init_creds_opt_set_pac_request (
4513	krb5_context /context/,
4514	krb5_get_init_creds_opt */opt/,
4515	krb5_boolean /req_pac/);
4516
4517	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4518	krb5_get_init_creds_opt_set_pkinit (
4519	krb5_context /context/,
4520	krb5_get_init_creds_opt */opt/,
4521	krb5_principal /principal/,
4522	const char */user_id/,
4523	const char */x509_anchors/,
4524	char * const * /pool/,
4525	char * const * /pki_revoke/,
4526	int /flags/,
4527	krb5_prompter_fct /prompter/,
4528	void */prompter_data/,
4529	char */password/);
4530
4531	krb5_error_code KRB5_LIB_FUNCTION
4532	krb5_get_init_creds_opt_set_pkinit_user_certs (
4533	krb5_context /context/,
4534	krb5_get_init_creds_opt */opt/,
4535	struct hx509_certs_data */certs/);
4536
4537	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4538	krb5_get_init_creds_opt_set_preauth_list (
4539	krb5_get_init_creds_opt */opt/,
4540	krb5_preauthtype */preauth_list/,
4541	int /preauth_list_length/);
4542
4543	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4544	krb5_get_init_creds_opt_set_process_last_req (
4545	krb5_context /context/,
4546	krb5_get_init_creds_opt */opt/,
4547	krb5_gic_process_last_req /func/,
4548	void */ctx/);
4549
4550	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4551	krb5_get_init_creds_opt_set_proxiable (
4552	krb5_get_init_creds_opt */opt/,
4553	int /proxiable/);
4554
4555	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4556	krb5_get_init_creds_opt_set_renew_life (
4557	krb5_get_init_creds_opt */opt/,
4558	krb5_deltat /renew_life/);
4559
4560	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4561	krb5_get_init_creds_opt_set_salt (
4562	krb5_get_init_creds_opt */opt/,
4563	krb5_data */salt/);
4564
4565	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4566	krb5_get_init_creds_opt_set_tkt_life (
4567	krb5_get_init_creds_opt */opt/,
4568	krb5_deltat /tkt_life/);
4569
4570	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4571	krb5_get_init_creds_opt_set_win2k (
4572	krb5_context /context/,
4573	krb5_get_init_creds_opt */opt/,
4574	krb5_boolean /req/);
4575
4576	/**
4577	* Get new credentials using password.
4578	*
4579	* @ingroup krb5_credential
4580	*/
4581
4582	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4583	krb5_get_init_creds_password (
4584	krb5_context /context/,
4585	krb5_creds */creds/,
4586	krb5_principal /client/,
4587	const char */password/,
4588	krb5_prompter_fct /prompter/,
4589	void */data/,
4590	krb5_deltat /start_time/,
4591	const char */in_tkt_service/,
4592	krb5_get_init_creds_opt */options/);
4593
4594	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4595	krb5_get_kdc_cred (
4596	krb5_context /context/,
4597	krb5_ccache /id/,
4598	krb5_kdc_flags /flags/,
4599	krb5_addresses */addresses/,
4600	Ticket */second_ticket/,
4601	krb5_creds */in_creds/,
4602	krb5_creds **out_creds );
4603
4604	/**
4605	* Get current offset in time to the KDC.
4606	*
4607	* @param context Kerberos 5 context.
4608	* @param sec seconds part of offset.
4609	* @param usec micro seconds part of offset.
4610	*
4611	* @return returns zero
4612	*
4613	* @ingroup krb5
4614	*/
4615
4616	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4617	krb5_get_kdc_sec_offset (
4618	krb5_context /context/,
4619	int32_t */sec/,
4620	int32_t */usec/);
4621
4622	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4623	krb5_get_krb524hst (
4624	krb5_context /context/,
4625	const krb5_realm */realm/,
4626	char ***/hostlist/);
4627
4628	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4629	krb5_get_krb_admin_hst (
4630	krb5_context /context/,
4631	const krb5_realm */realm/,
4632	char ***/hostlist/);
4633
4634	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4635	krb5_get_krb_changepw_hst (
4636	krb5_context /context/,
4637	const krb5_realm */realm/,
4638	char ***/hostlist/);
4639
4640	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4641	krb5_get_krbhst (
4642	krb5_context /context/,
4643	const krb5_realm */realm/,
4644	char ***/hostlist/);
4645
4646	/**
4647	* Get max time skew allowed.
4648	*
4649	* @param context Kerberos 5 context.
4650	*
4651	* @return timeskew in seconds.
4652	*
4653	* @ingroup krb5
4654	*/
4655
4656	KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL
4657	krb5_get_max_time_skew (krb5_context /context/);
4658
4659	/**
4660	* krb5_init_context() will get one random byte to make sure our
4661	* random is alive. Assumption is that once the non blocking
4662	* source allows us to pull bytes, its all seeded and allows us to
4663	* pull more bytes.
4664	*
4665	* Most Kerberos users calls krb5_init_context(), so this is
4666	* useful point where we can do the checking.
4667	*/
4668
4669	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4670	krb5_get_permitted_enctypes (
4671	krb5_context /context/,
4672	krb5_enctype **/etypes/);
4673
4674	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4675	krb5_get_pw_salt (
4676	krb5_context /context/,
4677	krb5_const_principal /principal/,
4678	krb5_salt */salt/);
4679
4680	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4681	krb5_get_renewed_creds (
4682	krb5_context /context/,
4683	krb5_creds */creds/,
4684	krb5_const_principal /client/,
4685	krb5_ccache /ccache/,
4686	const char */in_tkt_service/);
4687
4688	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4689	krb5_get_server_rcache (
4690	krb5_context /context/,
4691	const krb5_data */piece/,
4692	krb5_rcache */id/);
4693
4694	/**
4695	* Make the kerberos library default to the admin KDC.
4696	*
4697	* @param context Kerberos 5 context.
4698	*
4699	* @return boolean flag to telling the context will use admin KDC as the default KDC.
4700	*
4701	* @ingroup krb5
4702	*/
4703
4704	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
4705	krb5_get_use_admin_kdc (krb5_context /context/);
4706
4707	/**
4708	* Validate the newly fetch credential, see also krb5_verify_init_creds().
4709	*
4710	* @param context a Kerberos 5 context
4711	* @param creds the credentials to verify
4712	* @param client the client name to match up
4713	* @param ccache the credential cache to use
4714	* @param service a service name to use, used with
4715	* krb5_sname_to_principal() to build a hostname to use to
4716	* verify.
4717	*
4718	* @ingroup krb5_ccache
4719	*/
4720
4721	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4722	krb5_get_validated_creds (
4723	krb5_context /context/,
4724	krb5_creds */creds/,
4725	krb5_principal /client/,
4726	krb5_ccache /ccache/,
4727	char */service/);
4728
4729	/**
4730	* Get the default logging facility.
4731	*
4732	* @param context A Kerberos 5 context
4733	*
4734	* @ingroup krb5_error
4735	*/
4736
4737	KRB5_LIB_FUNCTION krb5_log_facility * KRB5_LIB_CALL
4738	krb5_get_warn_dest (krb5_context /context/);
4739
4740	KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL
4741	krb5_get_wrapped_length (
4742	krb5_context /context/,
4743	krb5_crypto /crypto/,
4744	size_t /data_len/);
4745
4746	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
4747	krb5_getportbyname (
4748	krb5_context /context/,
4749	const char */service/,
4750	const char */proto/,
4751	int /default_port/);
4752
4753	/**
4754	* krb5_h_addr2addr works like krb5_h_addr2sockaddr with the exception
4755	* that it operates on a krb5_address instead of a struct sockaddr.
4756	*
4757	* @param context a Keberos context
4758	* @param af address family
4759	* @param haddr host address from struct hostent.
4760	* @param addr returned krb5_address.
4761	*
4762	* @return Return an error code or 0.
4763	*
4764	* @ingroup krb5_address
4765	*/
4766
4767	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4768	krb5_h_addr2addr (
4769	krb5_context /context/,
4770	int /af/,
4771	const char */haddr/,
4772	krb5_address */addr/);
4773
4774	/**
4775	* krb5_h_addr2sockaddr initializes a "struct sockaddr sa" from af and
4776	* the "struct hostent" (see gethostbyname(3) ) h_addr_list
4777	* component. The argument sa_size should initially contain the size
4778	* of the sa, and after the call, it will contain the actual length of
4779	* the address.
4780	*
4781	* @param context a Keberos context
4782	* @param af addresses
4783	* @param addr address
4784	* @param sa returned struct sockaddr
4785	* @param sa_size size of sa
4786	* @param port port to set in sa.
4787	*
4788	* @return Return an error code or 0.
4789	*
4790	* @ingroup krb5_address
4791	*/
4792
4793	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4794	krb5_h_addr2sockaddr (
4795	krb5_context /context/,
4796	int /af/,
4797	const char */addr/,
4798	struct sockaddr */sa/,
4799	krb5_socklen_t */sa_size/,
4800	int /port/);
4801
4802	/**
4803	* Convert the gethostname() error code (h_error) to a Kerberos et
4804	* error code.
4805	*
4806	* @param eai_errno contains the error code from gethostname().
4807	*
4808	* @return Kerberos error code representing the gethostname errors.
4809	*
4810	* @ingroup krb5_error
4811	*/
4812
4813	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4814	krb5_h_errno_to_heim_errno (int /eai_errno/);
4815
4816	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
4817	krb5_have_error_string (krb5_context /context/)
4818	KRB5_DEPRECATED_FUNCTION("Use krb5_get_error_message instead");
4819
4820	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4821	krb5_hmac (
4822	krb5_context /context/,
4823	krb5_cksumtype /cktype/,
4824	const void */data/,
4825	size_t /len/,
4826	unsigned /usage/,
4827	krb5_keyblock */key/,
4828	Checksum */result/);
4829
4830	/**
4831	* Initializes the context structure and reads the configuration file
4832	* /etc/krb5.conf. The structure should be freed by calling
4833	* krb5_free_context() when it is no longer being used.
4834	*
4835	* @param context pointer to returned context
4836	*
4837	* @return Returns 0 to indicate success. Otherwise an errno code is
4838	* returned. Failure means either that something bad happened during
4839	* initialization (typically ENOMEM) or that Kerberos should not be
4840	* used ENXIO. If the function returns HEIM_ERR_RANDOM_OFFLINE, the
4841	* random source is not available and later Kerberos calls might fail.
4842	*
4843	* @ingroup krb5
4844	*/
4845
4846	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4847	krb5_init_context (krb5_context */context/);
4848
4849	/**
4850	* Free the krb5_init_creds_context allocated by krb5_init_creds_init().
4851	*
4852	* @param context A Kerberos 5 context.
4853	* @param ctx The krb5_init_creds_context to free.
4854	*
4855	* @ingroup krb5_credential
4856	*/
4857
4858	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
4859	krb5_init_creds_free (
4860	krb5_context /context/,
4861	krb5_init_creds_context /ctx/);
4862
4863	/**
4864	* Get new credentials as setup by the krb5_init_creds_context.
4865	*
4866	* @param context A Kerberos 5 context.
4867	* @param ctx The krb5_init_creds_context to process.
4868	*
4869	* @ingroup krb5_credential
4870	*/
4871
4872	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4873	krb5_init_creds_get (
4874	krb5_context /context/,
4875	krb5_init_creds_context /ctx/);
4876
4877	/**
4878	* Extract the newly acquired credentials from krb5_init_creds_context
4879	* context.
4880	*
4881	* @param context A Kerberos 5 context.
4882	* @param ctx
4883	* @param cred credentials, free with krb5_free_cred_contents().
4884	*
4885	* @return 0 for sucess or An Kerberos error code, see krb5_get_error_message().
4886	*/
4887
4888	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4889	krb5_init_creds_get_creds (
4890	krb5_context /context/,
4891	krb5_init_creds_context /ctx/,
4892	krb5_creds */cred/);
4893
4894	/**
4895	* Get the last error from the transaction.
4896	*
4897	* @return Returns 0 or an error code
4898	*
4899	* @ingroup krb5_credential
4900	*/
4901
4902	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4903	krb5_init_creds_get_error (
4904	krb5_context /context/,
4905	krb5_init_creds_context /ctx/,
4906	KRB_ERROR */error/);
4907
4908	/**
4909	* Start a new context to get a new initial credential.
4910	*
4911	* @param context A Kerberos 5 context.
4912	* @param client The Kerberos principal to get the credential for, if
4913	* NULL is given, the default principal is used as determined by
4914	* krb5_get_default_principal().
4915	* @param prompter
4916	* @param prompter_data
4917	* @param start_time the time the ticket should start to be valid or 0 for now.
4918	* @param options a options structure, can be NULL for default options.
4919	* @param rctx A new allocated free with krb5_init_creds_free().
4920	*
4921	* @return 0 for success or an Kerberos 5 error code, see krb5_get_error_message().
4922	*
4923	* @ingroup krb5_credential
4924	*/
4925
4926	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4927	krb5_init_creds_init (
4928	krb5_context /context/,
4929	krb5_principal /client/,
4930	krb5_prompter_fct /prompter/,
4931	void */prompter_data/,
4932	krb5_deltat /start_time/,
4933	krb5_get_init_creds_opt */options/,
4934	krb5_init_creds_context */rctx/);
4935
4936	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4937	krb5_init_creds_set_fast_ap_armor_service (
4938	krb5_context /context/,
4939	krb5_init_creds_context /ctx/,
4940	krb5_const_principal /armor_service/);
4941
4942	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4943	krb5_init_creds_set_fast_ccache (
4944	krb5_context /context/,
4945	krb5_init_creds_context /ctx/,
4946	krb5_ccache /fast_ccache/);
4947
4948	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4949	krb5_init_creds_set_keyblock (
4950	krb5_context /context/,
4951	krb5_init_creds_context /ctx/,
4952	krb5_keyblock */keyblock/);
4953
4954	/**
4955	* Set the keytab to use for authentication.
4956	*
4957	* @param context a Kerberos 5 context.
4958	* @param ctx ctx krb5_init_creds_context context.
4959	* @param keytab the keytab to read the key from.
4960	*
4961	* @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
4962	* @ingroup krb5_credential
4963	*/
4964
4965	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4966	krb5_init_creds_set_keytab (
4967	krb5_context /context/,
4968	krb5_init_creds_context /ctx/,
4969	krb5_keytab /keytab/);
4970
4971	/**
4972	* Sets the password that will use for the request.
4973	*
4974	* @param context a Kerberos 5 context.
4975	* @param ctx ctx krb5_init_creds_context context.
4976	* @param password the password to use.
4977	*
4978	* @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
4979	* @ingroup krb5_credential
4980	*/
4981
4982	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
4983	krb5_init_creds_set_password (
4984	krb5_context /context/,
4985	krb5_init_creds_context /ctx/,
4986	const char */password/);
4987
4988	/**
4989	* Sets the service that the is requested. This call is only neede for
4990	* special initial tickets, by default the a krbtgt is fetched in the default realm.
4991	*
4992	* @param context a Kerberos 5 context.
4993	* @param ctx a krb5_init_creds_context context.
4994	* @param service the service given as a string, for example
4995	* "kadmind/admin". If NULL, the default krbtgt in the clients
4996	* realm is set.
4997	*
4998	* @return 0 for success, or an Kerberos 5 error code, see krb5_get_error_message().
4999	* @ingroup krb5_credential
5000	*/
5001
5002	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5003	krb5_init_creds_set_service (
5004	krb5_context /context/,
5005	krb5_init_creds_context /ctx/,
5006	const char */service/);
5007
5008	/**
5009	* The core loop if krb5_get_init_creds() function family. Create the
5010	* packets and have the caller send them off to the KDC.
5011	*
5012	* If the caller want all work been done for them, use
5013	* krb5_init_creds_get() instead.
5014	*
5015	* @param context a Kerberos 5 context.
5016	* @param ctx ctx krb5_init_creds_context context.
5017	* @param in input data from KDC, first round it should be reset by krb5_data_zer().
5018	* @param out reply to KDC.
5019	* @param hostinfo KDC address info, first round it can be NULL.
5020	* @param flags status of the round, if
5021	* KRB5_INIT_CREDS_STEP_FLAG_CONTINUE is set, continue one more round.
5022	*
5023	* @return 0 for success, or an Kerberos 5 error code, see
5024	* krb5_get_error_message().
5025	*
5026	* @ingroup krb5_credential
5027	*/
5028
5029	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5030	krb5_init_creds_step (
5031	krb5_context /context/,
5032	krb5_init_creds_context /ctx/,
5033	krb5_data */in/,
5034	krb5_data */out/,
5035	krb5_krbhst_info */hostinfo/,
5036	unsigned int */flags/);
5037
5038	/**
5039	*
5040	* @ingroup krb5_credential
5041	*/
5042
5043	krb5_error_code
5044	krb5_init_creds_store (
5045	krb5_context /context/,
5046	krb5_init_creds_context /ctx/,
5047	krb5_ccache /id/);
5048
5049	/**
5050	* Init the built-in ets in the Kerberos library.
5051	*
5052	* @param context kerberos context to add the ets too
5053	*
5054	* @ingroup krb5
5055	*/
5056
5057	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
5058	krb5_init_ets (krb5_context /context/);
5059
5060	/**
5061	@struct krb5plugin_kuserok_ftable_desc *
5062	* @brief Description of the krb5_kuserok(3) plugin facility.
5063	*
5064	* The krb5_kuserok(3) function is pluggable. The plugin is named
5065	* KRB5_PLUGIN_KUSEROK ("krb5_plugin_kuserok"), with a single minor
5066	* version, KRB5_PLUGIN_KUSEROK_VERSION_0 (0).
5067	*
5068	* The plugin for krb5_kuserok(3) consists of a data symbol referencing
5069	* a structure of type krb5plugin_kuserok_ftable, with four fields:
5070	*
5071	* @param init Plugin initialization function (see krb5-plugin(7))
5072	*
5073	* @param minor_version The plugin minor version number (0)
5074	*
5075	* @param fini Plugin finalization function
5076	*
5077	* @param kuserok Plugin kuserok function
5078	*
5079	* The kuserok field is the plugin entry point that performs the
5080	* traditional kuserok operation however the plugin desires. It is
5081	* invoked in no particular order relative to other kuserok plugins, but
5082	* it has a 'rule' argument that indicates which plugin is intended to
5083	* act on the rule. The plugin kuserok function must return
5084	* KRB5_PLUGIN_NO_HANDLE if the rule is not applicable to it.
5085	*
5086	* The plugin kuserok function has the following arguments, in this
5087	* order:
5088	*
5089	* -# plug_ctx, the context value output by the plugin's init function
5090	* -# context, a krb5_context
5091	* -# rule, the kuserok rule being evaluated (from krb5.conf(5))
5092	* -# flags
5093	* -# k5login_dir, configured location of k5login per-user files if any
5094	* -# luser, name of the local user account to which principal is attempting to access.
5095	* -# principal, the krb5_principal trying to access the luser account
5096	* -# result, a krb5_boolean pointer where the plugin will output its result
5097	*
5098	* @ingroup krb5_support
5099	*/
5100
5101	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5102	krb5_initlog (
5103	krb5_context /context/,
5104	const char */program/,
5105	krb5_log_facility **/fac/);
5106
5107	/**
5108	* Return TRUE (non zero) if the principal is a configuration
5109	* principal (generated part of krb5_cc_set_config()). Returns FALSE
5110	* (zero) if not a configuration principal.
5111	*
5112	* @param context a Keberos context
5113	* @param principal principal to check if it a configuration principal
5114	*
5115	* @ingroup krb5_ccache
5116	*/
5117
5118	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
5119	krb5_is_config_principal (
5120	krb5_context /context/,
5121	krb5_const_principal /principal/);
5122
5123	/**
5124	* Returns is the encryption is strong or weak
5125	*
5126	* @param context Kerberos 5 context
5127	* @param enctype encryption type to probe
5128	*
5129	* @return Returns true if encryption type is weak or is not supported.
5130	*
5131	* @ingroup krb5_crypto
5132	*/
5133
5134	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
5135	krb5_is_enctype_weak (
5136	krb5_context /context/,
5137	krb5_enctype /enctype/);
5138
5139	/**
5140	* Runtime check if the Kerberos library was complied with thread support.
5141	*
5142	* @return TRUE if the library was compiled with thread support, FALSE if not.
5143	*
5144	* @ingroup krb5
5145	*/
5146
5147	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
5148	krb5_is_thread_safe (void);
5149
5150	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5151	krb5_kcm_call (
5152	krb5_context /context/,
5153	krb5_storage */request/,
5154	krb5_storage **/response_p/,
5155	krb5_data */response_data_p/);
5156
5157	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5158	krb5_kcm_storage_request (
5159	krb5_context /context/,
5160	uint16_t /opcode/,
5161	krb5_storage **/storage_p/);
5162
5163	/**
5164	* Returns the list of Kerberos encryption types sorted in order of
5165	* most preferred to least preferred encryption type. Note that some
5166	* encryption types might be disabled, so you need to check with
5167	* krb5_enctype_valid() before using the encryption type.
5168	*
5169	* @return list of enctypes, terminated with ETYPE_NULL. Its a static
5170	* array completed into the Kerberos library so the content doesn't
5171	* need to be freed.
5172	*
5173	* @ingroup krb5
5174	*/
5175
5176	KRB5_LIB_FUNCTION const krb5_enctype * KRB5_LIB_CALL
5177	krb5_kerberos_enctypes (krb5_context /context/);
5178
5179	/**
5180	* Get encryption type of a keyblock.
5181	*
5182	* @ingroup krb5_crypto
5183	*/
5184
5185	KRB5_LIB_FUNCTION krb5_enctype KRB5_LIB_CALL
5186	krb5_keyblock_get_enctype (const krb5_keyblock */block/);
5187
5188	/**
5189	* Fill in `key' with key data of type `enctype' from `data' of length
5190	* `size'. Key should be freed using krb5_free_keyblock_contents().
5191	*
5192	* @return 0 on success or a Kerberos 5 error code
5193	*
5194	* @ingroup krb5_crypto
5195	*/
5196
5197	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5198	krb5_keyblock_init (
5199	krb5_context /context/,
5200	krb5_enctype /type/,
5201	const void */data/,
5202	size_t /size/,
5203	krb5_keyblock */key/);
5204
5205	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5206	krb5_keyblock_key_proc (
5207	krb5_context /context/,
5208	krb5_keytype /type/,
5209	krb5_data */salt/,
5210	krb5_const_pointer /keyseed/,
5211	krb5_keyblock **/key/);
5212
5213	/**
5214	* Zero out a keyblock
5215	*
5216	* @param keyblock keyblock to zero out
5217	*
5218	* @ingroup krb5_crypto
5219	*/
5220
5221	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
5222	krb5_keyblock_zero (krb5_keyblock */keyblock/);
5223
5224	/**
5225	* Deprecated: use krb5_get_init_creds() and friends.
5226	*
5227	* @ingroup krb5_deprecated
5228	*/
5229
5230	KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
5231	krb5_keytab_key_proc (
5232	krb5_context /context/,
5233	krb5_enctype /enctype/,
5234	krb5_salt /salt/,
5235	krb5_const_pointer /keyseed/,
5236	krb5_keyblock **/key/)
5237	KRB5_DEPRECATED_FUNCTION("Use X instead");
5238
5239	/**
5240	* Deprecated: keytypes doesn't exists, they are really enctypes.
5241	*
5242	* @ingroup krb5_deprecated
5243	*/
5244
5245	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5246	krb5_keytype_to_enctypes (
5247	krb5_context /context/,
5248	krb5_keytype /keytype/,
5249	unsigned */len/,
5250	krb5_enctype **/val/)
5251	KRB5_DEPRECATED_FUNCTION("Use X instead");
5252
5253	/**
5254	* Deprecated: keytypes doesn't exists, they are really enctypes.
5255	*
5256	* @ingroup krb5_deprecated
5257	*/
5258
5259	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5260	krb5_keytype_to_enctypes_default (
5261	krb5_context /context/,
5262	krb5_keytype /keytype/,
5263	unsigned */len/,
5264	krb5_enctype **/val/)
5265	KRB5_DEPRECATED_FUNCTION("Use X instead");
5266
5267	/**
5268	* Deprecated: keytypes doesn't exists, they are really enctypes in
5269	* most cases, use krb5_enctype_to_string().
5270	*
5271	* @ingroup krb5_deprecated
5272	*/
5273
5274	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5275	krb5_keytype_to_string (
5276	krb5_context /context/,
5277	krb5_keytype /keytype/,
5278	char **/string/)
5279	KRB5_DEPRECATED_FUNCTION("Use X instead");
5280
5281	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5282	krb5_krbhst_format_string (
5283	krb5_context /context/,
5284	const krb5_krbhst_info */host/,
5285	char */hostname/,
5286	size_t /hostlen/);
5287
5288	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
5289	krb5_krbhst_free (
5290	krb5_context /context/,
5291	krb5_krbhst_handle /handle/);
5292
5293	/**
5294	* Return an `struct addrinfo *' for a KDC host.
5295	*
5296	* Returns an the struct addrinfo in in that corresponds to the
5297	* information in `host'. free:ing is handled by krb5_krbhst_free, so
5298	* the returned ai must not be released.
5299	*
5300	* @ingroup krb5
5301	*/
5302
5303	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5304	krb5_krbhst_get_addrinfo (
5305	krb5_context /context/,
5306	krb5_krbhst_info */host/,
5307	struct addrinfo **/ai/);
5308
5309	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5310	krb5_krbhst_init (
5311	krb5_context /context/,
5312	const char */realm/,
5313	unsigned int /type/,
5314	krb5_krbhst_handle */handle/);
5315
5316	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5317	krb5_krbhst_init_flags (
5318	krb5_context /context/,
5319	const char */realm/,
5320	unsigned int /type/,
5321	int /flags/,
5322	krb5_krbhst_handle */handle/);
5323
5324	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5325	krb5_krbhst_next (
5326	krb5_context /context/,
5327	krb5_krbhst_handle /handle/,
5328	krb5_krbhst_info **/host/);
5329
5330	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5331	krb5_krbhst_next_as_string (
5332	krb5_context /context/,
5333	krb5_krbhst_handle /handle/,
5334	char */hostname/,
5335	size_t /hostlen/);
5336
5337	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
5338	krb5_krbhst_reset (
5339	krb5_context /context/,
5340	krb5_krbhst_handle /handle/);
5341
5342	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5343	krb5_krbhst_set_hostname (
5344	krb5_context /context/,
5345	krb5_krbhst_handle /handle/,
5346	const char */hostname/);
5347
5348	/**
5349	* Add the entry in `entry' to the keytab `id'.
5350	*
5351	* @param context a Keberos context.
5352	* @param id a keytab.
5353	* @param entry the entry to add
5354	*
5355	* @return Return an error code or 0, see krb5_get_error_message().
5356	*
5357	* @ingroup krb5_keytab
5358	*/
5359
5360	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5361	krb5_kt_add_entry (
5362	krb5_context /context/,
5363	krb5_keytab /id/,
5364	krb5_keytab_entry */entry/);
5365
5366	/**
5367	* Finish using the keytab in `id'. All resources will be released,
5368	* even on errors.
5369	*
5370	* @param context a Keberos context.
5371	* @param id keytab to close.
5372	*
5373	* @return Return an error code or 0, see krb5_get_error_message().
5374	*
5375	* @ingroup krb5_keytab
5376	*/
5377
5378	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5379	krb5_kt_close (
5380	krb5_context /context/,
5381	krb5_keytab /id/);
5382
5383	/**
5384	* Compare `entry' against `principal, vno, enctype'.
5385	* Any of `principal, vno, enctype' might be 0 which acts as a wildcard.
5386	* Return TRUE if they compare the same, FALSE otherwise.
5387	*
5388	* @param context a Keberos context.
5389	* @param entry an entry to match with.
5390	* @param principal principal to match, NULL matches all principals.
5391	* @param vno key version to match, 0 matches all key version numbers.
5392	* @param enctype encryption type to match, 0 matches all encryption types.
5393	*
5394	* @return Return TRUE or match, FALSE if not matched.
5395	*
5396	* @ingroup krb5_keytab
5397	*/
5398
5399	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
5400	krb5_kt_compare (
5401	krb5_context /context/,
5402	krb5_keytab_entry */entry/,
5403	krb5_const_principal /principal/,
5404	krb5_kvno /vno/,
5405	krb5_enctype /enctype/);
5406
5407	/**
5408	* Copy the contents of `in' into `out'.
5409	*
5410	* @param context a Keberos context.
5411	* @param in the keytab entry to copy.
5412	* @param out the copy of the keytab entry, free with krb5_kt_free_entry().
5413	*
5414	* @return Return an error code or 0, see krb5_get_error_message().
5415	*
5416	* @ingroup krb5_keytab
5417	*/
5418
5419	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5420	krb5_kt_copy_entry_contents (
5421	krb5_context /context/,
5422	const krb5_keytab_entry */in/,
5423	krb5_keytab_entry */out/);
5424
5425	/**
5426	* Set `id' to the default keytab.
5427	*
5428	* @param context a Keberos context.
5429	* @param id the new default keytab.
5430	*
5431	* @return Return an error code or 0, see krb5_get_error_message().
5432	*
5433	* @ingroup krb5_keytab
5434	*/
5435
5436	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5437	krb5_kt_default (
5438	krb5_context /context/,
5439	krb5_keytab */id/);
5440
5441	/**
5442	* Copy the name of the default modify keytab into `name'.
5443	*
5444	* @param context a Keberos context.
5445	* @param name buffer where the name will be written
5446	* @param namesize length of name
5447	*
5448	* @return Return an error code or 0, see krb5_get_error_message().
5449	*
5450	* @ingroup krb5_keytab
5451	*/
5452
5453	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5454	krb5_kt_default_modify_name (
5455	krb5_context /context/,
5456	char */name/,
5457	size_t /namesize/);
5458
5459	/**
5460	* copy the name of the default keytab into `name'.
5461	*
5462	* @param context a Keberos context.
5463	* @param name buffer where the name will be written
5464	* @param namesize length of name
5465	*
5466	* @return Return an error code or 0, see krb5_get_error_message().
5467	*
5468	* @ingroup krb5_keytab
5469	*/
5470
5471	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5472	krb5_kt_default_name (
5473	krb5_context /context/,
5474	char */name/,
5475	size_t /namesize/);
5476
5477	/**
5478	* Destroy (remove) the keytab in `id'. All resources will be released,
5479	* even on errors, does the equvalment of krb5_kt_close() on the resources.
5480	*
5481	* @param context a Keberos context.
5482	* @param id keytab to destroy.
5483	*
5484	* @return Return an error code or 0, see krb5_get_error_message().
5485	*
5486	* @ingroup krb5_keytab
5487	*/
5488
5489	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5490	krb5_kt_destroy (
5491	krb5_context /context/,
5492	krb5_keytab /id/);
5493
5494	/**
5495	* Release all resources associated with `cursor'.
5496	*
5497	* @param context a Keberos context.
5498	* @param id a keytab.
5499	* @param cursor the cursor to free.
5500	*
5501	* @return Return an error code or 0, see krb5_get_error_message().
5502	*
5503	* @ingroup krb5_keytab
5504	*/
5505
5506	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5507	krb5_kt_end_seq_get (
5508	krb5_context /context/,
5509	krb5_keytab /id/,
5510	krb5_kt_cursor */cursor/);
5511
5512	/**
5513	* Free the contents of `entry'.
5514	*
5515	* @param context a Keberos context.
5516	* @param entry the entry to free
5517	*
5518	* @return Return an error code or 0, see krb5_get_error_message().
5519	*
5520	* @ingroup krb5_keytab
5521	*/
5522
5523	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5524	krb5_kt_free_entry (
5525	krb5_context /context/,
5526	krb5_keytab_entry */entry/);
5527
5528	/**
5529	* Retrieve the keytab entry for `principal, kvno, enctype' into `entry'
5530	* from the keytab `id'. Matching is done like krb5_kt_compare().
5531	*
5532	* @param context a Keberos context.
5533	* @param id a keytab.
5534	* @param principal principal to match, NULL matches all principals.
5535	* @param kvno key version to match, 0 matches all key version numbers.
5536	* @param enctype encryption type to match, 0 matches all encryption types.
5537	* @param entry the returned entry, free with krb5_kt_free_entry().
5538	*
5539	* @return Return an error code or 0, see krb5_get_error_message().
5540	*
5541	* @ingroup krb5_keytab
5542	*/
5543
5544	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5545	krb5_kt_get_entry (
5546	krb5_context /context/,
5547	krb5_keytab /id/,
5548	krb5_const_principal /principal/,
5549	krb5_kvno /kvno/,
5550	krb5_enctype /enctype/,
5551	krb5_keytab_entry */entry/);
5552
5553	/**
5554	* Retrieve the full name of the keytab `keytab' and store the name in
5555	* `str'.
5556	*
5557	* @param context a Keberos context.
5558	* @param keytab keytab to get name for.
5559	* @param str the name of the keytab name, usee krb5_xfree() to free
5560	* the string. On error, *str is set to NULL.
5561	*
5562	* @return Return an error code or 0, see krb5_get_error_message().
5563	*
5564	* @ingroup krb5_keytab
5565	*/
5566
5567	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5568	krb5_kt_get_full_name (
5569	krb5_context /context/,
5570	krb5_keytab /keytab/,
5571	char **/str/);
5572
5573	/**
5574	* Retrieve the name of the keytab `keytab' into `name', `namesize'
5575	*
5576	* @param context a Keberos context.
5577	* @param keytab the keytab to get the name for.
5578	* @param name name buffer.
5579	* @param namesize size of name buffer.
5580	*
5581	* @return Return an error code or 0, see krb5_get_error_message().
5582	*
5583	* @ingroup krb5_keytab
5584	*/
5585
5586	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5587	krb5_kt_get_name (
5588	krb5_context /context/,
5589	krb5_keytab /keytab/,
5590	char */name/,
5591	size_t /namesize/);
5592
5593	/**
5594	* Return the type of the `keytab' in the string `prefix of length
5595	* `prefixsize'.
5596	*
5597	* @param context a Keberos context.
5598	* @param keytab the keytab to get the prefix for
5599	* @param prefix prefix buffer
5600	* @param prefixsize length of prefix buffer
5601	*
5602	* @return Return an error code or 0, see krb5_get_error_message().
5603	*
5604	* @ingroup krb5_keytab
5605	*/
5606
5607	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5608	krb5_kt_get_type (
5609	krb5_context /context/,
5610	krb5_keytab /keytab/,
5611	char */prefix/,
5612	size_t /prefixsize/);
5613
5614	/**
5615	* Return true if the keytab exists and have entries
5616	*
5617	* @param context a Keberos context.
5618	* @param id a keytab.
5619	*
5620	* @return Return an error code or 0, see krb5_get_error_message().
5621	*
5622	* @ingroup krb5_keytab
5623	*/
5624
5625	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5626	krb5_kt_have_content (
5627	krb5_context /context/,
5628	krb5_keytab /id/);
5629
5630	/**
5631	* Get the next entry from keytab, advance the cursor. On last entry
5632	* the function will return KRB5_KT_END.
5633	*
5634	* @param context a Keberos context.
5635	* @param id a keytab.
5636	* @param entry the returned entry, free with krb5_kt_free_entry().
5637	* @param cursor the cursor of the iteration.
5638	*
5639	* @return Return an error code or 0, see krb5_get_error_message().
5640	*
5641	* @ingroup krb5_keytab
5642	*/
5643
5644	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5645	krb5_kt_next_entry (
5646	krb5_context /context/,
5647	krb5_keytab /id/,
5648	krb5_keytab_entry */entry/,
5649	krb5_kt_cursor */cursor/);
5650
5651	/**
5652	* Read the key identified by `(principal, vno, enctype)' from the
5653	* keytab in `keyprocarg' (the default if == NULL) into `*key'.
5654	*
5655	* @param context a Keberos context.
5656	* @param keyprocarg
5657	* @param principal
5658	* @param vno
5659	* @param enctype
5660	* @param key
5661	*
5662	* @return Return an error code or 0, see krb5_get_error_message().
5663	*
5664	* @ingroup krb5_keytab
5665	*/
5666
5667	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5668	krb5_kt_read_service_key (
5669	krb5_context /context/,
5670	krb5_pointer /keyprocarg/,
5671	krb5_principal /principal/,
5672	krb5_kvno /vno/,
5673	krb5_enctype /enctype/,
5674	krb5_keyblock **/key/);
5675
5676	/**
5677	* Register a new keytab backend.
5678	*
5679	* @param context a Keberos context.
5680	* @param ops a backend to register.
5681	*
5682	* @return Return an error code or 0, see krb5_get_error_message().
5683	*
5684	* @ingroup krb5_keytab
5685	*/
5686
5687	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5688	krb5_kt_register (
5689	krb5_context /context/,
5690	const krb5_kt_ops */ops/);
5691
5692	/**
5693	* Remove an entry from the keytab, matching is done using
5694	* krb5_kt_compare().
5695
5696	* @param context a Keberos context.
5697	* @param id a keytab.
5698	* @param entry the entry to remove
5699	*
5700	* @return Return an error code or 0, see krb5_get_error_message().
5701	*
5702	* @ingroup krb5_keytab
5703	*/
5704
5705	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5706	krb5_kt_remove_entry (
5707	krb5_context /context/,
5708	krb5_keytab /id/,
5709	krb5_keytab_entry */entry/);
5710
5711	/**
5712	* Resolve the keytab name (of the form `type:residual') in `name'
5713	* into a keytab in `id'.
5714	*
5715	* @param context a Keberos context.
5716	* @param name name to resolve
5717	* @param id resulting keytab, free with krb5_kt_close().
5718	*
5719	* @return Return an error code or 0, see krb5_get_error_message().
5720	*
5721	* @ingroup krb5_keytab
5722	*/
5723
5724	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5725	krb5_kt_resolve (
5726	krb5_context /context/,
5727	const char */name/,
5728	krb5_keytab */id/);
5729
5730	/**
5731	* Set `cursor' to point at the beginning of `id'.
5732	*
5733	* @param context a Keberos context.
5734	* @param id a keytab.
5735	* @param cursor a newly allocated cursor, free with krb5_kt_end_seq_get().
5736	*
5737	* @return Return an error code or 0, see krb5_get_error_message().
5738	*
5739	* @ingroup krb5_keytab
5740	*/
5741
5742	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5743	krb5_kt_start_seq_get (
5744	krb5_context /context/,
5745	krb5_keytab /id/,
5746	krb5_kt_cursor */cursor/);
5747
5748	/**
5749	* This function takes the name of a local user and checks if
5750	* principal is allowed to log in as that user.
5751	*
5752	* The user may have a ~/.k5login file listing principals that are
5753	* allowed to login as that user. If that file does not exist, all
5754	* principals with a only one component that is identical to the
5755	* username, and a realm considered local, are allowed access.
5756	*
5757	* The .k5login file must contain one principal per line, be owned by
5758	* user and not be writable by group or other (but must be readable by
5759	* anyone).
5760	*
5761	* Note that if the file exists, no implicit access rights are given
5762	* to user@@LOCALREALM.
5763	*
5764	* Optionally, a set of files may be put in ~/.k5login.d (a
5765	* directory), in which case they will all be checked in the same
5766	* manner as .k5login. The files may be called anything, but files
5767	* starting with a hash (#) , or ending with a tilde (~) are
5768	* ignored. Subdirectories are not traversed. Note that this directory
5769	* may not be checked by other Kerberos implementations.
5770	*
5771	* If no configuration file exists, match user against local domains,
5772	* ie luser@@LOCAL-REALMS-IN-CONFIGURATION-FILES.
5773	*
5774	* @param context Kerberos 5 context.
5775	* @param principal principal to check if allowed to login
5776	* @param luser local user id
5777	*
5778	* @return returns TRUE if access should be granted, FALSE otherwise.
5779	*
5780	* @ingroup krb5_support
5781	*/
5782
5783	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
5784	krb5_kuserok (
5785	krb5_context /context/,
5786	krb5_principal /principal/,
5787	const char */luser/);
5788
5789	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5790	krb5_log (
5791	krb5_context /context/,
5792	krb5_log_facility */fac/,
5793	int /level/,
5794	const char */fmt/,
5795	...)
5796	__attribute__ ((__format__ (__printf__, `4`, `5`)));
5797
5798	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5799	krb5_log_msg (
5800	krb5_context /context/,
5801	krb5_log_facility */fac/,
5802	int /level/,
5803	char **/reply/,
5804	const char */fmt/,
5805	...)
5806	__attribute__ ((__format__ (__printf__, `5`, `6`)));
5807
5808	/**
5809	* Create an address of type KRB5_ADDRESS_ADDRPORT from (addr, port)
5810	*
5811	* @param context a Keberos context
5812	* @param res built address from addr/port
5813	* @param addr address to use
5814	* @param port port to use
5815	*
5816	* @return Return an error code or 0.
5817	*
5818	* @ingroup krb5_address
5819	*/
5820
5821	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5822	krb5_make_addrport (
5823	krb5_context /context/,
5824	krb5_address **/res/,
5825	const krb5_address */addr/,
5826	int16_t /port/);
5827
5828	/**
5829	* Build a principal using vararg style building
5830	*
5831	* @param context A Kerberos context.
5832	* @param principal returned principal
5833	* @param realm realm name
5834	* @param ... a list of components ended with NULL.
5835	*
5836	* @return An krb5 error code, see krb5_get_error_message().
5837	*
5838	* @ingroup krb5_principal
5839	*/
5840
5841	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5842	krb5_make_principal (
5843	krb5_context /context/,
5844	krb5_principal */principal/,
5845	krb5_const_realm /realm/,
5846	...);
5847
5848	/**
5849	* krb5_max_sockaddr_size returns the max size of the .Li struct
5850	* sockaddr that the Kerberos library will return.
5851	*
5852	* @return Return an size_t of the maximum struct sockaddr.
5853	*
5854	* @ingroup krb5_address
5855	*/
5856
5857	KRB5_LIB_FUNCTION size_t KRB5_LIB_CALL
5858	krb5_max_sockaddr_size (void);
5859
5860	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5861	krb5_mk_error (
5862	krb5_context /context/,
5863	krb5_error_code /error_code/,
5864	const char */e_text/,
5865	const krb5_data */e_data/,
5866	const krb5_principal /client/,
5867	const krb5_principal /server/,
5868	time_t */client_time/,
5869	int */client_usec/,
5870	krb5_data */reply/);
5871
5872	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5873	krb5_mk_error_ext (
5874	krb5_context /context/,
5875	krb5_error_code /error_code/,
5876	const char */e_text/,
5877	const krb5_data */e_data/,
5878	const krb5_principal /server/,
5879	const PrincipalName */client_name/,
5880	const Realm */client_realm/,
5881	time_t */client_time/,
5882	int */client_usec/,
5883	krb5_data */reply/);
5884
5885	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5886	krb5_mk_priv (
5887	krb5_context /context/,
5888	krb5_auth_context /auth_context/,
5889	const krb5_data */userdata/,
5890	krb5_data */outbuf/,
5891	krb5_replay_data */outdata/);
5892
5893	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5894	krb5_mk_rep (
5895	krb5_context /context/,
5896	krb5_auth_context /auth_context/,
5897	krb5_data */outbuf/);
5898
5899	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5900	krb5_mk_req (
5901	krb5_context /context/,
5902	krb5_auth_context */auth_context/,
5903	const krb5_flags /ap_req_options/,
5904	const char */service/,
5905	const char */hostname/,
5906	krb5_data */in_data/,
5907	krb5_ccache /ccache/,
5908	krb5_data */outbuf/);
5909
5910	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5911	krb5_mk_req_exact (
5912	krb5_context /context/,
5913	krb5_auth_context */auth_context/,
5914	const krb5_flags /ap_req_options/,
5915	const krb5_principal /server/,
5916	krb5_data */in_data/,
5917	krb5_ccache /ccache/,
5918	krb5_data */outbuf/);
5919
5920	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5921	krb5_mk_req_extended (
5922	krb5_context /context/,
5923	krb5_auth_context */auth_context/,
5924	const krb5_flags /ap_req_options/,
5925	krb5_data */in_data/,
5926	krb5_creds */in_creds/,
5927	krb5_data */outbuf/);
5928
5929	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5930	krb5_mk_safe (
5931	krb5_context /context/,
5932	krb5_auth_context /auth_context/,
5933	const krb5_data */userdata/,
5934	krb5_data */outbuf/,
5935	krb5_replay_data */outdata/);
5936
5937	/**
5938	* Iteratively apply name canon rules, outputing a principal and rule
5939	* options each time. Iteration completes when the @iter is NULL on
5940	* return or when an error is returned. Callers must free the iterator
5941	* if they abandon it mid-way.
5942	*
5943	* @param context Kerberos context
5944	* @param iter name canon rule iterator (input/output)
5945	* @param try_princ output principal name
5946	* @param rule_opts output rule options
5947	*/
5948
5949	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5950	krb5_name_canon_iterate (
5951	krb5_context /context/,
5952	krb5_name_canon_iterator */iter/,
5953	krb5_const_principal */try_princ/,
5954	krb5_name_canon_rule_options */rule_opts/);
5955
5956	/**
5957	* Initialize name canonicalization iterator.
5958	*
5959	* @param context Kerberos context
5960	* @param in_princ principal name to be canonicalized OR
5961	* @param iter output iterator object
5962	*/
5963
5964	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
5965	krb5_name_canon_iterator_start (
5966	krb5_context /context/,
5967	krb5_const_principal /in_princ/,
5968	krb5_name_canon_iterator */iter/);
5969
5970	/**
5971	* Read \a len bytes from socket \a p_fd into buffer \a buf.
5972	* Block until \a len bytes are read or until an error.
5973	*
5974	* @return If successful, the number of bytes read: \a len.
5975	* On end-of-file, 0.
5976	* On error, less than 0 (if single-threaded, the error can be found
5977	* in the errno global variable).
5978	*/
5979
5980	KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
5981	krb5_net_read (
5982	krb5_context /context/,
5983	void */p_fd/,
5984	void */buf/,
5985	size_t /len/);
5986
5987	KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
5988	krb5_net_write (
5989	krb5_context /context/,
5990	void */p_fd/,
5991	const void */buf/,
5992	size_t /len/);
5993
5994	KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
5995	krb5_net_write_block (
5996	krb5_context /context/,
5997	void */p_fd/,
5998	const void */buf/,
5999	size_t /len/,
6000	time_t /timeout/);
6001
6002	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6003	krb5_ntlm_alloc (
6004	krb5_context /context/,
6005	krb5_ntlm */ntlm/);
6006
6007	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6008	krb5_ntlm_free (
6009	krb5_context /context/,
6010	krb5_ntlm /ntlm/);
6011
6012	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6013	krb5_ntlm_init_get_challenge (
6014	krb5_context /context/,
6015	krb5_ntlm /ntlm/,
6016	krb5_data */challenge/);
6017
6018	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6019	krb5_ntlm_init_get_flags (
6020	krb5_context /context/,
6021	krb5_ntlm /ntlm/,
6022	uint32_t */flags/);
6023
6024	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6025	krb5_ntlm_init_get_opaque (
6026	krb5_context /context/,
6027	krb5_ntlm /ntlm/,
6028	krb5_data */opaque/);
6029
6030	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6031	krb5_ntlm_init_get_targetinfo (
6032	krb5_context /context/,
6033	krb5_ntlm /ntlm/,
6034	krb5_data */data/);
6035
6036	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6037	krb5_ntlm_init_get_targetname (
6038	krb5_context /context/,
6039	krb5_ntlm /ntlm/,
6040	char **/name/);
6041
6042	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6043	krb5_ntlm_init_request (
6044	krb5_context /context/,
6045	krb5_ntlm /ntlm/,
6046	krb5_realm /realm/,
6047	krb5_ccache /ccache/,
6048	uint32_t /flags/,
6049	const char */hostname/,
6050	const char */domainname/);
6051
6052	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6053	krb5_ntlm_rep_get_sessionkey (
6054	krb5_context /context/,
6055	krb5_ntlm /ntlm/,
6056	krb5_data */data/);
6057
6058	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
6059	krb5_ntlm_rep_get_status (
6060	krb5_context /context/,
6061	krb5_ntlm /ntlm/);
6062
6063	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6064	krb5_ntlm_req_set_flags (
6065	krb5_context /context/,
6066	krb5_ntlm /ntlm/,
6067	uint32_t /flags/);
6068
6069	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6070	krb5_ntlm_req_set_lm (
6071	krb5_context /context/,
6072	krb5_ntlm /ntlm/,
6073	void */hash/,
6074	size_t /len/);
6075
6076	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6077	krb5_ntlm_req_set_ntlm (
6078	krb5_context /context/,
6079	krb5_ntlm /ntlm/,
6080	void */hash/,
6081	size_t /len/);
6082
6083	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6084	krb5_ntlm_req_set_opaque (
6085	krb5_context /context/,
6086	krb5_ntlm /ntlm/,
6087	krb5_data */opaque/);
6088
6089	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6090	krb5_ntlm_req_set_session (
6091	krb5_context /context/,
6092	krb5_ntlm /ntlm/,
6093	void */sessionkey/,
6094	size_t /length/);
6095
6096	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6097	krb5_ntlm_req_set_targetname (
6098	krb5_context /context/,
6099	krb5_ntlm /ntlm/,
6100	const char */targetname/);
6101
6102	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6103	krb5_ntlm_req_set_username (
6104	krb5_context /context/,
6105	krb5_ntlm /ntlm/,
6106	const char */username/);
6107
6108	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6109	krb5_ntlm_request (
6110	krb5_context /context/,
6111	krb5_ntlm /ntlm/,
6112	krb5_realm /realm/,
6113	krb5_ccache /ccache/);
6114
6115	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6116	krb5_openlog (
6117	krb5_context /context/,
6118	const char */program/,
6119	krb5_log_facility **/fac/);
6120
6121	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6122	krb5_pac_add_buffer (
6123	krb5_context /context/,
6124	krb5_pac /p/,
6125	uint32_t /type/,
6126	const krb5_data */data/);
6127
6128	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
6129	krb5_pac_free (
6130	krb5_context /context/,
6131	krb5_pac /pac/);
6132
6133	/**
6134	* Get the PAC buffer of specific type from the pac.
6135	*
6136	* @param context Kerberos 5 context.
6137	* @param p the pac structure returned by krb5_pac_parse().
6138	* @param type type of buffer to get
6139	* @param data return data, free with krb5_data_free().
6140	*
6141	* @return Returns 0 to indicate success. Otherwise an kerberos et
6142	* error code is returned, see krb5_get_error_message().
6143	*
6144	* @ingroup krb5_pac
6145	*/
6146
6147	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6148	krb5_pac_get_buffer (
6149	krb5_context /context/,
6150	krb5_pac /p/,
6151	uint32_t /type/,
6152	krb5_data */data/);
6153
6154	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6155	krb5_pac_get_types (
6156	krb5_context /context/,
6157	krb5_pac /p/,
6158	size_t */len/,
6159	uint32_t **/types/);
6160
6161	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6162	krb5_pac_init (
6163	krb5_context /context/,
6164	krb5_pac */pac/);
6165
6166	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6167	krb5_pac_parse (
6168	krb5_context /context/,
6169	const void */ptr/,
6170	size_t /len/,
6171	krb5_pac */pac/);
6172
6173	/**
6174	* Verify the PAC.
6175	*
6176	* @param context Kerberos 5 context.
6177	* @param pac the pac structure returned by krb5_pac_parse().
6178	* @param authtime The time of the ticket the PAC belongs to.
6179	* @param principal the principal to verify.
6180	* @param server The service key, most always be given.
6181	* @param privsvr The KDC key, may be given.
6182
6183	* @return Returns 0 to indicate success. Otherwise an kerberos et
6184	* error code is returned, see krb5_get_error_message().
6185	*
6186	* @ingroup krb5_pac
6187	*/
6188
6189	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6190	krb5_pac_verify (
6191	krb5_context /context/,
6192	const krb5_pac /pac/,
6193	time_t /authtime/,
6194	krb5_const_principal /principal/,
6195	const krb5_keyblock */server/,
6196	const krb5_keyblock */privsvr/);
6197
6198	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
6199	krb5_padata_add (
6200	krb5_context /context/,
6201	METHOD_DATA */md/,
6202	int /type/,
6203	void */buf/,
6204	size_t /len/);
6205
6206	/**
6207	* krb5_parse_address returns the resolved hostname in string to the
6208	* krb5_addresses addresses .
6209	*
6210	* @param context a Keberos context
6211	* @param string
6212	* @param addresses
6213	*
6214	* @return Return an error code or 0.
6215	*
6216	* @ingroup krb5_address
6217	*/
6218
6219	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6220	krb5_parse_address (
6221	krb5_context /context/,
6222	const char */string/,
6223	krb5_addresses */addresses/);
6224
6225	/**
6226	* Parse a name into a krb5_principal structure
6227	*
6228	* @param context Kerberos 5 context
6229	* @param name name to parse into a Kerberos principal
6230	* @param principal returned principal, free with krb5_free_principal().
6231	*
6232	* @return An krb5 error code, see krb5_get_error_message().
6233	*
6234	* @ingroup krb5_principal
6235	*/
6236
6237	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6238	krb5_parse_name (
6239	krb5_context /context/,
6240	const char */name/,
6241	krb5_principal */principal/);
6242
6243	/**
6244	* Parse a name into a krb5_principal structure, flags controls the behavior.
6245	*
6246	* @param context Kerberos 5 context
6247	* @param name name to parse into a Kerberos principal
6248	* @param flags flags to control the behavior
6249	* @param principal returned principal, free with krb5_free_principal().
6250	*
6251	* @return An krb5 error code, see krb5_get_error_message().
6252	*
6253	* @ingroup krb5_principal
6254	*/
6255
6256	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6257	krb5_parse_name_flags (
6258	krb5_context /context/,
6259	const char */name/,
6260	int /flags/,
6261	krb5_principal */principal/);
6262
6263	/**
6264	* Parse nametype string and return a nametype integer
6265	*
6266	* @ingroup krb5_principal
6267	*/
6268
6269	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6270	krb5_parse_nametype (
6271	krb5_context /context/,
6272	const char */str/,
6273	int32_t */nametype/);
6274
6275	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6276	krb5_passwd_result_to_string (
6277	krb5_context /context/,
6278	int /result/);
6279
6280	/**
6281	* Deprecated: use krb5_get_init_creds() and friends.
6282	*
6283	* @ingroup krb5_deprecated
6284	*/
6285
6286	KRB5_LIB_FUNCTION krb5_error_code KRB5_CALLCONV
6287	krb5_password_key_proc (
6288	krb5_context /context/,
6289	krb5_enctype /type/,
6290	krb5_salt /salt/,
6291	krb5_const_pointer /keyseed/,
6292	krb5_keyblock **/key/)
6293	KRB5_DEPRECATED_FUNCTION("Use X instead");
6294
6295	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6296	krb5_pk_enterprise_cert (
6297	krb5_context /context/,
6298	const char */user_id/,
6299	krb5_const_realm /realm/,
6300	krb5_principal */principal/,
6301	struct hx509_certs_data **/res/);
6302
6303	/**
6304	* Register a plugin symbol name of specific type.
6305	* @param context a Keberos context
6306	* @param type type of plugin symbol
6307	* @param name name of plugin symbol
6308	* @param symbol a pointer to the named symbol
6309	* @return In case of error a non zero error com_err error is returned
6310	* and the Kerberos error string is set.
6311	*
6312	* @ingroup krb5_support
6313	*/
6314
6315	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6316	krb5_plugin_register (
6317	krb5_context /context/,
6318	enum krb5_plugin_type /type/,
6319	const char */name/,
6320	void */symbol/);
6321
6322	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6323	krb5_prepend_config_files (
6324	const char */filelist/,
6325	char **/pq/,
6326	char ***/ret_pp/);
6327
6328	/**
6329	* Prepend the filename to the global configuration list.
6330	*
6331	* @param filelist a filename to add to the default list of filename
6332	* @param pfilenames return array of filenames, should be freed with krb5_free_config_files().
6333	*
6334	* @return Returns 0 to indicate success. Otherwise an kerberos et
6335	* error code is returned, see krb5_get_error_message().
6336	*
6337	* @ingroup krb5
6338	*/
6339
6340	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6341	krb5_prepend_config_files_default (
6342	const char */filelist/,
6343	char ***/pfilenames/);
6344
6345	/**
6346	* Prepend the context full error string for a specific error code.
6347	* The error that is stored should be internationalized.
6348	*
6349	* The if context is NULL, no error string is stored.
6350	*
6351	* @param context Kerberos 5 context
6352	* @param ret The error code
6353	* @param fmt Error string for the error code
6354	* @param ... printf(3) style parameters.
6355	*
6356	* @ingroup krb5_error
6357	*/
6358
6359	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
6360	krb5_prepend_error_message (
6361	krb5_context /context/,
6362	krb5_error_code /ret/,
6363	const char */fmt/,
6364	...)
6365	__attribute__ ((__format__ (__printf__, `3`, `4`)));
6366
6367	/**
6368	* Deprecated: use krb5_principal_get_realm()
6369	*
6370	* @ingroup krb5_deprecated
6371	*/
6372
6373	KRB5_LIB_FUNCTION krb5_realm * KRB5_LIB_CALL
6374	krb5_princ_realm (
6375	krb5_context /context/,
6376	krb5_principal /principal/)
6377	KRB5_DEPRECATED_FUNCTION("Use X instead");
6378
6379	/**
6380	* Deprecated: use krb5_principal_set_realm()
6381	*
6382	* @ingroup krb5_deprecated
6383	*/
6384
6385	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
6386	krb5_princ_set_realm (
6387	krb5_context /context/,
6388	krb5_principal /principal/,
6389	krb5_realm */realm/)
6390	KRB5_DEPRECATED_FUNCTION("Use X instead");
6391
6392	/**
6393	* Compares the two principals, including realm of the principals and returns
6394	* TRUE if they are the same and FALSE if not.
6395	*
6396	* @param context Kerberos 5 context
6397	* @param princ1 first principal to compare
6398	* @param princ2 second principal to compare
6399	*
6400	* @ingroup krb5_principal
6401	* @see krb5_principal_compare_any_realm()
6402	* @see krb5_realm_compare()
6403	*/
6404
6405	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
6406	krb5_principal_compare (
6407	krb5_context /context/,
6408	krb5_const_principal /princ1/,
6409	krb5_const_principal /princ2/);
6410
6411	/**
6412	* Return TRUE iff princ1 == princ2 (without considering the realm)
6413	*
6414	* @param context Kerberos 5 context
6415	* @param princ1 first principal to compare
6416	* @param princ2 second principal to compare
6417	*
6418	* @return non zero if equal, 0 if not
6419	*
6420	* @ingroup krb5_principal
6421	* @see krb5_principal_compare()
6422	* @see krb5_realm_compare()
6423	*/
6424
6425	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
6426	krb5_principal_compare_any_realm (
6427	krb5_context /context/,
6428	krb5_const_principal /princ1/,
6429	krb5_const_principal /princ2/);
6430
6431	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6432	krb5_principal_get_comp_string (
6433	krb5_context /context/,
6434	krb5_const_principal /principal/,
6435	unsigned int /component/);
6436
6437	/**
6438	* Get number of component is principal.
6439	*
6440	* @param context Kerberos 5 context
6441	* @param principal principal to query
6442	*
6443	* @return number of components in string
6444	*
6445	* @ingroup krb5_principal
6446	*/
6447
6448	KRB5_LIB_FUNCTION unsigned int KRB5_LIB_CALL
6449	krb5_principal_get_num_comp (
6450	krb5_context /context/,
6451	krb5_const_principal /principal/);
6452
6453	/**
6454	* Get the realm of the principal
6455	*
6456	* @param context A Kerberos context.
6457	* @param principal principal to get the realm for
6458	*
6459	* @return realm of the principal, don't free or use after krb5_principal is freed
6460	*
6461	* @ingroup krb5_principal
6462	*/
6463
6464	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6465	krb5_principal_get_realm (
6466	krb5_context /context/,
6467	krb5_const_principal /principal/);
6468
6469	/**
6470	* Get the type of the principal
6471	*
6472	* @param context A Kerberos context.
6473	* @param principal principal to get the type for
6474	*
6475	* @return the type of principal
6476	*
6477	* @ingroup krb5_principal
6478	*/
6479
6480	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
6481	krb5_principal_get_type (
6482	krb5_context /context/,
6483	krb5_const_principal /principal/);
6484
6485	/**
6486	* Returns true iff name is an WELLKNOWN:ORG.H5L.HOSTBASED-SERVICE
6487	*
6488	* @ingroup krb5_principal
6489	*/
6490
6491	krb5_boolean KRB5_LIB_FUNCTION
6492	krb5_principal_is_gss_hostbased_service (
6493	krb5_context /context/,
6494	krb5_const_principal /principal/);
6495
6496	/**
6497	* Check if the cname part of the principal is a krbtgt principal
6498	*
6499	* @ingroup krb5_principal
6500	*/
6501
6502	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
6503	krb5_principal_is_krbtgt (
6504	krb5_context /context/,
6505	krb5_const_principal /p/);
6506
6507	/**
6508	* Returns true if name is Kerberos an LKDC realm
6509	*
6510	* @ingroup krb5_principal
6511	*/
6512
6513	krb5_boolean KRB5_LIB_FUNCTION
6514	krb5_principal_is_lkdc (
6515	krb5_context /context/,
6516	krb5_const_principal /principal/);
6517
6518	/**
6519	* Returns true if name is Kerberos NULL name
6520	*
6521	* @ingroup krb5_principal
6522	*/
6523
6524	krb5_boolean KRB5_LIB_FUNCTION
6525	krb5_principal_is_null (
6526	krb5_context /context/,
6527	krb5_const_principal /principal/);
6528
6529	/**
6530	* Returns true if name is Kerberos an LKDC realm
6531	*
6532	* @ingroup krb5_principal
6533	*/
6534
6535	krb5_boolean KRB5_LIB_FUNCTION
6536	krb5_principal_is_pku2u (
6537	krb5_context /context/,
6538	krb5_const_principal /principal/);
6539
6540	/**
6541	* Check if the cname part of the principal is a initial or renewed krbtgt principal
6542	*
6543	* @ingroup krb5_principal
6544	*/
6545
6546	krb5_boolean KRB5_LIB_FUNCTION
6547	krb5_principal_is_root_krbtgt (
6548	krb5_context /context/,
6549	krb5_const_principal /p/);
6550
6551	/**
6552	* return TRUE iff princ matches pattern
6553	*
6554	* @ingroup krb5_principal
6555	*/
6556
6557	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
6558	krb5_principal_match (
6559	krb5_context /context/,
6560	krb5_const_principal /princ/,
6561	krb5_const_principal /pattern/);
6562
6563	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6564	krb5_principal_set_comp_string (
6565	krb5_context /context/,
6566	krb5_principal /principal/,
6567	unsigned int /k/,
6568	const char */component/);
6569
6570	/**
6571	* Set a new realm for a principal, and as a side-effect free the
6572	* previous realm.
6573	*
6574	* @param context A Kerberos context.
6575	* @param principal principal set the realm for
6576	* @param realm the new realm to set
6577	*
6578	* @return An krb5 error code, see krb5_get_error_message().
6579	*
6580	* @ingroup krb5_principal
6581	*/
6582
6583	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6584	krb5_principal_set_realm (
6585	krb5_context /context/,
6586	krb5_principal /principal/,
6587	krb5_const_realm /realm/);
6588
6589	/**
6590	* Set the type of the principal
6591	*
6592	* @param context A Kerberos context.
6593	* @param principal principal to set the type for
6594	* @param type the new type
6595	*
6596	* @return An krb5 error code, see krb5_get_error_message().
6597	*
6598	* @ingroup krb5_principal
6599	*/
6600
6601	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
6602	krb5_principal_set_type (
6603	krb5_context /context/,
6604	krb5_principal /principal/,
6605	int /type/);
6606
6607	/**
6608	* krb5_print_address prints the address in addr to the string string
6609	* that have the length len. If ret_len is not NULL, it will be filled
6610	* with the length of the string if size were unlimited (not including
6611	* the final NUL) .
6612	*
6613	* @param addr address to be printed
6614	* @param str pointer string to print the address into
6615	* @param len length that will fit into area pointed to by "str".
6616	* @param ret_len return length the str.
6617	*
6618	* @return Return an error code or 0.
6619	*
6620	* @ingroup krb5_address
6621	*/
6622
6623	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6624	krb5_print_address (
6625	const krb5_address */addr/,
6626	char */str/,
6627	size_t /len/,
6628	size_t */ret_len/);
6629
6630	krb5_error_code
6631	krb5_process_last_request (
6632	krb5_context /context/,
6633	krb5_get_init_creds_opt */options/,
6634	krb5_init_creds_context /ctx/);
6635
6636	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
6637	krb5_program_setup (
6638	krb5_context */context/,
6639	int /argc/,
6640	char **/argv/,
6641	struct getargs */args/,
6642	int /num_args/,
6643	void (KRB5_LIB_CALL usage)(int, struct* getargs, int*));
6644
6645	KRB5_LIB_FUNCTION int KRB5_CALLCONV
6646	krb5_prompter_posix (
6647	krb5_context /context/,
6648	void */data/,
6649	const char */name/,
6650	const char */banner/,
6651	int /num_prompts/,
6652	krb5_prompt prompts[]);
6653
6654	/**
6655	* Converts the random bytestring to a protocol key according to
6656	* Kerberos crypto frame work. It may be assumed that all the bits of
6657	* the input string are equally random, even though the entropy
6658	* present in the random source may be limited.
6659	*
6660	* @param context Kerberos 5 context
6661	* @param type the enctype resulting key will be of
6662	* @param data input random data to convert to a key
6663	* @param size size of input random data, at least krb5_enctype_keysize() long
6664	* @param key key, output key, free with krb5_free_keyblock_contents()
6665	*
6666	* @return Return an error code or 0.
6667	*
6668	* @ingroup krb5_crypto
6669	*/
6670
6671	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6672	krb5_random_to_key (
6673	krb5_context /context/,
6674	krb5_enctype /type/,
6675	const void */data/,
6676	size_t /size/,
6677	krb5_keyblock */key/);
6678
6679	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6680	krb5_rc_close (
6681	krb5_context /context/,
6682	krb5_rcache /id/);
6683
6684	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6685	krb5_rc_default (
6686	krb5_context /context/,
6687	krb5_rcache */id/);
6688
6689	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6690	krb5_rc_default_name (krb5_context /context/);
6691
6692	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6693	krb5_rc_default_type (krb5_context /context/);
6694
6695	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6696	krb5_rc_destroy (
6697	krb5_context /context/,
6698	krb5_rcache /id/);
6699
6700	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6701	krb5_rc_expunge (
6702	krb5_context /context/,
6703	krb5_rcache /id/);
6704
6705	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6706	krb5_rc_get_lifespan (
6707	krb5_context /context/,
6708	krb5_rcache /id/,
6709	krb5_deltat */auth_lifespan/);
6710
6711	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6712	krb5_rc_get_name (
6713	krb5_context /context/,
6714	krb5_rcache /id/);
6715
6716	KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
6717	krb5_rc_get_type (
6718	krb5_context /context/,
6719	krb5_rcache /id/);
6720
6721	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6722	krb5_rc_initialize (
6723	krb5_context /context/,
6724	krb5_rcache /id/,
6725	krb5_deltat /auth_lifespan/);
6726
6727	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6728	krb5_rc_recover (
6729	krb5_context /context/,
6730	krb5_rcache /id/);
6731
6732	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6733	krb5_rc_resolve (
6734	krb5_context /context/,
6735	krb5_rcache /id/,
6736	const char */name/);
6737
6738	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6739	krb5_rc_resolve_full (
6740	krb5_context /context/,
6741	krb5_rcache */id/,
6742	const char */string_name/);
6743
6744	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6745	krb5_rc_resolve_type (
6746	krb5_context /context/,
6747	krb5_rcache */id/,
6748	const char */type/);
6749
6750	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6751	krb5_rc_store (
6752	krb5_context /context/,
6753	krb5_rcache /id/,
6754	krb5_donot_replay */rep/);
6755
6756	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6757	krb5_rd_cred (
6758	krb5_context /context/,
6759	krb5_auth_context /auth_context/,
6760	krb5_data */in_data/,
6761	krb5_creds ***/ret_creds/,
6762	krb5_replay_data */outdata/);
6763
6764	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6765	krb5_rd_cred2 (
6766	krb5_context /context/,
6767	krb5_auth_context /auth_context/,
6768	krb5_ccache /ccache/,
6769	krb5_data */in_data/);
6770
6771	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6772	krb5_rd_error (
6773	krb5_context /context/,
6774	const krb5_data */msg/,
6775	KRB_ERROR */result/);
6776
6777	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6778	krb5_rd_priv (
6779	krb5_context /context/,
6780	krb5_auth_context /auth_context/,
6781	const krb5_data */inbuf/,
6782	krb5_data */outbuf/,
6783	krb5_replay_data */outdata/);
6784
6785	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6786	krb5_rd_rep (
6787	krb5_context /context/,
6788	krb5_auth_context /auth_context/,
6789	const krb5_data */inbuf/,
6790	krb5_ap_rep_enc_part **/repl/);
6791
6792	/**
6793	* Process an AP_REQ message.
6794	*
6795	* @param context Kerberos 5 context.
6796	* @param auth_context authentication context of the peer.
6797	* @param inbuf the AP_REQ message, obtained for example with krb5_read_message().
6798	* @param server server principal.
6799	* @param keytab server keytab.
6800	* @param ap_req_options set to the AP_REQ options. See the AP_OPTS_* defines.
6801	* @param ticket on success, set to the authenticated client credentials.
6802	* Must be deallocated with krb5_free_ticket(). If not
6803	* interested, pass a NULL value.
6804	*
6805	* @return 0 to indicate success. Otherwise a Kerberos error code is
6806	* returned, see krb5_get_error_message().
6807	*/
6808
6809	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6810	krb5_rd_req (
6811	krb5_context /context/,
6812	krb5_auth_context */auth_context/,
6813	const krb5_data */inbuf/,
6814	krb5_const_principal /server/,
6815	krb5_keytab /keytab/,
6816	krb5_flags */ap_req_options/,
6817	krb5_ticket **/ticket/);
6818
6819	/**
6820	* The core server function that verify application authentication
6821	* requests from clients.
6822	*
6823	* @param context Keberos 5 context.
6824	* @param auth_context the authentication context, can be NULL, then
6825	* default values for the authentication context will used.
6826	* @param inbuf the (AP-REQ) authentication buffer
6827	*
6828	* @param server the server to authenticate to. If NULL the function
6829	* will try to find any available credential in the keytab
6830	* that will verify the reply. The function will prefer the
6831	* server specified in the AP-REQ, but if
6832	* there is no mach, it will try all keytab entries for a
6833	* match. This has serious performance issues for large keytabs.
6834	*
6835	* @param inctx control the behavior of the function, if NULL, the
6836	* default behavior is used.
6837	* @param outctx the return outctx, free with krb5_rd_req_out_ctx_free().
6838	* @return Kerberos 5 error code, see krb5_get_error_message().
6839	*
6840	* @ingroup krb5_auth
6841	*/
6842
6843	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6844	krb5_rd_req_ctx (
6845	krb5_context /context/,
6846	krb5_auth_context */auth_context/,
6847	const krb5_data */inbuf/,
6848	krb5_const_principal /server/,
6849	krb5_rd_req_in_ctx /inctx/,
6850	krb5_rd_req_out_ctx */outctx/);
6851
6852	/**
6853	* Allocate a krb5_rd_req_in_ctx as an input parameter to
6854	* krb5_rd_req_ctx(). The caller should free the context with
6855	* krb5_rd_req_in_ctx_free() when done with the context.
6856	*
6857	* @param context Keberos 5 context.
6858	* @param ctx in ctx to krb5_rd_req_ctx().
6859	*
6860	* @return Kerberos 5 error code, see krb5_get_error_message().
6861	*
6862	* @ingroup krb5_auth
6863	*/
6864
6865	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6866	krb5_rd_req_in_ctx_alloc (
6867	krb5_context /context/,
6868	krb5_rd_req_in_ctx */ctx/);
6869
6870	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
6871	krb5_rd_req_in_ctx_free (
6872	krb5_context /context/,
6873	krb5_rd_req_in_ctx /ctx/);
6874
6875	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6876	krb5_rd_req_in_set_keyblock (
6877	krb5_context /context/,
6878	krb5_rd_req_in_ctx /in/,
6879	krb5_keyblock */keyblock/);
6880
6881	/**
6882	* Set the keytab that krb5_rd_req_ctx() will use.
6883	*
6884	* @param context Keberos 5 context.
6885	* @param in in ctx to krb5_rd_req_ctx().
6886	* @param keytab keytab that krb5_rd_req_ctx() will use, only copy the
6887	* pointer, so the caller must free they keytab after
6888	* krb5_rd_req_in_ctx_free() is called.
6889	*
6890	* @return Kerberos 5 error code, see krb5_get_error_message().
6891	*
6892	* @ingroup krb5_auth
6893	*/
6894
6895	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6896	krb5_rd_req_in_set_keytab (
6897	krb5_context /context/,
6898	krb5_rd_req_in_ctx /in/,
6899	krb5_keytab /keytab/);
6900
6901	/**
6902	* Set if krb5_rq_red() is going to check the Windows PAC or not
6903	*
6904	* @param context Keberos 5 context.
6905	* @param in krb5_rd_req_in_ctx to check the option on.
6906	* @param flag flag to select if to check the pac (TRUE) or not (FALSE).
6907	*
6908	* @return Kerberos 5 error code, see krb5_get_error_message().
6909	*
6910	* @ingroup krb5_auth
6911	*/
6912
6913	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6914	krb5_rd_req_in_set_pac_check (
6915	krb5_context /context/,
6916	krb5_rd_req_in_ctx /in/,
6917	krb5_boolean /flag/);
6918
6919	/**
6920	* Free the krb5_rd_req_out_ctx.
6921	*
6922	* @param context Keberos 5 context.
6923	* @param ctx krb5_rd_req_out_ctx context to free.
6924	*
6925	* @ingroup krb5_auth
6926	*/
6927
6928	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
6929	krb5_rd_req_out_ctx_free (
6930	krb5_context /context/,
6931	krb5_rd_req_out_ctx /ctx/);
6932
6933	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6934	krb5_rd_req_out_get_ap_req_options (
6935	krb5_context /context/,
6936	krb5_rd_req_out_ctx /out/,
6937	krb5_flags */ap_req_options/);
6938
6939	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6940	krb5_rd_req_out_get_keyblock (
6941	krb5_context /context/,
6942	krb5_rd_req_out_ctx /out/,
6943	krb5_keyblock **/keyblock/);
6944
6945	/**
6946	* Get the principal that was used in the request from the
6947	* client. Might not match whats in the ticket if krb5_rd_req_ctx()
6948	* searched in the keytab for a matching key.
6949	*
6950	* @param context a Kerberos 5 context.
6951	* @param out a krb5_rd_req_out_ctx from krb5_rd_req_ctx().
6952	* @param principal return principal, free with krb5_free_principal().
6953	*
6954	* @ingroup krb5_auth
6955	*/
6956
6957	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6958	krb5_rd_req_out_get_server (
6959	krb5_context /context/,
6960	krb5_rd_req_out_ctx /out/,
6961	krb5_principal */principal/);
6962
6963	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6964	krb5_rd_req_out_get_ticket (
6965	krb5_context /context/,
6966	krb5_rd_req_out_ctx /out/,
6967	krb5_ticket **/ticket/);
6968
6969	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6970	krb5_rd_req_with_keyblock (
6971	krb5_context /context/,
6972	krb5_auth_context */auth_context/,
6973	const krb5_data */inbuf/,
6974	krb5_const_principal /server/,
6975	krb5_keyblock */keyblock/,
6976	krb5_flags */ap_req_options/,
6977	krb5_ticket **/ticket/);
6978
6979	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6980	krb5_rd_safe (
6981	krb5_context /context/,
6982	krb5_auth_context /auth_context/,
6983	const krb5_data */inbuf/,
6984	krb5_data */outbuf/,
6985	krb5_replay_data */outdata/);
6986
6987	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6988	krb5_read_message (
6989	krb5_context /context/,
6990	krb5_pointer /p_fd/,
6991	krb5_data */data/);
6992
6993	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
6994	krb5_read_priv_message (
6995	krb5_context /context/,
6996	krb5_auth_context /ac/,
6997	krb5_pointer /p_fd/,
6998	krb5_data */data/);
6999
7000	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7001	krb5_read_safe_message (
7002	krb5_context /context/,
7003	krb5_auth_context /ac/,
7004	krb5_pointer /p_fd/,
7005	krb5_data */data/);
7006
7007	/**
7008	* return TRUE iff realm(princ1) == realm(princ2)
7009	*
7010	* @param context Kerberos 5 context
7011	* @param princ1 first principal to compare
7012	* @param princ2 second principal to compare
7013	*
7014	* @ingroup krb5_principal
7015	* @see krb5_principal_compare_any_realm()
7016	* @see krb5_principal_compare()
7017	*/
7018
7019	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
7020	krb5_realm_compare (
7021	krb5_context /context/,
7022	krb5_const_principal /princ1/,
7023	krb5_const_principal /princ2/);
7024
7025	/**
7026	* Returns true if name is Kerberos an LKDC realm
7027	*
7028	* @ingroup krb5_principal
7029	*/
7030
7031	krb5_boolean KRB5_LIB_FUNCTION
7032	krb5_realm_is_lkdc (const char */realm/);
7033
7034	/**
7035	* Perform the server side of the sendauth protocol.
7036	*
7037	* @param context Kerberos 5 context.
7038	* @param auth_context authentication context of the peer.
7039	* @param p_fd socket associated to the connection.
7040	* @param appl_version server-specific string.
7041	* @param server server principal.
7042	* @param flags if KRB5_RECVAUTH_IGNORE_VERSION is set, skip the sendauth version
7043	* part of the protocol.
7044	* @param keytab server keytab.
7045	* @param ticket on success, set to the authenticated client credentials.
7046	* Must be deallocated with krb5_free_ticket(). If not
7047	* interested, pass a NULL value.
7048	*
7049	* @return 0 to indicate success. Otherwise a Kerberos error code is
7050	* returned, see krb5_get_error_message().
7051	*/
7052
7053	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7054	krb5_recvauth (
7055	krb5_context /context/,
7056	krb5_auth_context */auth_context/,
7057	krb5_pointer /p_fd/,
7058	const char */appl_version/,
7059	krb5_principal /server/,
7060	int32_t /flags/,
7061	krb5_keytab /keytab/,
7062	krb5_ticket **/ticket/);
7063
7064	/**
7065	* Perform the server side of the sendauth protocol like krb5_recvauth(), but support
7066	* a user-specified callback, \a match_appl_version, to perform the match of the application
7067	* version \a match_data.
7068	*/
7069
7070	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7071	krb5_recvauth_match_version (
7072	krb5_context /context/,
7073	krb5_auth_context */auth_context/,
7074	krb5_pointer /p_fd/,
7075	krb5_boolean (*/match_appl_version/)(const void , const* char*),
7076	const void */match_data/,
7077	krb5_principal /server/,
7078	int32_t /flags/,
7079	krb5_keytab /keytab/,
7080	krb5_ticket **/ticket/);
7081
7082	/**
7083	* Read a address block from the storage.
7084	*
7085	* @param sp the storage buffer to write to
7086	* @param adr the address block read from storage
7087	*
7088	* @return 0 on success, a Kerberos 5 error code on failure.
7089	*
7090	* @ingroup krb5_storage
7091	*/
7092
7093	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7094	krb5_ret_address (
7095	krb5_storage */sp/,
7096	krb5_address */adr/);
7097
7098	/**
7099	* Read a addresses block from the storage.
7100	*
7101	* @param sp the storage buffer to write to
7102	* @param adr the addresses block read from storage
7103	*
7104	* @return 0 on success, a Kerberos 5 error code on failure.
7105	*
7106	* @ingroup krb5_storage
7107	*/
7108
7109	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7110	krb5_ret_addrs (
7111	krb5_storage */sp/,
7112	krb5_addresses */adr/);
7113
7114	/**
7115	* Read a auth data from the storage.
7116	*
7117	* @param sp the storage buffer to write to
7118	* @param auth the auth data block read from storage
7119	*
7120	* @return 0 on success, a Kerberos 5 error code on failure.
7121	*
7122	* @ingroup krb5_storage
7123	*/
7124
7125	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7126	krb5_ret_authdata (
7127	krb5_storage */sp/,
7128	krb5_authdata */auth/);
7129
7130	/**
7131	* Read a credentials block from the storage.
7132	*
7133	* @param sp the storage buffer to write to
7134	* @param creds the credentials block read from storage
7135	*
7136	* @return 0 on success, a Kerberos 5 error code on failure.
7137	*
7138	* @ingroup krb5_storage
7139	*/
7140
7141	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7142	krb5_ret_creds (
7143	krb5_storage */sp/,
7144	krb5_creds */creds/);
7145
7146	/**
7147	* Read a tagged credentials block from the storage.
7148	*
7149	* @param sp the storage buffer to write to
7150	* @param creds the credentials block read from storage
7151	*
7152	* @return 0 on success, a Kerberos 5 error code on failure.
7153	*
7154	* @ingroup krb5_storage
7155	*/
7156
7157	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7158	krb5_ret_creds_tag (
7159	krb5_storage */sp/,
7160	krb5_creds */creds/);
7161
7162	/**
7163	* Parse a data from the storage.
7164	*
7165	* @param sp the storage buffer to read from
7166	* @param data the parsed data
7167	*
7168	* @return 0 on success, a Kerberos 5 error code on failure.
7169	*
7170	* @ingroup krb5_storage
7171	*/
7172
7173	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7174	krb5_ret_data (
7175	krb5_storage */sp/,
7176	krb5_data */data/);
7177
7178	/**
7179	* Read a int16 from storage, byte order is controlled by the settings
7180	* on the storage, see krb5_storage_set_byteorder().
7181	*
7182	* @param sp the storage to write too
7183	* @param value the value read from the buffer
7184	*
7185	* @return 0 for success, or a Kerberos 5 error code on failure.
7186	*
7187	* @ingroup krb5_storage
7188	*/
7189
7190	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7191	krb5_ret_int16 (
7192	krb5_storage */sp/,
7193	int16_t */value/);
7194
7195	/**
7196	* Read a int32 from storage, byte order is controlled by the settings
7197	* on the storage, see krb5_storage_set_byteorder().
7198	*
7199	* @param sp the storage to write too
7200	* @param value the value read from the buffer
7201	*
7202	* @return 0 for success, or a Kerberos 5 error code on failure.
7203	*
7204	* @ingroup krb5_storage
7205	*/
7206
7207	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7208	krb5_ret_int32 (
7209	krb5_storage */sp/,
7210	int32_t */value/);
7211
7212	/**
7213	* Read a int64 from storage, byte order is controlled by the settings
7214	* on the storage, see krb5_storage_set_byteorder().
7215	*
7216	* @param sp the storage to write too
7217	* @param value the value read from the buffer
7218	*
7219	* @return 0 for success, or a Kerberos 5 error code on failure.
7220	*
7221	* @ingroup krb5_storage
7222	*/
7223
7224	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7225	krb5_ret_int64 (
7226	krb5_storage */sp/,
7227	int64_t */value/);
7228
7229	/**
7230	* Read a int8 from storage
7231	*
7232	* @param sp the storage to write too
7233	* @param value the value read from the buffer
7234	*
7235	* @return 0 for success, or a Kerberos 5 error code on failure.
7236	*
7237	* @ingroup krb5_storage
7238	*/
7239
7240	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7241	krb5_ret_int8 (
7242	krb5_storage */sp/,
7243	int8_t */value/);
7244
7245	/**
7246	* Read a keyblock from the storage.
7247	*
7248	* @param sp the storage buffer to write to
7249	* @param p the keyblock read from storage, free using krb5_free_keyblock()
7250	*
7251	* @return 0 on success, a Kerberos 5 error code on failure.
7252	*
7253	* @ingroup krb5_storage
7254	*/
7255
7256	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7257	krb5_ret_keyblock (
7258	krb5_storage */sp/,
7259	krb5_keyblock */p/);
7260
7261	/**
7262	* Parse principal from the storage.
7263	*
7264	* @param sp the storage buffer to read from
7265	* @param princ the parsed principal
7266	*
7267	* @return 0 on success, a Kerberos 5 error code on failure.
7268	*
7269	* @ingroup krb5_storage
7270	*/
7271
7272	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7273	krb5_ret_principal (
7274	krb5_storage */sp/,
7275	krb5_principal */princ/);
7276
7277	/**
7278	* Parse a string from the storage.
7279	*
7280	* @param sp the storage buffer to read from
7281	* @param string the parsed string
7282	*
7283	* @return 0 on success, a Kerberos 5 error code on failure.
7284	*
7285	* @ingroup krb5_storage
7286	*/
7287
7288	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7289	krb5_ret_string (
7290	krb5_storage */sp/,
7291	char **/string/);
7292
7293	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7294	krb5_ret_stringnl (
7295	krb5_storage */sp/,
7296	char **/string/);
7297
7298	/**
7299	* Parse zero terminated string from the storage.
7300	*
7301	* @param sp the storage buffer to read from
7302	* @param string the parsed string
7303	*
7304	* @return 0 on success, a Kerberos 5 error code on failure.
7305	*
7306	* @ingroup krb5_storage
7307	*/
7308
7309	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7310	krb5_ret_stringz (
7311	krb5_storage */sp/,
7312	char **/string/);
7313
7314	/**
7315	* Read a times block from the storage.
7316	*
7317	* @param sp the storage buffer to write to
7318	* @param times the times block read from storage
7319	*
7320	* @return 0 on success, a Kerberos 5 error code on failure.
7321	*
7322	* @ingroup krb5_storage
7323	*/
7324
7325	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7326	krb5_ret_times (
7327	krb5_storage */sp/,
7328	krb5_times */times/);
7329
7330	/**
7331	* Read a int16 from storage, byte order is controlled by the settings
7332	* on the storage, see krb5_storage_set_byteorder().
7333	*
7334	* @param sp the storage to write too
7335	* @param value the value read from the buffer
7336	*
7337	* @return 0 for success, or a Kerberos 5 error code on failure.
7338	*
7339	* @ingroup krb5_storage
7340	*/
7341
7342	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7343	krb5_ret_uint16 (
7344	krb5_storage */sp/,
7345	uint16_t */value/);
7346
7347	/**
7348	* Read a uint32 from storage, byte order is controlled by the settings
7349	* on the storage, see krb5_storage_set_byteorder().
7350	*
7351	* @param sp the storage to write too
7352	* @param value the value read from the buffer
7353	*
7354	* @return 0 for success, or a Kerberos 5 error code on failure.
7355	*
7356	* @ingroup krb5_storage
7357	*/
7358
7359	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7360	krb5_ret_uint32 (
7361	krb5_storage */sp/,
7362	uint32_t */value/);
7363
7364	/**
7365	* Read a uint64 from storage, byte order is controlled by the settings
7366	* on the storage, see krb5_storage_set_byteorder().
7367	*
7368	* @param sp the storage to write too
7369	* @param value the value read from the buffer
7370	*
7371	* @return 0 for success, or a Kerberos 5 error code on failure.
7372	*
7373	* @ingroup krb5_storage
7374	*/
7375
7376	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7377	krb5_ret_uint64 (
7378	krb5_storage */sp/,
7379	uint64_t */value/);
7380
7381	/**
7382	* Read a uint8 from storage
7383	*
7384	* @param sp the storage to write too
7385	* @param value the value read from the buffer
7386	*
7387	* @return 0 for success, or a Kerberos 5 error code on failure.
7388	*
7389	* @ingroup krb5_storage
7390	*/
7391
7392	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7393	krb5_ret_uint8 (
7394	krb5_storage */sp/,
7395	uint8_t */value/);
7396
7397	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7398	krb5_salttype_to_string (
7399	krb5_context /context/,
7400	krb5_enctype /etype/,
7401	krb5_salttype /stype/,
7402	char **/string/);
7403
7404	/**
7405	* Perform the client side of the sendauth protocol.
7406	*
7407	* @param context Kerberos 5 context.
7408	* @param auth_context Authentication context of the peer.
7409	* @param p_fd Socket associated to the connection.
7410	* @param appl_version Server-specific string.
7411	* @param client Client principal. If NULL, use the credentials in \a ccache.
7412	* @param server Server principal.
7413	* @param ap_req_options Options for the AP_REQ message. See the AP_OPTS_* defines in krb5.h.
7414	* @param in_data FIXME
7415	* @param in_creds FIXME
7416	* @param ccache Credentials cache. If NULL, use the default credentials cache.
7417	* @param ret_error If not NULL, will be set to the error reported by server, if any.
7418	* Must be deallocated with krb5_free_error_contents().
7419	* @param rep_result If not NULL, will be set to the EncApRepPart of the AP_REP message.
7420	* Must be deallocated with krb5_free_ap_rep_enc_part().
7421	* @param out_creds FIXME If not NULL, will be set to FIXME. Must be deallocated with
7422	* krb5_free_creds().
7423	*
7424	* @return 0 to indicate success. Otherwise a Kerberos error code is
7425	* returned, see krb5_get_error_message().
7426	*/
7427
7428	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7429	krb5_sendauth (
7430	krb5_context /context/,
7431	krb5_auth_context */auth_context/,
7432	krb5_pointer /p_fd/,
7433	const char */appl_version/,
7434	krb5_principal /client/,
7435	krb5_principal /server/,
7436	krb5_flags /ap_req_options/,
7437	krb5_data */in_data/,
7438	krb5_creds */in_creds/,
7439	krb5_ccache /ccache/,
7440	krb5_error **/ret_error/,
7441	krb5_ap_rep_enc_part **/rep_result/,
7442	krb5_creds **/out_creds/);
7443
7444	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7445	krb5_sendto (
7446	krb5_context /context/,
7447	const krb5_data */send_data/,
7448	krb5_krbhst_handle /handle/,
7449	krb5_data */receive/);
7450
7451	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7452	krb5_sendto_context (
7453	krb5_context /context/,
7454	krb5_sendto_ctx /ctx/,
7455	const krb5_data */send_data/,
7456	krb5_const_realm /realm/,
7457	krb5_data */receive/);
7458
7459	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7460	krb5_sendto_ctx_add_flags (
7461	krb5_sendto_ctx /ctx/,
7462	int /flags/);
7463
7464	/**
7465	* @section send_to_kdc Locating and sending packets to the KDC
7466	*
7467	* The send to kdc code is responsible to request the list of KDC from
7468	* the locate-kdc subsystem and then send requests to each of them.
7469	*
7470	* - Each second a new hostname is tried.
7471	* - If the hostname have several addresses, the first will be tried
7472	* directly then in turn the other will be tried every 3 seconds
7473	* (host_timeout).
7474	* - UDP requests are tried 3 times, and it tried with a individual timeout of kdc_timeout / 3.
7475	* - TCP and HTTP requests are tried 1 time.
7476	*
7477	* Total wait time shorter then (number of addresses * 3) + kdc_timeout seconds.
7478	*
7479	*/
7480
7481	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7482	krb5_sendto_ctx_alloc (
7483	krb5_context /context/,
7484	krb5_sendto_ctx */ctx/);
7485
7486	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7487	krb5_sendto_ctx_free (
7488	krb5_context /context/,
7489	krb5_sendto_ctx /ctx/);
7490
7491	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
7492	krb5_sendto_ctx_get_flags (krb5_sendto_ctx /ctx/);
7493
7494	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7495	krb5_sendto_ctx_set_func (
7496	krb5_sendto_ctx /ctx/,
7497	krb5_sendto_ctx_func /func/,
7498	void */data/);
7499
7500	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7501	krb5_sendto_ctx_set_type (
7502	krb5_sendto_ctx /ctx/,
7503	int /type/);
7504
7505	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7506	krb5_sendto_kdc (
7507	krb5_context /context/,
7508	const krb5_data */send_data/,
7509	const krb5_realm */realm/,
7510	krb5_data */receive/);
7511
7512	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7513	krb5_sendto_kdc_flags (
7514	krb5_context /context/,
7515	const krb5_data */send_data/,
7516	const krb5_realm */realm/,
7517	krb5_data */receive/,
7518	int /flags/);
7519
7520	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7521	krb5_sendto_set_hostname (
7522	krb5_context /context/,
7523	krb5_sendto_ctx /ctx/,
7524	const char */hostname/);
7525
7526	/**
7527	* Reinit the context from a new set of filenames.
7528	*
7529	* @param context context to add configuration too.
7530	* @param filenames array of filenames, end of list is indicated with a NULL filename.
7531	*
7532	* @return Returns 0 to indicate success. Otherwise an kerberos et
7533	* error code is returned, see krb5_get_error_message().
7534	*
7535	* @ingroup krb5
7536	*/
7537
7538	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7539	krb5_set_config_files (
7540	krb5_context /context/,
7541	char **/filenames/);
7542
7543	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7544	krb5_set_debug_dest (
7545	krb5_context /context/,
7546	const char */program/,
7547	const char */log_spec/);
7548
7549	/**
7550	* Set the default encryption types that will be use in communcation
7551	* with the KDC, clients and servers.
7552	*
7553	* @param context Kerberos 5 context.
7554	* @param etypes Encryption types, array terminated with ETYPE_NULL (0).
7555	* A value of NULL resets the encryption types to the defaults set in the
7556	* configuration file.
7557	*
7558	* @return Returns 0 to indicate success. Otherwise an kerberos et
7559	* error code is returned, see krb5_get_error_message().
7560	*
7561	* @ingroup krb5
7562	*/
7563
7564	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7565	krb5_set_default_in_tkt_etypes (
7566	krb5_context /context/,
7567	const krb5_enctype */etypes/);
7568
7569	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7570	krb5_set_default_realm (
7571	krb5_context /context/,
7572	const char */realm/);
7573
7574	/**
7575	* Set if the library should use DNS to canonicalize hostnames.
7576	*
7577	* @param context Kerberos 5 context.
7578	* @param flag if its dns canonicalizion is used or not.
7579	*
7580	* @ingroup krb5
7581	*/
7582
7583	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7584	krb5_set_dns_canonicalize_hostname (
7585	krb5_context /context/,
7586	krb5_boolean /flag/);
7587
7588	/**
7589	* Set the context full error string for a specific error code.
7590	* The error that is stored should be internationalized.
7591	*
7592	* The if context is NULL, no error string is stored.
7593	*
7594	* @param context Kerberos 5 context
7595	* @param ret The error code
7596	* @param fmt Error string for the error code
7597	* @param ... printf(3) style parameters.
7598	*
7599	* @ingroup krb5_error
7600	*/
7601
7602	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7603	krb5_set_error_message (
7604	krb5_context /context/,
7605	krb5_error_code /ret/,
7606	const char */fmt/,
7607	...)
7608	__attribute__ ((__format__ (__printf__, `3`, `4`)));
7609
7610	/**
7611	* Set the error message returned by krb5_get_error_string().
7612	*
7613	* Deprecated: use krb5_get_error_message()
7614	*
7615	* @param context Kerberos context
7616	* @param fmt error message to free
7617	*
7618	* @return Return an error code or 0.
7619	*
7620	* @ingroup krb5_deprecated
7621	*/
7622
7623	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7624	krb5_set_error_string (
7625	krb5_context /context/,
7626	const char */fmt/,
7627	...)
7628	__attribute__ ((__format__ (__printf__, `2`, `3`))) KRB5_DEPRECATED_FUNCTION("Use X instead");
7629
7630	/**
7631	* Set extra address to the address list that the library will add to
7632	* the client's address list when communicating with the KDC.
7633	*
7634	* @param context Kerberos 5 context.
7635	* @param addresses addreses to set
7636	*
7637	* @return Returns 0 to indicate success. Otherwise an kerberos et
7638	* error code is returned, see krb5_get_error_message().
7639	*
7640	* @ingroup krb5
7641	*/
7642
7643	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7644	krb5_set_extra_addresses (
7645	krb5_context /context/,
7646	const krb5_addresses */addresses/);
7647
7648	/**
7649	* Set version of fcache that the library should use.
7650	*
7651	* @param context Kerberos 5 context.
7652	* @param version version number.
7653	*
7654	* @return Returns 0 to indicate success. Otherwise an kerberos et
7655	* error code is returned, see krb5_get_error_message().
7656	*
7657	* @ingroup krb5
7658	*/
7659
7660	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7661	krb5_set_fcache_version (
7662	krb5_context /context/,
7663	int /version/);
7664
7665	/**
7666	* Enable and disable home directory access on either the global state
7667	* or the krb5_context state. By calling krb5_set_home_dir_access()
7668	* with context set to NULL, the global state is configured otherwise
7669	* the state for the krb5_context is modified.
7670	*
7671	* For home directory access to be allowed, both the global state and
7672	* the krb5_context state have to be allowed.
7673	*
7674	* @param context a Kerberos 5 context or NULL
7675	* @param allow allow if TRUE home directory
7676	* @return the old value
7677	*
7678	* @ingroup krb5
7679	*/
7680
7681	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
7682	krb5_set_home_dir_access (
7683	krb5_context /context/,
7684	krb5_boolean /allow/);
7685
7686	/**
7687	* Set extra addresses to ignore when fetching addresses from the
7688	* underlaying operating system.
7689	*
7690	* @param context Kerberos 5 context.
7691	* @param addresses addreses to ignore
7692	*
7693	* @return Returns 0 to indicate success. Otherwise an kerberos et
7694	* error code is returned, see krb5_get_error_message().
7695	*
7696	* @ingroup krb5
7697	*/
7698
7699	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7700	krb5_set_ignore_addresses (
7701	krb5_context /context/,
7702	const krb5_addresses */addresses/);
7703
7704	/**
7705	* Set current offset in time to the KDC.
7706	*
7707	* @param context Kerberos 5 context.
7708	* @param sec seconds part of offset.
7709	* @param usec micro seconds part of offset.
7710	*
7711	* @return returns zero
7712	*
7713	* @ingroup krb5
7714	*/
7715
7716	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7717	krb5_set_kdc_sec_offset (
7718	krb5_context /context/,
7719	int32_t /sec/,
7720	int32_t /usec/);
7721
7722	/**
7723	* Set max time skew allowed.
7724	*
7725	* @param context Kerberos 5 context.
7726	* @param t timeskew in seconds.
7727	*
7728	* @ingroup krb5
7729	*/
7730
7731	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7732	krb5_set_max_time_skew (
7733	krb5_context /context/,
7734	time_t /t/);
7735
7736	/**
7737	* Change password using creds.
7738	*
7739	* @param context a Keberos context
7740	* @param creds The initial kadmin/passwd for the principal or an admin principal
7741	* @param newpw The new password to set
7742	* @param targprinc if unset, the default principal is used.
7743	* @param result_code Result code, KRB5_KPASSWD_SUCCESS is when password is changed.
7744	* @param result_code_string binary message from the server, contains
7745	* at least the result_code.
7746	* @param result_string A message from the kpasswd service or the
7747	* library in human printable form. The string is NUL terminated.
7748	*
7749	* @return On sucess and *result_code is KRB5_KPASSWD_SUCCESS, the password is changed.
7750
7751	* @ingroup @krb5
7752	*/
7753
7754	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7755	krb5_set_password (
7756	krb5_context /context/,
7757	krb5_creds */creds/,
7758	const char */newpw/,
7759	krb5_principal /targprinc/,
7760	int */result_code/,
7761	krb5_data */result_code_string/,
7762	krb5_data */result_string/);
7763
7764	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7765	krb5_set_password_using_ccache (
7766	krb5_context /context/,
7767	krb5_ccache /ccache/,
7768	const char */newpw/,
7769	krb5_principal /targprinc/,
7770	int */result_code/,
7771	krb5_data */result_code_string/,
7772	krb5_data */result_string/);
7773
7774	/**
7775	* Set the absolute time that the caller knows the kdc has so the
7776	* kerberos library can calculate the relative diffrence beteen the
7777	* KDC time and local system time.
7778	*
7779	* @param context Keberos 5 context.
7780	* @param sec The applications new of "now" in seconds
7781	* @param usec The applications new of "now" in micro seconds
7782
7783	* @return Kerberos 5 error code, see krb5_get_error_message().
7784	*
7785	* @ingroup krb5
7786	*/
7787
7788	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7789	krb5_set_real_time (
7790	krb5_context /context/,
7791	krb5_timestamp /sec/,
7792	int32_t /usec/);
7793
7794	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7795	krb5_set_send_to_kdc_func (
7796	krb5_context /context/,
7797	krb5_send_to_kdc_func /func/,
7798	void */data/);
7799
7800	/**
7801	* Make the kerberos library default to the admin KDC.
7802	*
7803	* @param context Kerberos 5 context.
7804	* @param flag boolean flag to select if the use the admin KDC or not.
7805	*
7806	* @ingroup krb5
7807	*/
7808
7809	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7810	krb5_set_use_admin_kdc (
7811	krb5_context /context/,
7812	krb5_boolean /flag/);
7813
7814	/**
7815	* Set the default logging facility.
7816	*
7817	* @param context A Kerberos 5 context
7818	* @param fac Facility to use for logging.
7819	*
7820	* @ingroup krb5_error
7821	*/
7822
7823	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7824	krb5_set_warn_dest (
7825	krb5_context /context/,
7826	krb5_log_facility */fac/);
7827
7828	/**
7829	* Create a principal for the given service running on the given
7830	* hostname. If KRB5_NT_SRV_HST is used, the hostname is canonicalized
7831	* according the configured name canonicalization rules, with
7832	* canonicalization delayed in some cases. One rule involves DNS, which
7833	* is insecure unless DNSSEC is used, but we don't use DNSSEC-capable
7834	* resolver APIs here, so that if DNSSEC is used we wouldn't know it.
7835	*
7836	* Canonicalization is immediate (not delayed) only when there is only
7837	* one canonicalization rule and that rule indicates that we should do a
7838	* host lookup by name (i.e., DNS).
7839	*
7840	* @param context A Kerberos context.
7841	* @param hostname hostname to use
7842	* @param sname Service name to use
7843	* @param type name type of principal, use KRB5_NT_SRV_HST or KRB5_NT_UNKNOWN.
7844	* @param ret_princ return principal, free with krb5_free_principal().
7845	*
7846	* @return An krb5 error code, see krb5_get_error_message().
7847	*
7848	* @ingroup krb5_principal
7849	*/
7850
7851	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7852	krb5_sname_to_principal (
7853	krb5_context /context/,
7854	const char */hostname/,
7855	const char */sname/,
7856	int32_t /type/,
7857	krb5_principal */ret_princ/);
7858
7859	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7860	krb5_sock_to_principal (
7861	krb5_context /context/,
7862	int /sock/,
7863	const char */sname/,
7864	int32_t /type/,
7865	krb5_principal */ret_princ/);
7866
7867	/**
7868	* krb5_sockaddr2address stores a address a "struct sockaddr" sa in
7869	* the krb5_address addr.
7870	*
7871	* @param context a Keberos context
7872	* @param sa a struct sockaddr to extract the address from
7873	* @param addr an Kerberos 5 address to store the address in.
7874	*
7875	* @return Return an error code or 0.
7876	*
7877	* @ingroup krb5_address
7878	*/
7879
7880	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7881	krb5_sockaddr2address (
7882	krb5_context /context/,
7883	const struct sockaddr */sa/,
7884	krb5_address */addr/);
7885
7886	/**
7887	* krb5_sockaddr2port extracts a port (if possible) from a "struct
7888	* sockaddr.
7889	*
7890	* @param context a Keberos context
7891	* @param sa a struct sockaddr to extract the port from
7892	* @param port a pointer to an int16_t store the port in.
7893	*
7894	* @return Return an error code or 0. Will return
7895	* KRB5_PROG_ATYPE_NOSUPP in case address type is not supported.
7896	*
7897	* @ingroup krb5_address
7898	*/
7899
7900	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7901	krb5_sockaddr2port (
7902	krb5_context /context/,
7903	const struct sockaddr */sa/,
7904	int16_t */port/);
7905
7906	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
7907	krb5_sockaddr_is_loopback (const struct sockaddr */sa/);
7908
7909	/**
7910	* krb5_sockaddr_uninteresting returns TRUE for all .Fa sa that the
7911	* kerberos library thinks are uninteresting. One example are link
7912	* local addresses.
7913	*
7914	* @param sa pointer to struct sockaddr that might be interesting.
7915	*
7916	* @return Return a non zero for uninteresting addresses.
7917	*
7918	* @ingroup krb5_address
7919	*/
7920
7921	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
7922	krb5_sockaddr_uninteresting (const struct sockaddr */sa/);
7923
7924	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7925	krb5_std_usage (
7926	int /code/,
7927	struct getargs */args/,
7928	int /num_args/);
7929
7930	/**
7931	* Clear the flags on a storage buffer
7932	*
7933	* @param sp the storage buffer to clear the flags on
7934	* @param flags the flags to clear
7935	*
7936	* @ingroup krb5_storage
7937	*/
7938
7939	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
7940	krb5_storage_clear_flags (
7941	krb5_storage */sp/,
7942	krb5_flags /flags/);
7943
7944	/**
7945	* Create a elastic (allocating) memory storage backend. Memory is
7946	* allocated on demand. Free returned krb5_storage with
7947	* krb5_storage_free().
7948	*
7949	* @return A krb5_storage on success, or NULL on out of memory error.
7950	*
7951	* @ingroup krb5_storage
7952	*
7953	* @sa krb5_storage_from_mem()
7954	* @sa krb5_storage_from_readonly_mem()
7955	* @sa krb5_storage_from_fd()
7956	* @sa krb5_storage_from_data()
7957	* @sa krb5_storage_from_socket()
7958	*/
7959
7960	KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL
7961	krb5_storage_emem (void);
7962
7963	/**
7964	* Free a krb5 storage.
7965	*
7966	* @param sp the storage to free.
7967	*
7968	* @return An Kerberos 5 error code.
7969	*
7970	* @ingroup krb5_storage
7971	*/
7972
7973	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
7974	krb5_storage_free (krb5_storage */sp/);
7975
7976	/**
7977	* Create a fixed size memory storage block
7978	*
7979	* @return A krb5_storage on success, or NULL on out of memory error.
7980	*
7981	* @ingroup krb5_storage
7982	*
7983	* @sa krb5_storage_mem()
7984	* @sa krb5_storage_from_mem()
7985	* @sa krb5_storage_from_readonly_mem()
7986	* @sa krb5_storage_from_fd()
7987	*/
7988
7989	KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL
7990	krb5_storage_from_data (krb5_data */data/);
7991
7992	/**
7993	*
7994	*
7995	* @return A krb5_storage on success, or NULL on out of memory error.
7996	*
7997	* @ingroup krb5_storage
7998	*
7999	* @sa krb5_storage_emem()
8000	* @sa krb5_storage_from_mem()
8001	* @sa krb5_storage_from_readonly_mem()
8002	* @sa krb5_storage_from_data()
8003	* @sa krb5_storage_from_socket()
8004	*/
8005
8006	KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL
8007	krb5_storage_from_fd (int /fd_in/);
8008
8009	/**
8010	* Create a fixed size memory storage block
8011	*
8012	* @return A krb5_storage on success, or NULL on out of memory error.
8013	*
8014	* @ingroup krb5_storage
8015	*
8016	* @sa krb5_storage_mem()
8017	* @sa krb5_storage_from_readonly_mem()
8018	* @sa krb5_storage_from_data()
8019	* @sa krb5_storage_from_fd()
8020	* @sa krb5_storage_from_socket()
8021	*/
8022
8023	KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL
8024	krb5_storage_from_mem (
8025	void */buf/,
8026	size_t /len/);
8027
8028	/**
8029	* Create a fixed size memory storage block that is read only
8030	*
8031	* @return A krb5_storage on success, or NULL on out of memory error.
8032	*
8033	* @ingroup krb5_storage
8034	*
8035	* @sa krb5_storage_mem()
8036	* @sa krb5_storage_from_mem()
8037	* @sa krb5_storage_from_data()
8038	* @sa krb5_storage_from_fd()
8039	*/
8040
8041	KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL
8042	krb5_storage_from_readonly_mem (
8043	const void */buf/,
8044	size_t /len/);
8045
8046	/**
8047	*
8048	*
8049	* @return A krb5_storage on success, or NULL on out of memory error.
8050	*
8051	* @ingroup krb5_storage
8052	*
8053	* @sa krb5_storage_emem()
8054	* @sa krb5_storage_from_mem()
8055	* @sa krb5_storage_from_readonly_mem()
8056	* @sa krb5_storage_from_data()
8057	* @sa krb5_storage_from_fd()
8058	*/
8059
8060	KRB5_LIB_FUNCTION krb5_storage * KRB5_LIB_CALL
8061	krb5_storage_from_socket (krb5_socket_t /sock_in/);
8062
8063	/**
8064	* Sync the storage buffer to its backing store. If there is no
8065	* backing store this function will return success.
8066	*
8067	* @param sp the storage buffer to sync
8068	*
8069	* @return A Kerberos 5 error code
8070	*
8071	* @ingroup krb5_storage
8072	*/
8073
8074	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
8075	krb5_storage_fsync (krb5_storage */sp/);
8076
8077	/**
8078	* Return the current byteorder for the buffer. See krb5_storage_set_byteorder() for the list or byte order contants.
8079	*
8080	* @ingroup krb5_storage
8081	*/
8082
8083	KRB5_LIB_FUNCTION krb5_flags KRB5_LIB_CALL
8084	krb5_storage_get_byteorder (krb5_storage */sp/);
8085
8086	/**
8087	* Get the return code that will be used when end of storage is reached.
8088	*
8089	* @param sp the storage
8090	*
8091	* @return storage error code
8092	*
8093	* @ingroup krb5_storage
8094	*/
8095
8096	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
8097	krb5_storage_get_eof_code (krb5_storage */sp/);
8098
8099	/**
8100	* Return true or false depending on if the storage flags is set or
8101	* not. NB testing for the flag 0 always return true.
8102	*
8103	* @param sp the storage buffer to check flags on
8104	* @param flags The flags to test for
8105	*
8106	* @return true if all the flags are set, false if not.
8107	*
8108	* @ingroup krb5_storage
8109	*/
8110
8111	KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
8112	krb5_storage_is_flags (
8113	krb5_storage */sp/,
8114	krb5_flags /flags/);
8115
8116	/**
8117	* Read to the storage buffer.
8118	*
8119	* @param sp the storage buffer to read from
8120	* @param buf the buffer to store the data in
8121	* @param len the length to read
8122	*
8123	* @return The length of data read (can be shorter then len), or negative on error.
8124	*
8125	* @ingroup krb5_storage
8126	*/
8127
8128	KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
8129	krb5_storage_read (
8130	krb5_storage */sp/,
8131	void */buf/,
8132	size_t /len/);
8133
8134	/**
8135	* Seek to a new offset.
8136	*
8137	* @param sp the storage buffer to seek in.
8138	* @param offset the offset to seek
8139	* @param whence relateive searching, SEEK_CUR from the current
8140	* position, SEEK_END from the end, SEEK_SET absolute from the start.
8141	*
8142	* @return The new current offset
8143	*
8144	* @ingroup krb5_storage
8145	*/
8146
8147	KRB5_LIB_FUNCTION off_t KRB5_LIB_CALL
8148	krb5_storage_seek (
8149	krb5_storage */sp/,
8150	off_t /offset/,
8151	int /whence/);
8152
8153	/**
8154	* Set the new byte order of the storage buffer.
8155	*
8156	* @param sp the storage buffer to set the byte order for.
8157	* @param byteorder the new byte order.
8158	*
8159	* The byte order are: KRB5_STORAGE_BYTEORDER_BE,
8160	* KRB5_STORAGE_BYTEORDER_LE and KRB5_STORAGE_BYTEORDER_HOST.
8161	*
8162	* @ingroup krb5_storage
8163	*/
8164
8165	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
8166	krb5_storage_set_byteorder (
8167	krb5_storage */sp/,
8168	krb5_flags /byteorder/);
8169
8170	/**
8171	* Set the return code that will be used when end of storage is reached.
8172	*
8173	* @param sp the storage
8174	* @param code the error code to return on end of storage
8175	*
8176	* @ingroup krb5_storage
8177	*/
8178
8179	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
8180	krb5_storage_set_eof_code (
8181	krb5_storage */sp/,
8182	int /code/);
8183
8184	/**
8185	* Add the flags on a storage buffer by or-ing in the flags to the buffer.
8186	*
8187	* @param sp the storage buffer to set the flags on
8188	* @param flags the flags to set
8189	*
8190	* @ingroup krb5_storage
8191	*/
8192
8193	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
8194	krb5_storage_set_flags (
8195	krb5_storage */sp/,
8196	krb5_flags /flags/);
8197
8198	/**
8199	* Set the max alloc value
8200	*
8201	* @param sp the storage buffer set the max allow for
8202	* @param size maximum size to allocate, use 0 to remove limit
8203	*
8204	* @ingroup krb5_storage
8205	*/
8206
8207	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
8208	krb5_storage_set_max_alloc (
8209	krb5_storage */sp/,
8210	size_t /size/);
8211
8212	/**
8213	* Copy the contnent of storage
8214	*
8215	* @param sp the storage to copy to a data
8216	* @param data the copied data, free with krb5_data_free()
8217	*
8218	* @return 0 for success, or a Kerberos 5 error code on failure.
8219	*
8220	* @ingroup krb5_storage
8221	*/
8222
8223	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8224	krb5_storage_to_data (
8225	krb5_storage */sp/,
8226	krb5_data */data/);
8227
8228	/**
8229	* Truncate the storage buffer in sp to offset.
8230	*
8231	* @param sp the storage buffer to truncate.
8232	* @param offset the offset to truncate too.
8233	*
8234	* @return An Kerberos 5 error code.
8235	*
8236	* @ingroup krb5_storage
8237	*/
8238
8239	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
8240	krb5_storage_truncate (
8241	krb5_storage */sp/,
8242	off_t /offset/);
8243
8244	/**
8245	* Write to the storage buffer.
8246	*
8247	* @param sp the storage buffer to write to
8248	* @param buf the buffer to write to the storage buffer
8249	* @param len the length to write
8250	*
8251	* @return The length of data written (can be shorter then len), or negative on error.
8252	*
8253	* @ingroup krb5_storage
8254	*/
8255
8256	KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
8257	krb5_storage_write (
8258	krb5_storage */sp/,
8259	const void */buf/,
8260	size_t /len/);
8261
8262	/**
8263	* Write a address block to storage.
8264	*
8265	* @param sp the storage buffer to write to
8266	* @param p the address block to write.
8267	*
8268	* @return 0 on success, a Kerberos 5 error code on failure.
8269	*
8270	* @ingroup krb5_storage
8271	*/
8272
8273	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8274	krb5_store_address (
8275	krb5_storage */sp/,
8276	krb5_address /p/);
8277
8278	/**
8279	* Write a addresses block to storage.
8280	*
8281	* @param sp the storage buffer to write to
8282	* @param p the addresses block to write.
8283	*
8284	* @return 0 on success, a Kerberos 5 error code on failure.
8285	*
8286	* @ingroup krb5_storage
8287	*/
8288
8289	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8290	krb5_store_addrs (
8291	krb5_storage */sp/,
8292	krb5_addresses /p/);
8293
8294	/**
8295	* Write a auth data block to storage.
8296	*
8297	* @param sp the storage buffer to write to
8298	* @param auth the auth data block to write.
8299	*
8300	* @return 0 on success, a Kerberos 5 error code on failure.
8301	*
8302	* @ingroup krb5_storage
8303	*/
8304
8305	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8306	krb5_store_authdata (
8307	krb5_storage */sp/,
8308	krb5_authdata /auth/);
8309
8310	/**
8311	* Write a credentials block to storage.
8312	*
8313	* @param sp the storage buffer to write to
8314	* @param creds the creds block to write.
8315	*
8316	* @return 0 on success, a Kerberos 5 error code on failure.
8317	*
8318	* @ingroup krb5_storage
8319	*/
8320
8321	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8322	krb5_store_creds (
8323	krb5_storage */sp/,
8324	krb5_creds */creds/);
8325
8326	/**
8327	* Write a tagged credentials block to storage.
8328	*
8329	* @param sp the storage buffer to write to
8330	* @param creds the creds block to write.
8331	*
8332	* @return 0 on success, a Kerberos 5 error code on failure.
8333	*
8334	* @ingroup krb5_storage
8335	*/
8336
8337	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8338	krb5_store_creds_tag (
8339	krb5_storage */sp/,
8340	krb5_creds */creds/);
8341
8342	/**
8343	* Store a data to the storage. The data is stored with an int32 as
8344	* lenght plus the data (not padded).
8345	*
8346	* @param sp the storage buffer to write to
8347	* @param data the buffer to store.
8348	*
8349	* @return 0 on success, a Kerberos 5 error code on failure.
8350	*
8351	* @ingroup krb5_storage
8352	*/
8353
8354	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8355	krb5_store_data (
8356	krb5_storage */sp/,
8357	krb5_data /data/);
8358
8359	/**
8360	* Store a int16 to storage, byte order is controlled by the settings
8361	* on the storage, see krb5_storage_set_byteorder().
8362	*
8363	* @param sp the storage to write too
8364	* @param value the value to store
8365	*
8366	* @return 0 for success, or a Kerberos 5 error code on failure.
8367	*
8368	* @ingroup krb5_storage
8369	*/
8370
8371	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8372	krb5_store_int16 (
8373	krb5_storage */sp/,
8374	int16_t /value/);
8375
8376	/**
8377	* Store a int32 to storage, byte order is controlled by the settings
8378	* on the storage, see krb5_storage_set_byteorder().
8379	*
8380	* @param sp the storage to write too
8381	* @param value the value to store
8382	*
8383	* @return 0 for success, or a Kerberos 5 error code on failure.
8384	*
8385	* @ingroup krb5_storage
8386	*/
8387
8388	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8389	krb5_store_int32 (
8390	krb5_storage */sp/,
8391	int32_t /value/);
8392
8393	/**
8394	* Store a int64 to storage, byte order is controlled by the settings
8395	* on the storage, see krb5_storage_set_byteorder().
8396	*
8397	* @param sp the storage to write too
8398	* @param value the value to store
8399	*
8400	* @return 0 for success, or a Kerberos 5 error code on failure.
8401	*
8402	* @ingroup krb5_storage
8403	*/
8404
8405	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8406	krb5_store_int64 (
8407	krb5_storage */sp/,
8408	int64_t /value/);
8409
8410	/**
8411	* Store a int8 to storage.
8412	*
8413	* @param sp the storage to write too
8414	* @param value the value to store
8415	*
8416	* @return 0 for success, or a Kerberos 5 error code on failure.
8417	*
8418	* @ingroup krb5_storage
8419	*/
8420
8421	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8422	krb5_store_int8 (
8423	krb5_storage */sp/,
8424	int8_t /value/);
8425
8426	/**
8427	* Store a keyblock to the storage.
8428	*
8429	* @param sp the storage buffer to write to
8430	* @param p the keyblock to write
8431	*
8432	* @return 0 on success, a Kerberos 5 error code on failure.
8433	*
8434	* @ingroup krb5_storage
8435	*/
8436
8437	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8438	krb5_store_keyblock (
8439	krb5_storage */sp/,
8440	krb5_keyblock /p/);
8441
8442	/**
8443	* Write a principal block to storage.
8444	*
8445	* @param sp the storage buffer to write to
8446	* @param p the principal block to write.
8447	*
8448	* @return 0 on success, a Kerberos 5 error code on failure.
8449	*
8450	* @ingroup krb5_storage
8451	*/
8452
8453	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8454	krb5_store_principal (
8455	krb5_storage */sp/,
8456	krb5_const_principal /p/);
8457
8458	/**
8459	* Store a string to the buffer. The data is formated as an len:uint32
8460	* plus the string itself (not padded).
8461	*
8462	* @param sp the storage buffer to write to
8463	* @param s the string to store.
8464	*
8465	* @return 0 on success, a Kerberos 5 error code on failure.
8466	*
8467	* @ingroup krb5_storage
8468	*/
8469
8470	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8471	krb5_store_string (
8472	krb5_storage */sp/,
8473	const char */s/);
8474
8475	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8476	krb5_store_stringnl (
8477	krb5_storage */sp/,
8478	const char */s/);
8479
8480	/**
8481	* Store a zero terminated string to the buffer. The data is stored
8482	* one character at a time until a NUL is stored.
8483	*
8484	* @param sp the storage buffer to write to
8485	* @param s the string to store.
8486	*
8487	* @return 0 on success, a Kerberos 5 error code on failure.
8488	*
8489	* @ingroup krb5_storage
8490	*/
8491
8492	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8493	krb5_store_stringz (
8494	krb5_storage */sp/,
8495	const char */s/);
8496
8497	/**
8498	* Write a times block to storage.
8499	*
8500	* @param sp the storage buffer to write to
8501	* @param times the times block to write.
8502	*
8503	* @return 0 on success, a Kerberos 5 error code on failure.
8504	*
8505	* @ingroup krb5_storage
8506	*/
8507
8508	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8509	krb5_store_times (
8510	krb5_storage */sp/,
8511	krb5_times /times/);
8512
8513	/**
8514	* Store a uint16 to storage, byte order is controlled by the settings
8515	* on the storage, see krb5_storage_set_byteorder().
8516	*
8517	* @param sp the storage to write too
8518	* @param value the value to store
8519	*
8520	* @return 0 for success, or a Kerberos 5 error code on failure.
8521	*
8522	* @ingroup krb5_storage
8523	*/
8524
8525	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8526	krb5_store_uint16 (
8527	krb5_storage */sp/,
8528	uint16_t /value/);
8529
8530	/**
8531	* Store a uint32 to storage, byte order is controlled by the settings
8532	* on the storage, see krb5_storage_set_byteorder().
8533	*
8534	* @param sp the storage to write too
8535	* @param value the value to store
8536	*
8537	* @return 0 for success, or a Kerberos 5 error code on failure.
8538	*
8539	* @ingroup krb5_storage
8540	*/
8541
8542	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8543	krb5_store_uint32 (
8544	krb5_storage */sp/,
8545	uint32_t /value/);
8546
8547	/**
8548	* Store a uint64 to storage, byte order is controlled by the settings
8549	* on the storage, see krb5_storage_set_byteorder().
8550	*
8551	* @param sp the storage to write too
8552	* @param value the value to store
8553	*
8554	* @return 0 for success, or a Kerberos 5 error code on failure.
8555	*
8556	* @ingroup krb5_storage
8557	*/
8558
8559	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8560	krb5_store_uint64 (
8561	krb5_storage */sp/,
8562	uint64_t /value/);
8563
8564	/**
8565	* Store a uint8 to storage.
8566	*
8567	* @param sp the storage to write too
8568	* @param value the value to store
8569	*
8570	* @return 0 for success, or a Kerberos 5 error code on failure.
8571	*
8572	* @ingroup krb5_storage
8573	*/
8574
8575	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8576	krb5_store_uint8 (
8577	krb5_storage */sp/,
8578	uint8_t /value/);
8579
8580	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8581	krb5_string_to_deltat (
8582	const char */string/,
8583	krb5_deltat */deltat/);
8584
8585	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8586	krb5_string_to_enctype (
8587	krb5_context /context/,
8588	const char */string/,
8589	krb5_enctype */etype/);
8590
8591	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8592	krb5_string_to_key (
8593	krb5_context /context/,
8594	krb5_enctype /enctype/,
8595	const char */password/,
8596	krb5_principal /principal/,
8597	krb5_keyblock */key/);
8598
8599	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8600	krb5_string_to_key_data (
8601	krb5_context /context/,
8602	krb5_enctype /enctype/,
8603	krb5_data /password/,
8604	krb5_principal /principal/,
8605	krb5_keyblock */key/);
8606
8607	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8608	krb5_string_to_key_data_salt (
8609	krb5_context /context/,
8610	krb5_enctype /enctype/,
8611	krb5_data /password/,
8612	krb5_salt /salt/,
8613	krb5_keyblock */key/);
8614
8615	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8616	krb5_string_to_key_data_salt_opaque (
8617	krb5_context /context/,
8618	krb5_enctype /enctype/,
8619	krb5_data /password/,
8620	krb5_salt /salt/,
8621	krb5_data /opaque/,
8622	krb5_keyblock */key/);
8623
8624	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8625	krb5_string_to_key_derived (
8626	krb5_context /context/,
8627	const void */str/,
8628	size_t /len/,
8629	krb5_enctype /etype/,
8630	krb5_keyblock */key/);
8631
8632	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8633	krb5_string_to_key_salt (
8634	krb5_context /context/,
8635	krb5_enctype /enctype/,
8636	const char */password/,
8637	krb5_salt /salt/,
8638	krb5_keyblock */key/);
8639
8640	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8641	krb5_string_to_key_salt_opaque (
8642	krb5_context /context/,
8643	krb5_enctype /enctype/,
8644	const char */password/,
8645	krb5_salt /salt/,
8646	krb5_data /opaque/,
8647	krb5_keyblock */key/);
8648
8649	/**
8650	* Deprecated: keytypes doesn't exists, they are really enctypes in
8651	* most cases, use krb5_string_to_enctype().
8652	*
8653	* @ingroup krb5_deprecated
8654	*/
8655
8656	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8657	krb5_string_to_keytype (
8658	krb5_context /context/,
8659	const char */string/,
8660	krb5_keytype */keytype/)
8661	KRB5_DEPRECATED_FUNCTION("Use X instead");
8662
8663	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8664	krb5_string_to_salttype (
8665	krb5_context /context/,
8666	krb5_enctype /etype/,
8667	const char */string/,
8668	krb5_salttype */salttype/);
8669
8670	/**
8671	* Extract the authorization data type of type from the ticket. Store
8672	* the field in data. This function is to use for kerberos
8673	* applications.
8674	*
8675	* @param context a Kerberos 5 context
8676	* @param ticket Kerberos ticket
8677	* @param type type to fetch
8678	* @param data returned data, free with krb5_data_free()
8679	*
8680	* @ingroup krb5
8681	*/
8682
8683	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8684	krb5_ticket_get_authorization_data_type (
8685	krb5_context /context/,
8686	krb5_ticket */ticket/,
8687	int /type/,
8688	krb5_data */data/);
8689
8690	/**
8691	* Return client principal in ticket
8692	*
8693	* @param context a Kerberos 5 context
8694	* @param ticket ticket to copy
8695	* @param client client principal, free with krb5_free_principal()
8696	*
8697	* @return Returns 0 to indicate success. Otherwise an kerberos et
8698	* error code is returned, see krb5_get_error_message().
8699	*
8700	* @ingroup krb5
8701	*/
8702
8703	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8704	krb5_ticket_get_client (
8705	krb5_context /context/,
8706	const krb5_ticket */ticket/,
8707	krb5_principal */client/);
8708
8709	/**
8710	* Return end time of ticket
8711	*
8712	* @param context a Kerberos 5 context
8713	* @param ticket ticket to copy
8714	*
8715	* @return end time of ticket
8716	*
8717	* @ingroup krb5
8718	*/
8719
8720	KRB5_LIB_FUNCTION time_t KRB5_LIB_CALL
8721	krb5_ticket_get_endtime (
8722	krb5_context /context/,
8723	const krb5_ticket */ticket/);
8724
8725	/**
8726	* Get the flags from the Kerberos ticket
8727	*
8728	* @param context Kerberos context
8729	* @param ticket Kerberos ticket
8730	*
8731	* @return ticket flags
8732	*
8733	* @ingroup krb5_ticket
8734	*/
8735
8736	KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL
8737	krb5_ticket_get_flags (
8738	krb5_context /context/,
8739	const krb5_ticket */ticket/);
8740
8741	/**
8742	* Return server principal in ticket
8743	*
8744	* @param context a Kerberos 5 context
8745	* @param ticket ticket to copy
8746	* @param server server principal, free with krb5_free_principal()
8747	*
8748	* @return Returns 0 to indicate success. Otherwise an kerberos et
8749	* error code is returned, see krb5_get_error_message().
8750	*
8751	* @ingroup krb5
8752	*/
8753
8754	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8755	krb5_ticket_get_server (
8756	krb5_context /context/,
8757	const krb5_ticket */ticket/,
8758	krb5_principal */server/);
8759
8760	/**
8761	* If the caller passes in a negative usec, its assumed to be
8762	* unknown and the function will use the current time usec.
8763	*/
8764
8765	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8766	krb5_timeofday (
8767	krb5_context /context/,
8768	krb5_timestamp */timeret/);
8769
8770	/**
8771	* Unparse the Kerberos name into a string
8772	*
8773	* @param context Kerberos 5 context
8774	* @param principal principal to query
8775	* @param name resulting string, free with krb5_xfree()
8776	*
8777	* @return An krb5 error code, see krb5_get_error_message().
8778	*
8779	* @ingroup krb5_principal
8780	*/
8781
8782	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8783	krb5_unparse_name (
8784	krb5_context /context/,
8785	krb5_const_principal /principal/,
8786	char **/name/);
8787
8788	/**
8789	* Unparse the principal name to a fixed buffer
8790	*
8791	* @param context A Kerberos context.
8792	* @param principal principal to unparse
8793	* @param name buffer to write name to
8794	* @param len length of buffer
8795	*
8796	* @return An krb5 error code, see krb5_get_error_message().
8797	*
8798	* @ingroup krb5_principal
8799	*/
8800
8801	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8802	krb5_unparse_name_fixed (
8803	krb5_context /context/,
8804	krb5_const_principal /principal/,
8805	char */name/,
8806	size_t /len/);
8807
8808	/**
8809	* Unparse the principal name with unparse flags to a fixed buffer.
8810	*
8811	* @param context A Kerberos context.
8812	* @param principal principal to unparse
8813	* @param flags unparse flags
8814	* @param name buffer to write name to
8815	* @param len length of buffer
8816	*
8817	* @return An krb5 error code, see krb5_get_error_message().
8818	*
8819	* @ingroup krb5_principal
8820	*/
8821
8822	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8823	krb5_unparse_name_fixed_flags (
8824	krb5_context /context/,
8825	krb5_const_principal /principal/,
8826	int /flags/,
8827	char */name/,
8828	size_t /len/);
8829
8830	/**
8831	* Unparse the principal name to a fixed buffer. The realm is skipped
8832	* if its a default realm.
8833	*
8834	* @param context A Kerberos context.
8835	* @param principal principal to unparse
8836	* @param name buffer to write name to
8837	* @param len length of buffer
8838	*
8839	* @return An krb5 error code, see krb5_get_error_message().
8840	*
8841	* @ingroup krb5_principal
8842	*/
8843
8844	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8845	krb5_unparse_name_fixed_short (
8846	krb5_context /context/,
8847	krb5_const_principal /principal/,
8848	char */name/,
8849	size_t /len/);
8850
8851	/**
8852	* Unparse the Kerberos name into a string
8853	*
8854	* @param context Kerberos 5 context
8855	* @param principal principal to query
8856	* @param flags flag to determine the behavior
8857	* @param name resulting string, free with krb5_xfree()
8858	*
8859	* @return An krb5 error code, see krb5_get_error_message().
8860	*
8861	* @ingroup krb5_principal
8862	*/
8863
8864	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8865	krb5_unparse_name_flags (
8866	krb5_context /context/,
8867	krb5_const_principal /principal/,
8868	int /flags/,
8869	char **/name/);
8870
8871	/**
8872	* Unparse the principal name to a allocated buffer. The realm is
8873	* skipped if its a default realm.
8874	*
8875	* @param context A Kerberos context.
8876	* @param principal principal to unparse
8877	* @param name returned buffer, free with krb5_xfree()
8878	*
8879	* @return An krb5 error code, see krb5_get_error_message().
8880	*
8881	* @ingroup krb5_principal
8882	*/
8883
8884	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8885	krb5_unparse_name_short (
8886	krb5_context /context/,
8887	krb5_const_principal /principal/,
8888	char **/name/);
8889
8890	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8891	krb5_us_timeofday (
8892	krb5_context /context/,
8893	krb5_timestamp */sec/,
8894	int32_t */usec/);
8895
8896	/**
8897	* Log a warning to the log, default stderr, include bthe error from
8898	* the last failure and then abort.
8899	*
8900	* @param context A Kerberos 5 context
8901	* @param code error code of the last error
8902	* @param fmt message to print
8903	* @param ap arguments
8904	*
8905	* @ingroup krb5_error
8906	*/
8907
8908	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8909	krb5_vabort (
8910	krb5_context /context/,
8911	krb5_error_code /code/,
8912	const char */fmt/,
8913	va_list /ap/)
8914	__attribute__ ((__noreturn__, __format__ (__printf__, `3`, `0`)));
8915
8916	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8917	krb5_vabortx (
8918	krb5_context /context/,
8919	const char */fmt/,
8920	va_list /ap/)
8921	__attribute__ ((__noreturn__, __format__ (__printf__, `2`, `0`)));
8922
8923	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8924	krb5_verify_ap_req (
8925	krb5_context /context/,
8926	krb5_auth_context */auth_context/,
8927	krb5_ap_req */ap_req/,
8928	krb5_const_principal /server/,
8929	krb5_keyblock */keyblock/,
8930	krb5_flags /flags/,
8931	krb5_flags */ap_req_options/,
8932	krb5_ticket **/ticket/);
8933
8934	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8935	krb5_verify_ap_req2 (
8936	krb5_context /context/,
8937	krb5_auth_context */auth_context/,
8938	krb5_ap_req */ap_req/,
8939	krb5_const_principal /server/,
8940	krb5_keyblock */keyblock/,
8941	krb5_flags /flags/,
8942	krb5_flags */ap_req_options/,
8943	krb5_ticket **/ticket/,
8944	krb5_key_usage /usage/);
8945
8946	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8947	krb5_verify_authenticator_checksum (
8948	krb5_context /context/,
8949	krb5_auth_context /ac/,
8950	void */data/,
8951	size_t /len/);
8952
8953	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8954	krb5_verify_checksum (
8955	krb5_context /context/,
8956	krb5_crypto /crypto/,
8957	krb5_key_usage /usage/,
8958	void */data/,
8959	size_t /len/,
8960	Checksum */cksum/);
8961
8962	/**
8963	* Verify a Kerberos message checksum.
8964	*
8965	* @param context Kerberos context
8966	* @param crypto Kerberos crypto context
8967	* @param usage Key usage for this buffer
8968	* @param data array of buffers to process
8969	* @param num_data length of array
8970	* @param type return checksum type if not NULL
8971	*
8972	* @return Return an error code or 0.
8973	* @ingroup krb5_crypto
8974	*/
8975
8976	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8977	krb5_verify_checksum_iov (
8978	krb5_context /context/,
8979	krb5_crypto /crypto/,
8980	unsigned /usage/,
8981	krb5_crypto_iov */data/,
8982	unsigned int /num_data/,
8983	krb5_cksumtype */type/);
8984
8985	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
8986	krb5_verify_init_creds (
8987	krb5_context /context/,
8988	krb5_creds */creds/,
8989	krb5_principal /ap_req_server/,
8990	krb5_keytab /ap_req_keytab/,
8991	krb5_ccache */ccache/,
8992	krb5_verify_init_creds_opt */options/);
8993
8994	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
8995	krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt */options/);
8996
8997	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
8998	krb5_verify_init_creds_opt_set_ap_req_nofail (
8999	krb5_verify_init_creds_opt */options/,
9000	int /ap_req_nofail/);
9001
9002	KRB5_LIB_FUNCTION int KRB5_LIB_CALL
9003	krb5_verify_opt_alloc (
9004	krb5_context /context/,
9005	krb5_verify_opt **/opt/);
9006
9007	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9008	krb5_verify_opt_free (krb5_verify_opt */opt/);
9009
9010	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9011	krb5_verify_opt_init (krb5_verify_opt */opt/);
9012
9013	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9014	krb5_verify_opt_set_ccache (
9015	krb5_verify_opt */opt/,
9016	krb5_ccache /ccache/);
9017
9018	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9019	krb5_verify_opt_set_flags (
9020	krb5_verify_opt */opt/,
9021	unsigned int /flags/);
9022
9023	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9024	krb5_verify_opt_set_keytab (
9025	krb5_verify_opt */opt/,
9026	krb5_keytab /keytab/);
9027
9028	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9029	krb5_verify_opt_set_secure (
9030	krb5_verify_opt */opt/,
9031	krb5_boolean /secure/);
9032
9033	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9034	krb5_verify_opt_set_service (
9035	krb5_verify_opt */opt/,
9036	const char */service/);
9037
9038	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9039	krb5_verify_user (
9040	krb5_context /context/,
9041	krb5_principal /principal/,
9042	krb5_ccache /ccache/,
9043	const char */password/,
9044	krb5_boolean /secure/,
9045	const char */service/);
9046
9047	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9048	krb5_verify_user_lrealm (
9049	krb5_context /context/,
9050	krb5_principal /principal/,
9051	krb5_ccache /ccache/,
9052	const char */password/,
9053	krb5_boolean /secure/,
9054	const char */service/);
9055
9056	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9057	krb5_verify_user_opt (
9058	krb5_context /context/,
9059	krb5_principal /principal/,
9060	const char */password/,
9061	krb5_verify_opt */opt/);
9062
9063	/**
9064	* Log a warning to the log, default stderr, include bthe error from
9065	* the last failure and then exit.
9066	*
9067	* @param context A Kerberos 5 context
9068	* @param eval the exit code to exit with
9069	* @param code error code of the last error
9070	* @param fmt message to print
9071	* @param ap arguments
9072	*
9073	* @ingroup krb5_error
9074	*/
9075
9076	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9077	krb5_verr (
9078	krb5_context /context/,
9079	int /eval/,
9080	krb5_error_code /code/,
9081	const char */fmt/,
9082	va_list /ap/)
9083	__attribute__ ((__noreturn__, __format__ (__printf__, `4`, `0`)));
9084
9085	/**
9086	* Log a warning to the log, default stderr, and then exit.
9087	*
9088	* @param context A Kerberos 5 context
9089	* @param eval the exit code to exit with
9090	* @param fmt message to print
9091	* @param ap arguments
9092	*
9093	* @ingroup krb5_error
9094	*/
9095
9096	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9097	krb5_verrx (
9098	krb5_context /context/,
9099	int /eval/,
9100	const char */fmt/,
9101	va_list /ap/)
9102	__attribute__ ((__noreturn__, __format__ (__printf__, `3`, `0`)));
9103
9104	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9105	krb5_vlog (
9106	krb5_context /context/,
9107	krb5_log_facility */fac/,
9108	int /level/,
9109	const char */fmt/,
9110	va_list /ap/)
9111	__attribute__ ((__format__ (__printf__, `4`, `0`)));
9112
9113	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9114	krb5_vlog_msg (
9115	krb5_context /context/,
9116	krb5_log_facility */fac/,
9117	char **/reply/,
9118	int /level/,
9119	const char */fmt/,
9120	va_list /ap/)
9121	__attribute__ ((__format__ (__printf__, `5`, `0`)));
9122
9123	/**
9124	* Prepend the contexts's full error string for a specific error code.
9125	*
9126	* The if context is NULL, no error string is stored.
9127	*
9128	* @param context Kerberos 5 context
9129	* @param ret The error code
9130	* @param fmt Error string for the error code
9131	* @param args printf(3) style parameters.
9132	*
9133	* @ingroup krb5_error
9134	*/
9135
9136	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9137	krb5_vprepend_error_message (
9138	krb5_context /context/,
9139	krb5_error_code /ret/,
9140	const char */fmt/,
9141	va_list /args/)
9142	__attribute__ ((__format__ (__printf__, `3`, `0`)));
9143
9144	/**
9145	* Set the context full error string for a specific error code.
9146	*
9147	* The if context is NULL, no error string is stored.
9148	*
9149	* @param context Kerberos 5 context
9150	* @param ret The error code
9151	* @param fmt Error string for the error code
9152	* @param args printf(3) style parameters.
9153	*
9154	* @ingroup krb5_error
9155	*/
9156
9157	KRB5_LIB_FUNCTION void KRB5_LIB_CALL
9158	krb5_vset_error_message (
9159	krb5_context /context/,
9160	krb5_error_code /ret/,
9161	const char */fmt/,
9162	va_list /args/)
9163	__attribute__ ((__format__ (__printf__, `3`, `0`)));
9164
9165	/**
9166	* Set the error message returned by krb5_get_error_string(),
9167	* deprecated, use krb5_set_error_message().
9168	*
9169	* Deprecated: use krb5_vset_error_message()
9170	*
9171	* @param context Kerberos context
9172	* @param fmt error message to free
9173	* @param args variable argument list vector
9174	*
9175	* @return Return an error code or 0.
9176	*
9177	* @ingroup krb5_deprecated
9178	*/
9179
9180	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9181	krb5_vset_error_string (
9182	krb5_context /context/,
9183	const char */fmt/,
9184	va_list /args/)
9185	__attribute__ ((__format__ (__printf__, `2`, `0`))) KRB5_DEPRECATED_FUNCTION("Use X instead");
9186
9187	/**
9188	* Log a warning to the log, default stderr, include the error from
9189	* the last failure.
9190	*
9191	* @param context A Kerberos 5 context.
9192	* @param code error code of the last error
9193	* @param fmt message to print
9194	* @param ap arguments
9195	*
9196	* @ingroup krb5_error
9197	*/
9198
9199	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9200	krb5_vwarn (
9201	krb5_context /context/,
9202	krb5_error_code /code/,
9203	const char */fmt/,
9204	va_list /ap/)
9205	__attribute__ ((__format__ (__printf__, `3`, `0`)));
9206
9207	/**
9208	* Log a warning to the log, default stderr.
9209	*
9210	* @param context A Kerberos 5 context.
9211	* @param fmt message to print
9212	* @param ap arguments
9213	*
9214	* @ingroup krb5_error
9215	*/
9216
9217	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9218	krb5_vwarnx (
9219	krb5_context /context/,
9220	const char */fmt/,
9221	va_list /ap/)
9222	__attribute__ ((__format__ (__printf__, `2`, `0`)));
9223
9224	/**
9225	* Log a warning to the log, default stderr, include the error from
9226	* the last failure.
9227	*
9228	* @param context A Kerberos 5 context.
9229	* @param code error code of the last error
9230	* @param fmt message to print
9231	*
9232	* @ingroup krb5_error
9233	*/
9234
9235	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9236	krb5_warn (
9237	krb5_context /context/,
9238	krb5_error_code /code/,
9239	const char */fmt/,
9240	...)
9241	__attribute__ ((__format__ (__printf__, `3`, `4`)));
9242
9243	/**
9244	* Log a warning to the log, default stderr.
9245	*
9246	* @param context A Kerberos 5 context.
9247	* @param fmt message to print
9248	*
9249	* @ingroup krb5_error
9250	*/
9251
9252	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9253	krb5_warnx (
9254	krb5_context /context/,
9255	const char */fmt/,
9256	...)
9257	__attribute__ ((__format__ (__printf__, `2`, `3`)));
9258
9259	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9260	krb5_write_message (
9261	krb5_context /context/,
9262	krb5_pointer /p_fd/,
9263	krb5_data */data/);
9264
9265	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9266	krb5_write_priv_message (
9267	krb5_context /context/,
9268	krb5_auth_context /ac/,
9269	krb5_pointer /p_fd/,
9270	krb5_data */data/);
9271
9272	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9273	krb5_write_safe_message (
9274	krb5_context /context/,
9275	krb5_auth_context /ac/,
9276	krb5_pointer /p_fd/,
9277	krb5_data */data/);
9278
9279	KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
9280	krb5_xfree (void */ptr/);
9281
9282	#ifdef __cplusplus
9283	}
9284	#endif
9285
9286	#undef KRB5_DEPRECATED_FUNCTION
9287
9288	#endif /* DOXY */
9289	#endif /* __krb5_protos_h__ */
9290

Browse the source code of netbsd/objdir.amd64/destdir.amd64/usr/include/krb5/krb5-protos.h