File: krb5_pac_verify_ext.rst.txt

package info (click to toggle)
krb5 1.18.3-6%2Bdeb11u5
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 52,500 kB
  • sloc: ansic: 302,656; exp: 13,173; cpp: 9,693; python: 9,298; javascript: 9,118; makefile: 7,158; sh: 6,305; perl: 1,926; asm: 1,460; yacc: 1,005; awk: 396; csh: 147; xml: 135; lisp: 104; sed: 41
file content (60 lines) | stat: -rw-r--r-- 1,200 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
krb5_pac_verify_ext -  Verify a PAC, possibly from a specified realm. 
======================================================================

..

.. c:function:: krb5_error_code krb5_pac_verify_ext(krb5_context context, const krb5_pac pac, krb5_timestamp authtime, krb5_const_principal principal, const krb5_keyblock * server, const krb5_keyblock * privsvr, krb5_boolean with_realm)

..


:param:

	          **[in]** **context** - Library context

	          **[in]** **pac** - PAC handle

	          **[in]** **authtime** - Expected timestamp

	          **[in]** **principal** - Expected principal name (or NULL)

	          **[in]** **server** - Key to validate server checksum (or NULL)

	          **[in]** **privsvr** - Key to validate KDC checksum (or NULL)

	          **[in]** **with_realm** - If true, expect the realm of *principal*


..



..







This function is similar to :c:func:`krb5_pac_verify()` , but adds a parameter *with_realm* . If *with_realm* is true, the PAC_CLIENT_INFO field is expected to include the realm of *principal* as well as the name. This flag is necessary to verify PACs in cross-realm S4U2Self referral TGTs.










..




.. note::

	 New in 1.17