krb5_tkt_creds_step - Get the next KDC request in a TGS exchange.¶
-
krb5_error_code krb5_tkt_creds_step(krb5_context context, krb5_tkt_creds_context ctx, krb5_data *in, krb5_data *out, krb5_data *realm, unsigned int *flags)¶
- param:
[in] context - Library context
[in] ctx - TGS request context
[in] in - KDC response (empty on the first call)
[out] out - Next KDC request
[out] realm - Realm for next KDC request
[out] flags - Output flags
- retval:
0 Success; otherwise - Kerberos error codes
This function constructs the next KDC request for a TGS exchange, allowing the caller to control the transport of KDC requests and replies. On the first call, in should be set to an empty buffer; on subsequent calls, it should be set to the KDC’s reply to the previous request.
If more requests are needed, flags will be set to KRB5_TKT_CREDS_STEP_FLAG_CONTINUE
and the next request will be placed in out . If no more requests are needed, flags will not contain KRB5_TKT_CREDS_STEP_FLAG_CONTINUE
and out will be empty.
If this function returns KRB5KRB_ERR_RESPONSE_TOO_BIG , the caller should transmit the next request using TCP rather than UDP. If this function returns any other error, the TGS exchange has failed.
Note
New in 1.9