[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS shishi/doc
From: |
shishi-commit |
Subject: |
CVS shishi/doc |
Date: |
Fri, 10 Sep 2004 12:11:27 +0200 |
Update of /home/cvs/shishi/doc
In directory dopio:/tmp/cvs-serv20559
Modified Files:
shishi.texi
Log Message:
Add.
--- /home/cvs/shishi/doc/shishi.texi 2004/09/10 10:02:19 1.148
+++ /home/cvs/shishi/doc/shishi.texi 2004/09/10 10:11:26 1.149
@@ -3407,6 +3407,7 @@
* Ticket (ASN.1) Functions:: Low-level Ticket functions.
* AS/TGS Functions:: Low-level KDC functions; AS and TGS.
* Authenticator Functions:: Low-level authenticator functions.
+* KRB-ERROR Functions:: Low-level KRB-ERROR functions.
* Cryptographic Functions:: Low-level cryptographic functions.
* X.509 Functions:: Utility functions for X.509 support.
* Utility Functions:: Utilities for use in the global context.
@@ -3909,6 +3910,7 @@
@section Ticket (ASN.1) Functions
@include texi/ticket.c.texi
address@hidden texi/encticketpart.c.texi
@node AS/TGS Functions
@section AS/TGS Functions
@@ -4010,11 +4012,12 @@
@node Authenticator Functions
@section Authenticator Functions
-An ``Authenticator'' is a ASN.1 structure that work as a proof that an
-entity owns a ticket. It is usually embedded in the AP-REQ structure
-(@pxref{AP-REQ and AP-REP Functions}), and you most likely want to use
-an AP-REQ instead of a Authenticator in normal applications. The
-following illustrates the Authenticator ASN.1 structure.
+An ``Authenticator'' is an ASN.1 structure that work as a proof that
+an entity owns a ticket. It is usually embedded in the AP-REQ
+structure (@pxref{AP-REQ and AP-REP Functions}), and you most likely
+want to use an AP-REQ instead of a Authenticator in normal
+applications. The following illustrates the Authenticator ASN.1
+structure.
@verbatim
Authenticator ::= [APPLICATION 2] SEQUENCE {
@@ -4033,6 +4036,36 @@
@include texi/authenticator.c.texi
address@hidden KRB-ERROR Functions
address@hidden KRB-ERROR Functions
+
+The ``KRB-ERROR'' is an ASN.1 structure that can be returned, instead
+of, e.g., KDC-REP or AP-REP, to indicate various error conditions.
+Unfortunately, the semantics of several of the fields are ill
+specified, so the typically procedure is to extract ``e-text'' and/or
+``e-data'' and show it to the user. The following illustrates the
+KRB-ERROR ASN.1 structure.
+
address@hidden
+KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
+ pvno [0] INTEGER (5),
+ msg-type [1] INTEGER (30),
+ ctime [2] KerberosTime OPTIONAL,
+ cusec [3] Microseconds OPTIONAL,
+ stime [4] KerberosTime,
+ susec [5] Microseconds,
+ error-code [6] Int32,
+ crealm [7] Realm OPTIONAL,
+ cname [8] PrincipalName OPTIONAL,
+ realm [9] Realm -- service realm --,
+ sname [10] PrincipalName -- service name --,
+ e-text [11] KerberosString OPTIONAL,
+ e-data [12] OCTET STRING OPTIONAL
+}
address@hidden verbatim
+
address@hidden texi/krberror.c.texi
+
@node Cryptographic Functions
@section Cryptographic Functions
@@ -4110,6 +4143,8 @@
@include texi/realm.c.texi
@include texi/principal.c.texi
@include texi/authorize.c.texi
address@hidden texi/gztime.c.texi
address@hidden texi/password.c.texi
@node ASN.1 Functions
@section ASN.1 Functions
- CVS shishi/doc, (continued)
- CVS shishi/doc, shishi-commit, 2004/09/08
- CVS shishi/doc, shishi-commit, 2004/09/09
- CVS shishi/doc, shishi-commit, 2004/09/09
- CVS shishi/doc, shishi-commit, 2004/09/09
- CVS shishi/doc, shishi-commit, 2004/09/09
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc,
shishi-commit <=
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/10
- CVS shishi/doc, shishi-commit, 2004/09/17
- CVS shishi/doc, shishi-commit, 2004/09/17
- CVS shishi/doc, shishi-commit, 2004/09/17