ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/krb5_rd_rep.htm

153 lines
4.0 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<title>krb5_rd_rep()--Process Kerberos AP_REP Message</title>
<!-- Begin Header Records -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Change History: -->
<!-- YYMMDD USERID Change description -->
<!-- Created by Kent Hofer for V5R1 -->
<!-- Edited by Kersten Jan 02 -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<!-- End Header Records -->
<!--Java sync-link-->
<script type="text/javascript" language="Javascript" src="../rzahg/synch.js">
</script>
<a name="Top_Of_Page"></a>
<h2>krb5_rd_rep()--Process Kerberos AP_REP Message</h2>
<div class="box" style="width: 60%;">
<br>
&nbsp;&nbsp;Syntax
<pre>
#include &lt;krb5.h&gt;
krb5_error_code krb5_rd_rep(
krb5_context <em>context</em>,
krb5_auth_context <em>auth_context</em>,
krb5_const krb5_data * <em>in_data</em>,
krb5_ap_rep_enc_part ** <em>reply</em>);
</pre>
&nbsp;&nbsp;Service Program Name: QSYS/QKRBGSS<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Default Public Authority: *USE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Threadsafe: Conditional. See <a href="#usage_notes">Usage
notes</a>.<br>
<!-- iddvc RMBR -->
<br>
</div>
<p>The <strong>krb5_rd_rep()</strong> function processes a Kerberos AP_REP
message created by the <strong>krb5_mk_rep()</strong> routine. The
authentication context is updated with sequencing information obtained from the
reply message.</p>
<br>
<h3>Authorities</h3>
<p>No authorities are required.</p>
<br>
<h3>Parameters</h3>
<dl>
<dt><strong>context</strong>&nbsp;&nbsp;(Input)</dt>
<dd>The Kerberos context.<br>
<br>
</dd>
<dt><strong>auth_context</strong>&nbsp;&nbsp;(Input/Output)</dt>
<dd>The authentication context.<br>
<br>
</dd>
<dt><strong>in_data</strong>&nbsp;&nbsp;(Input)</dt>
<dd>The buffer containing the AP_REP message.<br>
<br>
</dd>
<dt><strong>reply</strong>&nbsp;&nbsp;(Output)</dt>
<dd>The decrypted reply data. The <strong>krb5_free_ap_rep_enc_part()</strong>
routine should be called to release the reply when it is no longer needed.</dd>
</dl>
<br>
<h3>Return Value</h3>
<p>If no errors occur, the return value is 0. Otherwise, a Kerberos error code
is returned.</p>
<br>
<h3>Error Messages</h3>
<table width="100%" cellpadding="5">
<tr>
<th align="left" valign="top">Message ID</th>
<th align="left" valign="top">Error Message Text</th>
</tr>
<tr>
<td width="15%" valign="top">CPE3418 E</td>
<td width="85%" valign="top">Possible APAR condition or hardware failure.</td>
</tr>
</table>
<br>
<br>
<h3><a name="usage_notes">Usage Notes</a></h3>
<ol>
<li>The Kerberos protocol runtime provides no concurrency control for the
authentication context. If the application wants to use the same authentication
context in multiple threads, it is the responsibility of the application to
serialize access to the authentication context so that only a single thread is
accessing the authentication context at any time. Because message sequence
numbers are contained in the authentication context, this serialization needs
to be extended to encompass the message exchange between the two applications.
Otherwise, message sequence errors are liable to occur if the messages are
delivered out of sequence.</li>
</ol>
<br>
<hr>
API introduced: V5R1
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> |
<a href="sec.htm">Security APIs</a> <br><a href="unix.htm">UNIX-Type APIs</a> |
<a href="aplist.htm">APIs by category</a> </td>
</tr>
</table>
</center>
</body>
</html>