| blob | d3926004b4da3d7a6b3935845d67a7159e8d7644 |
1 /*
2 * Copyright (c) 1997 - 2008 Kungliga Tekniska Högskolan
3 * (Royal Institute of Technology, Stockholm, Sweden).
4 * All rights reserved.
5 *
6 * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * 3. Neither the name of the Institute nor the names of its contributors
20 * may be used to endorse or promote products derived from this software
21 * without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
38 /**
39 * @page krb5_ccache_intro The credential cache functions
40 * @section section_krb5_ccache Kerberos credential caches
41 *
42 * krb5_ccache structure holds a Kerberos credential cache.
43 *
44 * Heimdal support the follow types of credential caches:
45 *
46 * - SCC
47 * Store the credential in a database
48 * - FILE
49 * Store the credential in memory
50 * - MEMORY
51 * Store the credential in memory
52 * - API
53 * A credential cache server based solution for Mac OS X
54 * - KCM
55 * A credential cache server based solution for all platforms
56 *
57 * @subsection Example
58 *
59 * This is a minimalistic version of klist:
60 @code
61 #include <krb5.h>
63 int
64 main (int argc, char **argv)
65 {
66 krb5_context context;
67 krb5_cc_cursor cursor;
68 krb5_error_code ret;
69 krb5_ccache id;
70 krb5_creds creds;
72 if (krb5_init_context (&context) != 0)
73 errx(1, "krb5_context");
75 ret = krb5_cc_default (context, &id);
76 if (ret)
77 krb5_err(context, 1, ret, "krb5_cc_default");
79 ret = krb5_cc_start_seq_get(context, id, &cursor);
80 if (ret)
81 krb5_err(context, 1, ret, "krb5_cc_start_seq_get");
83 while((ret = krb5_cc_next_cred(context, id, &cursor, &creds)) == 0){
84 char *principal;
86 krb5_unparse_name_short(context, creds.server, &principal);
87 printf("principal: %s\\n", principal);
88 free(principal);
89 krb5_free_cred_contents (context, &creds);
90 }
91 ret = krb5_cc_end_seq_get(context, id, &cursor);
92 if (ret)
93 krb5_err(context, 1, ret, "krb5_cc_end_seq_get");
95 krb5_cc_close(context, id);
97 krb5_free_context(context);
98 return 0;
99 }
100 * @endcode
101 */
103 /**
104 * Add a new ccache type with operations `ops', overwriting any
105 * existing one if `override'.
106 *
107 * @param context a Keberos context
108 * @param ops type of plugin symbol
109 * @param override flag to select if the registration is to overide
110 * an existing ops with the same name.
111 *
112 * @return Return an error code or 0, see krb5_get_error_message().
113 *
114 * @ingroup krb5_ccache
115 */
117 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
120 krb5_boolean override)
121 {
128 KRB5_CC_TYPE_EXISTS,
132 }
134 }
135 }
144 }
148 }
151 }
153 /*
154 * Allocate the memory for a `id' and the that function table to
155 * `ops'. Returns 0 or and error code.
156 */
158 krb5_error_code
162 {
163 krb5_ccache p;
170 }
175 }
177 /*
178 * Allocate memory for a new ccache in `id' with operations `ops'
179 * and name `residual'. Return 0 or an error code.
180 */
182 static krb5_error_code
187 {
188 krb5_error_code ret;
189 #ifdef KRB5_USE_PATH_TOKENS
197 #endif
201 #ifdef KRB5_USE_PATH_TOKENS
204 #endif
206 }
212 }
214 #ifdef KRB5_USE_PATH_TOKENS
217 #endif
220 }
222 static int
224 {
230 #ifdef _WIN32
231 /* <drive letter>:\path\to\cache ? */
236 #endif
239 }
241 /**
242 * Find and allocate a ccache in `id' from the specification in `residual'.
243 * If the ccache name doesn't contain any colon, interpret it as a file name.
244 *
245 * @param context a Keberos context.
246 * @param name string name of a credential cache.
247 * @param id return pointer to a found credential cache.
248 *
249 * @return Return 0 or an error code. In case of an error, id is set
250 * to NULL, see krb5_get_error_message().
251 *
252 * @ingroup krb5_ccache
253 */
256 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
260 {
272 id);
273 }
274 }
281 }
282 }
284 /**
285 * Generates a new unique ccache of `type` in `id'. If `type' is NULL,
286 * the library chooses the default credential cache type. The supplied
287 * `hint' (that can be NULL) is a string that the credential cache
288 * type can use to base the name of the credential on, this is to make
289 * it easier for the user to differentiate the credentials.
290 *
291 * @return Return an error code or 0, see krb5_get_error_message().
292 *
293 * @ingroup krb5_ccache
294 */
296 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
299 {
301 krb5_error_code ret;
308 }
317 }
319 }
321 /**
322 * Return the name of the ccache `id'
323 *
324 * @ingroup krb5_ccache
325 */
330 krb5_ccache id)
331 {
333 }
335 /**
336 * Return the type of the ccache `id'.
337 *
338 * @ingroup krb5_ccache
339 */
344 krb5_ccache id)
345 {
347 }
349 /**
350 * Return the complete resolvable name the cache
352 * @param context a Keberos context
353 * @param id return pointer to a found credential cache
354 * @param str the returned name of a credential cache, free with krb5_xfree()
355 *
356 * @return Returns 0 or an error (and then *str is set to NULL).
357 *
358 * @ingroup krb5_ccache
359 */
362 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
364 krb5_ccache id,
366 {
376 }
383 }
389 }
391 }
393 /**
394 * Return krb5_cc_ops of a the ccache `id'.
395 *
396 * @ingroup krb5_ccache
397 */
402 {
404 }
406 /*
407 * Expand variables in `str' into `res'
408 */
410 krb5_error_code
412 {
414 }
416 /*
417 * Return non-zero if envirnoment that will determine default krb5cc
418 * name has changed.
419 */
421 static int
423 {
426 /* if the cc name was set, don't change it */
430 /* XXX performance: always ask KCM/API if default name has changed */
445 }
451 }
453 }
455 /**
456 * Switch the default default credential cache for a specific
457 * credcache type (and name for some implementations).
458 *
459 * @return Return an error code or 0, see krb5_get_error_message().
460 *
461 * @ingroup krb5_ccache
462 */
464 krb5_error_code KRB5_LIB_FUNCTION
466 {
472 }
474 /**
475 * Return true if the default credential cache support switch
476 *
477 * @ingroup krb5_ccache
478 */
480 krb5_boolean KRB5_LIB_FUNCTION
482 {
489 }
491 /**
492 * Set the default cc name for `context' to `name'.
493 *
494 * @ingroup krb5_ccache
495 */
497 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
499 {
513 }
514 }
522 }
531 KRB5_CC_UNKNOWN_TYPE,
532 "Credential cache type %s "
535 }
536 }
540 }
541 }
546 }
551 }
564 }
566 /**
567 * Return a pointer to a context static string containing the default
568 * ccache name.
569 *
570 * @return String to the default credential cache name.
571 *
572 * @ingroup krb5_ccache
573 */
578 {
583 }
585 /**
586 * Open the default ccache in `id'.
587 *
588 * @return Return an error code or 0, see krb5_get_error_message().
589 *
590 * @ingroup krb5_ccache
591 */
594 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
597 {
603 }
605 }
607 /**
608 * Create a new ccache in `id' for `primary_principal'.
609 *
610 * @return Return an error code or 0, see krb5_get_error_message().
611 *
612 * @ingroup krb5_ccache
613 */
616 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
618 krb5_ccache id,
619 krb5_principal primary_principal)
620 {
622 }
625 /**
626 * Remove the ccache `id'.
627 *
628 * @return Return an error code or 0, see krb5_get_error_message().
629 *
630 * @ingroup krb5_ccache
631 */
634 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
636 krb5_ccache id)
637 {
638 krb5_error_code ret;
643 }
645 /**
646 * Stop using the ccache `id' and free the related resources.
647 *
648 * @return Return an error code or 0, see krb5_get_error_message().
649 *
650 * @ingroup krb5_ccache
651 */
654 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
656 krb5_ccache id)
657 {
658 krb5_error_code ret;
662 }
664 /**
665 * Store `creds' in the ccache `id'.
666 *
667 * @return Return an error code or 0, see krb5_get_error_message().
668 *
669 * @ingroup krb5_ccache
670 */
673 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
675 krb5_ccache id,
677 {
679 }
681 /**
682 * Retrieve the credential identified by `mcreds' (and `whichfields')
683 * from `id' in `creds'. 'creds' must be free by the caller using
684 * krb5_free_cred_contents.
685 *
686 * @param context A Kerberos 5 context
687 * @param id a Kerberos 5 credential cache
688 * @param whichfields what fields to use for matching credentials, same
689 * flags as whichfields in krb5_compare_creds()
690 * @param mcreds template credential to use for comparing
691 * @param creds returned credential, free with krb5_free_cred_contents()
692 *
693 * @return Return an error code or 0, see krb5_get_error_message().
694 *
695 * @ingroup krb5_ccache
696 */
699 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
701 krb5_ccache id,
702 krb5_flags whichfields,
705 {
706 krb5_error_code ret;
707 krb5_cc_cursor cursor;
712 }
721 }
723 }
726 }
728 /**
729 * Return the principal of `id' in `principal'.
730 *
731 * @return Return an error code or 0, see krb5_get_error_message().
732 *
733 * @ingroup krb5_ccache
734 */
737 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
739 krb5_ccache id,
741 {
743 }
745 /**
746 * Start iterating over `id', `cursor' is initialized to the
747 * beginning. Caller must free the cursor with krb5_cc_end_seq_get().
748 *
749 * @return Return an error code or 0, see krb5_get_error_message().
750 *
751 * @ingroup krb5_ccache
752 */
755 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
759 {
761 }
763 /**
764 * Retrieve the next cred pointed to by (`id', `cursor') in `creds'
765 * and advance `cursor'.
766 *
767 * @return Return an error code or 0, see krb5_get_error_message().
768 *
769 * @ingroup krb5_ccache
770 */
773 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
778 {
780 }
782 /**
783 * Destroy the cursor `cursor'.
784 *
785 * @ingroup krb5_ccache
786 */
789 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
793 {
795 }
797 /**
798 * Remove the credential identified by `cred', `which' from `id'.
799 *
800 * @ingroup krb5_ccache
801 */
804 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
806 krb5_ccache id,
807 krb5_flags which,
809 {
812 EACCES,
816 }
818 }
820 /**
821 * Set the flags of `id' to `flags'.
822 *
823 * @ingroup krb5_ccache
824 */
827 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
829 krb5_ccache id,
830 krb5_flags flags)
831 {
833 }
835 /**
836 * Get the flags of `id', store them in `flags'.
837 *
838 * @ingroup krb5_ccache
839 */
841 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
843 krb5_ccache id,
845 {
848 }
850 /**
851 * Copy the contents of `from' to `to' if the given match function
852 * return true.
853 *
854 * @param context A Kerberos 5 context.
855 * @param from the cache to copy data from.
856 * @param to the cache to copy data to.
857 * @param match a match function that should return TRUE if cred argument should be copied, if NULL, all credentials are copied.
858 * @param matchctx context passed to match function.
859 * @param matched set to true if there was a credential that matched, may be NULL.
860 *
861 * @return Return an error code or 0, see krb5_get_error_message().
862 *
863 * @ingroup krb5_ccache
864 */
866 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
869 krb5_ccache to,
873 {
874 krb5_error_code ret;
875 krb5_cc_cursor cursor;
876 krb5_creds cred;
877 krb5_principal princ;
889 }
894 }
903 }
905 }
911 }
913 /**
914 * Just like krb5_cc_copy_match_f(), but copy everything.
915 *
916 * @ingroup @krb5_ccache
917 */
919 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
922 krb5_ccache to)
923 {
925 }
927 /**
928 * Return the version of `id'.
929 *
930 * @ingroup krb5_ccache
931 */
934 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
937 {
940 else
942 }
944 /**
945 * Clear `mcreds' so it can be used with krb5_cc_retrieve_cred
946 *
947 * @ingroup krb5_ccache
948 */
951 KRB5_LIB_FUNCTION void KRB5_LIB_CALL
953 {
955 }
957 /**
958 * Get the cc ops that is registered in `context' to handle the
959 * prefix. prefix can be a complete credential cache name or a
960 * prefix, the function will only use part up to the first colon (:)
961 * if there is one. If prefix the argument is NULL, the default ccache
962 * implemtation is returned.
963 *
964 * @return Returns NULL if ops not found.
965 *
966 * @ingroup krb5_ccache
967 */
972 {
985 }
994 }
995 }
998 }
1002 krb5_cc_cursor cursor;
1003 };
1005 /**
1006 * Start iterating over all caches of specified type. See also
1007 * krb5_cccol_cursor_new().
1009 * @param context A Kerberos 5 context
1010 * @param type optional type to iterate over, if NULL, the default cache is used.
1011 * @param cursor cursor should be freed with krb5_cc_cache_end_seq_get().
1012 *
1013 * @return Return an error code or 0, see krb5_get_error_message().
1014 *
1015 * @ingroup krb5_ccache
1016 */
1019 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1023 {
1025 krb5_error_code ret;
1036 }
1044 }
1050 }
1058 }
1060 }
1062 /**
1063 * Retrieve the next cache pointed to by (`cursor') in `id'
1064 * and advance `cursor'.
1065 *
1066 * @param context A Kerberos 5 context
1067 * @param cursor the iterator cursor, returned by krb5_cc_cache_get_first()
1068 * @param id next ccache
1069 *
1070 * @return Return 0 or an error code. Returns KRB5_CC_END when the end
1071 * of caches is reached, see krb5_get_error_message().
1072 *
1073 * @ingroup krb5_ccache
1074 */
1077 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1079 krb5_cc_cache_cursor cursor,
1081 {
1083 }
1085 /**
1086 * Destroy the cursor `cursor'.
1087 *
1088 * @return Return an error code or 0, see krb5_get_error_message().
1089 *
1090 * @ingroup krb5_ccache
1091 */
1094 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1096 krb5_cc_cache_cursor cursor)
1097 {
1098 krb5_error_code ret;
1103 }
1105 /**
1106 * Search for a matching credential cache that have the
1107 * `principal' as the default principal. On success, `id' needs to be
1108 * freed with krb5_cc_close() or krb5_cc_destroy().
1109 *
1110 * @param context A Kerberos 5 context
1111 * @param client The principal to search for
1112 * @param id the returned credential cache
1113 *
1114 * @return On failure, error code is returned and `id' is set to NULL.
1115 *
1116 * @ingroup krb5_ccache
1117 */
1120 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1122 krb5_principal client,
1124 {
1125 krb5_cccol_cursor cursor;
1126 krb5_error_code ret;
1136 krb5_principal principal;
1140 krb5_boolean match;
1146 }
1150 }
1166 }
1170 }
1172 /**
1173 * Move the content from one credential cache to another. The
1174 * operation is an atomic switch.
1175 *
1176 * @param context a Keberos context
1177 * @param from the credential cache to move the content from
1178 * @param to the credential cache to move the content to
1180 * @return On sucess, from is freed. On failure, error code is
1181 * returned and from and to are both still allocated, see krb5_get_error_message().
1182 *
1183 * @ingroup krb5_ccache
1184 */
1186 krb5_error_code
1188 {
1189 krb5_error_code ret;
1196 }
1202 }
1204 }
1209 static krb5_error_code
1211 krb5_const_principal principal,
1213 {
1214 krb5_principal client;
1215 krb5_error_code ret;
1228 }
1231 KRB5_REALM_NAME,
1237 }
1241 }
1243 /**
1244 * Return TRUE (non zero) if the principal is a configuration
1245 * principal (generated part of krb5_cc_set_config()). Returns FALSE
1246 * (zero) if not a configuration principal.
1247 *
1248 * @param context a Keberos context
1249 * @param principal principal to check if it a configuration principal
1250 *
1251 * @ingroup krb5_ccache
1252 */
1254 KRB5_LIB_FUNCTION krb5_boolean KRB5_LIB_CALL
1256 krb5_const_principal principal)
1257 {
1266 }
1268 /**
1269 * Store some configuration for the credential cache in the cache.
1270 * Existing configuration under the same name is over-written.
1271 *
1272 * @param context a Keberos context
1273 * @param id the credential cache to store the data for
1274 * @param principal configuration for a specific principal, if
1275 * NULL, global for the whole cache.
1276 * @param name name under which the configuraion is stored.
1277 * @param data data to store, if NULL, configure is removed.
1278 *
1279 * @ingroup krb5_ccache
1280 */
1282 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1284 krb5_const_principal principal,
1286 {
1287 krb5_error_code ret;
1288 krb5_creds cred;
1294 /* Remove old configuration */
1300 /* not that anyone care when this expire */
1309 }
1311 out:
1314 }
1316 /**
1317 * Get some configuration for the credential cache in the cache.
1318 *
1319 * @param context a Keberos context
1320 * @param id the credential cache to store the data for
1321 * @param principal configuration for a specific principal, if
1322 * NULL, global for the whole cache.
1323 * @param name name under which the configuraion is stored.
1324 * @param data data to fetched, free with krb5_data_free()
1325 *
1326 * @ingroup krb5_ccache
1327 */
1330 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1332 krb5_const_principal principal,
1334 {
1336 krb5_error_code ret;
1351 out:
1355 }
1357 /*
1358 *
1359 */
1363 krb5_cc_cache_cursor cursor;
1364 };
1366 /**
1367 * Get a new cache interation cursor that will interate over all
1368 * credentials caches independent of type.
1369 *
1370 * @param context a Keberos context
1371 * @param cursor passed into krb5_cccol_cursor_next() and free with krb5_cccol_cursor_free().
1372 *
1373 * @return Returns 0 or and error code, see krb5_get_error_message().
1374 *
1375 * @ingroup krb5_ccache
1376 */
1378 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1380 {
1385 }
1390 }
1392 /**
1393 * Get next credential cache from the iteration.
1394 *
1395 * @param context A Kerberos 5 context
1396 * @param cursor the iteration cursor
1397 * @param cache the returned cursor, pointer is set to NULL on failure
1398 * and a cache on success. The returned cache needs to be freed
1399 * with krb5_cc_close() or destroyed with krb5_cc_destroy().
1400 * MIT Kerberos behavies slightly diffrent and sets cache to NULL
1401 * when all caches are iterated over and return 0.
1402 *
1403 * @return Return 0 or and error, KRB5_CC_END is returned at the end
1404 * of iteration. See krb5_get_error_message().
1405 *
1406 * @ingroup krb5_ccache
1407 */
1410 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1413 {
1414 krb5_error_code ret;
1427 }
1428 }
1439 }
1444 }
1447 }
1449 /**
1450 * End an iteration and free all resources, can be done before end is reached.
1451 *
1452 * @param context A Kerberos 5 context
1453 * @param cursor the iteration cursor to be freed.
1454 *
1455 * @return Return 0 or and error, KRB5_CC_END is returned at the end
1456 * of iteration. See krb5_get_error_message().
1457 *
1458 * @ingroup krb5_ccache
1459 */
1461 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1463 {
1471 }
1473 }
1475 /**
1476 * Return the last time the credential cache was modified.
1477 *
1478 * @param context A Kerberos 5 context
1479 * @param id The credential cache to probe
1480 * @param mtime the last modification time, set to 0 on error.
1482 * @return Return 0 or and error. See krb5_get_error_message().
1483 *
1484 * @ingroup krb5_ccache
1485 */
1488 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1490 krb5_ccache id,
1492 {
1495 }
1497 /**
1498 * Return the last modfication time for a cache collection. The query
1499 * can be limited to a specific cache type. If the function return 0
1500 * and mtime is 0, there was no credentials in the caches.
1501 *
1502 * @param context A Kerberos 5 context
1503 * @param type The credential cache to probe, if NULL, all type are traversed.
1504 * @param mtime the last modification time, set to 0 on error.
1506 * @return Return 0 or and error. See krb5_get_error_message().
1507 *
1508 * @ingroup krb5_ccache
1509 */
1511 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1515 {
1516 krb5_cccol_cursor cursor;
1517 krb5_error_code ret;
1518 krb5_ccache id;
1538 }
1543 }
1544 /**
1545 * Return a friendly name on credential cache. Free the result with krb5_xfree().
1546 *
1547 * @return Return an error code or 0, see krb5_get_error_message().
1548 *
1549 * @ingroup krb5_ccache
1550 */
1552 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1554 krb5_ccache id,
1556 {
1557 krb5_error_code ret;
1558 krb5_data data;
1562 krb5_principal principal;
1576 }
1579 }
1581 /**
1582 * Set the friendly name on credential cache.
1583 *
1584 * @return Return an error code or 0, see krb5_get_error_message().
1585 *
1586 * @ingroup krb5_ccache
1587 */
1589 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1591 krb5_ccache id,
1593 {
1594 krb5_data data;
1600 }
1602 /**
1603 * Get the lifetime of the initial ticket in the cache
1604 *
1605 * Get the lifetime of the initial ticket in the cache, if the initial
1606 * ticket was not found, the error code KRB5_CC_END is returned.
1607 *
1608 * @param context A Kerberos 5 context.
1609 * @param id a credential cache
1610 * @param t the relative lifetime of the initial ticket
1611 *
1612 * @return Return an error code or 0, see krb5_get_error_message().
1613 *
1614 * @ingroup krb5_ccache
1615 */
1617 KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
1619 {
1620 krb5_cc_cursor cursor;
1621 krb5_error_code ret;
1622 krb5_creds cred;
1638 }
1640 }
1645 }
1647 /**
1648 * Set the time offset betwen the client and the KDC
1649 *
1650 * If the backend doesn't support KDC offset, use the context global setting.
1651 *
1652 * @param context A Kerberos 5 context.
1653 * @param id a credential cache
1654 * @param offset the offset in seconds
1655 *
1656 * @return Return an error code or 0, see krb5_get_error_message().
1657 *
1658 * @ingroup krb5_ccache
1659 */
1661 krb5_error_code
1663 {
1668 }
1670 }
1672 /**
1673 * Get the time offset betwen the client and the KDC
1674 *
1675 * If the backend doesn't support KDC offset, use the context global setting.
1676 *
1677 * @param context A Kerberos 5 context.
1678 * @param id a credential cache
1679 * @param offset the offset in seconds
1680 *
1681 * @return Return an error code or 0, see krb5_get_error_message().
1682 *
1683 * @ingroup krb5_ccache
1684 */
1686 krb5_error_code
1688 {
1692 }
1694 }