summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbiorn <biorn@openbsd.org>2004-10-29 21:14:30 +0000
committerbiorn <biorn@openbsd.org>2004-10-29 21:14:30 +0000
commit89f535abfa6dfd4e9fbd789af477b7f97045a498 (patch)
treefa95888caa9d6a7a5a979de2933b412928b9b5e4
parentfix typo in comment (diff)
downloadwireguard-openbsd-89f535abfa6dfd4e9fbd789af477b7f97045a498.tar.xz
wireguard-openbsd-89f535abfa6dfd4e9fbd789af477b7f97045a498.zip
Remove unneeded files. ok beck@
Diffstat
-rw-r--r--kerberosV/src/appl/afsutil/afslog.cat160
-rw-r--r--kerberosV/src/appl/login/login.1226
-rw-r--r--kerberosV/src/appl/login/login.access.556
-rw-r--r--kerberosV/src/appl/login/login.access.cat545
-rw-r--r--kerberosV/src/appl/login/login.cat1153
-rw-r--r--kerberosV/src/appl/popper/popper.cat854
-rw-r--r--kerberosV/src/appl/rcp/rcp.167
-rw-r--r--kerberosV/src/appl/rsh/rsh.cat1130
-rw-r--r--kerberosV/src/appl/rsh/rshd.cat879
-rw-r--r--kerberosV/src/cf/destdirs.m418
-rw-r--r--kerberosV/src/cf/dlopen.m48
-rw-r--r--kerberosV/src/cf/irix.m426
-rw-r--r--kerberosV/src/cf/otp.m427
-rw-r--r--kerberosV/src/cf/sunos.m425
-rw-r--r--kerberosV/src/cf/telnet.m478
-rw-r--r--kerberosV/src/lib/des/des.cat1132
-rw-r--r--kerberosV/src/lib/des/des_crypt.cat3264
-rw-r--r--kerberosV/src/lib/gssapi/gss_acquire_cred.cat3275
-rw-r--r--kerberosV/src/lib/gssapi/gssapi.cat3101
-rw-r--r--kerberosV/src/lib/krb5/kerberos.cat855
-rw-r--r--kerberosV/src/lib/krb5/krb5.cat3204
-rw-r--r--kerberosV/src/lib/krb5/krb5.conf.cat5476
-rw-r--r--kerberosV/src/lib/krb5/krb5_425_conv_principal.cat3141
-rw-r--r--kerberosV/src/lib/krb5/krb5_address.cat3163
-rw-r--r--kerberosV/src/lib/krb5/krb5_aname_to_localname.cat337
-rw-r--r--kerberosV/src/lib/krb5/krb5_appdefault.cat355
-rw-r--r--kerberosV/src/lib/krb5/krb5_auth_context.cat3167
-rw-r--r--kerberosV/src/lib/krb5/krb5_build_principal.cat358
-rw-r--r--kerberosV/src/lib/krb5/krb5_ccache.cat3176
-rw-r--r--kerberosV/src/lib/krb5/krb5_config.cat357
-rw-r--r--kerberosV/src/lib/krb5/krb5_context.cat319
-rw-r--r--kerberosV/src/lib/krb5/krb5_create_checksum.cat352
-rw-r--r--kerberosV/src/lib/krb5/krb5_crypto_init.cat332
-rw-r--r--kerberosV/src/lib/krb5/krb5_data.cat371
-rw-r--r--kerberosV/src/lib/krb5/krb5_encrypt.cat344
-rw-r--r--kerberosV/src/lib/krb5/krb5_free_addresses.cat321
-rw-r--r--kerberosV/src/lib/krb5/krb5_free_principal.cat323
-rw-r--r--kerberosV/src/lib/krb5/krb5_get_all_client_addrs.cat337
-rw-r--r--kerberosV/src/lib/krb5/krb5_get_krbhst.cat354
-rw-r--r--kerberosV/src/lib/krb5/krb5_init_context.cat334
-rw-r--r--kerberosV/src/lib/krb5/krb5_keytab.cat3212
-rw-r--r--kerberosV/src/lib/krb5/krb5_krbhst_init.cat3104
-rw-r--r--kerberosV/src/lib/krb5/krb5_kuserok.cat336
-rw-r--r--kerberosV/src/lib/krb5/krb5_openlog.cat3156
-rw-r--r--kerberosV/src/lib/krb5/krb5_parse_name.cat330
-rw-r--r--kerberosV/src/lib/krb5/krb5_principal_get_realm.cat342
-rw-r--r--kerberosV/src/lib/krb5/krb5_set_default_realm.cat361
-rw-r--r--kerberosV/src/lib/krb5/krb5_set_password.cat346
-rw-r--r--kerberosV/src/lib/krb5/krb5_sname_to_principal.cat336
-rw-r--r--kerberosV/src/lib/krb5/krb5_timeofday.cat325
-rw-r--r--kerberosV/src/lib/krb5/krb5_unparse_name.cat324
-rw-r--r--kerberosV/src/lib/krb5/krb5_verify_user.cat3128
-rw-r--r--kerberosV/src/lib/krb5/krb5_warn.cat366
-rw-r--r--kerberosV/src/lib/krb5/verify_krb5_conf.cat857
-rw-r--r--kerberosV/src/lib/roken/getarg.cat3230
55 files changed, 0 insertions, 5053 deletions
diff --git a/kerberosV/src/appl/afsutil/afslog.cat1 b/kerberosV/src/appl/afsutil/afslog.cat1
deleted file mode 100644
index d662b4eadfe..00000000000
--- a/kerberosV/src/appl/afsutil/afslog.cat1
+++ /dev/null
@@ -1,60 +0,0 @@
-
-AFSLOG(1) UNIX Reference Manual AFSLOG(1)
-
-NNAAMMEE
- aaffsslloogg - obtain AFS tokens
-
-SSYYNNOOPPSSIISS
- aaffsslloogg [--cc _c_e_l_l | ----cceellll==_c_e_l_l] [--pp _p_a_t_h | ----ffiillee==_p_a_t_h] [--kk _r_e_a_l_m |
- ----rreeaallmm==_r_e_a_l_m] [----nnoo--vv44] [----nnoo--vv55] [--uu | ----uunnlloogg] [--vv | ----vveerrbboossee]
- [----vveerrssiioonn] [--hh | ----hheellpp] [_c_e_l_l | _p_a_t_h _._._.]
-
-DDEESSCCRRIIPPTTIIOONN
- aaffsslloogg obtains AFS tokens for a number of cells. What cells to get tokens
- for can either be specified as an explicit list, as file paths to get to-
- kens for, or be left unspecified, in which case aaffsslloogg will use whatever
- magic krb_afslog(3) decides upon.
-
- Supported options:
-
- --cc _c_e_l_l_, ----cceellll==_c_e_l_l
- This specified one or more cell names to get tokens for.
-
- --pp _p_a_t_h, ----ffiillee==_p_a_t_h
- This specified one or more file paths for which tokens should be
- obtained.
-
- --kk _r_e_a_l_m, ----rreeaallmm==_r_e_a_l_m
- This is the Kerberos realm the AFS servers live in, this should
- normally not be specified.
-
- ----nnoo--vv44
- This makes aaffsslloogg not try using Kerberos 4.
-
- ----nnoo--vv55
- This makes aaffsslloogg not try using Kerberos 5.
-
- --uu, ----uunnlloogg
- Destroy tokens instead of obtaining new. If this is specified,
- all other options are ignored (except for ----hheellpp and ----vveerrssiioonn).
-
- --vv, ----vveerrbboossee
- Adds more verbosity for what is actually going on.
- Instead of using --cc and --pp, you may also pass a list of cells and file
- paths after any other options. These arguments are considered files if
- they are either the strings ``.'' or ``..'' or they contain a slash, or
- if there exists a file by that name.
-
-EEXXAAMMPPLLEESS
- Assuming that there is no file called ``openafs.org'' in the current di-
- rectory, and that _/_a_f_s_/_o_p_e_n_a_f_s_._o_r_g points to that cell, the follwing
- should be identical:
-
- $ afslog -c openafs.org
- $ afslog openafs.org
- $ afslog /afs/openafs.org/some/file
-
-SSEEEE AALLSSOO
- krb_afslog(3)
-
- HEIMDAL November 26, 2002 1
diff --git a/kerberosV/src/appl/login/login.1 b/kerberosV/src/appl/login/login.1
deleted file mode 100644
index 707cb290d42..00000000000
--- a/kerberosV/src/appl/login/login.1
+++ /dev/null
@@ -1,226 +0,0 @@
-.\" $KTH: login.1,v 1.1 2003/03/24 16:15:12 joda Exp $
-.\"
-.Dd March 24, 2003
-.Dt LOGIN 1
-.Os HEIMDAL
-.Sh NAME
-.Nm login
-.Nd
-authenticate a user and start new session
-.Sh SYNOPSIS
-.Nm
-.Op Fl fp
-.Op Fl a Ar level
-.Op Fl h Ar hostname
-.Ar [username]
-.Sh DESCRIPTION
-This manual page documents the
-.Nm login
-program distributed with the Heimdal Kerberos 5 implementation, it may
-differ in important ways from your system version.
-.Pp
-The
-.Nm login
-programs logs users into the system. It is intended to be run by
-system daemons like
-.Xr getty 8
-or
-.Xr telnetd 8 .
-If you are already logged in, but want to change to another user, you
-should use
-.Xr su 1 .
-.Pp
-A username can be given on the command line, else one will be prompted
-for.
-.Pp
-A password is required to login, unless the
-.Fl f
-option is given (indicating that the calling program has already done
-proper authentication). With
-.Fl f
-the user will be logged in without further questions.
-.Pp
-For password authentication Kerberos 5, Kerberos 4 (if compiled in),
-OTP (if compiled in) and local
-.No ( Pa /etc/passwd )
-passwords are supported. OTP will be used if the the user is
-registered to use it, and
-.Nm login
-is given the option
-.Fl a Li otp .
-When using OTP, a challenge is shown to the user.
-.Pp
-Further options are:
-.Bl -tag -width Ds
-.It Fl a Ar string
-Which authentication mode to use, the only supported value is
-currently
-.Dq otp .
-.It Fl f
-Indicates that the user is already authenticated. This happens, for
-instance, when login is started by telnetd, and the user has proved
-authentic via Kerberos.
-.It Fl h Ar hostname
-Indicates which host the user is logging in from. This is passed from
-telnetd, and is entered into the login database.
-.It Fl p
-This tells
-.Nm login
-to preserve all environment variables. If not given, only the
-.Dv TERM
-and
-.Dv TZ
-variables are preserved. It could be a security risk to pass random
-variables to
-.Nm login
-or the user shell, so the calling daemon should make sure it only
-passes
-.Dq safe
-variables.
-.El
-.Pp
-The process of logging user in proceeds as follows.
-.Pp
-First a check is made that logins are allowed at all. This usually
-means checking
-.Pa /etc/nologin .
-If it exists, and the user trying to login is not root, the contents
-is printed, and then login exits.
-.Pp
-Then various system parameters are set up, like changing the owner of
-the tty to the user, setting up signals, setting the group list, and
-user and group id. Also various machine specific tasks are performed.
-.Pp
-Next
-.Nm login
-changes to the users home directory, or if that fails, to
-.Pa / .
-The environment is setup, by adding some required variables (such as
-.Dv PATH ) ,
-and also authentication related ones (such as
-.Dv KRB5CCNAME ) .
-If an environment file exists
-.No ( Pa /etc/environment ) ,
-variables are set according to
-it.
-.Pp
-If one or more login message files are configured, their contents is
-printed to the terminal.
-.Pp
-If a login time command is configured, it is executed. A logout time
-command can also be configured, which makes
-.Nm login
-fork, and wait for the user shell to exit, and then run the command.
-This can be used to clean up user credentials.
-.Pp
-Finally, the user's shell is executed. If the user logging in is root,
-and root's login shell does not exist, a default shell (usually
-.Pa /bin/sh )
-is also tried before giving up.
-.Sh ENVIRONMENT
-These environment variables are set by login (not including ones set by
-.Pa /etc/environment ) :
-.Pp
-.Bl -tag -compact -width USERXXLOGNAME
-.It Dv PATH
-the default system path
-.It Dv HOME
-the user's home directory (or possibly
-.Pa / )
-.It Dv USER , Dv LOGNAME
-both set to the username
-.It Dv SHELL
-the user's shell
-.It Dv TERM , Dv TZ
-set to whatever is passed to
-.Nm login
-.It Dv KRB5CCNAME
-if the password is verified via Kerberos 5, this will point to the
-credentials cache file
-.It Dv KRBTKFILE
-if the password is verified via Kerberos 4, this will point to the
-ticket file
-.El
-.Sh FILES
-.Bl -tag -compact -width Ds
-.It Pa /etc/environment
-Contains a set of environment variables that should be set in addition
-to the ones above. It should contain sh-style assignments like
-.Dq VARIABLE=value .
-Note that they are not parsed the way a shell would. No variable
-expansion is performed, and all strings are literal, and quotation
-marks should not be used. Everything after a hash mark is considered a
-comment. The following are all different (the last will set the
-variable
-.Dv BAR ,
-not
-.Dv FOO ) .
-.Bd -literal -offset indent
-FOO=this is a string
-FOO="this is a string"
-BAR= FOO='this is a string'
-.Ed
-.It Pa /etc/login.access
-See
-.Xr login.access 5 .
-.It Pa /etc/login.conf
-This is a termcap style configuration file, that contains various
-settings used by
-.Nm login .
-Currently only the
-.Dq default
-capability record is used. The possible capability strings include:
-.Pp
-.Bl -tag -compact -width Ds
-.It Li environment
-This is a comma separated list of environment files that are read in
-the order specified. If this is missing the default
-.Pa /etc/environment
-is used.
-.It Li login_program
-This program will be executed just before the user's shell is started.
-It will be called without arguments.
-.It Li logout_program
-This program will be executed just after the user's shell has
-terminated. It will be called without arguments. This program will be
-the parent process of the spawned shell.
-.It Li motd
-A comma separated list of text files that will be printed to the
-user's terminal before starting the shell. The string
-.Li welcome
-works similarly, but points to a single file.
-.El
-.It Pa /etc/nologin
-If it exists, login is denied to all but root. The contents of this
-file is printed before login exits.
-.El
-.Pp
-Other
-.Nm login
-programs typically print all sorts of information by default, such as
-last time you logged in, if you have mail, and system message files.
-This version of
-.Nm login
-does not, so there is no reason for
-.Pa .hushlogin
-files or similar. We feel that these tasks are best left to the user's
-shell, but the
-.Li login_program
-facility allows for a shell independent solution, if that is desired.
-.Sh EXAMPLES
-A
-.Pa login.conf
-file could look like:
-.Bd -literal -offset indent
-default:\\
- :motd=/etc/motd,/etc/motd.local:
-.Ed
-.Sh SEE ALSO
-.Xr su 1 ,
-.Xr login.access 5 ,
-.Xr getty 8 ,
-.Xr telnetd 8
-.Sh AUTHORS
-This login program was written for the Heimdal Kerberos 5
-implementation. The login.access code was written by Wietse Venema.
-.\".Sh BUGS
diff --git a/kerberosV/src/appl/login/login.access.5 b/kerberosV/src/appl/login/login.access.5
deleted file mode 100644
index 38cb71facb0..00000000000
--- a/kerberosV/src/appl/login/login.access.5
+++ /dev/null
@@ -1,56 +0,0 @@
-.\" $KTH: login.access.5,v 1.1 2003/03/24 15:49:30 joda Exp $
-.\"
-.Dd March 21, 2003
-.Dt LOGIN.ACCESS 5
-.Os HEIMDAL
-.Sh NAME
-.Nm login.access
-.Nd
-login access control table
-.Sh DESCRIPTION
-The
-.Nm login.access
-file specifies on which ttys or from which hosts certain users are
-allowed to login.
-.Pp
-At login, the
-.Pa /etc/login.access
-file is checked for the first entry that matches a specific user/host
-or user/tty combination. That entry can either allow or deny login
-access to that user.
-.Pp
-Each entry have three fields separated by colon:
-.Bl -bullet
-.It
-The first field indicates the permission given if the entry matches.
-It can be either
-.Dq +
-(allow access)
-or
-.Dq -
-(deny access) .
-.It
-The second field is a comma separated list of users or groups for
-which the current entry applies. NIS netgroups can used (if
-configured) if preceeded by @. The magic string ALL matches all users.
-A group will match if the user is a member of that group, or it is the
-user's primary group.
-.It
-The third field is a list of ttys, or network names. A network name
-can be either a hostname, a domain (indicated by a starting period),
-or a netgroup. As with the user list, ALL matches anything. LOCAL
-matches a string not containing a period.
-.El
-.Pp
-If the string EXCEPT is found in either the user or from list, the
-rest of the list are exceptions to the list before EXCEPT.
-.Sh BUGS
-If there's a user and a group with the same name, there is no way to
-make the group match if the user also matches.
-.Sh SEE ALSO
-.Xr login 1
-.Sh AUTHORS
-The
-.Fn login_access
-function was written by
-Wietse Venema. This manual page was written for Heimdal.
diff --git a/kerberosV/src/appl/login/login.access.cat5 b/kerberosV/src/appl/login/login.access.cat5
deleted file mode 100644
index 8d53505c5b2..00000000000
--- a/kerberosV/src/appl/login/login.access.cat5
+++ /dev/null
@@ -1,45 +0,0 @@
-
-LOGIN.ACCESS(5) UNIX Programmer's Manual LOGIN.ACCESS(5)
-
-NNAAMMEE
- llooggiinn..aacccceessss - login access control table
-
-DDEESSCCRRIIPPTTIIOONN
- The llooggiinn..aacccceessss file specifies on which ttys or from which hosts certain
- users are allowed to login.
-
- At login, the _/_e_t_c_/_l_o_g_i_n_._a_c_c_e_s_s file is checked for the first entry that
- matches a specific user/host or user/tty combination. That entry can ei-
- ther allow or deny login access to that user.
-
- Each entry have three fields separated by colon:
-
- ++oo The first field indicates the permission given if the entry matches.
- It can be either ``+'' (allow access) or ``-'' (deny access) .
-
- ++oo The second field is a comma separated list of users or groups for
- which the current entry applies. NIS netgroups can used (if config-
- ured) if preceeded by @. The magic string ALL matches all users. A
- group will match if the user is a member of that group, or it is the
- user's primary group.
-
- ++oo The third field is a list of ttys, or network names. A network name
- can be either a hostname, a domain (indicated by a starting period),
- or a netgroup. As with the user list, ALL matches anything. LOCAL
- matches a string not containing a period.
-
- If the string EXCEPT is found in either the user or from list, the rest
- of the list are exceptions to the list before EXCEPT.
-
-BBUUGGSS
- If there's a user and a group with the same name, there is no way to make
- the group match if the user also matches.
-
-SSEEEE AALLSSOO
- login(1)
-
-AAUUTTHHOORRSS
- The llooggiinn__aacccceessss() function was written by Wietse Venema. This manual
- page was written for Heimdal.
-
- HEIMDAL March 21, 2003 1
diff --git a/kerberosV/src/appl/login/login.cat1 b/kerberosV/src/appl/login/login.cat1
deleted file mode 100644
index 21ca2a53d07..00000000000
--- a/kerberosV/src/appl/login/login.cat1
+++ /dev/null
@@ -1,153 +0,0 @@
-
-LOGIN(1) UNIX Reference Manual LOGIN(1)
-
-NNAAMMEE
- llooggiinn - authenticate a user and start new session
-
-SSYYNNOOPPSSIISS
- llooggiinn [--ffpp] [--aa _l_e_v_e_l] [--hh _h_o_s_t_n_a_m_e] _[_u_s_e_r_n_a_m_e_]
-
-DDEESSCCRRIIPPTTIIOONN
- This manual page documents the llooggiinn program distributed with the Heim-
- dal Kerberos 5 implementation, it may differ in important ways from your
- system version.
-
- The llooggiinn programs logs users into the system. It is intended to be run
- by system daemons like getty(8) or telnetd(8). If you are already logged
- in, but want to change to another user, you should use su(1).
-
- A username can be given on the command line, else one will be prompted
- for.
-
- A password is required to login, unless the --ff option is given (indicat-
- ing that the calling program has already done proper authentication).
- With --ff the user will be logged in without further questions.
-
- For password authentication Kerberos 5, Kerberos 4 (if compiled in), OTP
- (if compiled in) and local (_/_e_t_c_/_p_a_s_s_w_d) passwords are supported. OTP
- will be used if the the user is registered to use it, and llooggiinn is given
- the option --aa otp. When using OTP, a challenge is shown to the user.
-
- Further options are:
-
- --aa _s_t_r_i_n_g
- Which authentication mode to use, the only supported value is
- currently ``otp''.
-
- --ff Indicates that the user is already authenticated. This happens,
- for instance, when login is started by telnetd, and the user has
- proved authentic via Kerberos.
-
- --hh _h_o_s_t_n_a_m_e
- Indicates which host the user is logging in from. This is passed
- from telnetd, and is entered into the login database.
-
- --pp This tells llooggiinn to preserve all environment variables. If not
- given, only the TERM and TZ variables are preserved. It could be
- a security risk to pass random variables to llooggiinn or the user
- shell, so the calling daemon should make sure it only passes
- ``safe'' variables.
-
- The process of logging user in proceeds as follows.
-
- First a check is made that logins are allowed at all. This usually means
- checking _/_e_t_c_/_n_o_l_o_g_i_n. If it exists, and the user trying to login is not
- root, the contents is printed, and then login exits.
-
- Then various system parameters are set up, like changing the owner of the
- tty to the user, setting up signals, setting the group list, and user and
- group id. Also various machine specific tasks are performed.
-
- Next llooggiinn changes to the users home directory, or if that fails, to _/.
- The environment is setup, by adding some required variables (such as
- PATH), and also authentication related ones (such as KRB5CCNAME). If an
- environment file exists (_/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t), variables are set according
- to it.
-
- If one or more login message files are configured, their contents is
- printed to the terminal.
-
- If a login time command is configured, it is executed. A logout time com-
- mand can also be configured, which makes llooggiinn fork, and wait for the us-
- er shell to exit, and then run the command. This can be used to clean up
- user credentials.
-
- Finally, the user's shell is executed. If the user logging in is root,
- and root's login shell does not exist, a default shell (usually _/_b_i_n_/_s_h)
- is also tried before giving up.
-
-EENNVVIIRROONNMMEENNTT
- These environment variables are set by login (not including ones set by
- _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t):
-
- PATH the default system path
- HOME the user's home directory (or possibly _/)
- USER, LOGNAME both set to the username
- SHELL the user's shell
- TERM, TZ set to whatever is passed to llooggiinn
- KRB5CCNAME if the password is verified via Kerberos 5, this will
- point to the credentials cache file
- KRBTKFILE if the password is verified via Kerberos 4, this will
- point to the ticket file
-
-FFIILLEESS
- /etc/environment
- Contains a set of environment variables that should be set in ad-
- dition to the ones above. It should contain sh-style assignments
- like ``VARIABLE=value''. Note that they are not parsed the way a
- shell would. No variable expansion is performed, and all strings
- are literal, and quotation marks should not be used. Everything
- after a hash mark is considered a comment. The following are all
- different (the last will set the variable BAR, not FOO).
-
- FOO=this is a string
- FOO="this is a string"
- BAR= FOO='this is a string'
- /etc/login.access
- See login.access(5).
- /etc/login.conf
- This is a termcap style configuration file, that contains various
- settings used by llooggiinn. Currently only the ``default'' capability
- record is used. The possible capability strings include:
-
- environment
- This is a comma separated list of environment files that
- are read in the order specified. If this is missing the
- default _/_e_t_c_/_e_n_v_i_r_o_n_m_e_n_t is used.
- login_program
- This program will be executed just before the user's
- shell is started. It will be called without arguments.
- logout_program
- This program will be executed just after the user's shell
- has terminated. It will be called without arguments. This
- program will be the parent process of the spawned shell.
- motd A comma separated list of text files that will be printed
- to the user's terminal before starting the shell. The
- string welcome works similarly, but points to a single
- file.
- /etc/nologin
- If it exists, login is denied to all but root. The contents of
- this file is printed before login exits.
-
-
- Other llooggiinn programs typically print all sorts of information by default,
- such as last time you logged in, if you have mail, and system message
- files. This version of llooggiinn does not, so there is no reason for
- _._h_u_s_h_l_o_g_i_n files or similar. We feel that these tasks are best left to
- the user's shell, but the login_program facility allows for a shell inde-
- pendent solution, if that is desired.
-
-EEXXAAMMPPLLEESS
- A _l_o_g_i_n_._c_o_n_f file could look like:
-
- default:\
- :motd=/etc/motd,/etc/motd.local:
-
-SSEEEE AALLSSOO
- su(1), login.access(5), getty(8), telnetd(8)
-
-AAUUTTHHOORRSS
- This login program was written for the Heimdal Kerberos 5 implementation.
- The login.access code was written by Wietse Venema.
-
- HEIMDAL March 24, 2003 3
diff --git a/kerberosV/src/appl/popper/popper.cat8 b/kerberosV/src/appl/popper/popper.cat8
deleted file mode 100644
index f2f3ebfc1d6..00000000000
--- a/kerberosV/src/appl/popper/popper.cat8
+++ /dev/null
@@ -1,54 +0,0 @@
-
-POPPER(8) UNIX System Manager's Manual POPPER(8)
-
-NNAAMMEE
- ppooppppeerr - POP3 server
-
-SSYYNNOOPPSSIISS
- ppooppppeerr [--kk] [--aa _n_o_n_e|otp] [--tt _f_i_l_e] [--TT _s_e_c_o_n_d_s] [--dd] [--ii] [--pp _p_o_r_t]
- [----aaddddrreessss--lloogg==_f_i_l_e]
-
-DDEESSCCRRIIPPTTIIOONN
- ppooppppeerr serves mail via the Post Office Protocol. Supported options in-
- clude:
-
- --aa _n_o_n_e|otp, ----aauutthh--mmooddee==_n_o_n_e|otp
- tells ppooppppeerr what authentication modes are acceptable, passing
- _o_t_p disables clear text passwords. Otp doesn't disable Kerberos
- authentication, only cleartext passwords.
-
- ----aaddddrreessss--lloogg==_f_i_l_e
- logs the addresses of all clients to the specified file
-
- --dd, ----ddeebbuugg
- enables more verbose log messages
-
- --ii, ----iinntteerraaccttiivvee
- when not started by inetd, this flag tells ppooppppeerr that it has to
- create a socket by itself
-
- --kk, ----kkeerrbbeerrooss
- tells ppooppppeerr to use the Kerberos for authentication.
-
- --pp _p_o_r_t, ----ppoorrtt==_p_o_r_t
- port to listen to, in combination with --ii
-
- --tt _f_i_l_e, ----ttrraaccee--ffiillee==_f_i_l_e
- trace all commands to file
-
- --TT _s_e_c_o_n_d_s, ----ttiimmeeoouutt==_s_e_c_o_n_d_s
- set timeout to something other than the default of 120 seconds
-
-SSEEEE AALLSSOO
- push(8), movemail(8)
-
-SSTTAANNDDAARRDDSS
- RFC1939 (Post Office Protocol - Version 3)
-
-AAUUTTHHOORRSS
- The server was initially developed at the University of California,
- Berkeley.
-
- Many changes have been made as part of the KTH Kerberos distributions.
-
- HEIMDAL April 16, 2003 1
diff --git a/kerberosV/src/appl/rcp/rcp.1 b/kerberosV/src/appl/rcp/rcp.1
deleted file mode 100644
index 5bd0a6b4186..00000000000
--- a/kerberosV/src/appl/rcp/rcp.1
+++ /dev/null
@@ -1,67 +0,0 @@
-.\" $KTH: rcp.1,v 1.2 2003/04/16 12:20:43 joda Exp $
-.\"
-.Dd April 16, 2003
-.Dt RCP 1
-.Os HEIMDAL
-.Sh NAME
-.Nm rcp
-.Nd
-copy file to and from remote machines
-.Sh SYNOPSIS
-.Nm rcp
-.Op Fl 45FKpxz
-.Op Fl P Ar port
-.Ar file1 file2
-.Nm rcp
-.Op Fl 45FKprxz
-.Op Fl P Ar port
-.Ar file... directory
-.Sh DESCRIPTION
-.Nm rcp
-copies files between machines. Each file argument is either a remote file name of the form
-.Dq rname@rhost:path
-or a local file (containing no colon or with a slash before the first
-colon).
-.Pp
-Supported options:
-.Bl -tag -width Ds
-.It Xo
-.Fl 4 ,
-.Fl 5 ,
-.Fl K ,
-.Fl F ,
-.Fl x ,
-.Fl z
-.Xc
-These options are passed on to
-.Xr rsh 1 .
-.It Fl P Ar port
-This will pass the option
-.Fl p Ar port
-to
-.Xr rsh 1 .
-.It Fl p
-Preserve file permissions.
-.It Fl r
-Copy source directories recursively.
-.El
-.\".Sh ENVIRONMENT
-.\".Sh FILES
-.\".Sh EXAMPLES
-.Sh DIAGNOSTICS
-.Nm rcp
-is implemented as a protocol on top of
-.Xr rsh 1 ,
-and thus requires a working rsh. If you intend to use Kerberos
-authentication, rsh needs to be Kerberos aware, else you may see more
-or less strange errors, such as "login incorrect", or "lost
-connection".
-.\".Sh SEE ALSO
-.\".Sh STANDARDS
-.Sh HISTORY
-The
-.Nm rcp
-utility first appeared in 4.2BSD. This version is derived from
-4.3BSD-Reno.
-.\".Sh AUTHORS
-.\".Sh BUGS
diff --git a/kerberosV/src/appl/rsh/rsh.cat1 b/kerberosV/src/appl/rsh/rsh.cat1
deleted file mode 100644
index e6d46ff0d4c..00000000000
--- a/kerberosV/src/appl/rsh/rsh.cat1
+++ /dev/null
@@ -1,130 +0,0 @@
-
-RSH(1) UNIX Reference Manual RSH(1)
-
-NNAAMMEE
- rrsshh - remote shell
-
-SSYYNNOOPPSSIISS
- rrsshh [--4455FFGGKKddeeffnnuuxxzz] [--UU _s_t_r_i_n_g] [--pp _p_o_r_t] [--ll _u_s_e_r_n_a_m_e] [--PP _N_|_O] _h_o_s_t
- _[_c_o_m_m_a_n_d_]
-
-DDEESSCCRRIIPPTTIIOONN
- rrsshh authenticates to the rshd(8) daemon on the remote _h_o_s_t, and then exe-
- cutes the specified _c_o_m_m_a_n_d.
-
- rrsshh copies its standard input to the remote command, and the standard
- output and error of the remote command to its own.
-
- Valid options are:
-
- --44, ----kkrrbb44
- The --44 option requests Kerberos 4 authentication. Normally all
- supported authentication mechanisms will be tried, but in some
- cases more explicit control is desired.
-
- --55, ----kkrrbb55
- The --55 option requests Kerberos 5 authentication. This is analo-
- gous to the --44 option.
-
- --KK, ----bbrrookkeenn
- The --KK option turns off all Kerberos authentication. The long
- name implies that this is more or less totally unsecure. The se-
- curity in this mode relies on reserved ports, which is not very
- secure.
-
- --nn, ----nnoo--iinnppuutt
- The --nn option directs the input from the _/_d_e_v_/_n_u_l_l device (see
- the _B_U_G_S section of this manual page).
-
- --ee, ----nnoo--ssttddeerrrr
- Don't use a separate socket for the stderr stream. This can be
- necessary if rsh-ing through a NAT bridge.
-
- --xx, ----eennccrryypptt
- The --xx option enables encryption for all data exchange. This is
- only valid for Kerberos authenticated connections (see the _B_U_G_S
- section for limitations).
-
- --zz The opposite of --xx. This is the default, but encryption can be
- enabled when using Kerberos 5, by setting the libdefaults/encrypt
- option in krb5.conf(5).
-
- --ff, ----ffoorrwwaarrdd
- Forward Kerberos 5 credentials to the remote host. Also con-
- trolled by libdefaults/forward in krb5.conf(5).
-
- --GG The opposite of --ff.
-
- --FF, ----ffoorrwwaarrddaabbllee
- Make the forwarded credentials re-forwardable. Also controlled by
- libdefaults/forwardable in krb5.conf(5).
-
- --uu, ----uunniiqquuee
- Make sure the remote credentials cache is unique, that is, don't
-
-
- reuse any existing cache. Mutually exclusive to --UU.
-
- --UU _s_t_r_i_n_g, ----ttkkffiillee==_s_t_r_i_n_g
- Name of the remote credentials cache. Mutually exclusive to --uu.
-
- --pp _n_u_m_b_e_r_-_o_r_-_s_e_r_v_i_c_e, ----ppoorrtt==_n_u_m_b_e_r_-_o_r_-_s_e_r_v_i_c_e
- Connect to this port instead of the default (which is 514 when
- using old port based authentication, 544 for Kerberos 5 and non-
- encrypted Kerberos 4, and 545 for encrytpted Kerberos 4; subject
- of course to the contents of _/_e_t_c_/_s_e_r_v_i_c_e_s).
-
- --ll _s_t_r_i_n_g, ----uusseerr==_s_t_r_i_n_g
- By default the remote username is the same as the local. The --ll
- option or the _u_s_e_r_n_a_m_e_@_h_o_s_t format allow the remote name to be
- specified.
-
- --PP _N_|_O_|_1_|_2, ----pprroottooccooll==_N_|_O_|_1_|_2
- Specifies which protocol version to use with Kerberos 5. _N and _2
- selects protocol version 2, while _O and _1 selects version 1. Ver-
- sion 2 is believed to be more secure, and is the default. Unless
- asked for a specific version, rrsshh will try both. This behaviour
- may change in the future.
-
-EEXXAAMMPPLLEESS
- Care should be taken when issuing commands containing shell meta charac-
- ters. Without quoting, these will be expanded on the local machine.
-
- The following command:
-
- rsh otherhost cat remotefile > localfile
-
- will write the contents of the remote _r_e_m_o_t_e_f_i_l_e to the local _l_o_c_a_l_f_i_l_e,
- but:
-
- rsh otherhost 'cat remotefile > remotefile2'
-
- will write it to the remote _r_e_m_o_t_e_f_i_l_e_2.
-
-FFIILLEESS
- /etc/hosts
-
-SSEEEE AALLSSOO
- rlogin(1), krb_realmofhost(3), krb_sendauth(3), hosts.equiv(5),
- krb5.conf(5), rhosts(5), kerberos(8) rshd(8)
-
-HHIISSTTOORRYY
- The rrsshh command appeared in 4.2BSD.
-
-AAUUTTHHOORRSS
- This implementation of rrsshh was written as part of the Heimdal Kerberos 5
- implementation.
-
-BBUUGGSS
- Some shells (notably csh(1)) will cause rrsshh to block if run in the back-
- ground, unless the standard input is directed away from the terminal.
- This is what the --nn option is for.
-
- The --xx options enables encryption for the session, but for both Kerberos
- 4 and 5 the actual command is sent unencrypted, so you should not send
- any secret information in the command line (which is probably a bad idea
- anyway, since the command line can usually be read with tools like
- ps(1)). Forthermore in Kerberos 4 the command is not even integrity pro-
- tected, so anyone with the right tools can modify the command.
-
- HEIMDAL September 4, 2002 2
diff --git a/kerberosV/src/appl/rsh/rshd.cat8 b/kerberosV/src/appl/rsh/rshd.cat8
deleted file mode 100644
index 2b09091aadd..00000000000
--- a/kerberosV/src/appl/rsh/rshd.cat8
+++ /dev/null
@@ -1,79 +0,0 @@
-
-RSHD(8) UNIX System Manager's Manual RSHD(8)
-
-NNAAMMEE
- rrsshhdd - remote shell server
-
-SSYYNNOOPPSSIISS
- rrsshhdd [--aaiikkllnnvvxxPPLL] [--pp _p_o_r_t]
-
-DDEESSCCRRIIPPTTIIOONN
- rrsshhdd is the server for the rsh(1) program. It provides an authenticated
- remote command execution service. Supported options are:
-
- --nn, ----nnoo--kkeeeeppaalliivvee
- Disables keep-alive messages. Keep-alives are packets sent at
- certain intervals to make sure that the client is still there,
- even when it doesn't send any data.
-
- --kk, ----kkeerrbbeerrooss
- Assume that clients connecting to this server will use some form
- of Kerberos authentication. See the _E_X_A_M_P_L_E_S section for a sample
- inetd.conf(5) configuration.
-
- --xx, ----eennccrryypptt
- For Kerberos 4 this means that the connections are encrypted.
- Kerberos 5 can negotiate encryption even without this option, but
- if it's present rrsshhdd will deny unencrypted connections. This op-
- tion implies --kk.
-
- --vv, ----vvaaccuuoouuss
- If the connecting client does not use any Kerberised authentica-
- tion, print a message that complains about this fact, and exit.
- This is helpful if you want to move away from old port-based au-
- thentication.
-
- --PP When using the AFS filesystem, users' authentication tokens are
- put in something called a PAG (Process Authentication Group).
- Multiple processes can share a PAG, but normally each login ses-
- sion has its own PAG. This option disables the sseettppaagg() call, so
- all tokens will be put in the default (uid-based) PAG, making it
- possible to share tokens between sessions. This is only useful in
- peculiar environments, such as some batch systems.
-
- --ii, ----nnoo--iinneettdd
- The --ii option will cause rrsshhdd to create a socket, instead of as-
- suming that its stdin came from inetd(8). This is mostly useful
- for debugging.
-
- --pp _p_o_r_t, ----ppoorrtt==_p_o_r_t
- Port to use with --ii.
-
- --aa This flag is for backwards compatibility only.
-
- --LL This flag enables logging of connections to syslogd(8). This op-
- tion is always on in this implementation.
-
-FFIILLEESS
- /etc/hosts.equiv
- ~/.rhosts
-
-EEXXAAMMPPLLEESS
- The following can be used to enable Kerberised rsh in inetd.cond(5),
- while disabling non-Kerberised connections:
-
- shell stream tcp nowait root /usr/libexec/rshd rshd -v
- kshell stream tcp nowait root /usr/libexec/rshd rshd -k
- ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx
-
-SSEEEE AALLSSOO
- rsh(1), iruserok(3)
-
-HHIISSTTOORRYY
- The rrsshhdd command appeared in 4.2BSD.
-
-AAUUTTHHOORRSS
- This implementation of rrsshhdd was written as part of the Heimdal Kerberos 5
- implementation.
-
- HEIMDAL November 22, 2002 2
diff --git a/kerberosV/src/cf/destdirs.m4 b/kerberosV/src/cf/destdirs.m4
deleted file mode 100644
index ff1a4a9614f..00000000000
--- a/kerberosV/src/cf/destdirs.m4
+++ /dev/null
@@ -1,18 +0,0 @@
-dnl
-dnl $KTH: destdirs.m4,v 1.2 2002/08/12 15:12:50 joda Exp $
-dnl
-
-AC_DEFUN([rk_DESTDIRS], [
-# This is done by AC_OUTPUT but we need the result here.
-test "x$prefix" = xNONE && prefix=$ac_default_prefix
-test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
-
-AC_FOREACH([rk_dir], [bin lib libexec localstate sbin sysconf], [
- x="${rk_dir[]dir}"
- eval y="$x"
- while test "x$y" != "x$x"; do
- x="$y"
- eval y="$x"
- done
- AC_DEFINE_UNQUOTED(AS_TR_CPP(rk_dir[]dir), "$x", [path to ]rk_dir[])])
-])
diff --git a/kerberosV/src/cf/dlopen.m4 b/kerberosV/src/cf/dlopen.m4
deleted file mode 100644
index 155c05ff385..00000000000
--- a/kerberosV/src/cf/dlopen.m4
+++ /dev/null
@@ -1,8 +0,0 @@
-dnl
-dnl $KTH: dlopen.m4,v 1.1 2002/08/28 16:32:16 joda Exp $
-dnl
-
-AC_DEFUN([rk_DLOPEN], [
- AC_FIND_FUNC_NO_LIBS(dlopen, dl)
- AM_CONDITIONAL(HAVE_DLOPEN, test "$ac_cv_funclib_dlopen" != no)
-])
diff --git a/kerberosV/src/cf/irix.m4 b/kerberosV/src/cf/irix.m4
deleted file mode 100644
index c7e98538e43..00000000000
--- a/kerberosV/src/cf/irix.m4
+++ /dev/null
@@ -1,26 +0,0 @@
-dnl
-dnl $KTH: irix.m4,v 1.1 2002/08/28 19:11:44 joda Exp $
-dnl
-
-AC_DEFUN([rk_IRIX],
-[
-irix=no
-case "$host" in
-*-*-irix4*)
- AC_DEFINE([IRIX4], 1,
- [Define if you are running IRIX 4.])
- irix=yes
- ;;
-*-*-irix*)
- irix=yes
- ;;
-esac
-AM_CONDITIONAL(IRIX, test "$irix" != no)dnl
-
-AH_BOTTOM([
-/* IRIX 4 braindamage */
-#if IRIX == 4 && !defined(__STDC__)
-#define __STDC__ 0
-#endif
-])
-])
diff --git a/kerberosV/src/cf/otp.m4 b/kerberosV/src/cf/otp.m4
deleted file mode 100644
index f3770beccb5..00000000000
--- a/kerberosV/src/cf/otp.m4
+++ /dev/null
@@ -1,27 +0,0 @@
-dnl $KTH: otp.m4,v 1.2 2002/05/19 20:51:08 joda Exp $
-dnl
-dnl check requirements for OTP library
-dnl
-AC_DEFUN([rk_OTP],[
-AC_REQUIRE([rk_DB])dnl
-AC_ARG_ENABLE(otp,
- AC_HELP_STRING([--disable-otp],[if you don't want OTP support]))
-if test "$enable_otp" = yes -a "$db_type" = unknown; then
- AC_MSG_ERROR([OTP requires a NDBM/DB compatible library])
-fi
-if test "$enable_otp" != no; then
- if test "$db_type" != unknown; then
- enable_otp=yes
- else
- enable_otp=no
- fi
-fi
-if test "$enable_otp" = yes; then
- AC_DEFINE(OTP, 1, [Define if you want OTP support in applications.])
- LIB_otp='$(top_builddir)/lib/otp/libotp.la'
- AC_SUBST(LIB_otp)
-fi
-AC_MSG_CHECKING([whether to enable OTP library])
-AC_MSG_RESULT($enable_otp)
-AM_CONDITIONAL(OTP, test "$enable_otp" = yes)dnl
-])
diff --git a/kerberosV/src/cf/sunos.m4 b/kerberosV/src/cf/sunos.m4
deleted file mode 100644
index fa4dab87979..00000000000
--- a/kerberosV/src/cf/sunos.m4
+++ /dev/null
@@ -1,25 +0,0 @@
-dnl
-dnl $KTH: sunos.m4,v 1.2 2002/10/16 14:42:13 joda Exp $
-dnl
-
-AC_DEFUN([rk_SUNOS],[
-sunos=no
-case "$host" in
-*-*-sunos4*)
- sunos=40
- ;;
-*-*-solaris2.7)
- sunos=57
- ;;
-*-*-solaris2.[[89]])
- sunos=58
- ;;
-*-*-solaris2*)
- sunos=50
- ;;
-esac
-if test "$sunos" != no; then
- AC_DEFINE_UNQUOTED(SunOS, $sunos,
- [Define to what version of SunOS you are running.])
-fi
-])
diff --git a/kerberosV/src/cf/telnet.m4 b/kerberosV/src/cf/telnet.m4
deleted file mode 100644
index 428e499e666..00000000000
--- a/kerberosV/src/cf/telnet.m4
+++ /dev/null
@@ -1,78 +0,0 @@
-dnl
-dnl $KTH: telnet.m4,v 1.1 2002/08/28 19:19:01 joda Exp $
-dnl
-dnl stuff used by telnet
-
-AC_DEFUN([rk_TELNET],[
-AC_DEFINE(AUTHENTICATION, 1,
- [Define if you want authentication support in telnet.])dnl
-AC_DEFINE(ENCRYPTION, 1,
- [Define if you want encryption support in telnet.])dnl
-AC_DEFINE(DES_ENCRYPTION, 1,
- [Define if you want to use DES encryption in telnet.])dnl
-AC_DEFINE(DIAGNOSTICS, 1,
- [Define this to enable diagnostics in telnet.])dnl
-AC_DEFINE(OLD_ENVIRON, 1,
- [Define this to enable old environment option in telnet.])dnl
-if false; then
- AC_DEFINE(ENV_HACK, 1,
- [Define this if you want support for broken ENV_{VAR,VAL} telnets.])
-fi
-
-# Simple test for streamspty, based on the existance of getmsg(), alas
-# this breaks on SunOS4 which have streams but BSD-like ptys
-#
-# And also something wierd has happend with dec-osf1, fallback to bsd-ptys
-
-case "$host" in
-*-*-aix3*|*-*-sunos4*|*-*-osf*|*-*-hpux1[[01]]*)
- ;;
-*)
- AC_CHECK_FUNC(getmsg)
- if test "$ac_cv_func_getmsg" = "yes"; then
- AC_CACHE_CHECK([if getmsg works], ac_cv_func_getmsg_works,
- AC_TRY_RUN([
- #include <stdio.h>
- #include <errno.h>
-
- int main()
- {
- int ret;
- ret = getmsg(open("/dev/null", 0), NULL, NULL, NULL);
- if(ret < 0 && errno == ENOSYS)
- return 1;
- return 0;
- }
- ], ac_cv_func_getmsg_works=yes,
- ac_cv_func_getmsg_works=no,
- ac_cv_func_getmsg_works=no))
- if test "$ac_cv_func_getmsg_works" = "yes"; then
- AC_DEFINE(HAVE_GETMSG, 1,
- [Define if you have a working getmsg.])
- AC_DEFINE(STREAMSPTY, 1,
- [Define if you have streams ptys.])
- fi
- fi
- ;;
-esac
-
-AH_BOTTOM([
-#if defined(ENCRYPTION) && !defined(AUTHENTICATION)
-#define AUTHENTICATION 1
-#endif
-
-/* Set this to the default system lead string for telnetd
- * can contain %-escapes: %s=sysname, %m=machine, %r=os-release
- * %v=os-version, %t=tty, %h=hostname, %d=date and time
- */
-#undef USE_IM
-
-/* Used with login -p */
-#undef LOGIN_ARGS
-
-/* set this to a sensible login */
-#ifndef LOGIN_PATH
-#define LOGIN_PATH BINDIR "/login"
-#endif
-])
-])
diff --git a/kerberosV/src/lib/des/des.cat1 b/kerberosV/src/lib/des/des.cat1
deleted file mode 100644
index 9a78c18de35..00000000000
--- a/kerberosV/src/lib/des/des.cat1
+++ /dev/null
@@ -1,132 +0,0 @@
-
-
-
-DES(1) DES(1)
-
-
-
-NAME
- des - encrypt or decrypt data using Data Encryption Standard
-
-SYNOPSIS
- ddeess ( --ee | --EE ) | ( --dd | --DD ) | ( --[ccCC][cckknnaammee] ) | [ --bb33hhffss ] [ --kk _k_e_y ] ]
- [ --uu[_u_u_n_a_m_e] [ _i_n_p_u_t_-_f_i_l_e [ _o_u_t_p_u_t_-_f_i_l_e ] ]
-
-DESCRIPTION
- ddeess encrypts and decrypts data using the Data Encryption Standard algo-
- rithm. One of --ee,, --EE (for encrypt) or --dd,, --DD (for decrypt) must be speci-
- fied. It is also possible to use --cc or --CC in conjunction or instead of the
- a encrypt/decrypt option to generate a 16 character hexadecimal checksum,
- generated via the _d_e_s___c_b_c___c_k_s_u_m_.
-
- Two standard encryption modes are supported by the ddeess program, Cipher
- Block Chaining (the default) and Electronic Code Book (specified with --bb ).
-
- The key used for the DES algorithm is obtained by prompting the user unless
- the ``--kk _k_e_y_' option is given. If the key is an argument to the ddeess com-
- mand, it is potentially visible to users executing ppss(1) or a derivative.
- To minimise this possibility, ddeess takes care to destroy the key argument
- immediately upon entry. If your shell keeps a history file be careful to
- make sure it is not world readable.
-
- Since this program attempts to maintain compatibility with SunOS's des(1)
- command, there are 2 different methods used to convert the user supplied
- key to a des key. Whenever and one or more of --EE,, --DD,, --CC or --33 options are
- used, the key conversion procedure will not be compatible with the SunOS
- des(1) version but will use all the user supplied character to generate the
- des key. ddeess command reads from standard input unless _i_n_p_u_t_-_f_i_l_e is speci-
- fied and writes to standard output unless _o_u_t_p_u_t_-_f_i_l_e is given.
-
-OPTIONS
-
- --bb Select ECB (eight bytes at a time) encryption mode.
-
- --33 Encrypt using triple encryption. By default triple cbc encryption is
- used but if the --bb option is used then triple ecb encryption is per-
- formed. If the key is less than 8 characters long, the flag has no
- effect.
-
- --ee Encrypt data using an 8 byte key in a manner compatible with SunOS
- des(1).
-
- --EE Encrypt data using a key of nearly unlimited length (1024 bytes).
- This will product a more secure encryption.
-
- --dd Decrypt data that was encrypted with the -e option.
-
- --DD Decrypt data that was encrypted with the -E option.
-
- --cc Generate a 16 character hexadecimal cbc checksum and output this to
- stderr. If a filename was specified after the --cc option, the checksum
- is output to that file. The checksum is generated using a key gener-
- ated in a SunOS compatible manner.
-
- --CC A cbc checksum is generated in the same manner as described for the --cc
- option but the DES key is generated in the same manner as used for the
- --EE and --DD options
-
- --ff Does nothing - allowed for compatibility with SunOS des(1) command.
-
- --ss Does nothing - allowed for compatibility with SunOS des(1) command.
-
- --kk _k_e_y
- Use the encryption _k_e_y specified.
-
- --hh The _k_e_y is assumed to be a 16 character hexadecimal number. If the --33
- option is used the key is assumed to be a 32 character hexadecimal
- number.
-
- --uu This flag is used to read and write uuencoded files. If decrypting,
- the input file is assumed to contain uuencoded, DES encrypted data.
- If encrypting, the characters following the -u are used as the name of
- the uuencoded file to embed in the begin line of the uuencoded output.
- If there is no name specified after the -u, the name text.des will be
- embedded in the header.
-
-SEE ALSO
- ppss ((11)) ddeess__ccrryypptt((33))
-
-BUGS
-
- The problem with using the --ee option is the short key length. It would be
- better to use a real 56-bit key rather than an ASCII-based 56-bit pattern.
- Knowing that the key was derived from ASCII radically reduces the time nec-
- essary for a brute-force cryptographic attack. My attempt to remove this
- problem is to add an alternative text-key to DES-key function. This alter-
- native function (accessed via --EE,, --DD,, --SS and --33 ) uses DES to help generate
- the key.
-
- Be carefully when using the -u option. Doing des -ud <filename> will not
- decrypt filename (the -u option will gobble the d option).
-
- The VMS operating system operates in a world where files are always a mul-
- tiple of 512 bytes. This causes problems when encrypted data is send from
- unix to VMS since a 88 byte file will suddenly be padded with 424 null
- bytes. To get around this problem, use the -u option to uuencode the data
- before it is send to the VMS system.
-
-AUTHOR
-
- Eric Young (eay@mincom.oz.au or eay@psych.psy.uq.oz.au)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/kerberosV/src/lib/des/des_crypt.cat3 b/kerberosV/src/lib/des/des_crypt.cat3
deleted file mode 100644
index f7370a3af59..00000000000
--- a/kerberosV/src/lib/des/des_crypt.cat3
+++ /dev/null
@@ -1,264 +0,0 @@
-
-
-
-DES_CRYPT(3) DES_CRYPT(3)
-
-
-
-NAME
- des_read_password, des_string_to_key, des_random_key, des_set_key,
- des_ecb_encrypt, des_cbc_encrypt, des_pcbc_encrypt, des_cbc_cksum,
- des_quad_cksum, - (new) DES encryption
-
-SYNOPSIS
- ##iinncclluuddee <<ddeess..hh>>
-
- iinntt ddeess__rreeaadd__ppaasssswwoorrdd((kkeeyy,,pprroommpptt,,vveerriiffyy))
- des_cblock *key;
- char *prompt;
- int verify;
-
- iinntt ddeess__ssttrriinngg__ttoo__kkeeyy((ssttrr,,kkeeyy))
- cchhaarr **ssttrr;;
- ddeess__ccbblloocckk kkeeyy;;
-
- iinntt ddeess__rraannddoomm__kkeeyy((kkeeyy))
- ddeess__ccbblloocckk **kkeeyy;;
-
- iinntt ddeess__sseett__kkeeyy((kkeeyy,,sscchheedduullee))
- ddeess__ccbblloocckk **kkeeyy;;
- ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
-
- iinntt ddeess__eeccbb__eennccrryypptt((iinnppuutt,,oouuttppuutt,,sscchheedduullee,,eennccrryypptt))
- ddeess__ccbblloocckk **iinnppuutt;;
- ddeess__ccbblloocckk **oouuttppuutt;;
- ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
- iinntt eennccrryypptt;;
-
- iinntt ddeess__ccbbcc__eennccrryypptt((iinnppuutt,,oouuttppuutt,,lleennggtthh,,sscchheedduullee,,iivveecc,,eennccrryypptt))
- ddeess__ccbblloocckk **iinnppuutt;;
- ddeess__ccbblloocckk **oouuttppuutt;;
- lloonngg lleennggtthh;;
- ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
- ddeess__ccbblloocckk **iivveecc;;
- iinntt eennccrryypptt;;
-
- iinntt ddeess__ppccbbcc__eennccrryypptt((iinnppuutt,,oouuttppuutt,,lleennggtthh,,sscchheedduullee,,iivveecc,,eennccrryypptt))
- ddeess__ccbblloocckk **iinnppuutt;;
- ddeess__ccbblloocckk **oouuttppuutt;;
- lloonngg lleennggtthh;;
- ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
- ddeess__ccbblloocckk **iivveecc;;
- iinntt eennccrryypptt;;
-
- uunnssiiggnneedd lloonngg ddeess__ccbbcc__cckkssuumm((iinnppuutt,,oouuttppuutt,,lleennggtthh,,sscchheedduullee,,iivveecc))
- ddeess__ccbblloocckk **iinnppuutt;;
- ddeess__ccbblloocckk **oouuttppuutt;;
- lloonngg lleennggtthh;;
- ddeess__kkeeyy__sscchheedduullee sscchheedduullee;;
- ddeess__ccbblloocckk **iivveecc;;
-
- uunnssiiggnneedd lloonngg qquuaadd__cckkssuumm((iinnppuutt,,oouuttppuutt,,lleennggtthh,,oouutt__ccoouunntt,,sseeeedd))
- ddeess__ccbblloocckk **iinnppuutt;;
- ddeess__ccbblloocckk **oouuttppuutt;;
- lloonngg lleennggtthh;;
- iinntt oouutt__ccoouunntt;;
- ddeess__ccbblloocckk **sseeeedd;;
-
-DESCRIPTION
- This library supports various DES encryption related operations. It differs
- from the _c_r_y_p_t_, _s_e_t_k_e_y_, _a_n_d _e_n_c_r_y_p_t library routines in that it provides a
- true DES encryption, without modifying the algorithm, and executes much
- faster.
-
- For each key that may be simultaneously active, create a ddeess__kkeeyy__sscchheedduullee
- struct, defined in "des.h". Next, create key schedules (from the 8-byte
- keys) as needed, via _d_e_s___s_e_t___k_e_y_, prior to using the encryption or checksum
- routines. Then setup the input and output areas. Make sure to note the
- restrictions on lengths being multiples of eight bytes. Finally, invoke the
- encryption/decryption routines, _d_e_s___e_c_b___e_n_c_r_y_p_t or _d_e_s___c_b_c___e_n_c_r_y_p_t or
- _d_e_s___p_c_b_c___e_n_c_r_y_p_t_, or, to generate a cryptographic checksum, use _q_u_a_d___c_k_s_u_m
- (fast) or _d_e_s___c_b_c___c_k_s_u_m (slow).
-
- A _d_e_s___c_b_l_o_c_k struct is an 8 byte block used as the fundamental unit for DES
- data and keys, and is defined as:
-
- ttyyppeeddeeff uunnssiiggnneedd cchhaarr ddeess__ccbblloocckk[[88]];;
-
- and a _d_e_s___k_e_y___s_c_h_e_d_u_l_e_, is defined as:
-
- ttyyppeeddeeff ssttrruucctt ddeess__kkss__ssttrruucctt {{ddeess__ccbblloocckk __;;}} ddeess__kkeeyy__sscchheedduullee[[1166]];;
-
- _d_e_s___r_e_a_d___p_a_s_s_w_o_r_d writes the string specified by _p_r_o_m_p_t to the standard
- output, turns off echo (if possible) and reads an input string from stan-
- dard input until terminated with a newline. If _v_e_r_i_f_y is non-zero, it
- prompts and reads input again, for use in applications such as changing a
- password; both versions are compared, and the input is requested repeatedly
- until they match. Then _d_e_s___r_e_a_d___p_a_s_s_w_o_r_d converts the input string into a
- valid DES key, internally using the _d_e_s___s_t_r_i_n_g___t_o___k_e_y routine. The newly
- created key is copied to the area pointed to by the _k_e_y argument.
- _d_e_s___r_e_a_d___p_a_s_s_w_o_r_d returns a zero if no errors occurred, or a -1 indicating
- that an error occurred trying to manipulate the terminal echo.
-
- _d_e_s___s_t_r_i_n_g___t_o___k_e_y converts an arbitrary length null-terminated string to an
- 8 byte DES key, with odd byte parity, per FIPS specification. A one-way
- function is used to convert the string to a key, making it very difficult
- to reconstruct the string from the key. The _s_t_r argument is a pointer to
- the string, and _k_e_y should point to a _d_e_s___c_b_l_o_c_k supplied by the caller to
- receive the generated key. No meaningful value is returned. Void is not
- used for compatibility with other compilers.
-
- _d_e_s___r_a_n_d_o_m___k_e_y generates a random DES encryption key (eight bytes), set to
- odd parity per FIPS specifications. This routine uses the current time,
- process id, and a counter as a seed for the random number generator. The
- caller must supply space for the output key, pointed to by argument _k_e_y_,
- then after calling _d_e_s___r_a_n_d_o_m___k_e_y should call the _d_e_s___s_e_t___k_e_y routine when
- needed. No meaningful value is returned. Void is not used for compatibil-
- ity with other compilers.
-
- _d_e_s___s_e_t___k_e_y calculates a key schedule from all eight bytes of the input
- key, pointed to by the _k_e_y argument, and outputs the schedule into the
- _d_e_s___k_e_y___s_c_h_e_d_u_l_e indicated by the _s_c_h_e_d_u_l_e argument. Make sure to pass a
- valid eight byte key; no padding is done. The key schedule may then be
- used in subsequent encryption/decryption/checksum operations. Many key
- schedules may be cached for later use. The user is responsible to clear
- keys and schedules as soon as no longer needed, to prevent their disclo-
- sure. The routine also checks the key parity, and returns a zero if the
- key parity is correct (odd), a -1 indicating a key parity error, or a -2
- indicating use of an illegal weak key. If an error is returned, the key
- schedule was not created.
-
- _d_e_s___e_c_b___e_n_c_r_y_p_t is the basic DES encryption routine that encrypts or
- decrypts a single 8-byte block in eelleeccttrroonniicc ccooddee bbooookk mode. It always
- transforms the input data, pointed to by _i_n_p_u_t_, into the output data,
- pointed to by the _o_u_t_p_u_t argument.
-
- If the _e_n_c_r_y_p_t argument is non-zero, the _i_n_p_u_t (cleartext) is encrypted
- into the _o_u_t_p_u_t (ciphertext) using the key_schedule specified by the _s_c_h_e_d_-
- _u_l_e argument, previously set via _d_e_s___s_e_t___k_e_y
-
- If encrypt is zero, the _i_n_p_u_t (now ciphertext) is decrypted into the _o_u_t_p_u_t
- (now cleartext).
-
- Input and output may overlap.
-
- No meaningful value is returned. Void is not used for compatibility with
- other compilers.
-
- _d_e_s___c_b_c___e_n_c_r_y_p_t encrypts/decrypts using the cciipphheerr--bblloocckk--cchhaaiinniinngg mmooddee ooff
- DDEESS.. If the _e_n_c_r_y_p_t argument is non-zero, the routine cipher-block-chain
- encrypts the cleartext data pointed to by the _i_n_p_u_t argument into the
- ciphertext pointed to by the _o_u_t_p_u_t argument, using the key schedule pro-
- vided by the _s_c_h_e_d_u_l_e argument, and initialization vector provided by the
- _i_v_e_c argument. If the _l_e_n_g_t_h argument is not an integral multiple of eight
- bytes, the last block is copied to a temp and zero filled (highest
- addresses). The output is ALWAYS an integral multiple of eight bytes.
-
- If _e_n_c_r_y_p_t is zero, the routine cipher-block chain decrypts the (now)
- ciphertext data pointed to by the _i_n_p_u_t argument into (now) cleartext
- pointed to by the _o_u_t_p_u_t argument using the key schedule provided by the
- _s_c_h_e_d_u_l_e argument, and initialization vector provided by the _i_v_e_c argument.
- Decryption ALWAYS operates on integral multiples of 8 bytes, so it will
- round the _l_e_n_g_t_h provided up to the appropriate multiple. Consequently, it
- will always produce the rounded-up number of bytes of output cleartext. The
- application must determine if the output cleartext was zero-padded due to
- original cleartext lengths that were not integral multiples of 8.
-
- No errors or meaningful values are returned. Void is not used for compati-
- bility with other compilers.
-
- A characteristic of cbc mode is that changing a single bit of the cleart-
- ext, then encrypting using cbc mode, affects ALL the subsequent ciphertext.
- This makes cryptanalysis much more difficult. However, modifying a single
- bit of the ciphertext, then decrypting, only affects the resulting cleart-
- ext from the modified block and the succeeding block. Therefore,
- _d_e_s___p_c_b_c___e_n_c_r_y_p_t is STRONGLY recommended for applications where indefinite
- propagation of errors is required in order to detect modifications.
-
- _d_e_s___p_c_b_c___e_n_c_r_y_p_t encrypts/decrypts using a modified block chaining mode.
- Its calling sequence is identical to _d_e_s___c_b_c___e_n_c_r_y_p_t_. It differs in its
- error propagation characteristics.
-
- _d_e_s___p_c_b_c___e_n_c_r_y_p_t is highly recommended for most encryption purposes, in
- that modification of a single bit of the ciphertext will affect ALL the
- subsequent (decrypted) cleartext. Similarly, modifying a single bit of the
- cleartext will affect ALL the subsequent (encrypted) ciphertext. "PCBC"
- mode, on encryption, "xors" both the cleartext of block N and the cipher-
- text resulting from block N with the cleartext for block N+1 prior to
- encrypting block N+1.
-
- _d_e_s___c_b_c___c_k_s_u_m produces an 8 byte cryptographic checksum by cipher-block-
- chain encrypting the cleartext data pointed to by the _i_n_p_u_t argument. All
- of the ciphertext output is discarded, except the last 8-byte ciphertext
- block, which is written into the area pointed to by the _o_u_t_p_u_t argument.
- It uses the key schedule, provided by the _s_c_h_e_d_u_l_e argument and initializa-
- tion vector provided by the _i_v_e_c argument. If the _l_e_n_g_t_h argument is not
- an integral multiple of eight bytes, the last cleartext block is copied to
- a temp and zero filled (highest addresses). The output is ALWAYS eight
- bytes.
-
- The routine also returns an unsigned long, which is the last (highest
- address) half of the 8 byte checksum computed.
-
- _q_u_a_d___c_k_s_u_m produces a checksum by chaining quadratic operations on the
- cleartext data pointed to by the _i_n_p_u_t argument. The _l_e_n_g_t_h argument speci-
- fies the length of the input -- only exactly that many bytes are included
- for the checksum, without any padding.
-
- The algorithm may be iterated over the same input data, if the _o_u_t___c_o_u_n_t
- argument is 2, 3 or 4, and the optional _o_u_t_p_u_t argument is a non-null
- pointer . The default is one iteration, and it will not run more than 4
- times. Multiple iterations run slower, but provide a longer checksum if
- desired. The _s_e_e_d argument provides an 8-byte seed for the first iteration.
- If multiple iterations are requested, the results of one iteration are
- automatically used as the seed for the next iteration.
-
- It returns both an unsigned long checksum value, and if the _o_u_t_p_u_t argument
- is not a null pointer, up to 16 bytes of the computed checksum are written
- into the output.
-
-FILES
- /usr/include/des.h
- /usr/lib/libdes.a
-
-SEE ALSO
-
-DIAGNOSTICS
-
-BUGS
- This software has not yet been compiled or tested on machines other than
- the VAX and the IBM PC.
-
-AUTHORS
- Steve Miller, MIT Project Athena/Digital Equipment Corporation
-
-RESTRICTIONS
- COPYRIGHT 1985,1986 Massachusetts Institute of Technology
-
- This software may not be exported outside of the US without a special
- license from the US Dept of Commerce. It may be replaced by any secret key
- block cipher with block length and key length of 8 bytes, as long as the
- interface is the same as described here.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/kerberosV/src/lib/gssapi/gss_acquire_cred.cat3 b/kerberosV/src/lib/gssapi/gss_acquire_cred.cat3
deleted file mode 100644
index 37f2c744551..00000000000
--- a/kerberosV/src/lib/gssapi/gss_acquire_cred.cat3
+++ /dev/null
@@ -1,275 +0,0 @@
-
-GSS_ACQUIRE_CRED(3) UNIX Programmer's Manual GSS_ACQUIRE_CRED(3)
-
-NNAAMMEE
- ggssss__aacccceepptt__sseecc__ccoonntteexxtt, ggssss__aaccqquuiirree__ccrreedd, ggssss__aadddd__ccrreedd,
- ggssss__aadddd__ooiidd__sseett__mmeemmbbeerr, ggssss__ccaannoonniiccaalliizzee__nnaammee, ggssss__ccoommppaarree__nnaammee,
- ggssss__ccoonntteexxtt__ttiimmee, ggssss__ccrreeaattee__eemmppttyy__ooiidd__sseett, ggssss__ddeelleettee__sseecc__ccoonntteexxtt,
- ggssss__ddiissppllaayy__nnaammee, ggssss__ddiissppllaayy__ssttaattuuss, ggssss__dduupplliiccaattee__nnaammee,
- ggssss__eexxppoorrtt__nnaammee, ggssss__eexxppoorrtt__sseecc__ccoonntteexxtt, ggssss__ggeett__mmiicc, ggssss__iimmppoorrtt__nnaammee,
- ggssss__iimmppoorrtt__sseecc__ccoonntteexxtt, ggssss__iinnddiiccaattee__mmeecchhss, ggssss__iinniitt__sseecc__ccoonntteexxtt,
- ggssss__iinnqquuiirree__ccoonntteexxtt, ggssss__iinnqquuiirree__ccrreedd, ggssss__iinnqquuiirree__ccrreedd__bbyy__mmeecchh,
- ggssss__iinnqquuiirree__mmeecchhss__ffoorr__nnaammee, ggssss__iinnqquuiirree__nnaammeess__ffoorr__mmeecchh,
- ggssss__kkrrbb55__ccooppyy__ccccaacchhee, ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc,
- ggssss__pprroocceessss__ccoonntteexxtt__ttookkeenn, ggssss__rreelleeaassee__bbuuffffeerr, ggssss__rreelleeaassee__ccrreedd,
- ggssss__rreelleeaassee__nnaammee, ggssss__rreelleeaassee__ooiidd__sseett, ggssss__sseeaall, ggssss__ssiiggnn,
- ggssss__tteesstt__ooiidd__sseett__mmeemmbbeerr, ggssss__uunnsseeaall, ggssss__uunnwwrraapp, ggssss__vveerriiffyy,
- ggssss__vveerriiffyy__mmiicc, ggssss__wwrraapp, ggssss__wwrraapp__ssiizzee__lliimmiitt - Generic Security Service
- Application Program Interface library
-
-LLIIBBRRAARRYY
- GSS-API library (libgssapi, -lgssapi)
-
-SSYYNNOOPPSSIISS
- _O_M___u_i_n_t_3_2
- ggssss__aacccceepptt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _a_c_c_e_p_t_o_r___c_r_e_d___h_a_n_d_l_e,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___t_o_k_e_n___b_u_f_f_e_r,
- _c_o_n_s_t _g_s_s___c_h_a_n_n_e_l___b_i_n_d_i_n_g_s___t _i_n_p_u_t___c_h_a_n___b_i_n_d_i_n_g_s,
- _g_s_s___n_a_m_e___t _* _s_r_c___n_a_m_e, _g_s_s___O_I_D _* _m_e_c_h___t_y_p_e,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___t_o_k_e_n, _O_M___u_i_n_t_3_2 _* _r_e_t___f_l_a_g_s,
- _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c, _g_s_s___c_r_e_d___i_d___t _* _d_e_l_e_g_a_t_e_d___c_r_e_d___h_a_n_d_l_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__aaccqquuiirree__ccrreedd(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _d_e_s_i_r_e_d___n_a_m_e,
- _O_M___u_i_n_t_3_2 _t_i_m_e___r_e_q, _c_o_n_s_t _g_s_s___O_I_D___s_e_t _d_e_s_i_r_e_d___m_e_c_h_s,
- _g_s_s___c_r_e_d___u_s_a_g_e___t _c_r_e_d___u_s_a_g_e, _g_s_s___c_r_e_d___i_d___t _* _o_u_t_p_u_t___c_r_e_d___h_a_n_d_l_e,
- _g_s_s___O_I_D___s_e_t _* _a_c_t_u_a_l___m_e_c_h_s, _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c)
-
- _O_M___u_i_n_t_3_2
- ggssss__aadddd__ooiidd__sseett__mmeemmbbeerr(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___O_I_D _m_e_m_b_e_r___o_i_d, _g_s_s___O_I_D___s_e_t _* _o_i_d___s_e_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__ccaannoonniiccaalliizzee__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e, _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e,
- _g_s_s___n_a_m_e___t _* _o_u_t_p_u_t___n_a_m_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__ccoommppaarree__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _n_a_m_e_1,
- _c_o_n_s_t _g_s_s___n_a_m_e___t _n_a_m_e_2, _i_n_t _* _n_a_m_e___e_q_u_a_l)
-
- _O_M___u_i_n_t_3_2
- ggssss__ccoonntteexxtt__ttiimmee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c)
-
- _O_M___u_i_n_t_3_2
- ggssss__ccrreeaattee__eemmppttyy__ooiidd__sseett(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___O_I_D___s_e_t _* _o_i_d___s_e_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__ddeelleettee__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___t_o_k_e_n)
-
- _O_M___u_i_n_t_3_2
- ggssss__ddiissppllaayy__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___n_a_m_e___b_u_f_f_e_r, _g_s_s___O_I_D _* _o_u_t_p_u_t___n_a_m_e___t_y_p_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__ddiissppllaayy__ssttaattuuss(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r___s_t_a_t_u_s, _O_M___u_i_n_t_3_2 _s_t_a_t_u_s___v_a_l_u_e,
- _i_n_t _s_t_a_t_u_s___t_y_p_e, _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e,
- _O_M___u_i_n_t_3_2 _*_m_e_s_s_a_g_e___c_o_n_t_e_x_t, _g_s_s___b_u_f_f_e_r___t _s_t_a_t_u_s___s_t_r_i_n_g)
-
- _O_M___u_i_n_t_3_2
- ggssss__dduupplliiccaattee__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _s_r_c___n_a_m_e,
- _g_s_s___n_a_m_e___t _* _d_e_s_t___n_a_m_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__eexxppoorrtt__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___n_a_m_e___t _i_n_p_u_t___n_a_m_e,
- _g_s_s___b_u_f_f_e_r___t _e_x_p_o_r_t_e_d___n_a_m_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__eexxppoorrtt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, _g_s_s___b_u_f_f_e_r___t _i_n_t_e_r_p_r_o_c_e_s_s___t_o_k_e_n)
-
- _O_M___u_i_n_t_3_2
- ggssss__ggeett__mmiicc(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _g_s_s___q_o_p___t _q_o_p___r_e_q, _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r,
- _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___t_o_k_e_n)
-
- _O_M___u_i_n_t_3_2
- ggssss__iimmppoorrtt__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s_,,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___n_a_m_e___b_u_f_f_e_r,
- _c_o_n_s_t _g_s_s___O_I_D _i_n_p_u_t___n_a_m_e___t_y_p_e, _g_s_s___n_a_m_e___t _* _o_u_t_p_u_t___n_a_m_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__iimmppoorrtt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_t_e_r_p_r_o_c_e_s_s___t_o_k_e_n,
- _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__iinnddiiccaattee__mmeecchhss(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___O_I_D___s_e_t _* _m_e_c_h___s_e_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__iinniitt__sseecc__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _i_n_i_t_i_a_t_o_r___c_r_e_d___h_a_n_d_l_e,
- _g_s_s___c_t_x___i_d___t _* _c_o_n_t_e_x_t___h_a_n_d_l_e, _c_o_n_s_t _g_s_s___n_a_m_e___t _t_a_r_g_e_t___n_a_m_e,
- _c_o_n_s_t _g_s_s___O_I_D _m_e_c_h___t_y_p_e, _O_M___u_i_n_t_3_2 _r_e_q___f_l_a_g_s, _O_M___u_i_n_t_3_2 _t_i_m_e___r_e_q,
- _c_o_n_s_t _g_s_s___c_h_a_n_n_e_l___b_i_n_d_i_n_g_s___t _i_n_p_u_t___c_h_a_n___b_i_n_d_i_n_g_s,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___t_o_k_e_n, _g_s_s___O_I_D _* _a_c_t_u_a_l___m_e_c_h___t_y_p_e,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___t_o_k_e_n, _O_M___u_i_n_t_3_2 _* _r_e_t___f_l_a_g_s,
- _O_M___u_i_n_t_3_2 _* _t_i_m_e___r_e_c)
-
- _O_M___u_i_n_t_3_2
- ggssss__iinnqquuiirree__ccoonntteexxtt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _g_s_s___n_a_m_e___t _* _s_r_c___n_a_m_e,
- _g_s_s___n_a_m_e___t _* _t_a_r_g___n_a_m_e, _O_M___u_i_n_t_3_2 _* _l_i_f_e_t_i_m_e___r_e_c,
- _g_s_s___O_I_D _* _m_e_c_h___t_y_p_e, _O_M___u_i_n_t_3_2 _* _c_t_x___f_l_a_g_s,
- _i_n_t _* _l_o_c_a_l_l_y___i_n_i_t_i_a_t_e_d, _i_n_t _* _o_p_e_n___c_o_n_t_e_x_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__iinnqquuiirree__ccrreedd(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___c_r_e_d___i_d___t _c_r_e_d___h_a_n_d_l_e, _g_s_s___n_a_m_e___t _* _n_a_m_e,
- _O_M___u_i_n_t_3_2 _* _l_i_f_e_t_i_m_e, _g_s_s___c_r_e_d___u_s_a_g_e___t _* _c_r_e_d___u_s_a_g_e,
- _g_s_s___O_I_D___s_e_t _* _m_e_c_h_a_n_i_s_m_s)
-
- _O_M___u_i_n_t_3_2
- ggssss__iinnqquuiirree__ccrreedd__bbyy__mmeecchh()
-
- _O_M___u_i_n_t_3_2
- ggssss__iinnqquuiirree__mmeecchhss__ffoorr__nnaammee()
-
-
- _O_M___u_i_n_t_3_2
- ggssss__iinnqquuiirree__nnaammeess__ffoorr__mmeecchh()
-
- _O_M___u_i_n_t_3_2
- ggssss__kkrrbb55__ccooppyy__ccccaacchhee(_O_M___u_i_n_t_3_2 _*_m_i_n_o_r, _g_s_s___c_r_e_d___i_d___t _c_r_e_d,
- _k_r_b_5___c_c_a_c_h_e _o_u_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _i_n_t _o_n_o_f_f)
-
- _O_M___u_i_n_t_3_2
- ggssss__pprroocceessss__ccoonntteexxtt__ttookkeenn()
-
- _O_M___u_i_n_t_3_2
- ggssss__rreelleeaassee__bbuuffffeerr(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___b_u_f_f_e_r___t _b_u_f_f_e_r)
-
- _O_M___u_i_n_t_3_2
- ggssss__rreelleeaassee__ccrreedd(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_r_e_d___i_d___t _* _c_r_e_d___h_a_n_d_l_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__rreelleeaassee__nnaammee(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___n_a_m_e___t _* _i_n_p_u_t___n_a_m_e)
-
-
- ggssss__rreelleeaassee__ooiidd__sseett(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___O_I_D___s_e_t _* _s_e_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__sseeaall(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _i_n_t _c_o_n_f___r_e_q___f_l_a_g, _i_n_t _q_o_p___r_e_q,
- _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r)
-
- _O_M___u_i_n_t_3_2
- ggssss__ssiiggnn(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _i_n_t _q_o_p___r_e_q, _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r,
- _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___t_o_k_e_n)
-
- _O_M___u_i_n_t_3_2
- ggssss__tteesstt__ooiidd__sseett__mmeemmbbeerr(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___O_I_D _m_e_m_b_e_r,
- _c_o_n_s_t _g_s_s___O_I_D___s_e_t _s_e_t, _i_n_t _* _p_r_e_s_e_n_t)
-
- _O_M___u_i_n_t_3_2
- ggssss__uunnsseeaall(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e,
- _i_n_t _* _q_o_p___s_t_a_t_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__uunnwwrraapp(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e,
- _g_s_s___q_o_p___t _* _q_o_p___s_t_a_t_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__vveerriiffyy(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r, _g_s_s___b_u_f_f_e_r___t _t_o_k_e_n___b_u_f_f_e_r,
- _i_n_t _* _q_o_p___s_t_a_t_e)
-
- _O_M___u_i_n_t_3_2
- ggssss__vveerriiffyy__mmiicc(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _m_e_s_s_a_g_e___b_u_f_f_e_r,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _t_o_k_e_n___b_u_f_f_e_r, _g_s_s___q_o_p___t _* _q_o_p___s_t_a_t_e)
-
-
-
- ggssss__wwrraapp(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s, _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e,
- _i_n_t _c_o_n_f___r_e_q___f_l_a_g, _g_s_s___q_o_p___t _q_o_p___r_e_q,
- _c_o_n_s_t _g_s_s___b_u_f_f_e_r___t _i_n_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r, _i_n_t _* _c_o_n_f___s_t_a_t_e,
- _g_s_s___b_u_f_f_e_r___t _o_u_t_p_u_t___m_e_s_s_a_g_e___b_u_f_f_e_r)
-
- _O_M___u_i_n_t_3_2
- ggssss__wwrraapp__ssiizzee__lliimmiitt(_O_M___u_i_n_t_3_2 _* _m_i_n_o_r___s_t_a_t_u_s,
- _c_o_n_s_t _g_s_s___c_t_x___i_d___t _c_o_n_t_e_x_t___h_a_n_d_l_e, _i_n_t _c_o_n_f___r_e_q___f_l_a_g,
- _g_s_s___q_o_p___t _q_o_p___r_e_q, _O_M___u_i_n_t_3_2 _r_e_q___o_u_t_p_u_t___s_i_z_e,
- _O_M___u_i_n_t_3_2 _* _m_a_x___i_n_p_u_t___s_i_z_e)
-
-DDEESSCCRRIIPPTTIIOONN
- Generic Security Service API (GSS-API) version 2, and its C binding, is
- described in RFC2743 and RFC2744. Version 1 (deprecated) of the C binding
- is described in RFC1509.
-
- Heimdals GSS-API implementation supports the following mechanisms
-
- ++oo GSS_KRB5_MECHANISM
-
- GSS-API have generic name types that all mechanism are supposed to imple-
- ment (if possible)
-
- ++oo GSS_C_NT_USER_NAME
-
- ++oo GSS_C_NT_MACHINE_UID_NAME
-
- ++oo GSS_C_NT_STRING_UID_NAME
-
- ++oo GSS_C_NT_HOSTBASED_SERVICE
-
- ++oo GSS_C_NT_ANONYMOUS
-
- ++oo GSS_C_NT_EXPORT_NAME
-
- GSS-API implementations that supports Kerberos 5 have some additional
- name types
-
- ++oo GSS_KRB5_NT_PRINCIPAL_NAME
-
- ++oo GSS_KRB5_NT_USER_NAME
-
- ++oo GSS_KRB5_NT_MACHINE_UID_NAME
-
- ++oo GSS_KRB5_NT_STRING_UID_NAME
-
- ggssss__ddiissppllaayy__nnaammee() takes the gss name in _i_n_p_u_t___n_a_m_e and put a printable
- form in _o_u_t_p_u_t___n_a_m_e___b_u_f_f_e_r. _o_u_t_p_u_t___n_a_m_e___b_u_f_f_e_r should be freed when done
- using ggssss__rreelleeaassee__bbuuffffeerr(). _o_u_t_p_u_t___n_a_m_e___t_y_p_e can either be NULL or a
- pointer to a gss_OID and will in the later case contain the OID type of
- the name. The name should only be used for printing. Access control
- should be done with the result of ggssss__eexxppoorrtt__nnaammee().
-
- ggssss__ssiiggnn(), ggssss__vveerriiffyy(), ggssss__sseeaall(), and ggssss__uunnsseeaall() are part of the
- GSS-API V1 interface and are obsolete. The functions should not be used
- for new applications. They are provided so that version 1 applications
- can link against the library.
-
- ggssss__kkrrbb55__ccooppyy__ccccaacchhee() is an extension to the GSS-API API. The function
- will extract the krb5 credential that are transfered from the initiator
- to the acceptor when using token delegation in the Kerberos mechanism.
- The acceptor receives the delegated token in the last argument to
- ggssss__aacccceepptt__sseecc__ccoonntteexxtt().
-
-
- ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc turns on or off the compatibly with older ver-
- sion of Heimdal using des3 get and verify mic, this is way to programmat-
- ically set the [gssapi]broken_des3_mic and [gssapi]correct_des3_mic flags
- (see COMPATIBILITY section in gssapi(3)). If the CPP symbol
- GSS_C_KRB5_COMPAT_DES3_MIC is present, ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc exists.
- ggssss__kkrrbb55__ccoommppaatt__ddeess33__mmiicc will be removed in a later version of the GSS-
- API library.
-
-SSEEEE AALLSSOO
- krb5(3), krb5_ccache(3), gssapi(3), kerberos(8)
-
- HEIMDAL April 2, 2003 5
diff --git a/kerberosV/src/lib/gssapi/gssapi.cat3 b/kerberosV/src/lib/gssapi/gssapi.cat3
deleted file mode 100644
index 5969ecc2bcd..00000000000
--- a/kerberosV/src/lib/gssapi/gssapi.cat3
+++ /dev/null
@@ -1,101 +0,0 @@
-
-GSSAPI(3) UNIX Programmer's Manual GSSAPI(3)
-
-NNAAMMEE
- ggssssaappii - Generic Security Service Application Program Interface library
-
-LLIIBBRRAARRYY
- GSS-API Library (libgssapi, -lgssapi)
-
-DDEESSCCRRIIPPTTIIOONN
- The Generic Security Service Application Program Interface (GSS-API) pro-
- vides security services to callers in a generic fashion, supportable with
- a range of underlying mechanisms and technologies and hence allowing
- source-level portability of applications to different environments.
-
-LLIISSTT OOFF FFUUNNCCTTIIOONNSS
- These functions constitute the gssapi library, _l_i_b_g_s_s_a_p_i. Declarations
- for these functions may be obtained from the include file _g_s_s_a_p_i_._h.
-
-
- _N_a_m_e_/_P_a_g_e _D_e_s_c_r_i_p_t_i_o_n
- gss_accept_sec_context.3
- gss_acquire_cred.3
- gss_add_cred.3
- gss_add_oid_set_member.3
- gss_canonicalize_name.3
- gss_compare_name.3
- gss_context_time.3
- gss_create_empty_oid_set.3
- gss_delete_sec_context.3
- gss_display_name.3
- gss_display_status.3
- gss_duplicate_name.3
- gss_export_name.3
- gss_export_sec_context.3
- gss_get_mic.3
- gss_import_name.3
- gss_import_sec_context.3
- gss_indicate_mechs.3
- gss_init_sec_context.3
- gss_inquire_context.3
- gss_inquire_cred.3
- gss_inquire_cred_by_mech.3
- gss_inquire_mechs_for_name.3
- gss_inquire_names_for_mech.3
- gss_krb5_copy_ccache.3
- gss_process_context_token.3
- gss_release_buffer.3
- gss_release_cred.3
- gss_release_name.3
- gss_release_oid_set.3
- gss_seal.3
- gss_sign.3
- gss_test_oid_set_member.3
- gss_unseal.3
- gss_unwrap.3
- gss_verify.3
- gss_verify_mic.3
- gss_wrap.3
- gss_wrap_size_limit.3
-
-CCOOMMPPAATTIIBBIILLIITTYY
- The HHeeiimmddaall GSS-API implementation had a bug in releases before 0.6 that
- made it fail to inter-operate when using DES3 with other GSS-API imple-
- mentations when using ggssss__ggeett__mmiicc() / ggssss__vveerriiffyy__mmiicc(). Its possible to
- modify the behavior of the generator of the MIC with the _k_r_b_5_._c_o_n_f con-
- figuration file so that old clients/servers will still work.
-
- New clients/servers will try both the old and new MIC in Heimdal 0.6. In
- 0.7 it will check only if configured and the compatibility code will be
- removed in 0.8.
-
- Heimdal 0.6 still generates by default the broken GSS-API DES3 mic, this
- will change in 0.7 to generate correct des3 mic.
-
- To turn on compatibility with older clients and servers, change the
- [[ggssssaappii]] _b_r_o_k_e_n___d_e_s_3___m_i_c in _k_r_b_5_._c_o_n_f that contains a list of globbing
- expressions that will be matched against the server name. To turn off
- generation of the old (incompatible) mic of the MIC use [[ggssssaappii]]
- _c_o_r_r_e_c_t___d_e_s_3___m_i_c.
-
- If a match for a entry is in both [[ggssssaappii]] _c_o_r_r_e_c_t___d_e_s_3___m_i_c and [[ggssssaappii]]
- _c_o_r_r_e_c_t___d_e_s_3___m_i_c, the later will override.
-
- This config option modifies behaviour for both clients and servers.
-
- Example:
-
- [gssapi]
- broken_des3_mic = cvs/*@SU.SE
- broken_des3_mic = host/*@E.KTH.SE
- correct_des3_mic = host/*@SU.SE
-
-BBUUGGSS
- All of 0.5.x versions of hheeiimmddaall had broken token delegations in the
- client side, the server side was correct.
-
-SSEEEE AALLSSOO
- krb5(3), krb5.conf(5), kerberos(8)
-
-BSD Experimental January 23, 2003 2
diff --git a/kerberosV/src/lib/krb5/kerberos.cat8 b/kerberosV/src/lib/krb5/kerberos.cat8
deleted file mode 100644
index 532f38cd177..00000000000
--- a/kerberosV/src/lib/krb5/kerberos.cat8
+++ /dev/null
@@ -1,55 +0,0 @@
-
-KERBEROS(8) UNIX System Manager's Manual KERBEROS(8)
-
-NNAAMMEE
- kkeerrbbeerrooss - introduction to the Kerberos system
-
-DDEESSCCRRIIPPTTIIOONN
- Kerberos is a network authentication system. Its purpose is to securely
- authenticate users and services in an insecure network environment.
-
- This is done with a Kerberos server acting as a trusted third party,
- keeping a database with secret keys for all users and services (collec-
- tively called _p_r_i_n_c_i_p_a_l_s).
-
- Each principal belongs to exactly one _r_e_a_l_m, which is the administrative
- domain in Kerberos. A realm usually corresponds to an organisation, and
- the realm should normally be derived from that organisation's domain
- name. A realm is served by one or more Kerberos servers.
-
- The authentication process involves exchange of `tickets' and
- `authenticators' which together prove the principal's identity.
-
- When you login to the Kerberos system, either through the normal system
- login or with the kinit(1) program, you acquire a _t_i_c_k_e_t _g_r_a_n_t_i_n_g _t_i_c_k_e_t
- which allows you to get new tickets for other services, such as tteellnneett or
- ffttpp, without giving your password.
-
- For more information on how Kerberos works, and other general Kerberos
- questions see the Kerberos FAQ at
- _h_t_t_p_:_/_/_w_w_w_._n_r_l_._n_a_v_y_._m_i_l_/_C_C_S_/_p_e_o_p_l_e_/_k_e_n_h_/_k_e_r_b_e_r_o_s_-_f_a_q_._h_t_m_l.
-
- For setup instructions see the Heimdal Texinfo manual.
-
-SSEEEE AALLSSOO
- ftp(1), kdestroy(1), kinit(1), klist(1), kpasswd(1), telnet(1)
-
-HHIISSTTOORRYY
- The Kerberos authentication system was developed in the late 1980's as
- part of the Athena Project at the Massachusetts Institute of Technology.
- Versions one through three never reached outside MIT, but version 4 was
- (and still is) quite popular, especially in the academic community, but
- is also used in commercial products like the AFS filesystem.
-
- The problems with version 4 are that it has many limitations, the code
- was not too well written (since it had been developed over a long time),
- and it has a number of known security problems. To resolve many of these
- issues work on version five started, and resulted in IETF RFC1510 in
- 1993. Since then much work has been put into the further development, and
- a new RFC will hopefully appear soon.
-
- This manual manual page is part of the HHeeiimmddaall Kerberos 5 distribution,
- which has been in development at the Royal Institute of Technology in
- Stockholm, Sweden, since about 1997.
-
- HEIMDAL September 1, 2000 1
diff --git a/kerberosV/src/lib/krb5/krb5.cat3 b/kerberosV/src/lib/krb5/krb5.cat3
deleted file mode 100644
index 83cd5de34aa..00000000000
--- a/kerberosV/src/lib/krb5/krb5.cat3
+++ /dev/null
@@ -1,204 +0,0 @@
-
-KRB5(3) UNIX Programmer's Manual KRB5(3)
-
-NNAAMMEE
- kkrrbb55 - kerberos 5 library
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions constitute the Kerberos 5 library, _l_i_b_k_r_b_5. Declarations
- for these functions may be obtained from the include file _k_r_b_5_._h.
-
-LLIISSTT OOFF FFUUNNCCTTIIOONNSS
- _N_a_m_e_/_P_a_g_e _D_e_s_c_r_i_p_t_i_o_n
- krb5_425_conv_principal.3
- krb5_425_conv_principal_ext.3
- krb5_524_conv_principal.3
- krb5_addlog_dest.3
- krb5_addlog_func.3
- krb5_addr2sockaddr.3
- krb5_address.3
- krb5_address_compare.3
- krb5_address_order.3
- krb5_address_search.3
- krb5_addresses.3
- krb5_anyaddr.3
- krb5_appdefault_boolean.3
- krb5_appdefault_string.3
- krb5_appdefault_time.3
- krb5_append_addresses.3
- krb5_auth_con_free.3
- krb5_auth_con_genaddrs.3
- krb5_auth_con_getaddrs.3
- krb5_auth_con_getflags.3
- krb5_auth_con_getkey.3
- krb5_auth_con_getlocalsubkey.3
- krb5_auth_con_getrcache.3
- krb5_auth_con_getremotesubkey.3
- krb5_auth_con_getuserkey.3
- krb5_auth_con_init.3
- krb5_auth_con_initivector.3
- krb5_auth_con_setaddrs.3
- krb5_auth_con_setaddrs_from_fd.3
- krb5_auth_con_setflags.3
- krb5_auth_con_setivector.3
- krb5_auth_con_setkey.3
- krb5_auth_con_setlocalsubkey.3
- krb5_auth_con_setrcache.3
- krb5_auth_con_setremotesubkey.3
- krb5_auth_con_setuserkey.3
- krb5_auth_context.3
- krb5_auth_getauthenticator.3
- krb5_auth_getcksumtype.3
- krb5_auth_getkeytype.3
- krb5_auth_getlocalseqnumber.3
- krb5_auth_getremoteseqnumber.3
- krb5_auth_setcksumtype.3
- krb5_auth_setkeytype.3
- krb5_auth_setlocalseqnumber.3
- krb5_auth_setremoteseqnumber.3
- krb5_build_principal.3
- krb5_build_principal_ext.3
- krb5_build_principal_va.3
- krb5_build_principal_va_ext.3
- krb5_cc_close.3
- krb5_cc_copy_cache.3
- krb5_cc_default.3
- krb5_cc_default_name.3
- krb5_cc_destroy.3
- krb5_cc_end_seq_get.3
- krb5_cc_gen_new.3
- krb5_cc_get_name.3
- krb5_cc_get_principal.3
- krb5_cc_get_type.3
- krb5_cc_get_version.3
- krb5_cc_initialize.3
- krb5_cc_next_cred.3
- krb5_cc_register.3
- krb5_cc_remove_cred.3
- krb5_cc_resolve.3
- krb5_cc_retrieve_cred.3
- krb5_cc_set_default_name.3
- krb5_cc_set_flags.3
- krb5_cc_store_cred.3
- krb5_checksum_is_collision_proof.3
- krb5_checksum_is_keyed.3
- krb5_checksumsize.3
- krb5_closelog.3
- krb5_config_get_bool_default.3
- krb5_config_get_int_default.3
- krb5_config_get_string_default.3
- krb5_config_get_time_default.3
- krb5_context.3
- krb5_copy_address.3
- krb5_copy_addresses.3
- krb5_copy_data.3
- krb5_create_checksum.3
- krb5_crypto_destroy.3
- krb5_crypto_init.3
- krb5_data_alloc.3
- krb5_data_copy.3
- krb5_data_free.3
- krb5_data_realloc.3
- krb5_data_zero.3
- krb5_decrypt.3
- krb5_decrypt_EncryptedData.3
- krb5_encrypt.3
- krb5_encrypt_EncryptedData.3
- krb5_err.3
- krb5_errx.3
- krb5_free_address.3
- krb5_free_addresses.3
- krb5_free_context.3
- krb5_free_data.3
- krb5_free_data_contents.3
- krb5_free_host_realm.3
- krb5_free_krbhst.3
- krb5_free_principal.3
- krb5_get_all_client_addrs.3
- krb5_get_all_server_addrs.3
- krb5_get_default_realm.3
- krb5_get_default_realms.3
- krb5_get_host_realm.3
- krb5_get_krb524hst.3
- krb5_get_krb_admin_hst.3
- krb5_get_krb_changepw_hst.3
- krb5_get_krbhst.3
- krb5_h_addr2addr.3
- krb5_h_addr2sockaddr.3
- krb5_init_context.3
- krb5_initlog.3
- krb5_keytab_entry.3
- krb5_krbhst_format_string.3
- krb5_krbhst_free.3
- krb5_krbhst_get_addrinfo.3
- krb5_krbhst_init.3
- krb5_krbhst_next.3
- krb5_krbhst_next_as_string.3
- krb5_krbhst_reset.3
- krb5_kt_add_entry.3
- krb5_kt_close.3
- krb5_kt_compare.3
- krb5_kt_copy_entry_contents.3
- krb5_kt_cursor.3
- krb5_kt_cursor.3
- krb5_kt_default.3
- krb5_kt_default_name.3
- krb5_kt_end_seq_get.3
- krb5_kt_free_entry.3
- krb5_kt_get_entry.3
- krb5_kt_get_name.3
- krb5_kt_next_entry.3
- krb5_kt_ops.3
- krb5_kt_read_service_key.3
- krb5_kt_register.3
- krb5_kt_remove_entry.3
- krb5_kt_resolve.3.3
- krb5_kt_start_seq_get
- krb5_log.3
- krb5_log_msg.3
- krb5_make_addrport.3
- krb5_make_principal.3
- krb5_max_sockaddr_size.3
- krb5_openlog.3
- krb5_parse_address.3
- krb5_parse_name.3
- krb5_principal.3
- krb5_principal_get_comp_string.3
- krb5_principal_get_realm.3
- krb5_print_address.3
- krb5_set_default_realm.3
- krb5_set_warn_dest.3
- krb5_sname_to_principal.3
- krb5_sock_to_principal.3
- krb5_sockaddr2address.3
- krb5_sockaddr2port.3
- krb5_sockaddr_uninteresting.3
- krb5_timeofday.3
- krb5_unparse_name.3
- krb5_us_timeofday.3
- krb5_verify_checksum.3
- krb5_verify_opt_init.3
- krb5_verify_opt_set_flags.3
- krb5_verify_opt_set_keytab.3
- krb5_verify_opt_set_secure.3
- krb5_verify_opt_set_service.3
- krb5_verify_user.3
- krb5_verify_user_lrealm.3
- krb5_verify_user_opt.3
- krb5_verr.3
- krb5_verrx.3
- krb5_vlog.3
- krb5_vlog_msg.3
- krb5_vwarn.3
- krb5_vwarnx.3
- krb5_warn.3
- krb5_warnx.3
- krn5_kuserok.3
-
-SSEEEE AALLSSOO
- krb5.conf(5), kerberos(8)
-
-BSD Experimental March 20, 2003 4
diff --git a/kerberosV/src/lib/krb5/krb5.conf.cat5 b/kerberosV/src/lib/krb5/krb5.conf.cat5
deleted file mode 100644
index 7c7bc6d68d3..00000000000
--- a/kerberosV/src/lib/krb5/krb5.conf.cat5
+++ /dev/null
@@ -1,476 +0,0 @@
-
-KRB5.CONF(5) UNIX Programmer's Manual KRB5.CONF(5)
-
-NNAAMMEE
- kkrrbb55..ccoonnff - configuration file for Kerberos 5
-
-SSYYNNOOPPSSIISS
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55..ccoonnff file specifies several configuration parameters for the
- Kerberos 5 library, as well as for some programs.
-
- The file consists of one or more sections, containing a number of bind-
- ings. The value of each binding can be either a string or a list of oth-
- er bindings. The grammar looks like:
-
- file:
- /* empty */
- sections
-
- sections:
- section sections
- section
-
- section:
- '[' section_name ']' bindings
-
- section_name:
- STRING
-
- bindings:
- binding bindings
- binding
-
- binding:
- name '=' STRING
- name '=' '{' bindings '}'
-
- name:
- STRING
-
- STRINGs consists of one or more non-whitespace characters.
-
- STRINGs that are specified later in this man-page uses the following no-
- tation.
-
- boolean
- values can be either yes/true or no/false.
-
- time
- values can be a list of year, month, day, hour, min, second.
- Example: 1 month 2 days 30 min.
-
- etypes
- valid encryption types are: des-cbc-crc, des-cbc-md4, des-cbc-
- md5, des3-cbc-sha1, arcfour-hmac-md5, aes128-cts-hmac-sha1-96,
- and aes256-cts-hmac-sha1-96 .
-
- address
- an address can be either a IPv4 or a IPv6 address.
-
- Currently recognised sections and bindings are:
-
- [appdefaults]
- Specifies the default values to be used for Kerberos applica-
- tions. You can specify defaults per application, realm, or a
-
- combination of these. The preference order is:
- 1. _a_p_p_l_i_c_a_t_i_o_n _r_e_a_l_m _o_p_t_i_o_n
- 2. _a_p_p_l_i_c_a_t_i_o_n _o_p_t_i_o_n
- 3. _r_e_a_l_m _o_p_t_i_o_n
- 4. _o_p_t_i_o_n
-
- The supported options are:
-
- forwardable = _b_o_o_l_e_a_n
- When obtaining initial credentials, make the cre-
- dentials forwardable.
-
- proxiable = _b_o_o_l_e_a_n
- When obtaining initial credentials, make the cre-
- dentials proxiable.
-
- no-addresses = _b_o_o_l_e_a_n
- When obtaining initial credentials, request them
- for an empty set of addresses, making the tickets
- valid from any address.
-
- ticket_lifetime = _t_i_m_e
- Default ticket lifetime.
-
- renew_lifetime = _t_i_m_e
- Default renewable ticket lifetime.
-
- encrypt = _b_o_o_l_e_a_n
- Use encryption, when available.
-
- forward = _b_o_o_l_e_a_n
- Forward credentials to remote host (for rsh(1),
- telnet(1), etc).
-
- [libdefaults]
-
- default_realm = _R_E_A_L_M
- Default realm to use, this is also known as your
- ``local realm''. The default is the result of
- kkrrbb55__ggeett__hhoosstt__rreeaallmm(_l_o_c_a_l _h_o_s_t_n_a_m_e).
-
- clockskew = _t_i_m_e
- Maximum time differential (in seconds) allowed when
- comparing times. Default is 300 seconds (five min-
- utes).
-
- kdc_timeout = _t_i_m_e
- Maximum time to wait for a reply from the kdc, de-
- fault is 3 seconds.
-
- v4_name_convert
-
- v4_instance_resolve
- These are described in the krb5_425_conv_princi-
- pal(3) manual page.
-
- capath = {
-
- _d_e_s_t_i_n_a_t_i_o_n_-_r_e_a_l_m = _n_e_x_t_-_h_o_p_-_r_e_a_l_m
-
- ...
-
- }
-
-
- This is deprecated, see the capaths section below.
-
- default_etypes = _e_t_y_p_e_s _._._.
- A list of default encryption types to use.
-
- default_etypes_des = _e_t_y_p_e_s _._._.
- A list of default encryption types to use when re-
- questing a DES credential.
-
- default_keytab_name = _k_e_y_t_a_b
- The keytab to use if no other is specified, default
- is ``FILE:/etc/krb5.keytab''.
-
- dns_lookup_kdc = _b_o_o_l_e_a_n
- Use DNS SRV records to lookup KDC services loca-
- tion.
-
- dns_lookup_realm = _b_o_o_l_e_a_n
- Use DNS TXT records to lookup domain to realm map-
- pings.
-
- kdc_timesync = _b_o_o_l_e_a_n
- Try to keep track of the time differential between
- the local machine and the KDC, and then compensate
- for that when issuing requests.
-
- max_retries = _n_u_m_b_e_r
- The max number of times to try to contact each KDC.
-
- ticket_lifetime = _t_i_m_e
- Default ticket lifetime.
-
- renew_lifetime = _t_i_m_e
- Default renewable ticket lifetime.
-
- forwardable = _b_o_o_l_e_a_n
- When obtaining initial credentials, make the cre-
- dentials forwardable. This option is also valid in
- the [realms] section.
-
- proxiable = _b_o_o_l_e_a_n
- When obtaining initial credentials, make the cre-
- dentials proxiable. This option is also valid in
- the [realms] section.
-
- verify_ap_req_nofail = _b_o_o_l_e_a_n
- If enabled, failure to verify credentials against a
- local key is a fatal error. The application has to
- be able to read the corresponding service key for
- this to work. Some applications, like su(1), en-
- able this option unconditionally.
-
- warn_pwexpire = _t_i_m_e
- How soon to warn for expiring password. Default is
- seven days.
-
- http_proxy = _p_r_o_x_y_-_s_p_e_c
- A HTTP-proxy to use when talking to the KDC via
- HTTP.
-
- dns_proxy = _p_r_o_x_y_-_s_p_e_c
- Enable using DNS via HTTP.
-
- extra_addresses = _a_d_d_r_e_s_s _._._.
- A list of addresses to get tickets for along with
-
- all local addresses.
-
- time_format = _s_t_r_i_n_g
- How to print time strings in logs, this string is
- passed to strftime(3).
-
- date_format = _s_t_r_i_n_g
- How to print date strings in logs, this string is
- passed to strftime(3).
-
- log_utc = _b_o_o_l_e_a_n
- Write log-entries using UTC instead of your local
- time zone.
-
- scan_interfaces = _b_o_o_l_e_a_n
- Scan all network interfaces for addresses, as op-
- posed to simply using the address associated with
- the system's host name.
-
- fcache_version = _i_n_t
- Use file credential cache format version specified.
-
- krb4_get_tickets = _b_o_o_l_e_a_n
- Also get Kerberos 4 tickets in kkiinniitt, llooggiinn, and
- other programs. This option is also valid in the
- [realms] section.
-
- fcc-mit-ticketflags = _b_o_o_l_e_a_n
- Use MIT compatible format for file credential
- cache. It's the field ticketflags that is stored
- in reverse bit order for older than Heimdal 0.7.
- Setting this flag to TRUE make it store the MIT
- way, this is default for Heimdal 0.7.
-
- [domain_realm]
- This is a list of mappings from DNS domain to Kerberos realm.
- Each binding in this section looks like:
-
- domain = realm
-
- The domain can be either a full name of a host or a trailing
- component, in the latter case the domain-string should start
- with a period. The realm may be the token `dns_locate', in
- which case the actual realm will be determined using DNS (in-
- dependently of the setting of the `dns_lookup_realm' option).
-
- [realms]
-
- _R_E_A_L_M = {
-
- kdc = _[_s_e_r_v_i_c_e_/_]_h_o_s_t_[_:_p_o_r_t_]
- Specifies a list of kdcs for this realm.
- If the optional _p_o_r_t is absent, the de-
- fault value for the ``kerberos/udp''
- ``kerberos/tcp'', and ``http/tcp'' port
- (depending on service) will be used.
- The kdcs will be used in the order that
- they are specified.
-
- The optional _s_e_r_v_i_c_e specifies over what
- medium the kdc should be contacted.
- Possible services are ``udp'', ``tcp'',
- and ``http''. Http can also be written
- as ``http://''. Default service is
-
-
- ``udp'' and ``tcp''.
-
- admin_server = _h_o_s_t_[_:_p_o_r_t_]
- Specifies the admin server for this
- realm, where all the modifications to
- the database are performed.
-
- kpasswd_server = _h_o_s_t_[_:_p_o_r_t_]
- Points to the server where all the pass-
- word changes are performed. If there is
- no such entry, the kpasswd port on the
- admin_server host will be tried.
-
- krb524_server = _h_o_s_t_[_:_p_o_r_t_]
- Points to the server that does 524 con-
- versions. If it is not mentioned, the
- krb524 port on the kdcs will be tried.
-
- v4_instance_convert
-
- v4_name_convert
-
- default_domain
- See krb5_425_conv_principal(3).
-
- tgs_require_subkey
- a boolan variable that defaults to
- false. Old DCE secd (pre 1.1) might
- need this to be true.
-
- }
-
- [capaths]
-
- _c_l_i_e_n_t_-_r_e_a_l_m = {
-
- _s_e_r_v_e_r_-_r_e_a_l_m = _h_o_p_-_r_e_a_l_m _._._.
- This serves two purposes. First the
- first listed _h_o_p_-_r_e_a_l_m tells a client
- which realm it should contact in order
- to ultimately obtain credentials for a
- service in the _s_e_r_v_e_r_-_r_e_a_l_m. Secondly,
- it tells the KDC (and other servers)
- which realms are allowed in a multi-hop
- traversal from _c_l_i_e_n_t_-_r_e_a_l_m to _s_e_r_v_e_r_-
- _r_e_a_l_m. Except for the client case, the
- order of the realms are not important.
-
- _}
-
- [logging]
-
- _e_n_t_i_t_y = _d_e_s_t_i_n_a_t_i_o_n
- Specifies that _e_n_t_i_t_y should use the specified
- destination for logging. See the krb5_openlog(3)
- manual page for a list of defined destinations.
-
- [kdc]
-
- database = {
-
- dbname = _D_A_T_A_B_A_S_E_N_A_M_E
- Use this database for this realm.
-
- realm = _R_E_A_L_M
- Specifies the realm that will be stored
-
- in this database.
-
- mkey_file = _F_I_L_E_N_A_M_E
- Use this keytab file for the master key
- of this database. If not specified
- _D_A_T_A_B_A_S_E_N_A_M_E.mkey will be used.
-
- acl_file = PA FILENAME
- Use this file for the ACL list of this
- database.
-
- log_file = _F_I_L_E_N_A_M_E
- Use this file as the log of changes per-
- formed to the database. This file is
- used by iipprrooppdd--mmaasstteerr for propagating
- changes to slaves.
-
- }
-
- max-request = _S_I_Z_E
- Maximum size of a kdc request.
-
- require-preauth = _B_O_O_L
- If set pre-authentication is required. Since krb4
- requests are not pre-authenticated they will be re-
- jected.
-
- ports = _l_i_s_t _o_f _p_o_r_t_s
- List of ports the kdc should listen to.
-
- addresses = _l_i_s_t _o_f _i_n_t_e_r_f_a_c_e_s
- List of addresses the kdc should bind to.
-
- enable-kerberos4 = _B_O_O_L
- Turn on Kerberos 4 support.
-
- v4-realm = _R_E_A_L_M
- To what realm v4 requests should be mapped.
-
- enable-524 = _B_O_O_L
- Should the Kerberos 524 converting facility be
- turned on. Default is same as _e_n_a_b_l_e_-_k_e_r_b_e_r_o_s_4.
-
- enable-http = _B_O_O_L
- Should the kdc answer kdc-requests over http.
-
- enable-kaserver = _B_O_O_L
- If this kdc should emulate the AFS kaserver.
-
- check-ticket-addresses = _B_O_O_L
- verify the addresses in the tickets used in tgs re-
- quests.
-
- allow-null-ticket-addresses = _B_O_O_L
- Allow addresses-less tickets.
-
- allow-anonymous = _B_O_O_L
- If the kdc is allowed to hand out anonymous tick-
- ets.
-
- encode_as_rep_as_tgs_rep = _B_O_O_L
- Encode as-rep as tgs-rep tobe compatible with mis-
- takes older DCE secd did.
-
- kdc_warn_pwexpire = _T_I_M_E
- The time before expiration that the user should be
- warned that her password is about to expire.
-
- logging = _L_o_g_g_i_n_g
- What type of logging the kdc should use, see also
- [logging]/kdc.
-
- use_2b = _p_r_i_n_c_i_p_a_l _l_i_s_t
- List of principals to use AFS 2b tokens for.
-
- [kadmin]
-
- require-preauth = _B_O_O_L
- If pre-authentication is required to talk to the
- kadmin server.
-
- default_keys = _k_e_y_t_y_p_e_s_._._.
- for each entry in _d_e_f_a_u_l_t___k_e_y_s try to parse it as a
- sequence of _e_t_y_p_e_:_s_a_l_t_t_y_p_e_:_s_a_l_t syntax of this if
- something like:
-
- [(des|des3|etype):](pw-salt|afs3-salt)[:string]
-
- If _e_t_y_p_e is omitted it means everything, and if
- string is omitted it means the default salt string
- (for that principal and encryption type). Addi-
- tional special values of keytypes are:
-
- v5 The Kerberos 5 salt _p_w_-_s_a_l_t
-
- v4 The Kerberos 4 salt _d_e_s_:_p_w_-_s_a_l_t_:
-
- use_v4_salt = _B_O_O_L
- When true, this is the same as
-
- _d_e_f_a_u_l_t___k_e_y_s _= _d_e_s_3_:_p_w_-_s_a_l_t _v_4
-
- and is only left for backwards compatibility.
-
-EENNVVIIRROONNMMEENNTT
- KRB5_CONFIG points to the configuration file to read.
-
-FFIILLEESS
- /etc/krb5.conf configuration file for Kerberos 5.
-
-EEXXAAMMPPLLEESS
- [libdefaults]
- default_realm = FOO.SE
- [domain_realm]
- .foo.se = FOO.SE
- .bar.se = FOO.SE
- [realms]
- FOO.SE = {
- kdc = kerberos.foo.se
- v4_name_convert = {
- rcmd = host
- }
- v4_instance_convert = {
- xyz = xyz.bar.se
- }
- default_domain = foo.se
- }
- [logging]
- kdc = FILE:/var/heimdal/kdc.log
- kdc = SYSLOG:INFO
- default = SYSLOG:INFO:USER
-
-DDIIAAGGNNOOSSTTIICCSS
- Since kkrrbb55..ccoonnff is read and parsed by the krb5 library, there is not a
- lot of opportunities for programs to report parsing errors in any useful
- format. To help overcome this problem, there is a program
- vveerriiffyy__kkrrbb55__ccoonnff that reads kkrrbb55..ccoonnff and tries to emit useful diagnos-
- tics from parsing errors. Note that this program does not have any way
- of knowing what options are actually used and thus cannot warn about un-
- known or misspelled ones.
-
-SSEEEE AALLSSOO
- kinit(1), krb5_425_conv_principal(3), krb5_openlog(3), strftime(3),
- verify_krb5_conf(8)
-
- HEIMDAL March 9, 2004 8
diff --git a/kerberosV/src/lib/krb5/krb5_425_conv_principal.cat3 b/kerberosV/src/lib/krb5/krb5_425_conv_principal.cat3
deleted file mode 100644
index 9927c43e862..00000000000
--- a/kerberosV/src/lib/krb5/krb5_425_conv_principal.cat3
+++ /dev/null
@@ -1,141 +0,0 @@
-
-KRB5_425_CONV_PRINCIPAL(3) UNIX Programmer's Manual KRB5_425_CONV_PRINCIPAL(3)
-
-NNAAMMEE
- kkrrbb55__442255__ccoonnvv__pprriinncciippaall, kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt,
- kkrrbb55__552244__ccoonnvv__pprriinncciippaall - converts to and from version 4 principals
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__442255__ccoonnvv__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e,
- _c_o_n_s_t _c_h_a_r _*_i_n_s_t_a_n_c_e, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e,
- _c_o_n_s_t _c_h_a_r _*_i_n_s_t_a_n_c_e, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m,
- _k_r_b_5___b_o_o_l_e_a_n _(_*_f_u_n_c_)_(_k_r_b_5___c_o_n_t_e_x_t_, _k_r_b_5___p_r_i_n_c_i_p_a_l_),
- _k_r_b_5___b_o_o_l_e_a_n _r_e_s_o_l_v_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__552244__ccoonnvv__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _c_o_n_s_t _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _c_h_a_r _*_n_a_m_e, _c_h_a_r _*_i_n_s_t_a_n_c_e,
- _c_h_a_r _*_r_e_a_l_m)
-
-DDEESSCCRRIIPPTTIIOONN
- Converting between version 4 and version 5 principals can at best be de-
- scribed as a mess.
-
- A version 4 principal consists of a name, an instance, and a realm. A
- version 5 principal consists of one or more components, and a realm. In
- some cases also the first component/name will differ between version 4
- and version 5. Furthermore the second component of a host principal will
- be the fully qualified domain name of the host in question, while the in-
- stance of a version 4 principal will only contain the first part (short
- hostname). Because of these problems the conversion between principals
- will have to be site customized.
-
- kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt() will try to convert a version 4 principal,
- given by _n_a_m_e, _i_n_s_t_a_n_c_e, and _r_e_a_l_m, to a version 5 principal. This can
- result in several possible principals, and if _f_u_n_c is non-NULL, it will
- be called for each candidate principal. _f_u_n_c should return true if the
- principal was ``good''. To accomplish this, kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt()
- will look up the name in _k_r_b_5_._c_o_n_f. It first looks in the
- v4_name_convert/host subsection, which should contain a list of version 4
- names whose instance should be treated as a hostname. This list can be
- specified for each realm (in the realms section), or in the libdefaults
- section. If the name is found the resulting name of the principal will
- be the value of this binding. The instance is then first looked up in
- v4_instance_convert for the specified realm. If found the resulting value
- will be used as instance (this can be used for special cases), no further
- attempts will be made to find a conversion if this fails (with _f_u_n_c). If
- the _r_e_s_o_l_v_e parameter is true, the instance will be looked up with
- ggeetthhoossttbbyynnaammee(). This can be a time consuming, error prone, and unsafe
- operation. Next a list of hostnames will be created from the instance
- and the v4_domains variable, which should contain a list of possible do-
- mains for the specific realm.
-
- On the other hand, if the name is not found in a host section, it is
- looked up in a v4_name_convert/plain binding. If found here the name will
- be converted, but the instance will be untouched.
-
-
- This list of default host-type conversions is compiled-in:
-
- v4_name_convert = {
- host = {
- ftp = ftp
- hprop = hprop
- imap = imap
- pop = pop
- rcmd = host
- smtp = smtp
- }
- }
-
- It will only be used if there isn't an entry for these names in the con-
- fig file, so you can override these defaults.
-
- kkrrbb55__442255__ccoonnvv__pprriinncciippaall() will call kkrrbb55__442255__ccoonnvv__pprriinncciippaall__eexxtt() with
- NULL as _f_u_n_c, and the value of v4_instance_resolve (from the libdefaults
- section) as _r_e_s_o_l_v_e.
-
- kkrrbb55__552244__ccoonnvv__pprriinncciippaall() basically does the opposite of
- kkrrbb55__442255__ccoonnvv__pprriinncciippaall(), it just doesn't have to look up any names, but
- will instead truncate instances found to belong to a host principal. The
- _n_a_m_e, _i_n_s_t_a_n_c_e, and _r_e_a_l_m should be at least 40 characters long.
-
-EEXXAAMMPPLLEESS
- Since this is confusing an example is in place.
-
- Assume that we have the ``foo.com'', and ``bar.com'' domains that have
- shared a single version 4 realm, FOO.COM. The version 4 _k_r_b_._r_e_a_l_m_s file
- looked like:
-
- foo.com FOO.COM
- .foo.com FOO.COM
- .bar.com FOO.COM
-
- A _k_r_b_5_._c_o_n_f file that covers this case might look like:
-
- [libdefaults]
- v4_instance_resolve = yes
- [realms]
- FOO.COM = {
- kdc = kerberos.foo.com
- v4_instance_convert = {
- foo = foo.com
- }
- v4_domains = foo.com
- }
-
- With this setup and the following host table:
-
- foo.com
- a-host.foo.com
- b-host.bar.com
- the following conversions will be made:
-
- rcmd.a-host -> host/a-host.foo.com
- ftp.b-host -> ftp/b-host.bar.com
- pop.foo -> pop/foo.com
- ftp.other -> ftp/other.foo.com
- other.a-host -> other/a-host
-
- The first three are what you expect. If you remove the ``v4_domains'',
- the fourth entry will result in an error (since the host ``other'' can't
- be found). Even if ``a-host'' is a valid host name, the last entry will
- not be converted, since the ``other'' name is not known to represent a
- host-type principal. If you turn off ``v4_instance_resolve'' the second
- example will result in ``ftp/b-host.foo.com'' (because of the default do-
- main). And all of this is of course only valid if you have working name
- resolving.
-
-SSEEEE AALLSSOO
- krb5_build_principal(3), krb5_free_principal(3), krb5_parse_name(3),
- krb5_sname_to_principal(3), krb5_unparse_name(3), krb5.conf(5)
-
- HEIMDAL April 11, 1999 3
diff --git a/kerberosV/src/lib/krb5/krb5_address.cat3 b/kerberosV/src/lib/krb5/krb5_address.cat3
deleted file mode 100644
index 423b1d8d563..00000000000
--- a/kerberosV/src/lib/krb5/krb5_address.cat3
+++ /dev/null
@@ -1,163 +0,0 @@
-
-KRB5_ADDRESS(3) UNIX Programmer's Manual KRB5_ADDRESS(3)
-
-NNAAMMEE
- kkrrbb55__aaddddrreessss, kkrrbb55__aaddddrreesssseess, kkrrbb55__ssoocckkaaddddrr22aaddddrreessss, kkrrbb55__ssoocckkaaddddrr22ppoorrtt,
- kkrrbb55__aaddddrr22ssoocckkaaddddrr, kkrrbb55__mmaaxx__ssoocckkaaddddrr__ssiizzee, kkrrbb55__ssoocckkaaddddrr__uunniinntteerreessttiinngg,
- kkrrbb55__hh__aaddddrr22ssoocckkaaddddrr, kkrrbb55__hh__aaddddrr22aaddddrr, kkrrbb55__aannyyaaddddrr, kkrrbb55__pprriinntt__aaddddrreessss,
- kkrrbb55__ppaarrssee__aaddddrreessss, kkrrbb55__aaddddrreessss__oorrddeerr, kkrrbb55__aaddddrreessss__ccoommppaarree,
- kkrrbb55__aaddddrreessss__sseeaarrcchh, kkrrbb55__ffrreeee__aaddddrreessss, kkrrbb55__ffrreeee__aaddddrreesssseess,
- kkrrbb55__ccooppyy__aaddddrreessss, kkrrbb55__ccooppyy__aaddddrreesssseess, kkrrbb55__aappppeenndd__aaddddrreesssseess,
- kkrrbb55__mmaakkee__aaddddrrppoorrtt - mange addresses in Kerberos.
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ssoocckkaaddddrr22aaddddrreessss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _s_t_r_u_c_t _s_o_c_k_a_d_d_r _*_s_a,
- _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ssoocckkaaddddrr22ppoorrtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _s_t_r_u_c_t _s_o_c_k_a_d_d_r _*_s_a,
- _i_n_t_1_6___t _*_p_o_r_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aaddddrr22ssoocckkaaddddrr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r,
- _s_t_r_u_c_t _s_o_c_k_a_d_d_r _*_s_a, _k_r_b_5___s_o_c_k_l_e_n___t _*_s_a___s_i_z_e, _i_n_t _p_o_r_t)
-
- _s_i_z_e___t
- kkrrbb55__mmaaxx__ssoocckkaaddddrr__ssiizzee(_v_o_i_d)
-
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__ssoocckkaaddddrr__uunniinntteerreessttiinngg(_c_o_n_s_t _s_t_r_u_c_t _s_o_c_k_a_d_d_r _*_s_a)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__hh__aaddddrr22ssoocckkaaddddrr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _a_f, _c_o_n_s_t _c_h_a_r _*_a_d_d_r,
- _s_t_r_u_c_t _s_o_c_k_a_d_d_r _*_s_a, _k_r_b_5___s_o_c_k_l_e_n___t _*_s_a___s_i_z_e, _i_n_t _p_o_r_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__hh__aaddddrr22aaddddrr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _a_f, _c_o_n_s_t _c_h_a_r _*_h_a_d_d_r,
- _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aannyyaaddddrr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _a_f, _s_t_r_u_c_t _s_o_c_k_a_d_d_r _*_s_a,
- _k_r_b_5___s_o_c_k_l_e_n___t _*_s_a___s_i_z_e, _i_n_t _p_o_r_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__pprriinntt__aaddddrreessss(_c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r, _c_h_a_r _*_s_t_r, _s_i_z_e___t _l_e_n,
- _s_i_z_e___t _*_r_e_t___l_e_n)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ppaarrssee__aaddddrreessss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_s_t_r_i_n_g,
- _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s)
-
- _i_n_t
- kkrrbb55__aaddddrreessss__oorrddeerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r_1,
- _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r_2)
-
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__aaddddrreessss__ccoommppaarree(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r_1,
- _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r_2)
-
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__aaddddrreessss__sseeaarrcchh(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r,
- _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ffrreeee__aaddddrreessss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r_e_s_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ffrreeee__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ccooppyy__aaddddrreessss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_i_n_a_d_d_r,
- _k_r_b_5___a_d_d_r_e_s_s _*_o_u_t_a_d_d_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ccooppyy__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_i_n_a_d_d_r,
- _k_r_b_5___a_d_d_r_e_s_s_e_s _*_o_u_t_a_d_d_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aappppeenndd__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_d_e_s_t,
- _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s_e_s _*_s_o_u_r_c_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__mmaakkee__aaddddrrppoorrtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s _*_*_r_e_s,
- _c_o_n_s_t _k_r_b_5___a_d_d_r_e_s_s _*_a_d_d_r, _i_n_t_1_6___t _p_o_r_t)
-
-DDEESSCCRRIIPPTTIIOONN
- The krb5_address structure holds a address that can be used in Kerberos
- API calls. There are help functions to set and extract address informa-
- tion of the address.
-
- The krb5_addresses structure holds a set of krb5_address:es.
-
- kkrrbb55__ssoocckkaaddddrr22aaddddrreessss() stores a address a struct sockaddr _s_a in the
- krb5_address _a_d_d_r.
-
- kkrrbb55__ssoocckkaaddddrr22ppoorrtt() extracts a _p_o_r_t (if possible) from a struct sockaddr
- _s_a.
-
- kkrrbb55__aaddddrr22ssoocckkaaddddrr() sets the struct sockaddr _s_o_c_k_a_d_d_r from _a_d_d_r and
- _p_o_r_t. _S_a___s_i_z_e should be initially contain the size of the _s_a, and after
- the call, it will contain the actual length of the address.
-
- kkrrbb55__mmaaxx__ssoocckkaaddddrr__ssiizzee() returns the max size of the struct sockaddr that
- the Kerberos library will return.
-
- kkrrbb55__ssoocckkaaddddrr__uunniinntteerreessttiinngg() returns TRUE for all _s_a that for that the
- kerberos library thinks are uninteresting. One example are link local
- addresses.
-
- kkrrbb55__hh__aaddddrr22ssoocckkaaddddrr() initializes a struct sockaddr _s_a from _a_f and the
- struct hostent (see gethostbyname(3)) _h___a_d_d_r___l_i_s_t component. _S_a___s_i_z_e
- should be initially contain the size of the _s_a, and after the call, it
- will contain the actual length of the address. _s_a argument.
-
- kkrrbb55__hh__aaddddrr22aaddddrr() works like kkrrbb55__hh__aaddddrr22ssoocckkaaddddrr() with the exception
- that it operates on a krb5_address instead of a struct sockaddr
-
- kkrrbb55__aannyyaaddddrr() fills in a struct sockaddr _s_a that can be used to to.
- _S_a___s_i_z_e should be initially contain the size of the _s_a, and after the
- call, it will contain the actual length of the address.
-
- kkrrbb55__pprriinntt__aaddddrreessss() prints the address in _a_d_d_r to the a string _s_t_r_i_n_g
- that have the length _l_e_n. If _r_e_t___l_e_n if not NULL, it will be filled in
- length of the string.
-
- kkrrbb55__ppaarrssee__aaddddrreessss() Returns the resolving a hostname in _s_t_r_i_n_g to the
- krb5_addresses _a_d_d_r_e_s_s_e_s.
-
-
- kkrrbb55__aaddddrreessss__oorrddeerr() compares to addresses _a_d_d_r_1 and _a_d_d_r_2 so that it can
- be used for sorting addresses. If the addresses are the same address
- _k_r_b_5___a_d_d_r_e_s_s___o_r_d_e_r _w_i_l_l _b_e _r_e_t_u_r_n _0_.
-
- kkrrbb55__aaddddrreessss__ccoommppaarree() compares the addresses _a_d_d_r_1 and _a_d_d_r_2. returns
- TRUE if the two addresses are the same.
-
- kkrrbb55__aaddddrreessss__sseeaarrcchh() checks if the address _a_d_d_r is a member of the ad-
- dress set list _a_d_d_r_l_i_s_t.
-
- kkrrbb55__ffrreeee__aaddddrreessss() frees the data stored in the _a_d_d_r_e_s_s that is alloced
- with any of the krb5_address functions.
-
- kkrrbb55__ffrreeee__aaddddrreesssseess() frees the data stored in the _a_d_d_r_e_s_s_e_s that is al-
- loced with any of the krb5_address functions.
-
- kkrrbb55__ccooppyy__aaddddrreessss() copies the content of address _i_n_a_d_d_r to _o_u_t_a_d_d_r.
-
- kkrrbb55__ccooppyy__aaddddrreesssseess() copies the content of the address list _i_n_a_d_d_r to
- _o_u_t_a_d_d_r.
-
- kkrrbb55__aappppeenndd__aaddddrreesssseess() adds the set of addresses in _s_o_u_r_c_e to _d_e_s_t.
- While copying the addresses, duplicates are also sorted out.
-
- kkrrbb55__mmaakkee__aaddddrrppoorrtt() allocates and creates an krb5_address in _r_e_s of type
- KRB5_ADDRESS_ADDRPORT from (_a_d_d_r, _p_o_r_t).
-
-SSEEEE AALLSSOO
- krb5(3), krb5.conf(5), kerberos(8)
-
- HEIMDAL March 11, 2002 3
diff --git a/kerberosV/src/lib/krb5/krb5_aname_to_localname.cat3 b/kerberosV/src/lib/krb5/krb5_aname_to_localname.cat3
deleted file mode 100644
index 5a662c8b379..00000000000
--- a/kerberosV/src/lib/krb5/krb5_aname_to_localname.cat3
+++ /dev/null
@@ -1,37 +0,0 @@
-
-KRB5_ANAME_TO_LOCALNAME(3) UNIX Programmer's Manual KRB5_ANAME_TO_LOCALNAME(3)
-
-NNAAMMEE
- kkrrbb55__aannaammee__ttoo__llooccaallnnaammee - converts a principal to a system local name.
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__aannaammee__ttoo__llooccaallnnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _n_a_m_e,
- _s_i_z_e___t _l_n_s_i_z_e, _c_h_a_r _*_l_n_a_m_e)
-
-DDEESSCCRRIIPPTTIIOONN
- This function takes a principal _n_a_m_e, verifies its in the local realm
- (using kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss()) and then returns the local name of the
- principal.
-
- If _n_a_m_e isn't in one of the local realms and error is returned.
-
- If size (_l_n_s_i_z_e) of the local name (_l_n_a_m_e) is to small, an error is re-
- turned.
-
- kkrrbb55__aannaammee__ttoo__llooccaallnnaammee() should only be use by application that imple-
- ments protocols that doesn't transport the login name and thus needs to
- convert a principal to a local name.
-
- Protocols should be designed so that the it autheticates using Kerberos,
- send over the login name and then verifies in the principal that authen-
- ticated is allowed to login and the login name. A way to check if a user
- is allowed to login is using the function kkrrbb55__kkuusseerrookk().
-
-SSEEEE AALLSSOO
- krb5_get_default_realms(3), krb5_kuserok(3)
-
- HEIMDAL March 17, 2003 1
diff --git a/kerberosV/src/lib/krb5/krb5_appdefault.cat3 b/kerberosV/src/lib/krb5/krb5_appdefault.cat3
deleted file mode 100644
index 0b5f485d958..00000000000
--- a/kerberosV/src/lib/krb5/krb5_appdefault.cat3
+++ /dev/null
@@ -1,55 +0,0 @@
-
-KRB5_APPDEFAULT(3) UNIX Programmer's Manual KRB5_APPDEFAULT(3)
-
-NNAAMMEE
- kkrrbb55__aappppddeeffaauulltt__bboooolleeaann, kkrrbb55__aappppddeeffaauulltt__ssttrriinngg, kkrrbb55__aappppddeeffaauulltt__ttiimmee -
- get application configuration value
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _v_o_i_d
- kkrrbb55__aappppddeeffaauulltt__bboooolleeaann(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e,
- _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _c_o_n_s_t _c_h_a_r _*_o_p_t_i_o_n, _k_r_b_5___b_o_o_l_e_a_n _d_e_f___v_a_l,
- _k_r_b_5___b_o_o_l_e_a_n _*_r_e_t___v_a_l)
-
- _v_o_i_d
- kkrrbb55__aappppddeeffaauulltt__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e,
- _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _c_o_n_s_t _c_h_a_r _*_o_p_t_i_o_n, _c_o_n_s_t _c_h_a_r _*_d_e_f___v_a_l,
- _c_h_a_r _*_*_r_e_t___v_a_l)
-
- _v_o_i_d
- kkrrbb55__aappppddeeffaauulltt__ttiimmee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_a_p_p_n_a_m_e,
- _k_r_b_5___r_e_a_l_m _r_e_a_l_m, _c_o_n_s_t _c_h_a_r _*_o_p_t_i_o_n, _t_i_m_e___t _d_e_f___v_a_l,
- _t_i_m_e___t _*_r_e_t___v_a_l)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions get application defaults from the appdefaults section of
- the krb5.conf(5) configuration file. These defaults can be specified per
- application, and/or per realm.
-
- These values will be looked for in krb5.conf(5), in order of descending
- importance.
-
- [appdefaults]
- appname = {
- realm = {
- option = value
- }
- }
- appname = {
- option = value
- }
- realm = {
- option = value
- }
- option = value
- _a_p_p_n_a_m_e is the name of the application, and _r_e_a_l_m is the realm name. If
- the realm is omitted it will not be used for resolving values. _d_e_f___v_a_l
- is the value to return if no value is found in krb5.conf(5).
-
-SSEEEE AALLSSOO
- krb5_config(3), krb5.conf(5)
-
- HEIMDAL July 25, 2000 1
diff --git a/kerberosV/src/lib/krb5/krb5_auth_context.cat3 b/kerberosV/src/lib/krb5/krb5_auth_context.cat3
deleted file mode 100644
index 025e739f459..00000000000
--- a/kerberosV/src/lib/krb5/krb5_auth_context.cat3
+++ /dev/null
@@ -1,167 +0,0 @@
-
-KRB5_AUTH_CONTEXT(3) UNIX Programmer's Manual KRB5_AUTH_CONTEXT(3)
-
-NNAAMMEE
- kkrrbb55__aauutthh__ccoonntteexxtt, kkrrbb55__aauutthh__ccoonn__iinniitt, kkrrbb55__aauutthh__ccoonn__ffrreeee,
- kkrrbb55__aauutthh__ccoonn__sseettffllaaggss, kkrrbb55__aauutthh__ccoonn__ggeettffllaaggss, kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss,
- kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd, kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss,
- kkrrbb55__aauutthh__ccoonn__ggeennaaddddrrss, kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy, kkrrbb55__aauutthh__ccoonn__sseettkkeeyy,
- kkrrbb55__aauutthh__ccoonn__ggeettuusseerrkkeeyy, kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy,
- kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy, kkrrbb55__aauutthh__ccoonn__sseettllooccaallssuubbkkeeyy,
- kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy, kkrrbb55__aauutthh__ccoonn__sseettrreemmootteessuubbkkeeyy,
- kkrrbb55__aauutthh__sseettcckkssuummttyyppee, kkrrbb55__aauutthh__ggeettcckkssuummttyyppee, kkrrbb55__aauutthh__sseettkkeeyyttyyppee,
- kkrrbb55__aauutthh__ggeettkkeeyyttyyppee, kkrrbb55__aauutthh__ggeettllooccaallsseeqqnnuummbbeerr,
- kkrrbb55__aauutthh__sseettllooccaallsseeqqnnuummbbeerr, kkrrbb55__aauutthh__ggeettrreemmootteesseeqqnnuummbbeerr,
- kkrrbb55__aauutthh__sseettrreemmootteesseeqqnnuummbbeerr, kkrrbb55__aauutthh__ggeettaauutthheennttiiccaattoorr,
- kkrrbb55__aauutthh__ccoonn__ggeettrrccaacchhee, kkrrbb55__aauutthh__ccoonn__sseettrrccaacchhee,
- kkrrbb55__aauutthh__ccoonn__iinniittiivveeccttoorr, kkrrbb55__aauutthh__ccoonn__sseettiivveeccttoorr - manage authentica-
- tion on connection level
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__iinniitt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t)
-
- _v_o_i_d
- kkrrbb55__aauutthh__ccoonn__ffrreeee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__sseettffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t_3_2___t _f_l_a_g_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__ggeettffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t_3_2___t _*_f_l_a_g_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s _*_l_o_c_a_l___a_d_d_r,
- _k_r_b_5___a_d_d_r_e_s_s _*_r_e_m_o_t_e___a_d_d_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s _*_*_l_o_c_a_l___a_d_d_r,
- _k_r_b_5___a_d_d_r_e_s_s _*_*_r_e_m_o_t_e___a_d_d_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__ggeennaaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _i_n_t _f_d, _i_n_t _f_l_a_g_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _v_o_i_d _*_p___f_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y_b_l_o_c_k)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y_b_l_o_c_k)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y_b_l_o_c_k)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__iinniittiivveeccttoorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _a_u_t_h___c_o_n_t_e_x_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aauutthh__ccoonn__sseettiivveeccttoorr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___a_u_t_h___c_o_n_t_e_x_t _*_a_u_t_h___c_o_n_t_e_x_t, _k_r_b_5___p_o_i_n_t_e_r _i_v_e_c_t_o_r)
-
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55__aauutthh__ccoonntteexxtt structure holds all context related to an authenti-
- cated connection, in a similar way to kkrrbb55__ccoonntteexxtt that holds the context
- for the thread or process. kkrrbb55__aauutthh__ccoonntteexxtt is used by various func-
- tions that are directly related to authentication between the serv-
- er/client. Example of data that this structure contains are various
- flags, addresses of client and server, port numbers, keyblocks (and sub-
- keys), sequence numbers, replay cache, and checksum-type.
-
- kkrrbb55__aauutthh__ccoonn__iinniitt() allocates and initializes the kkrrbb55__aauutthh__ccoonntteexxtt
- structure. Default values can be changed with
- kkrrbb55__aauutthh__ccoonn__sseettcckkssuummttyyppee() and kkrrbb55__aauutthh__ccoonn__sseettffllaaggss(). The
- aauutthh__ccoonntteexxtt structure must be freed by kkrrbb55__aauutthh__ccoonn__ffrreeee().
-
- kkrrbb55__aauutthh__ccoonn__ggeettffllaaggss() and kkrrbb55__aauutthh__ccoonn__sseettffllaaggss() gets and modifies
- the flags for a kkrrbb55__aauutthh__ccoonntteexxtt structure. Possible flags to set are:
-
- KRB5_AUTH_CONTEXT_DO_TIME
- check timestamp on incoming packets.
-
- KRB5_AUTH_CONTEXT_DO_SEQUENCE
- Generate and check sequence-number on each packet.
-
- kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss(), kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd() and
- kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss() gets and sets the addresses that are checked
- when a packet is received. It is mandatory to set an address for the re-
- mote host. If the local address is not set, it iss deduced from the un-
- derlaying operating system. kkrrbb55__aauutthh__ccoonn__ggeettaaddddrrss() will call
- kkrrbb55__ffrreeee__aaddddrreessss() on any address that is passed in _l_o_c_a_l___a_d_d_r or
- _r_e_m_o_t_e___a_d_d_r. kkrrbb55__aauutthh__ccoonn__sseettaaddddrr() allows passing in a NULL pointer as
- _l_o_c_a_l___a_d_d_r and _r_e_m_o_t_e___a_d_d_r, in that case it will just not set that ad-
- dress.
-
- kkrrbb55__aauutthh__ccoonn__sseettaaddddrrss__ffrroomm__ffdd() fetches the addresses from a file de-
- scriptor.
-
- kkrrbb55__aauutthh__ccoonn__ggeennaaddddrrss() fetches the address information from the given
- file descriptor _f_d depending on the bitmap argument _f_l_a_g_s.
-
- Possible values on _f_l_a_g_s are:
-
- _K_R_B_5___A_U_T_H___C_O_N_T_E_X_T___G_E_N_E_R_A_T_E___L_O_C_A_L___A_D_D_R
- fetches the local address from _f_d.
-
- _K_R_B_5___A_U_T_H___C_O_N_T_E_X_T___G_E_N_E_R_A_T_E___R_E_M_O_T_E___A_D_D_R
- fetches the remote address from _f_d.
-
- kkrrbb55__aauutthh__ccoonn__sseettkkeeyy(), kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy() and
- kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy() gets and sets the key used for this auth context.
- The keyblock returned by kkrrbb55__aauutthh__ccoonn__ggeettkkeeyy() should be freed with
- kkrrbb55__ffrreeee__kkeeyybblloocckk(). The keyblock send into kkrrbb55__aauutthh__ccoonn__sseettkkeeyy() is
- copied into the kkrrbb55__aauutthh__ccoonntteexxtt, and thus no special handling is need-
- ed. NULL is not a valid keyblock to kkrrbb55__aauutthh__ccoonn__sseettkkeeyy().
-
- kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy() is only useful when doing user to user authen-
- tication. kkrrbb55__aauutthh__ccoonn__sseettkkeeyy() is equivalent to
- kkrrbb55__aauutthh__ccoonn__sseettuusseerrkkeeyy().
-
- kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy(), kkrrbb55__aauutthh__ccoonn__sseettllooccaallssuubbkkeeyy(),
- kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy() and kkrrbb55__aauutthh__ccoonn__sseettrreemmootteessuubbkkeeyy() gets
- and sets the keyblock for the local and remote subkey. The keyblock re-
- turned by kkrrbb55__aauutthh__ccoonn__ggeettllooccaallssuubbkkeeyy() and
- kkrrbb55__aauutthh__ccoonn__ggeettrreemmootteessuubbkkeeyy() must be freed with kkrrbb55__ffrreeee__kkeeyybblloocckk().
-
- kkrrbb55__aauutthh__sseettcckkssuummttyyppee() and kkrrbb55__aauutthh__ggeettcckkssuummttyyppee() sets and gets the
- checksum type that should be used for this connection.
-
- kkrrbb55__aauutthh__ggeettrreemmootteesseeqqnnuummbbeerr() kkrrbb55__aauutthh__sseettrreemmootteesseeqqnnuummbbeerr(),
- kkrrbb55__aauutthh__ggeettllooccaallsseeqqnnuummbbeerr() and kkrrbb55__aauutthh__sseettllooccaallsseeqqnnuummbbeerr() gets and
- sets the sequence-number for the local and remote sequence-number
- counter.
-
- kkrrbb55__aauutthh__sseettkkeeyyttyyppee() and kkrrbb55__aauutthh__ggeettkkeeyyttyyppee() gets and gets the key-
- type of the keyblock in kkrrbb55__aauutthh__ccoonntteexxtt.
-
- kkrrbb55__aauutthh__ggeettaauutthheennttiiccaattoorr() Retrieves the authenticator that was used
- during mutual authentication. The authenticator returned should be freed
- by calling kkrrbb55__ffrreeee__aauutthheennttiiccaattoorr().
-
- kkrrbb55__aauutthh__ccoonn__ggeettrrccaacchhee() and kkrrbb55__aauutthh__ccoonn__sseettrrccaacchhee() gets and sets the
- replay-cache.
-
- kkrrbb55__aauutthh__ccoonn__iinniittiivveeccttoorr() allocates memory for and zeros the initial
- vector in the _a_u_t_h___c_o_n_t_e_x_t keyblock.
-
- kkrrbb55__aauutthh__ccoonn__sseettiivveeccttoorr() sets the i_vector portion of _a_u_t_h___c_o_n_t_e_x_t to
- _i_v_e_c_t_o_r.
-
-SSEEEE AALLSSOO
- krb5_context(3), kerberos(8)
-
- HEIMDAL January 21, 2001 3
diff --git a/kerberosV/src/lib/krb5/krb5_build_principal.cat3 b/kerberosV/src/lib/krb5/krb5_build_principal.cat3
deleted file mode 100644
index 087dd93eafd..00000000000
--- a/kerberosV/src/lib/krb5/krb5_build_principal.cat3
+++ /dev/null
@@ -1,58 +0,0 @@
-
-KRB5_BUILD_PRINCIPAL(3) UNIX Programmer's Manual KRB5_BUILD_PRINCIPAL(3)
-
-NNAAMMEE
- kkrrbb55__bbuuiilldd__pprriinncciippaall, kkrrbb55__bbuuiilldd__pprriinncciippaall__eexxtt, kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa,
- kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa__eexxtt, kkrrbb55__mmaakkee__pprriinncciippaall - principal creation
- functions
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__bbuuiilldd__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l,
- _i_n_t _r_e_a_l_m___l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__bbuuiilldd__pprriinncciippaall__eexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l,
- _i_n_t _r_e_a_l_m___l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l,
- _i_n_t _r_e_a_l_m___l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _v_a___l_i_s_t _a_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa__eexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l, _i_n_t _r_e_a_l_m___l_e_n, _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m,
- _v_a___l_i_s_t _a_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__mmaakkee__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l,
- _k_r_b_5___c_o_n_s_t___r_e_a_l_m _r_e_a_l_m, _._._.)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions create a Kerberos 5 principal from a realm and a list of
- components. All of these functions return an allocated principal in the
- _p_r_i_n_c_i_p_a_l parameter, this should be freed with kkrrbb55__ffrreeee__pprriinncciippaall() af-
- ter use.
-
- The ``build'' functions take a _r_e_a_l_m and the length of the realm. The
- kkrrbb55__bbuuiilldd__pprriinncciippaall() and kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa() also takes a list of
- components (zero-terminated strings), terminated with NULL. The
- kkrrbb55__bbuuiilldd__pprriinncciippaall__eexxtt() and kkrrbb55__bbuuiilldd__pprriinncciippaall__vvaa__eexxtt() takes a list
- of length-value pairs, the list is terminated with a zero length.
-
- The kkrrbb55__mmaakkee__pprriinncciippaall() is a wrapper around kkrrbb55__bbuuiilldd__pprriinncciippaall(). If
- the realm is NULL, the default realm will be used.
-
-BBUUGGSS
- You can not have a NUL in a component. Until someone can give a good ex-
- ample of where it would be a good idea to have NUL's in a component, this
- will not be fixed.
-
-SSEEEE AALLSSOO
- krb5_425_conv_principal(3), krb5_free_principal(3), krb5_parse_name(3),
- krb5_sname_to_principal(3), krb5_unparse_name(3)
-
- HEIMDAL August 8, 1997 1
diff --git a/kerberosV/src/lib/krb5/krb5_ccache.cat3 b/kerberosV/src/lib/krb5/krb5_ccache.cat3
deleted file mode 100644
index 19624ffb117..00000000000
--- a/kerberosV/src/lib/krb5/krb5_ccache.cat3
+++ /dev/null
@@ -1,176 +0,0 @@
-
-KRB5_CCACHE(3) UNIX Programmer's Manual KRB5_CCACHE(3)
-
-NNAAMMEE
- kkrrbb55__ccccaacchhee, kkrrbb55__cccc__ccuurrssoorr, kkrrbb55__cccc__ooppss, kkrrbb55__ffcccc__ooppss, kkrrbb55__mmcccc__ooppss,
- kkrrbb55__cccc__cclloossee, kkrrbb55__cccc__ccooppyy__ccaacchhee, kkrrbb55__cccc__ddeeffaauulltt, kkrrbb55__cccc__ddeeffaauulltt__nnaammee,
- kkrrbb55__cccc__ddeessttrrooyy, kkrrbb55__cccc__eenndd__sseeqq__ggeett, kkrrbb55__cccc__ggeenn__nneeww, kkrrbb55__cccc__ggeett__nnaammee,
- kkrrbb55__cccc__ggeett__pprriinncciippaall, kkrrbb55__cccc__ggeett__ttyyppee, kkrrbb55__cccc__ggeett__ooppss,
- kkrrbb55__cccc__ggeett__vveerrssiioonn, kkrrbb55__cccc__iinniittiiaalliizzee, kkrrbb55__cccc__rreeggiisstteerr,
- kkrrbb55__cccc__rreessoollvvee, kkrrbb55__cccc__rreettrriieevvee__ccrreedd, kkrrbb55__cccc__rreemmoovvee__ccrreedd,
- kkrrbb55__cccc__sseett__ddeeffaauulltt__nnaammee, kkrrbb55__cccc__ssttoorree__ccrreedd, kkrrbb55__cccc__sseett__ffllaaggss,
- kkrrbb55__cccc__nneexxtt__ccrreedd - mange credential cache.
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- struct krb5_ccache;
-
- struct krb5_cc_cursor;
-
- struct krb5_cc_ops;
-
- struct krb5_cc_ops *krb5_fcc_ops;
-
- struct krb5_cc_ops *krb5_mcc_ops;
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__cclloossee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ccooppyy__ccaacchhee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_c_a_c_h_e _f_r_o_m,
- _k_r_b_5___c_c_a_c_h_e _t_o)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _*_i_d)
-
- _c_o_n_s_t _c_h_a_r _*
- kkrrbb55__cccc__ddeeffaauulltt__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ddeessttrrooyy(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__eenndd__sseeqq__ggeett(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___c_c___c_u_r_s_o_r _*_c_u_r_s_o_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ggeenn__nneeww(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_c___o_p_s _*_o_p_s,
- _k_r_b_5___c_c_a_c_h_e _*_i_d)
-
- _c_o_n_s_t _c_h_a_r _*
- kkrrbb55__cccc__ggeett__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ggeett__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l)
-
- _c_o_n_s_t _c_h_a_r _*
- kkrrbb55__cccc__ggeett__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d)
-
- _c_o_n_s_t _k_r_b_5___c_c___o_p_s _*
- kkrrbb55__cccc__ggeett__ooppss(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d)
-
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ggeett__vveerrssiioonn(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_c_a_c_h_e _i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__iinniittiiaalliizzee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_m_a_r_y___p_r_i_n_c_i_p_a_l)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__rreeggiisstteerr(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_c___o_p_s _*_o_p_s,
- _k_r_b_5___b_o_o_l_e_a_n _o_v_e_r_r_i_d_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__rreessoollvvee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, _k_r_b_5___c_c_a_c_h_e _*_i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__rreettrriieevvee__ccrreedd(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___f_l_a_g_s _w_h_i_c_h_f_i_e_l_d_s, _c_o_n_s_t _k_r_b_5___c_r_e_d_s _*_m_c_r_e_d_s,
- _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__rreemmoovvee__ccrreedd(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___f_l_a_g_s _w_h_i_c_h, _k_r_b_5___c_r_e_d_s _*_c_r_e_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__sseett__ddeeffaauulltt__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__ssttoorree__ccrreedd(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__sseett__ffllaaggss(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _k_r_b_5___c_c___s_e_t___f_l_a_g_s _i_d,
- _k_r_b_5___f_l_a_g_s _f_l_a_g_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cccc__nneexxtt__ccrreedd(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___c_c_a_c_h_e _i_d,
- _k_r_b_5___c_c___c_u_r_s_o_r _*_c_u_r_s_o_r, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s)
-
-DDEESSCCRRIIPPTTIIOONN
- The krb5_ccache structure holds a Kerberos credential cache.
-
- The krb5_cc_cursor structure holds current position in a credential cache
- when iterating over the cache.
-
- The krb5_cc_ops structure holds a set of operations that can me preformed
- on a credential cache.
-
- There is no component inside krb5_ccache, krb5_cc_cursor nor krb5_fcc_ops
- that is directly referable.
-
- The krb5_creds holds a Kerberos credential, see manpage for
- krb5_creds(3).
-
- kkrrbb55__cccc__ddeeffaauulltt__nnaammee() and kkrrbb55__cccc__sseett__ddeeffaauulltt__nnaammee() gets and sets the
- default name for the _c_o_n_t_e_x_t.
-
- kkrrbb55__cccc__ddeeffaauulltt() opens the default ccache in _i_d. Return 0 or an error
- code.
-
- kkrrbb55__cccc__ggeenn__nneeww() generates a new ccache of type _o_p_s in _i_d. Return 0 or
- an error code.
-
- kkrrbb55__cccc__rreessoollvvee() finds and allocates a ccache in _i_d from the specifica-
- tion in _r_e_s_i_d_u_a_l. If the ccache name doesn't contain any colon (:), in-
- terpret it as a file name. Return 0 or an error code.
-
-
- kkrrbb55__cccc__iinniittiiaalliizzee() creates a new ccache in _i_d for _p_r_i_m_a_r_y___p_r_i_n_c_i_p_a_l.
- Return 0 or an error code.
-
- kkrrbb55__cccc__cclloossee() stops using the ccache _i_d and frees the related re-
- sources. Return 0 or an error code. kkrrbb55__cccc__ddeessttrrooyy() removes the
- ccache and closes (by calling kkrrbb55__cccc__cclloossee()) _i_d. Return 0 or an error
- code.
-
- kkrrbb55__cccc__ccooppyy__ccaacchhee() copys the contents of _f_r_o_m to _t_o.
-
- kkrrbb55__cccc__ggeett__nnaammee() returns the name of the ccache _i_d.
-
- kkrrbb55__cccc__ggeett__pprriinncciippaall() returns the principal of _i_d in _p_r_i_n_c_i_p_a_l. Return
- 0 or an error code.
-
- kkrrbb55__cccc__ggeett__ttyyppee() returns the type of the ccache _i_d.
-
- kkrrbb55__cccc__ggeett__ooppss() returns the ops of the ccache _i_d.
-
- kkrrbb55__cccc__ggeett__vveerrssiioonn() returns the version of _i_d.
-
- kkrrbb55__cccc__rreeggiisstteerr() Adds a new ccache type with operations _o_p_s, overwrit-
- ing any existing one if _o_v_e_r_r_i_d_e. Return an error code or 0.
-
- kkrrbb55__cccc__rreemmoovvee__ccrreedd() removes the credential identified by (_c_r_e_d, _w_h_i_c_h)
- from _i_d.
-
- kkrrbb55__cccc__ssttoorree__ccrreedd() stores _c_r_e_d_s in the ccache _i_d. Return 0 or an error
- code.
-
- kkrrbb55__cccc__sseett__ffllaaggss() sets the flags of _i_d to _f_l_a_g_s.
-
- kkrrbb55__cccc__rreettrriieevvee__ccrreedd(), retrieves the credential identified by _m_c_r_e_d_s
- (and _w_h_i_c_h_f_i_e_l_d_s) from _i_d in _c_r_e_d_s. Return 0 or an error code.
-
- kkrrbb55__cccc__nneexxtt__ccrreedd() retrieves the next cred pointed to by (_i_d, _c_u_r_s_o_r) in
- _c_r_e_d_s, and advance _c_u_r_s_o_r. Return 0 or an error code.
-
- kkrrbb55__cccc__eenndd__sseeqq__ggeett() Destroys the cursor _c_u_r_s_o_r.
-
-SSEEEE AALLSSOO
- krb5(3), krb5.conf(5), kerberos(8)
-
- HEIMDAL March 16, 2003 3
diff --git a/kerberosV/src/lib/krb5/krb5_config.cat3 b/kerberosV/src/lib/krb5/krb5_config.cat3
deleted file mode 100644
index 9b8bab29535..00000000000
--- a/kerberosV/src/lib/krb5/krb5_config.cat3
+++ /dev/null
@@ -1,57 +0,0 @@
-
-KRB5_CONFIG(3) UNIX Programmer's Manual KRB5_CONFIG(3)
-
-NNAAMMEE
- kkrrbb55__ccoonnffiigg__ggeett__bbooooll__ddeeffaauulltt, kkrrbb55__ccoonnffiigg__ggeett__iinntt__ddeeffaauulltt,
- kkrrbb55__ccoonnffiigg__ggeett__ssttrriinngg__ddeeffaauulltt, kkrrbb55__ccoonnffiigg__ggeett__ttiimmee__ddeeffaauulltt - get con-
- figuration value
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__ccoonnffiigg__ggeett__bbooooll__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___c_o_n_f_i_g___s_e_c_t_i_o_n _*_c, _k_r_b_5___b_o_o_l_e_a_n _d_e_f___v_a_l_u_e, _._._.)
-
- _i_n_t
- kkrrbb55__ccoonnffiigg__ggeett__iinntt__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_o_n_f_i_g___s_e_c_t_i_o_n _*_c,
- _i_n_t _d_e_f___v_a_l_u_e, _._._.)
-
- _c_o_n_s_t _c_h_a_r_*
- kkrrbb55__ccoonnffiigg__ggeett__ssttrriinngg__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___c_o_n_f_i_g___s_e_c_t_i_o_n _*_c, _c_o_n_s_t _c_h_a_r _*_d_e_f___v_a_l_u_e, _._._.)
-
- _i_n_t
- kkrrbb55__ccoonnffiigg__ggeett__ttiimmee__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___c_o_n_f_i_g___s_e_c_t_i_o_n _*_c, _i_n_t _d_e_f___v_a_l_u_e, _._._.)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions get values from the krb5.conf(5) configuration file, or
- another configuration database specified by the _c parameter.
-
- The variable arguments should be a list of strings naming each subsection
- to look for. For example:
-
- krb5_config_get_bool_default(context, NULL, FALSE, "libdefaults", "log_utc", NULL)
-
- gets the boolean value for the log_utc option, defaulting to FALSE.
-
- kkrrbb55__ccoonnffiigg__ggeett__bbooooll__ddeeffaauulltt() will convert the option value to a boolean
- value, where `yes', `true', and any non-zero number means TRUE, and any
- other value FALSE.
-
- kkrrbb55__ccoonnffiigg__ggeett__iinntt__ddeeffaauulltt() will convert the value to an integer.
-
- kkrrbb55__ccoonnffiigg__ggeett__ttiimmee__ddeeffaauulltt() will convert the value to a period of time
- (not a time stamp) in seconds, so the string `2 weeks' will be converted
- to 1209600 (2 * 7 * 24 * 60 * 60).
-
-BBUUGGSS
- Other than for the string case, there's no way to tell whether there was
- a value specified or not.
-
-SSEEEE AALLSSOO
- krb5_appdefault(3), krb5.conf(5)
-
- HEIMDAL July 25, 2000 1
diff --git a/kerberosV/src/lib/krb5/krb5_context.cat3 b/kerberosV/src/lib/krb5/krb5_context.cat3
deleted file mode 100644
index 0f8abc1b98e..00000000000
--- a/kerberosV/src/lib/krb5/krb5_context.cat3
+++ /dev/null
@@ -1,19 +0,0 @@
-
-KRB5_CONTEXT(3) UNIX Programmer's Manual KRB5_CONTEXT(3)
-
-NNAAMMEE
- kkrrbb55__ccoonntteexxtt - krb5 state structure
-
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55__ccoonntteexxtt structure is designed to hold all per thread state. All
- global variables that are context specific are stored in this structure,
- including default encryption types, credentials-cache (ticket file), and
- default realms.
-
- The internals of the structure should never be accessed directly, func-
- tions exist for extracting information.
-
-SSEEEE AALLSSOO
- krb5_init_context(3), kerberos(8)
-
- HEIMDAL January 21, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_create_checksum.cat3 b/kerberosV/src/lib/krb5/krb5_create_checksum.cat3
deleted file mode 100644
index 9a0d1d99090..00000000000
--- a/kerberosV/src/lib/krb5/krb5_create_checksum.cat3
+++ /dev/null
@@ -1,52 +0,0 @@
-
-NAME(3) UNIX Programmer's Manual NAME(3)
-
-NNAAMMEE
- kkrrbb55__cchheecckkssuumm__iiss__ccoolllliissiioonn__pprrooooff, kkrrbb55__cchheecckkssuumm__iiss__kkeeyyeedd,
- kkrrbb55__cchheecckkssuummssiizzee, kkrrbb55__ccrreeaattee__cchheecckkssuumm, kkrrbb55__vveerriiffyy__cchheecckkssuumm - creates
- and verifies checksums
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ccrreeaattee__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o,
- _u_n_s_i_g_n_e_d _u_s_a_g_e___o_r___t_y_p_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _C_h_e_c_k_s_u_m _*_r_e_s_u_l_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vveerriiffyy__cchheecckkssuumm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o,
- _k_r_b_5___k_e_y___u_s_a_g_e _u_s_a_g_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _C_h_e_c_k_s_u_m _*_c_k_s_u_m)
-
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__cchheecckkssuumm__iiss__ccoolllliissiioonn__pprrooooff(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e)
-
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__cchheecckkssuumm__iiss__kkeeyyeedd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_k_s_u_m_t_y_p_e _t_y_p_e)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions are used to create and verify checksums.
- kkrrbb55__ccrreeaattee__cchheecckkssuumm() creates a checksum of the specified data, and puts
- it in _r_e_s_u_l_t. If _c_r_y_p_t_o is NULL, _u_s_a_g_e___o_r___t_y_p_e specifies the checksum
- type to use; it must not be keyed. Otherwise _c_r_y_p_t_o is an encryption con-
- text created by kkrrbb55__ccrryyppttoo__iinniitt(), and _u_s_a_g_e___o_r___t_y_p_e specifies a key-us-
- age.
-
- kkrrbb55__vveerriiffyy__cchheecckkssuumm() verifies the _c_h_e_c_k_s_u_m, against the provided data.
-
- kkrrbb55__cchheecckkssuumm__iiss__ccoolllliissiioonn__pprrooooff() returns true is the specified checksum
- is collision proof (that it's very unlikely that two strings has the same
- hash value, and that it's hard to find two strings that has the same
- hash). Examples of collision proof checksums are MD5, and SHA1, while
- CRC32 is not.
-
- kkrrbb55__cchheecckkssuumm__iiss__kkeeyyeedd() returns true if the specified checksum type is
- keyed (that the hash value is a function of both the data, and a separate
- key). Examples of keyed hash algorithms are HMAC-SHA1-DES3, and RSA-
- MD5-DES. The ``plain'' hash functions MD5, and SHA1 are not keyed.
-
-SSEEEE AALLSSOO
- krb5_crypto_init(3), krb5_encrypt(3)
-
- HEIMDAL April 7, 1999 1
diff --git a/kerberosV/src/lib/krb5/krb5_crypto_init.cat3 b/kerberosV/src/lib/krb5/krb5_crypto_init.cat3
deleted file mode 100644
index f59863aa021..00000000000
--- a/kerberosV/src/lib/krb5/krb5_crypto_init.cat3
+++ /dev/null
@@ -1,32 +0,0 @@
-
-NAME(3) UNIX Programmer's Manual NAME(3)
-
-NNAAMMEE
- kkrrbb55__ccrryyppttoo__iinniitt, kkrrbb55__ccrryyppttoo__ddeessttrrooyy - initialize encryption context
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ccrryyppttoo__iinniitt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_b_l_o_c_k _*_k_e_y,
- _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, _k_r_b_5___c_r_y_p_t_o _*_c_r_y_p_t_o)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ccrryyppttoo__ddeessttrrooyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions are used to initialize an encryption context that can be
- used to encrypt or checksum data.
-
- The kkrrbb55__ccrryypptt__iinniitt() initializes the encrytion context _c_r_y_p_t_o. The _k_e_y
- parameter is the key to use for encryption, and checksums. The encryption
- type to use is taken from the key, but can be overridden with the _e_n_c_t_y_p_e
- _p_a_r_a_m_e_t_e_r.
-
- kkrrbb55__ccrryyppttoo__ddeessttrrooyy() frees a previously allocated encrypion context.
-
-SSEEEE AALLSSOO
- krb5_create_checksum(3), krb5_encrypt(3)
-
- HEIMDAL April 7, 1999 1
diff --git a/kerberosV/src/lib/krb5/krb5_data.cat3 b/kerberosV/src/lib/krb5/krb5_data.cat3
deleted file mode 100644
index 70aa5e247a1..00000000000
--- a/kerberosV/src/lib/krb5/krb5_data.cat3
+++ /dev/null
@@ -1,71 +0,0 @@
-
-KRB5_DATA(3) UNIX Programmer's Manual KRB5_DATA(3)
-
-NNAAMMEE
- kkrrbb55__ddaattaa kkrrbb55__ddaattaa__zzeerroo kkrrbb55__ddaattaa__ffrreeee kkrrbb55__ffrreeee__ddaattaa__ccoonntteennttss
- kkrrbb55__ffrreeee__ddaattaa kkrrbb55__ddaattaa__aalllloocc kkrrbb55__ddaattaa__rreeaalllloocc kkrrbb55__ddaattaa__ccooppyy
- kkrrbb55__ccooppyy__ddaattaa - operates on the Kerberos datatype krb5_data.
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- struct krb5_data; _v_o_i_d
- kkrrbb55__ddaattaa__zzeerroo(_k_r_b_5___d_a_t_a _*_p)
-
- _v_o_i_d
- kkrrbb55__ddaattaa__ffrreeee(_k_r_b_5___d_a_t_a _*_p)
-
- _v_o_i_d
- kkrrbb55__ffrreeee__ddaattaa__ccoonntteennttss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_a_t_a _*_p)
-
- _v_o_i_d
- kkrrbb55__ffrreeee__ddaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___d_a_t_a _*_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ddaattaa__aalllloocc(_k_r_b_5___d_a_t_a _*_p, _i_n_t _l_e_n)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ddaattaa__rreeaalllloocc(_k_r_b_5___d_a_t_a _*_p, _i_n_t _l_e_n)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ddaattaa__ccooppyy(_k_r_b_5___d_a_t_a _*_p, _c_o_n_s_t _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ccooppyy__ddaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___d_a_t_a _*_i_n_d_a_t_a,
- _k_r_b_5___d_a_t_a _*_*_o_u_t_d_a_t_a)
-
-DDEESSCCRRIIPPTTIIOONN
- The krb5_data structure holds a data element. The structure contains two
- public accessible elements _l_e_n_g_t_h (the length of data) and _d_a_t_a (the data
- itself). The structure must always be initiated and freed by the func-
- tions documented in this manual.
-
- kkrrbb55__ddaattaa__zzeerroo() resets the content of _p.
-
- kkrrbb55__ddaattaa__ffrreeee() free the data in _p.
-
- kkrrbb55__ffrreeee__ddaattaa__ccoonntteennttss() works the same way as _k_r_b_5___d_a_t_a___f_r_e_e. The
- diffrence is that krb5_free_data_contents is more portable (exists in MIT
- api).
-
- kkrrbb55__ffrreeee__ddaattaa() frees the data in _p and _p itself .
-
- kkrrbb55__ddaattaa__aalllloocc() allocates _l_e_n bytes in _p Returns 0 or an error.
-
- kkrrbb55__ddaattaa__rreeaalllloocc() reallocates the length of _p to the length in _l_e_n. Re-
- turns 0 or an error.
-
- kkrrbb55__ddaattaa__ccooppyy() copies the _d_a_t_a that have the length _l_e_n into _p. _p is
- not freed so the calling function should make sure the _p doesn't contain
- anything needs to be freed. Returns 0 or an error.
-
- kkrrbb55__ccooppyy__ddaattaa() copies the krb5_data in _i_n_d_a_t_a to _o_u_t_d_a_t_a. _o_u_t_d_a_t_a is
- not freed so the calling function should make sure the _o_u_t_d_a_t_a doesn't
- contain anything needs to be freed. _o_u_t_d_a_t_a should be freed using
- kkrrbb55__ffrreeee__ddaattaa(). Returns 0 or an error.
-
-SSEEEE AALLSSOO
- krb5(3), krb5_storage(3), kerberos(8)
-
- HEIMDAL March 20, 2003 2
diff --git a/kerberosV/src/lib/krb5/krb5_encrypt.cat3 b/kerberosV/src/lib/krb5/krb5_encrypt.cat3
deleted file mode 100644
index 0188acd39e2..00000000000
--- a/kerberosV/src/lib/krb5/krb5_encrypt.cat3
+++ /dev/null
@@ -1,44 +0,0 @@
-
-KRB5_ENCRYPT(3) UNIX Programmer's Manual KRB5_ENCRYPT(3)
-
-NNAAMMEE
- kkrrbb55__ddeeccrryypptt, kkrrbb55__ddeeccrryypptt__EEnnccrryypptteeddDDaattaa, kkrrbb55__eennccrryypptt,
- kkrrbb55__eennccrryypptt__EEnnccrryypptteeddDDaattaa - encrypt and decrypt data
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__eennccrryypptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, _u_n_s_i_g_n_e_d _u_s_a_g_e,
- _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__eennccrryypptt__EEnnccrryypptteeddDDaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o,
- _u_n_s_i_g_n_e_d _u_s_a_g_e, _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _i_n_t _k_v_n_o,
- _E_n_c_r_y_p_t_e_d_D_a_t_a _*_r_e_s_u_l_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ddeeccrryypptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o, _u_n_s_i_g_n_e_d _u_s_a_g_e,
- _v_o_i_d _*_d_a_t_a, _s_i_z_e___t _l_e_n, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ddeeccrryypptt__EEnnccrryypptteeddDDaattaa(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_y_p_t_o _c_r_y_p_t_o,
- _u_n_s_i_g_n_e_d _u_s_a_g_e, _E_n_c_r_y_p_t_e_d_D_a_t_a _*_e, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions are used to encrypt and decrypt data.
-
- kkrrbb55__eennccrryypptt() puts the encrypted version of _d_a_t_a (of size _l_e_n) in
- _r_e_s_u_l_t. If the encryption type supports using derived keys, _u_s_a_g_e should
- be the appropriate key-usage. kkrrbb55__eennccrryypptt__EEnnccrryypptteeddDDaattaa() does the same
- as kkrrbb55__eennccrryypptt(), but it puts the encrypted data in a _E_n_c_r_y_p_t_e_d_D_a_t_a
- structure instead. If _k_v_n_o is not zero, it will be put in the _k_v_n_o _f_i_e_l_d
- _i_n _t_h_e _E_n_c_r_y_p_t_e_d_D_a_t_a.
-
- kkrrbb55__ddeeccrryypptt(), and kkrrbb55__ddeeccrryypptt__EEnnccrryypptteeddDDaattaa() works similarly.
-
-SSEEEE AALLSSOO
- krb5_create_checksum(3), krb5_crypto_init(3)
-
- HEIMDAL April 7, 1999 1
diff --git a/kerberosV/src/lib/krb5/krb5_free_addresses.cat3 b/kerberosV/src/lib/krb5/krb5_free_addresses.cat3
deleted file mode 100644
index 4bf75c35f48..00000000000
--- a/kerberosV/src/lib/krb5/krb5_free_addresses.cat3
+++ /dev/null
@@ -1,21 +0,0 @@
-
-KRB5_FREE_ADDRESSES(3) UNIX Programmer's Manual KRB5_FREE_ADDRESSES(3)
-
-NNAAMMEE
- kkrrbb55__ffrreeee__aaddddrreesssseess - free list of addresses
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _v_o_i_d
- kkrrbb55__ffrreeee__aaddddrreesssseess(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_e_s_s_e_s)
-
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55__ffrreeee__aaddddrreesssseess() will free a list of addresses that has been
- created with kkrrbb55__ggeett__aallll__cclliieenntt__aaddddrrss() or with some other function.
-
-SSEEEE AALLSSOO
- krb5_get_all_client_addrs(3)
-
- HEIMDAL November 20, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_free_principal.cat3 b/kerberosV/src/lib/krb5/krb5_free_principal.cat3
deleted file mode 100644
index 91aa5319cc7..00000000000
--- a/kerberosV/src/lib/krb5/krb5_free_principal.cat3
+++ /dev/null
@@ -1,23 +0,0 @@
-
-KRB5_FREE_PRINCIPAL(3) UNIX Programmer's Manual KRB5_FREE_PRINCIPAL(3)
-
-NNAAMMEE
- kkrrbb55__ffrreeee__pprriinncciippaall - principal free function
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _v_o_i_d
- kkrrbb55__ffrreeee__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l)
-
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55__ffrreeee__pprriinncciippaall() will free a principal that has been created
- with kkrrbb55__bbuuiilldd__pprriinncciippaall(), kkrrbb55__ppaarrssee__nnaammee(), or with some other func-
- tion.
-
-SSEEEE AALLSSOO
- krb5_425_conv_principal(3), krb5_build_principal(3),
- krb5_parse_name(3), krb5_sname_to_principal(3), krb5_unparse_name(3)
-
- HEIMDAL August 8, 1997 1
diff --git a/kerberosV/src/lib/krb5/krb5_get_all_client_addrs.cat3 b/kerberosV/src/lib/krb5/krb5_get_all_client_addrs.cat3
deleted file mode 100644
index 4093b1a9862..00000000000
--- a/kerberosV/src/lib/krb5/krb5_get_all_client_addrs.cat3
+++ /dev/null
@@ -1,37 +0,0 @@
-
-KRB5_GET_ADDRS(3) UNIX Programmer's Manual KRB5_GET_ADDRS(3)
-
-NNAAMMEE
- kkrrbb55__ggeett__aallll__cclliieenntt__aaddddrrss, kkrrbb55__ggeett__aallll__sseerrvveerr__aaddddrrss - return local ad-
- dresses
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__aallll__cclliieenntt__aaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__aallll__sseerrvveerr__aaddddrrss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___a_d_d_r_e_s_s_e_s _*_a_d_d_r_s)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions return in _a_d_d_r_s a list of addresses associated with the
- local host.
-
- The server variant returns all configured interface addresses (if possi-
- ble), including loop-back addresses. This is useful if you want to create
- sockets to listen to.
-
- The client version will also scan local interfaces (can be turned off by
- setting libdefaults/scan_interfaces to false in _k_r_b_5_._c_o_n_f), but will not
- include loop-back addresses, unless there are no other addresses found.
- It will remove all addresses included in libdefaults/ignore_addresses but
- will unconditionally include addresses in libdefaults/extra_addresses.
-
- The returned addresses should be freed by calling kkrrbb55__ffrreeee__aaddddrreesssseess().
-
-SSEEEE AALLSSOO
- krb5_free_addresses(3)
-
- July 1, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_get_krbhst.cat3 b/kerberosV/src/lib/krb5/krb5_get_krbhst.cat3
deleted file mode 100644
index 493b55284f2..00000000000
--- a/kerberosV/src/lib/krb5/krb5_get_krbhst.cat3
+++ /dev/null
@@ -1,54 +0,0 @@
-
-KRB5_GET_KRBHST(3) UNIX Programmer's Manual KRB5_GET_KRBHST(3)
-
-NNAAMMEE
- kkrrbb55__ggeett__kkrrbbhhsstt kkrrbb55__ggeett__kkrrbb__aaddmmiinn__hhsstt kkrrbb55__ggeett__kkrrbb__cchhaannggeeppww__hhsstt
- kkrrbb55__ggeett__kkrrbb552244hhsstt kkrrbb55__ffrreeee__kkrrbbhhsstt - lookup Kerberos KDC hosts
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__kkrrbbhhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m,
- _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__kkrrbb__aaddmmiinn__hhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m,
- _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__kkrrbb__cchhaannggeeppww__hhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m,
- _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__kkrrbb552244hhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m,
- _c_h_a_r _*_*_*_h_o_s_t_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ffrreeee__kkrrbbhhsstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_h_a_r _*_*_h_o_s_t_l_i_s_t)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions implement the old API to get a list of Kerberos hosts,
- and are thus similar to the kkrrbb55__kkrrbbhhsstt__iinniitt() functions. However, since
- these functions returns _a_l_l hosts in one go, they potentially have to do
- more lookups than necessary. These functions remain for compatibility
- reasons.
-
- After a call to one of these functions, _h_o_s_t_l_i_s_t is a NULL terminated
- list of strings, pointing to the requested Kerberos hosts. These should
- be freed with kkrrbb55__ffrreeee__kkrrbbhhsstt() when done with.
-
-EEXXAAMMPPLLEE
- The following code will print the KDCs of the realm ``MY.REALM''.
-
- char **hosts, **p;
- krb5_get_krbhst(context, "MY.REALM", &hosts);
- for(p = hosts; *p; p++)
- printf("%s\n", *p);
- krb5_free_krbhst(context, hosts);
-
-SSEEEE AALLSSOO
- krb5_krbhst_init(3)
-
- HEIMDAL June 17, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_init_context.cat3 b/kerberosV/src/lib/krb5/krb5_init_context.cat3
deleted file mode 100644
index 4d47bafd5fe..00000000000
--- a/kerberosV/src/lib/krb5/krb5_init_context.cat3
+++ /dev/null
@@ -1,34 +0,0 @@
-
-KRB5_CONTEXT(3) UNIX Programmer's Manual KRB5_CONTEXT(3)
-
-NNAAMMEE
- kkrrbb55__iinniitt__ccoonntteexxtt, kkrrbb55__ffrreeee__ccoonntteexxtt - create and delete krb5_context
- structures
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__iinniitt__ccoonntteexxtt(_k_r_b_5___c_o_n_t_e_x_t _*_c_o_n_t_e_x_t)
-
- _v_o_i_d
- kkrrbb55__ffrreeee__ccoonntteexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t)
-
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55__iinniitt__ccoonntteexxtt() function initializes the _c_o_n_t_e_x_t structure and
- reads the configuration file _/_e_t_c_/_k_r_b_5_._c_o_n_f.
-
- The structure should be freed by calling kkrrbb55__ffrreeee__ccoonntteexxtt() when it is
- no longer being used.
-
-RREETTUURRNN VVAALLUUEESS
- kkrrbb55__iinniitt__ccoonntteexxtt() returns 0 to indicate success. Otherwise an errno
- code is returned. Failure means either that something bad happened dur-
- ing initialization (typically [ENOMEM]) or that Kerberos should not be
- used [ENXIO].
-
-SSEEEE AALLSSOO
- errno(2), krb5_context(3), kerberos(8)
-
- HEIMDAL January 21, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_keytab.cat3 b/kerberosV/src/lib/krb5/krb5_keytab.cat3
deleted file mode 100644
index 301cb1e27c1..00000000000
--- a/kerberosV/src/lib/krb5/krb5_keytab.cat3
+++ /dev/null
@@ -1,212 +0,0 @@
-
-KRB5_KEYTAB(3) UNIX Programmer's Manual KRB5_KEYTAB(3)
-
-NNAAMMEE
- kkrrbb55__kktt__ooppss, kkrrbb55__kkeeyyttaabb__eennttrryy, kkrrbb55__kktt__ccuurrssoorr, kkrrbb55__kktt__aadddd__eennttrryy,
- kkrrbb55__kktt__cclloossee, kkrrbb55__kktt__ccoommppaarree, kkrrbb55__kktt__ccooppyy__eennttrryy__ccoonntteennttss,
- kkrrbb55__kktt__ddeeffaauulltt, kkrrbb55__kktt__ddeeffaauulltt__nnaammee, kkrrbb55__kktt__eenndd__sseeqq__ggeett,
- kkrrbb55__kktt__ffrreeee__eennttrryy, kkrrbb55__kktt__ggeett__eennttrryy, kkrrbb55__kktt__ggeett__nnaammee,
- kkrrbb55__kktt__ggeett__ttyyppee, kkrrbb55__kktt__nneexxtt__eennttrryy, kkrrbb55__kktt__rreeaadd__sseerrvviiccee__kkeeyy,
- kkrrbb55__kktt__rreeggiisstteerr, kkrrbb55__kktt__rreemmoovvee__eennttrryy, kkrrbb55__kktt__rreessoollvvee,
- kkrrbb55__kktt__ssttaarrtt__sseeqq__ggeett - manage keytab (key storage) files
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__aadddd__eennttrryy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d,
- _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_e_n_t_r_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__cclloossee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d)
-
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__kktt__ccoommppaarree(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_e_n_t_r_y,
- _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___k_v_n_o _v_n_o,
- _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ccooppyy__eennttrryy__ccoonntteennttss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _c_o_n_s_t _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_i_n, _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_o_u_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ddeeffaauulltt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _*_i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ddeeffaauulltt__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_h_a_r _*_n_a_m_e, _s_i_z_e___t _n_a_m_e_s_i_z_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__eenndd__sseeqq__ggeett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d,
- _k_r_b_5___k_t___c_u_r_s_o_r _*_c_u_r_s_o_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ffrreeee__eennttrryy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_e_n_t_r_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ggeett__eennttrryy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d,
- _k_r_b_5___c_o_n_s_t___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___k_v_n_o _k_v_n_o,
- _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e, _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_e_n_t_r_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ggeett__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, _c_h_a_r _*_n_a_m_e,
- _s_i_z_e___t _n_a_m_e_s_i_z_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ggeett__ttyyppee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b, _c_h_a_r _*_p_r_e_f_i_x,
- _s_i_z_e___t _p_r_e_f_i_x_s_i_z_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__nneexxtt__eennttrryy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d,
- _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_e_n_t_r_y, _k_r_b_5___k_t___c_u_r_s_o_r _*_c_u_r_s_o_r)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__rreeaadd__sseerrvviiccee__kkeeyy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_o_i_n_t_e_r _k_e_y_p_r_o_c_a_r_g,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _k_r_b_5___k_v_n_o _v_n_o, _k_r_b_5___e_n_c_t_y_p_e _e_n_c_t_y_p_e,
- _k_r_b_5___k_e_y_b_l_o_c_k _*_*_k_e_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__rreeggiisstteerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _k_r_b_5___k_t___o_p_s _*_o_p_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__rreemmoovvee__eennttrryy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d,
- _k_r_b_5___k_e_y_t_a_b___e_n_t_r_y _*_e_n_t_r_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__rreessoollvvee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e, _k_r_b_5___k_e_y_t_a_b _*_i_d)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kktt__ssttaarrtt__sseeqq__ggeett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_e_y_t_a_b _i_d,
- _k_r_b_5___k_t___c_u_r_s_o_r _*_c_u_r_s_o_r)
-
-DDEESSCCRRIIPPTTIIOONN
- A keytab name is on the form type:residual. The residual part is specific
- to each keytab-type.
-
- When a keytab-name is resolved, the type is matched with an internal list
- of keytab types. If there is no matching keytab type, the default keytab
- is used. The current default type is ffiillee. The default value can be
- changed in the configuration file _/_e_t_c_/_k_r_b_5_._c_o_n_f by setting the variable
- [defaults]default_keytab_name.
-
- The keytab types that are implemented in Heimdal are:
-
- ffiillee store the keytab in a file, the type's name is KEYFILE. The
- residual part is a filename.
-
- kkeeyyffiillee
- store the keytab in a AFS keyfile (usually _/_u_s_r_/_a_f_s_/_e_t_c_/_K_e_y_F_i_l_e),
- the type's name is AFSKEYFILE. The residual part is a filename.
-
- kkrrbb44 the keytab is a Kerberos 4 _s_r_v_t_a_b that is on-the-fly converted to
- a keytab. The type's name is krb4. The residual part is a file-
- name.
-
- mmeemmoorryy The keytab is stored in a memory segment. This allows sensitive
- and/or temporary data not to be stored on disk. The type's name
- is MEMORY. There are no residual part, the only pointer back to
- the keytab is the _i_d returned by kkrrbb55__kktt__rreessoollvvee().
-
- kkrrbb55__kkeeyyttaabb__eennttrryy holds all data for an entry in a keytab file, like
- principal name, key-type, key, key-version number, etc. kkrrbb55__kktt__ccuurrssoorr
- holds the current position that is used when iterating through a keytab
- entry with kkrrbb55__kktt__ssttaarrtt__sseeqq__ggeett(), kkrrbb55__kktt__nneexxtt__eennttrryy(), and
- kkrrbb55__kktt__eenndd__sseeqq__ggeett().
-
- kkrrbb55__kktt__ooppss contains the different operations that can be done to a
- keytab. This structure is normally only used when doing a new keytab-type
- implementation.
-
- kkrrbb55__kktt__rreessoollvvee() is the equivalent of an open(2) on keytab. Resolve the
- keytab name in _n_a_m_e into a keytab in _i_d. Returns 0 or an error. The oppo-
- site of kkrrbb55__kktt__rreessoollvvee() is kkrrbb55__kktt__cclloossee(). kkrrbb55__kktt__cclloossee() frees all
- resources allocated to the keytab.
-
- kkrrbb55__kktt__ddeeffaauulltt() sets the argument _i_d to the default keytab. Returns 0
- or an error.
-
- kkrrbb55__kktt__ddeeffaauulltt__nnaammee() copy the name of the default keytab into _n_a_m_e. Re-
- turn 0 or KRB5_CONFIG_NOTENUFSPACE if _n_a_m_e_s_i_z_e is too short.
-
-
- kkrrbb55__kktt__aadddd__eennttrryy() Add a new _e_n_t_r_y to the keytab _i_d. KRB5_KT_NOWRITE is
- returned if the keytab is a readonly keytab.
-
- kkrrbb55__kktt__ccoommppaarree() compares the passed in _e_n_t_r_y against _p_r_i_n_c_i_p_a_l, _v_n_o,
- and _e_n_c_t_y_p_e. Any of _p_r_i_n_c_i_p_a_l, _v_n_o or _e_n_c_t_y_p_e might be 0 which acts as a
- wildcard. Return TRUE if they compare the same, FALSE otherwise.
-
- kkrrbb55__kktt__ccooppyy__eennttrryy__ccoonntteennttss() copies the contents of _i_n into _o_u_t. Returns
- 0 or an error.
-
- kkrrbb55__kktt__ggeett__nnaammee() retrieves the name of the keytab _k_e_y_t_a_b into _n_a_m_e,
- _n_a_m_e_s_i_z_e. Returns 0 or an error.
-
- kkrrbb55__kktt__ggeett__ttyyppee() retrieves the type of the keytab _k_e_y_t_a_b and store the
- prefix/name for type of the keytab into _p_r_e_f_i_x, _p_r_e_f_i_x_s_i_z_e. The prefix
- will have the maximum length of KRB5_KT_PREFIX_MAX_LEN (including termi-
- nating NUL). Returns 0 or an error.
-
- kkrrbb55__kktt__ffrreeee__eennttrryy() frees the contents of _e_n_t_r_y.
-
- kkrrbb55__kktt__ssttaarrtt__sseeqq__ggeett() sets _c_u_r_s_o_r to point at the beginning of _i_d. Re-
- turns 0 or an error.
-
- kkrrbb55__kktt__nneexxtt__eennttrryy() gets the next entry from _i_d pointed to by _c_u_r_s_o_r and
- advance the _c_u_r_s_o_r. Returns 0 or an error.
-
- kkrrbb55__kktt__eenndd__sseeqq__ggeett() releases all resources associated with _c_u_r_s_o_r.
-
- kkrrbb55__kktt__ggeett__eennttrryy() retrieves the keytab entry for _p_r_i_n_c_i_p_a_l, _k_v_n_o_,
- _e_n_c_t_y_p_e into _e_n_t_r_y from the keytab _i_d. Returns 0 or an error.
-
- kkrrbb55__kktt__rreeaadd__sseerrvviiccee__kkeeyy() reads the key identified by (_p_r_i_n_c_i_p_a_l, _v_n_o,
- _e_n_c_t_y_p_e) from the keytab in _k_e_y_p_r_o_c_a_r_g (the default if == NULL) into
- _*_k_e_y. Returns 0 or an error.
-
- kkrrbb55__kktt__rreemmoovvee__eennttrryy() removes the entry _e_n_t_r_y from the keytab _i_d. Re-
- turns 0 or an error.
-
- kkrrbb55__kktt__rreeggiisstteerr() registers a new keytab type _o_p_s. Returns 0 or an er-
- ror.
-
-EEXXAAMMPPLLEE
- This is a minimalistic version of kkttuuttiill.
-
- int
- main (int argc, char **argv)
- {
- krb5_context context;
- krb5_keytab keytab;
- krb5_kt_cursor cursor;
- krb5_keytab_entry entry;
- krb5_error_code ret;
- char *principal;
-
- if (krb5_init_context (&context) != 0)
- errx(1, "krb5_context");
-
- ret = krb5_kt_default (context, &keytab);
- if (ret)
- krb5_err(context, 1, ret, "krb5_kt_default");
-
- ret = krb5_kt_start_seq_get(context, keytab, &cursor);
- if (ret)
- krb5_err(context, 1, ret, "krb5_kt_start_seq_get");
- while((ret = krb5_kt_next_entry(context, keytab, &entry, &cursor)) == 0){
- krb5_unparse_name_short(context, entry.principal, &principal);
- printf("principal: %s\n", principal);
- free(principal);
- krb5_kt_free_entry(context, &entry);
- }
- ret = krb5_kt_end_seq_get(context, keytab, &cursor);
- if (ret)
- krb5_err(context, 1, ret, "krb5_kt_end_seq_get");
- krb5_free_context(context);
- return 0;
- }
-
-SSEEEE AALLSSOO
- krb5.conf(5), kerberos(8)
-
- HEIMDAL February 5, 2001 4
diff --git a/kerberosV/src/lib/krb5/krb5_krbhst_init.cat3 b/kerberosV/src/lib/krb5/krb5_krbhst_init.cat3
deleted file mode 100644
index a4f925f53bd..00000000000
--- a/kerberosV/src/lib/krb5/krb5_krbhst_init.cat3
+++ /dev/null
@@ -1,104 +0,0 @@
-
-KRB5_KRBHST_INIT(3) UNIX Programmer's Manual KRB5_KRBHST_INIT(3)
-
-NNAAMMEE
- kkrrbb55__kkrrbbhhsstt__iinniitt, kkrrbb55__kkrrbbhhsstt__nneexxtt, kkrrbb55__kkrrbbhhsstt__nneexxtt__aass__ssttrriinngg,
- kkrrbb55__kkrrbbhhsstt__rreesseett, kkrrbb55__kkrrbbhhsstt__ffrreeee, kkrrbb55__kkrrbbhhsstt__ffoorrmmaatt__ssttrriinngg,
- kkrrbb55__kkrrbbhhsstt__ggeett__aaddddrriinnffoo - lookup Kerberos KDC hosts
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kkrrbbhhsstt__iinniitt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m,
- _u_n_s_i_g_n_e_d _i_n_t _t_y_p_e, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _*_h_a_n_d_l_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kkrrbbhhsstt__nneexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e,
- _k_r_b_5___k_r_b_h_s_t___i_n_f_o _*_*_h_o_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kkrrbbhhsstt__nneexxtt__aass__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e, _c_h_a_r _*_h_o_s_t_n_a_m_e, _s_i_z_e___t _h_o_s_t_l_e_n)
-
- _v_o_i_d
- kkrrbb55__kkrrbbhhsstt__rreesseett(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e)
-
- _v_o_i_d
- kkrrbb55__kkrrbbhhsstt__ffrreeee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___h_a_n_d_l_e _h_a_n_d_l_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kkrrbbhhsstt__ffoorrmmaatt__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _c_o_n_s_t _k_r_b_5___k_r_b_h_s_t___i_n_f_o _*_h_o_s_t, _c_h_a_r _*_h_o_s_t_n_a_m_e, _s_i_z_e___t _h_o_s_t_l_e_n)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__kkrrbbhhsstt__ggeett__aaddddrriinnffoo(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___k_r_b_h_s_t___i_n_f_o _*_h_o_s_t,
- _s_t_r_u_c_t _a_d_d_r_i_n_f_o _*_*_a_i)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions are used to sequence through all Kerberos hosts of a par-
- ticular realm and service. The service type can be the KDCs, the adminis-
- trative servers, the password changing servers, or the servers for Ker-
- beros 4 ticket conversion.
-
- First a handle to a particular service is obtained by calling
- kkrrbb55__kkrrbbhhsstt__iinniitt() with the _r_e_a_l_m of interest and the type of service to
- lookup. The _t_y_p_e can be one of:
-
- KRB5_KRBHST_KDC
- KRB5_KRBHST_ADMIN
- KRB5_KRBHST_CHANGEPW
- KRB5_KRBHST_KRB524
-
- The _h_a_n_d_l_e is returned to the caller, and should be passed to the other
- functions.
-
- For each call to kkrrbb55__kkrrbbhhsstt__nneexxtt() information a new host is returned.
- The former function returns in _h_o_s_t a pointer to a structure containing
- information about the host, such as protocol, hostname, and port:
-
- typedef struct krb5_krbhst_info {
- enum { KRB5_KRBHST_UDP,
- KRB5_KRBHST_TCP,
- KRB5_KRBHST_HTTP } proto;
- unsigned short port;
- struct addrinfo *ai;
- struct krb5_krbhst_info *next;
- char hostname[1];
- } krb5_krbhst_info;
-
- The related function, kkrrbb55__kkrrbbhhsstt__nneexxtt__aass__ssttrriinngg(), return the same in-
- formation as a url-like string.
-
- When there are no more hosts, these functions return KRB5_KDC_UNREACH.
-
- To re-iterate over all hosts, call kkrrbb55__kkrrbbhhsstt__rreesseett() and the next call
- to kkrrbb55__kkrrbbhhsstt__nneexxtt() will return the first host.
-
- When done with the handle, kkrrbb55__kkrrbbhhsstt__ffrreeee() should be called.
-
- To use a _k_r_b_5___k_r_b_h_s_t___i_n_f_o, there are two functions:
- kkrrbb55__kkrrbbhhsstt__ffoorrmmaatt__ssttrriinngg() that will return a printable representation
- of that struct and kkrrbb55__kkrrbbhhsstt__ggeett__aaddddrriinnffoo() that will return a _s_t_r_u_c_t
- _a_d_d_r_i_n_f_o that can then be used for communicating with the server men-
- tioned.
-
-EEXXAAMMPPLLEE
- The following code will print the KDCs of the realm ``MY.REALM''.
-
- krb5_krbhst_handle handle;
- char host[MAXHOSTNAMELEN];
- krb5_krbhst_init(context, "MY.REALM", KRB5_KRBHST_KDC, &handle);
- while(krb5_krbhst_next_as_string(context, handle,
- host, sizeof(host)) == 0)
- printf("%s\n", host);
- krb5_krbhst_free(context, handle);
-
-HHIISSTTOORRYY
- These functions first appeared in Heimdal 0.3g.
-
-SSEEEE AALLSSOO
- getaddrinfo(3), krb5_get_krbhst(3)
-
- HEIMDAL June 17, 2001 2
diff --git a/kerberosV/src/lib/krb5/krb5_kuserok.cat3 b/kerberosV/src/lib/krb5/krb5_kuserok.cat3
deleted file mode 100644
index 379acb8fdfd..00000000000
--- a/kerberosV/src/lib/krb5/krb5_kuserok.cat3
+++ /dev/null
@@ -1,36 +0,0 @@
-
-KRB5_KUSEROK(3) UNIX Programmer's Manual KRB5_KUSEROK(3)
-
-NNAAMMEE
- kkrrbb55__kkuusseerrookk - verifies if a principal can log in as a
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___b_o_o_l_e_a_n
- kkrrbb55__kkuusseerrookk(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l,
- _c_o_n_s_t _c_h_a_r _*_n_a_m_e)
-
-DDEESSCCRRIIPPTTIIOONN
- This function takes a local user _n_a_m_e and verifies if _p_r_i_n_c_i_p_a_l is al-
- lowed to log in as that user.
-
- First kkrrbb55__kkuusseerrookk check if there is a local account name _u_s_e_r_n_a_m_e_. If
- there isn't, kkrrbb55__kkuusseerrookk returns FALSE.
-
- Then kkrrbb55__kkuusseerrookk checks if principal is the same as user@realm in any of
- the default realms. If that is the case, kkrrbb55__kkuusseerrookk returns TRUE.
-
- After that it reads the file _._k_5_l_o_g_i_n (if it exists) in the users home
- directory and checks if _p_r_i_n_c_i_p_a_l is in the file. If it does exists,
- TRUE is returned. If neither of the above turns out to be true, is re-
- turned.
-
- The _._k_5_l_o_g_i_n should contain one principal per line.
-
-SSEEEE AALLSSOO
- krb5_get_default_realms(3), krb5_verify_user(3),
- krb5_verify_user_lrealm(3), krb5_verify_user_opt(3,) krb5.conf(5)
-
- HEIMDAL Oct 17, 2002 1
diff --git a/kerberosV/src/lib/krb5/krb5_openlog.cat3 b/kerberosV/src/lib/krb5/krb5_openlog.cat3
deleted file mode 100644
index 47177bafb45..00000000000
--- a/kerberosV/src/lib/krb5/krb5_openlog.cat3
+++ /dev/null
@@ -1,156 +0,0 @@
-
-KRB5_OPENLOG(3) UNIX Programmer's Manual KRB5_OPENLOG(3)
-
-NNAAMMEE
- kkrrbb55__iinniittlloogg, kkrrbb55__ooppeennlloogg, kkrrbb55__cclloosseelloogg, kkrrbb55__aaddddlloogg__ddeesstt,
- kkrrbb55__aaddddlloogg__ffuunncc, kkrrbb55__lloogg, kkrrbb55__vvlloogg, kkrrbb55__lloogg__mmssgg, kkrrbb55__vvlloogg__mmssgg -
- Heimdal logging functions
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _t_y_p_e_d_e_f _v_o_i_d
- (**kkrrbb55__lloogg__lloogg__ffuunncc__tt)(_c_o_n_s_t _c_h_a_r _*_t_i_m_e, _c_o_n_s_t _c_h_a_r _*_m_e_s_s_a_g_e, _v_o_i_d _*_d_a_t_a)
-
- _t_y_p_e_d_e_f _v_o_i_d
- (**kkrrbb55__lloogg__cclloossee__ffuunncc__tt)(_v_o_i_d _*_d_a_t_a)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aaddddlloogg__ddeesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y,
- _c_o_n_s_t _c_h_a_r _*_d_e_s_t_i_n_a_t_i_o_n)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__aaddddlloogg__ffuunncc(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y,
- _i_n_t _m_i_n, _i_n_t _m_a_x, _k_r_b_5___l_o_g___l_o_g___f_u_n_c___t _l_o_g,
- _k_r_b_5___l_o_g___c_l_o_s_e___f_u_n_c___t _c_l_o_s_e, _v_o_i_d _*_d_a_t_a)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cclloosseelloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__iinniittlloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_p_r_o_g_r_a_m,
- _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_*_f_a_c_i_l_i_t_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__lloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, _i_n_t _l_e_v_e_l,
- _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__lloogg__mmssgg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y,
- _c_h_a_r _*_*_r_e_p_l_y, _i_n_t _l_e_v_e_l, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ooppeennlloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_p_r_o_g_r_a_m,
- _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_*_f_a_c_i_l_i_t_y)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vvlloogg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y, _i_n_t _l_e_v_e_l,
- _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_r_g_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vvlloogg__mmssgg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y,
- _c_h_a_r _*_*_r_e_p_l_y, _i_n_t _l_e_v_e_l, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_r_g_l_i_s_t)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions logs messages to one or more destinations.
-
- The kkrrbb55__ooppeennlloogg() function creates a logging _f_a_c_i_l_i_t_y, that is used to
- log messages. A facility consists of one or more destinations (which can
- be files or syslog or some other device). The _p_r_o_g_r_a_m parameter should be
- the generic name of the program that is doing the logging. This name is
- used to lookup which destinations to use. This information is contained
- in the logging section of the _k_r_b_5_._c_o_n_f configuration file. If no entry
- is found for _p_r_o_g_r_a_m, the entry for default is used, or if that is miss-
- ing too, SYSLOG will be used as destination.
-
- To close a logging facility, use the kkrrbb55__cclloosseelloogg() function.
-
- To log a message to a facility use one of the functions kkrrbb55__lloogg(),
- kkrrbb55__lloogg__mmssgg(), kkrrbb55__vvlloogg(), or kkrrbb55__vvlloogg__mmssgg(). The functions ending in
- _msg return in _r_e_p_l_y a pointer to the message that just got logged. This
- string is allocated, and should be freed with ffrreeee(). The _f_o_r_m_a_t is a
- standard pprriinnttff() style format string (but see the BUGS section).
-
- If you want better control of where things gets logged, you can instead
- of using kkrrbb55__ooppeennlloogg() call kkrrbb55__iinniittlloogg(), which just initializes a fa-
- cility, but doesn't define any actual logging destinations. You can then
- add destinations with the kkrrbb55__aaddddlloogg__ddeesstt() and kkrrbb55__aaddddlloogg__ffuunncc() func-
- tions. The first of these takes a string specifying a logging destina-
- tion, and adds this to the facility. If you want to do some non-standard
- logging you can use the kkrrbb55__aaddddlloogg__ffuunncc() function, which takes a func-
- tion to use when logging. The _l_o_g function is called for each message
- with _t_i_m_e being a string specifying the current time, and _m_e_s_s_a_g_e the
- message to log. _c_l_o_s_e is called when the facility is closed. You can
- pass application specific data in the _d_a_t_a parameter. The _m_i_n and _m_a_x pa-
- rameter are the same as in a destination (defined below). To specify a
- max of infinity, pass -1.
-
- kkrrbb55__ooppeennlloogg() calls kkrrbb55__iinniittlloogg() and then calls kkrrbb55__aaddddlloogg__ddeesstt() for
- each destination found.
-
- DDeessttiinnaattiioonnss
- The defined destinations (as specified in _k_r_b_5_._c_o_n_f) follows:
-
- STDERR
- This logs to the program's stderr.
-
- FILE:_/_f_i_l_e
-
- FILE=_/_f_i_l_e
- Log to the specified file. The form using a colon appends to
- the file, the form with an equal truncates the file. The trun-
- cating form keeps the file open, while the appending form
- closes it after each log message (which makes it possible to
- rotate logs). The truncating form is mainly for compatibility
- with the MIT libkrb5.
-
- DEVICE=_/_d_e_v_i_c_e
- This logs to the specified device, at present this is the same
- as FILE:/device.
-
- CONSOLE
- Log to the console, this is the same as DEVICE=/dev/console.
-
- SYSLOG[:priority[:facility]]
- Send messages to the syslog system, using priority, and facil-
- ity. To get the name for one of these, you take the name of
- the macro passed to syslog(3), and remove the leading LOG_
- (LOG_NOTICE becomes NOTICE). The default values (as well as
- the values used for unrecognised values), are ERR, and AUTH,
- respectively. See syslog(3) for a list of priorities and fa-
- cilities.
-
- Each destination may optionally be prepended with a range of logging lev-
- els, specified as min-max/. If the _l_e_v_e_l parameter to kkrrbb55__lloogg() is with-
- in this range (inclusive) the message gets logged to this destination,
- otherwise not. Either of the min and max valued may be omitted, in this
- case min is assumed to be zero, and max is assumed to be infinity. If
- you don't include a dash, both min and max gets set to the specified val-
- ue. If no range is specified, all messages gets logged.
-
-EEXXAAMMPPLLEE
- [logging]
- kdc = 0/FILE:/var/log/kdc.log
- kdc = 1-/SYSLOG:INFO:USER
- default = STDERR
-
- This will log all messages from the kkddcc program with level 0 to
- _/_v_a_r_/_l_o_g_/_k_d_c_._l_o_g, other messages will be logged to syslog with priority
- LOG_INFO, and facility LOG_USER. All other programs will log all messages
- to their stderr.
-
-BBUUGGSS
- These functions use aasspprriinnttff() to format the message. If your operating
- system does not have a working aasspprriinnttff(), a replacement will be used. At
- present this replacement does not handle some correct conversion specifi-
- cations (like floating point numbers). Until this is fixed, the use of
- these conversions should be avoided.
-
- If logging is done to the syslog facility, these functions might not be
- thread-safe, depending on the implementation of ooppeennlloogg(), and ssyysslloogg().
-
-SSEEEE AALLSSOO
- syslog(3), krb5.conf(5)
-
- HEIMDAL August 6, 1997 3
diff --git a/kerberosV/src/lib/krb5/krb5_parse_name.cat3 b/kerberosV/src/lib/krb5/krb5_parse_name.cat3
deleted file mode 100644
index 73c72a1d54a..00000000000
--- a/kerberosV/src/lib/krb5/krb5_parse_name.cat3
+++ /dev/null
@@ -1,30 +0,0 @@
-
-KRB5_PARSE_NAME(3) UNIX Programmer's Manual KRB5_PARSE_NAME(3)
-
-NNAAMMEE
- kkrrbb55__ppaarrssee__nnaammee - string to principal conversion
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ppaarrssee__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_n_a_m_e,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l)
-
-DDEESSCCRRIIPPTTIIOONN
- kkrrbb55__ppaarrssee__nnaammee() converts a string representation of a principal name to
- kkrrbb55__pprriinncciippaall. The _p_r_i_n_c_i_p_a_l will point to allocated data that should be
- freed with kkrrbb55__ffrreeee__pprriinncciippaall().
-
- The string should consist of one or more name components separated with
- slashes (``/''), optionally followed with an ``@'' and a realm name. A
- slash or @ may be contained in a name component by quoting it with a
- back-slash (`` .'') A realm should not contain slashes or colons.
-
-SSEEEE AALLSSOO
- krb5_425_conv_principal(3), krb5_build_principal(3),
- krb5_free_principal(3), krb5_sname_to_principal(3), krb5_un-
- parse_name(3)
-
- HEIMDAL August 8, 1997 1
diff --git a/kerberosV/src/lib/krb5/krb5_principal_get_realm.cat3 b/kerberosV/src/lib/krb5/krb5_principal_get_realm.cat3
deleted file mode 100644
index 27cb8b45425..00000000000
--- a/kerberosV/src/lib/krb5/krb5_principal_get_realm.cat3
+++ /dev/null
@@ -1,42 +0,0 @@
-
-KRB5_PRINCIPAL_GET_REALM(3)UNIX Programmer's ManualKRB5_PRINCIPAL_GET_REALM(3)
-
-NNAAMMEE
- kkrrbb55__pprriinncciippaall__ggeett__rreeaallmm, kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg - decompose a
- principal
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _c_o_n_s_t _c_h_a_r _*
- kkrrbb55__pprriinncciippaall__ggeett__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l)
-
- _c_o_n_s_t _c_h_a_r _*
- kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t,
- _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l, _u_n_s_i_g_n_e_d _i_n_t _c_o_m_p_o_n_e_n_t)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions return parts of the _p_r_i_n_c_i_p_a_l, either the realm or a spe-
- cific component. The returned string points to data inside the principal,
- so they are valid only as long as the principal exists.
-
- The _c_o_m_p_o_n_e_n_t argument to kkrrbb55__pprriinncciippaall__ggeett__ccoommpp__ssttrriinngg() is the compo-
- nent number to return, from zero to the total number of components minus
- one. If a the requested component number is out of range, NULL is re-
- turned.
-
- These functions can be seen as a replacement for the kkrrbb55__pprriinncc__rreeaallmm(),
- kkrrbb55__pprriinncc__ccoommppoonneenntt() and related macros, described as intermal in the
- MIT API specification. A difference is that these functions return
- strings, not krb5_data. A reason to return krb5_data was that it was be-
- lieved that principal components could contain binary data, but this be-
- lief was unfounded, and it has been decided that principal components are
- infact UTF8, so it's safe to use zero terminated strings.
-
- It's generally not necessary to look at the components of a principal.
-
-SSEEEE AALLSSOO
- krb5_unparse_name(3)
-
- HEIMDAL June 20, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_set_default_realm.cat3 b/kerberosV/src/lib/krb5/krb5_set_default_realm.cat3
deleted file mode 100644
index 539e65c3e13..00000000000
--- a/kerberosV/src/lib/krb5/krb5_set_default_realm.cat3
+++ /dev/null
@@ -1,61 +0,0 @@
-
-KRB5_SET_DEFAULT_REALM(3) UNIX Programmer's Manual KRB5_SET_DEFAULT_REALM(3)
-
-NNAAMMEE
- kkrrbb55__ffrreeee__hhoosstt__rreeaallmm kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmm kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss
- kkrrbb55__ggeett__hhoosstt__rreeaallmm kkrrbb55__sseett__ddeeffaauulltt__rreeaallmm - default and host realm read
- and manipulation routines
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ffrreeee__hhoosstt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m_l_i_s_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_e_a_l_m _*_r_e_a_l_m)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___r_e_a_l_m _*_*_r_e_a_l_m)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ggeett__hhoosstt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_h_o_s_t,
- _k_r_b_5___r_e_a_l_m _*_*_r_e_a_l_m_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__sseett__ddeeffaauulltt__rreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_r_e_a_l_m)
-
-DDEESSCCRRIIPPTTIIOONN
- kkrrbb55__ffrreeee__hhoosstt__rreeaallmm() frees all memory allocated by _r_e_a_l_m_l_i_s_t.
-
- kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmm() returns the first default realm for this host.
- The realm returned should be free with ffrreeee().
-
- kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss() returns a NULL terminated list of default
- realms for this context. Realms returned by kkrrbb55__ggeett__ddeeffaauulltt__rreeaallmmss()
- should be free with kkrrbb55__ffrreeee__hhoosstt__rreeaallmm().
-
- kkrrbb55__ggeett__hhoosstt__rreeaallmm() returns a NULL terminated list of realms for _h_o_s_t
- by looking up the information in the [domain_realm] in _k_r_b_5_._c_o_n_f or in
- DNS. If the mapping in [domain_realm] results in the string dns_locate,
- DNS is used to lookup the realm.
-
- When using DNS to a resolve the domain for the host a.b.c,
- kkrrbb55__ggeett__hhoosstt__rreeaallmm() looks for a TXT resource record named
- _kerberos.a.b.c, and if not found, it strips off the first component and
- tries a again (_kerberos.b.c) until it reaches the root.
-
- If there is no configuration or DNS information found,
- kkrrbb55__ggeett__hhoosstt__rreeaallmm() assumes it can use the domain part of the _h_o_s_t to
- form a realm.
-
- kkrrbb55__sseett__ddeeffaauulltt__rreeaallmm() sets the default realm for the _c_o_n_t_e_x_t. If NULL
- is used as a _r_e_a_l_m, the [libdefaults]default_realm stanza in _k_r_b_5_._c_o_n_f is
- used. If there is no such stanza in the configuration file, the
- kkrrbb55__ggeett__hhoosstt__rreeaallmm() function is used to form a default realm.
-
-SSEEEE AALLSSOO
- krb5.conf(5), free(3)
-
- HEIMDAL Mar 16, 2003 1
diff --git a/kerberosV/src/lib/krb5/krb5_set_password.cat3 b/kerberosV/src/lib/krb5/krb5_set_password.cat3
deleted file mode 100644
index 5c1189674f4..00000000000
--- a/kerberosV/src/lib/krb5/krb5_set_password.cat3
+++ /dev/null
@@ -1,46 +0,0 @@
-
-KRB5_SET_PASSWORD(3) UNIX Programmer's Manual KRB5_SET_PASSWORD(3)
-
-NNAAMMEE
- kkrrbb55__cchhaannggee__ppaasssswwoorrdd, kkrrbb55__sseett__ppaasssswwoorrdd, kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee -
- change password functions
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__cchhaannggee__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s,
- _c_h_a_r _*_n_e_w_p_w, _i_n_t _*_r_e_s_u_l_t___c_o_d_e, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___c_o_d_e___s_t_r_i_n_g,
- _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___s_t_r_i_n_g)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__sseett__ppaasssswwoorrdd(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_r_e_d_s _*_c_r_e_d_s,
- _c_h_a_r _*_n_e_w_p_w,_k_r_b_5___p_r_i_n_c_i_p_a_l _t_a_r_g_p_r_i_n_c, _,, _i_n_t _*_r_e_s_u_l_t___c_o_d_e,
- _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___c_o_d_e___s_t_r_i_n_g, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___s_t_r_i_n_g)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__sseett__ppaasssswwoorrdd__uussiinngg__ccccaacchhee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e,
- _c_h_a_r _*_n_e_w_p_w, _k_r_b_5___p_r_i_n_c_i_p_a_l _t_a_r_g_p_r_i_n_c, _i_n_t _*_r_e_s_u_l_t___c_o_d_e,
- _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___c_o_d_e___s_t_r_i_n_g, _k_r_b_5___d_a_t_a _*_r_e_s_u_l_t___s_t_r_i_n_g)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions change the password for a given principal.
-
- kkrrbb55__sseett__ppaasssswwoorrdd() and _k_r_b_5___s_e_t___p_a_s_s_w_o_r_d___u_s_i_n_g___c_c_a_c_h_e is the newer two
- of the three functions and uses a newer version of the protocol (and
- falls back to the older when the newer doesn't work).
-
- kkrrbb55__cchhaannggee__ppaasssswwoorrdd() set the password _n_e_w_p_a_s_s_w_d for the client princi-
- pal in _c_r_e_d_s. The server principal of creds must be kadmin/changepw.
-
- kkrrbb55__sseett__ppaasssswwoorrdd() changes the password for the principal _t_a_r_g_p_r_i_n_c, if
- _t_a_r_g_p_r_i_n_c is NULL the default principal in _c_c_a_c_h_e is used.
-
- Both functions returns and error in _r_e_s_u_l_t___c_o_d_e and maybe an error
- strings to print in _r_e_s_u_l_t___s_t_r_i_n_g.
-
-SSEEEE AALLSSOO
- krb5_ccache(3), krb5_init_context(3)
-
- HEIMDAL June 2, 2004 1
diff --git a/kerberosV/src/lib/krb5/krb5_sname_to_principal.cat3 b/kerberosV/src/lib/krb5/krb5_sname_to_principal.cat3
deleted file mode 100644
index 25e0cde33b8..00000000000
--- a/kerberosV/src/lib/krb5/krb5_sname_to_principal.cat3
+++ /dev/null
@@ -1,36 +0,0 @@
-
-KRB5_PRINCIPAL(3) UNIX Programmer's Manual KRB5_PRINCIPAL(3)
-
-NNAAMMEE
- kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall, kkrrbb55__ssoocckk__ttoo__pprriinncciippaall - create a service prin-
- cipal
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_h_o_s_t_n_a_m_e,
- _c_o_n_s_t _c_h_a_r _*_s_n_a_m_e, _i_n_t_3_2___t _t_y_p_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ssoocckk__ttoo__pprriinncciippaall(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _s_o_c_k_e_t,
- _c_o_n_s_t _c_h_a_r _*_s_n_a_m_e, _i_n_t_3_2___t _t_y_p_e, _k_r_b_5___p_r_i_n_c_i_p_a_l _*_p_r_i_n_c_i_p_a_l)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions create a ``service'' principal that can, for instance, be
- used to lookup a key in a keytab. For both these function the _s_n_a_m_e pa-
- rameter will be used for the first component of the created principal. If
- _s_n_a_m_e is NULL, ``host'' will be used instead. kkrrbb55__ssnnaammee__ttoo__pprriinncciippaall()
- will use the passed _h_o_s_t_n_a_m_e for the second component. If type
- KRB5_NT_SRV_HST this name will be looked up with ggeetthhoossttbbyynnaammee(). If
- _h_o_s_t_n_a_m_e _i_s NULL, the local hostname will be used.
-
- kkrrbb55__ssoocckk__ttoo__pprriinncciippaall() will use the ``sockname'' of the passed _s_o_c_k_e_t,
- which should be a bound AF_INET socket.
-
-SSEEEE AALLSSOO
- krb5_425_conv_principal(3), krb5_build_principal(3),
- krb5_free_principal(3), krb5_parse_name(3), krb5_unparse_name(3)
-
- HEIMDAL August 8, 1997 1
diff --git a/kerberosV/src/lib/krb5/krb5_timeofday.cat3 b/kerberosV/src/lib/krb5/krb5_timeofday.cat3
deleted file mode 100644
index fe0a2afe207..00000000000
--- a/kerberosV/src/lib/krb5/krb5_timeofday.cat3
+++ /dev/null
@@ -1,25 +0,0 @@
-
-KRB5_TIMEOFDAY(3) UNIX Programmer's Manual KRB5_TIMEOFDAY(3)
-
-NNAAMMEE
- kkrrbb55__ttiimmeeooffddaayy, kkrrbb55__uuss__ttiimmeeooffddaayy - whatever these functions do
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__ttiimmeeooffddaayy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___t_i_m_e_s_t_a_m_p _*_t_i_m_e_r_e_t)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__uuss__ttiimmeeooffddaayy(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t_3_2___t _*_s_e_c, _i_n_t_3_2___t _*_u_s_e_c)
-
-DDEESSCCRRIIPPTTIIOONN
- kkrrbb55__ttiimmeeooffddaayy() returns the current time, but adjusted with the time
- difference between the local host and the KDC. kkrrbb55__uuss__ttiimmeeooffddaayy() also
- returns microseconds.
-
-SSEEEE AALLSSOO
- gettimeofday(2)
-
- July 1, 2001 1
diff --git a/kerberosV/src/lib/krb5/krb5_unparse_name.cat3 b/kerberosV/src/lib/krb5/krb5_unparse_name.cat3
deleted file mode 100644
index 0eb8d76be51..00000000000
--- a/kerberosV/src/lib/krb5/krb5_unparse_name.cat3
+++ /dev/null
@@ -1,24 +0,0 @@
-
-KRB5_UNPARSE_NAME(3) UNIX Programmer's Manual KRB5_UNPARSE_NAME(3)
-
-NNAAMMEE
- kkrrbb55__uunnppaarrssee__nnaammee - principal to string conversion
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__uunnppaarrssee__nnaammee(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l,
- _c_h_a_r _*_*_n_a_m_e)
-
-DDEESSCCRRIIPPTTIIOONN
- This function takes a _p_r_i_n_c_i_p_a_l, and will convert in to a printable rep-
- resentation with the same syntax as described in krb5_parse_name(3).
- _*_n_a_m_e will point to allocated data and should be freed by the caller.
-
-SSEEEE AALLSSOO
- krb5_425_conv_principal(3), krb5_build_principal(3),
- krb5_free_principal(3), krb5_parse_name(3), krb5_sname_to_principal(3)
-
- HEIMDAL August 8, 1997 1
diff --git a/kerberosV/src/lib/krb5/krb5_verify_user.cat3 b/kerberosV/src/lib/krb5/krb5_verify_user.cat3
deleted file mode 100644
index ef1250ed613..00000000000
--- a/kerberosV/src/lib/krb5/krb5_verify_user.cat3
+++ /dev/null
@@ -1,128 +0,0 @@
-
-KRB5_VERIFY_USER(3) UNIX Programmer's Manual KRB5_VERIFY_USER(3)
-
-NNAAMMEE
- kkrrbb55__vveerriiffyy__uusseerr, kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm, kkrrbb55__vveerriiffyy__uusseerr__oopptt,
- kkrrbb55__vveerriiffyy__oopptt__iinniitt kkrrbb55__vveerriiffyy__oopptt__sseett__ffllaaggss,
- kkrrbb55__vveerriiffyy__oopptt__sseett__sseerrvviiccee, kkrrbb55__vveerriiffyy__oopptt__sseett__sseeccuurree,
- kkrrbb55__vveerriiffyy__oopptt__sseett__kkeeyyttaabb - Heimdal password verifying functions.
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vveerriiffyy__uusseerr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l,
- _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___b_o_o_l_e_a_n _s_e_c_u_r_e,
- _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l,
- _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e, _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___b_o_o_l_e_a_n _s_e_c_u_r_e,
- _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e)
-
- _v_o_i_d
- kkrrbb55__vveerriiffyy__oopptt__iinniitt(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t)
-
- _v_o_i_d
- kkrrbb55__vveerriiffyy__oopptt__sseett__ccccaacchhee(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _k_r_b_5___c_c_a_c_h_e _c_c_a_c_h_e)
-
- _v_o_i_d
- kkrrbb55__vveerriiffyy__oopptt__sseett__kkeeyyttaabb(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _k_r_b_5___k_e_y_t_a_b _k_e_y_t_a_b)
-
- _v_o_i_d
- kkrrbb55__vveerriiffyy__oopptt__sseett__sseeccuurree(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _k_r_b_5___b_o_o_l_e_a_n _s_e_c_u_r_e)
-
- _v_o_i_d
- kkrrbb55__vveerriiffyy__oopptt__sseett__sseerrvviiccee(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _c_o_n_s_t _c_h_a_r _*_s_e_r_v_i_c_e)
-
- _v_o_i_d
- kkrrbb55__vveerriiffyy__oopptt__sseett__ffllaaggss(_k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t, _u_n_s_i_g_n_e_d _i_n_t _f_l_a_g_s)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vveerriiffyy__uusseerr__oopptt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___p_r_i_n_c_i_p_a_l _p_r_i_n_c_i_p_a_l,
- _c_o_n_s_t _c_h_a_r _*_p_a_s_s_w_o_r_d, _k_r_b_5___v_e_r_i_f_y___o_p_t _*_o_p_t)
-
-DDEESSCCRRIIPPTTIIOONN
- The kkrrbb55__vveerriiffyy__uusseerr function verifies the password supplied by a user.
- The principal whose password will be verified is specified in _p_r_i_n_c_i_p_a_l.
- New tickets will be obtained as a side-effect and stored in _c_c_a_c_h_e (if
- NULL, the default ccache is used). kkrrbb55__vveerriiffyy__uusseerr() will call
- kkrrbb55__cccc__iinniittiiaalliizzee() on the given _c_c_a_c_h_e, so _c_c_a_c_h_e must only initialized
- with kkrrbb55__cccc__rreessoollvvee() or kkrrbb55__cccc__ggeenn__nneeww(). If the password is not sup-
- plied in _p_a_s_s_w_o_r_d (and is given as NULL) the user will be prompted for
- it. If _s_e_c_u_r_e the ticket will be verified against the locally stored
- service key _s_e_r_v_i_c_e (by default `host' if given as NULL ).
-
- The kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm function does the same, except that it ig-
- nores the realm in _p_r_i_n_c_i_p_a_l and tries all the local realms (see
- krb5.conf(5)). After a successful return, the principal is set to the
- authenticated realm. If the call fails, the principal will not be mean-
- ingful, and should only be freed with krb5_free_principal(3).
-
- kkrrbb55__vveerriiffyy__oopptt__iinniitt() resets all opt to default values.
-
-
- None of the krb5_verify_opt_set function makes a copy of the data struc-
- ture that they are called with. Its up the caller to free them after the
- kkrrbb55__vveerriiffyy__uusseerr__oopptt() is called.
-
- kkrrbb55__vveerriiffyy__oopptt__sseett__ccccaacchhee() sets the _c_c_a_c_h_e that user of _o_p_t will use.
- If not set, the default credential cache will be used.
-
- kkrrbb55__vveerriiffyy__oopptt__sseett__kkeeyyttaabb() sets the _k_e_y_t_a_b that user of _o_p_t will use.
- If not set, the default keytab will be used.
-
- kkrrbb55__vveerriiffyy__oopptt__sseett__sseeccuurree() if _s_e_c_u_r_e if true, the password verification
- will require that the ticket will be verified against the locally stored
- service key. If not set, default value is true.
-
- kkrrbb55__vveerriiffyy__oopptt__sseett__sseerrvviiccee() sets the _s_e_r_v_i_c_e principal that user of _o_p_t
- will use. If not set, the `host' service will be used.
-
- kkrrbb55__vveerriiffyy__oopptt__sseett__ffllaaggss() sets _f_l_a_g_s that user of _o_p_t will use. If the
- flag KRB5_VERIFY_LREALMS is used, the _p_r_i_n_c_i_p_a_l will be modified like
- kkrrbb55__vveerriiffyy__uusseerr__llrreeaallmm() modifies it.
-
- kkrrbb55__vveerriiffyy__uusseerr__oopptt() function verifies the _p_a_s_s_w_o_r_d supplied by a user.
- The principal whose password will be verified is specified in _p_r_i_n_c_i_p_a_l.
- Options the to the verification process is pass in in _o_p_t.
-
-EEXXAAMMPPLLEE
- Here is a example program that verifies a password. it uses the
- `host/`hostname`' service principal in _k_r_b_5_._k_e_y_t_a_b.
-
- #include <krb5.h>
-
- int
- main(int argc, char **argv)
- {
- char *user;
- krb5_error_code error;
- krb5_principal princ;
- krb5_context context;
-
- if (argc != 2)
- errx(1, "usage: verify_passwd <principal-name>");
-
- user = argv[1];
-
- if (krb5_init_context(&context) < 0)
- errx(1, "krb5_init_context");
-
- if ((error = krb5_parse_name(context, user, &princ)) != 0)
- krb5_err(context, 1, error, "krb5_parse_name");
-
- error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL);
- if (error)
- krb5_err(context, 1, error, "krb5_verify_user");
-
- return 0;
- }
-
-SSEEEE AALLSSOO
- krb5_err(3), krb5_cc_gen_new(3), krb5_cc_resolve(3),
- krb5_cc_initialize(3), krb5_free_principal(3), krb5_init_context(3),
- krb5_kt_default(3), krb5.conf(5)
-
- HEIMDAL March 25, 2003 2
diff --git a/kerberosV/src/lib/krb5/krb5_warn.cat3 b/kerberosV/src/lib/krb5/krb5_warn.cat3
deleted file mode 100644
index 72777bd8f92..00000000000
--- a/kerberosV/src/lib/krb5/krb5_warn.cat3
+++ /dev/null
@@ -1,66 +0,0 @@
-
-KRB5_WARN(3) UNIX Programmer's Manual KRB5_WARN(3)
-
-NNAAMMEE
- kkrrbb55__wwaarrnn, kkrrbb55__wwaarrnnxx, kkrrbb55__vvwwaarrnn, kkrrbb55__vvwwaarrnnxx, kkrrbb55__eerrrr, kkrrbb55__eerrrrxx,
- kkrrbb55__vveerrrr, kkrrbb55__vveerrrrxx, kkrrbb55__sseett__wwaarrnn__ddeesstt - Heimdal warning and error
- functions
-
-LLIIBBRRAARRYY
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-SSYYNNOOPPSSIISS
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__eerrrr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _e_v_a_l, _k_r_b_5___e_r_r_o_r___c_o_d_e _c_o_d_e,
- _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__eerrrrxx(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _e_v_a_l, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vveerrrr(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _e_v_a_l, _k_r_b_5___e_r_r_o_r___c_o_d_e _c_o_d_e,
- _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vveerrrrxx(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _i_n_t _e_v_a_l, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t,
- _v_a___l_i_s_t _a_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vvwwaarrnn(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_r_r_o_r___c_o_d_e _c_o_d_e,
- _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__vvwwaarrnnxx(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _v_a___l_i_s_t _a_p)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__wwaarrnn(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_r_r_o_r___c_o_d_e _c_o_d_e, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t,
- _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__wwaarrnnxx(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _c_o_n_s_t _c_h_a_r _*_f_o_r_m_a_t, _._._.)
-
- _k_r_b_5___e_r_r_o_r___c_o_d_e
- kkrrbb55__sseett__wwaarrnn__ddeesstt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___l_o_g___f_a_c_i_l_i_t_y _*_f_a_c_i_l_i_t_y)
-
- _c_h_a_r _*
- kkrrbb55__ggeett__eerrrr__tteexxtt(_k_r_b_5___c_o_n_t_e_x_t _c_o_n_t_e_x_t, _k_r_b_5___e_r_r_o_r___c_o_d_e _c_o_d_e)
-
-DDEESSCCRRIIPPTTIIOONN
- These functions prints a warning message to some destination. _f_o_r_m_a_t is
- a printf style format specifying the message to print. The forms not end-
- ing in an ``x'' prints the error string associated with _c_o_d_e along with
- the message. The ``err'' functions exits with exit status _e_v_a_l after
- printing the message.
-
- The kkrrbb55__sseett__wwaarrnn__ffuunncc() function sets the destination for warning mes-
- sages to the specified _f_a_c_i_l_i_t_y. Messages logged with the ``warn'' func-
- tions have a log level of 1, while the ``err'' functions logs with level
- 0.
-
- kkrrbb55__ggeett__eerrrr__tteexxtt() fetches the human readable strings describing the er-
- ror-code.
-
-SSEEEE AALLSSOO
- krb5_openlog(3)
-
- HEIMDAL August 8, 1997 1
diff --git a/kerberosV/src/lib/krb5/verify_krb5_conf.cat8 b/kerberosV/src/lib/krb5/verify_krb5_conf.cat8
deleted file mode 100644
index b9cbd32c99c..00000000000
--- a/kerberosV/src/lib/krb5/verify_krb5_conf.cat8
+++ /dev/null
@@ -1,57 +0,0 @@
-
-VERIFY_KRB5_CONF(8) UNIX System Manager's Manual VERIFY_KRB5_CONF(8)
-
-NNAAMMEE
- vveerriiffyy__kkrrbb55__ccoonnff - checks krb5.conf for obvious errors
-
-SSYYNNOOPPSSIISS
- vveerriiffyy__kkrrbb55__ccoonnff _[_c_o_n_f_i_g_-_f_i_l_e_]
-
-DDEESSCCRRIIPPTTIIOONN
- vveerriiffyy__kkrrbb55__ccoonnff reads the configuration file _k_r_b_5_._c_o_n_f, or the file giv-
- en on the command line, and parses it, thereby verifying that the syntax
- is not correctly wrong.
-
- If the file is syntactically correct, vveerriiffyy__kkrrbb55__ccoonnff tries to verify
- that the contents of the file is of relevant nature.
-
-DDIIAAGGNNOOSSTTIICCSS
- Possible output from vveerriiffyy__kkrrbb55__ccoonnff include:
-
- <path>: failed to parse <something> as size/time/number/boolean
- Usually means that <something> is misspelled, or that it contains
- weird characters. The parsing done by vveerriiffyy__kkrrbb55__ccoonnff is more
- strict than the one performed by libkrb5, and so strings that
- work in real life, might be reported as bad.
-
- <path>: host not found (<hostname>)
- Means that <path> is supposed to point to a host, but it can't be
- recognised as one.
-
- <path>: unknown or wrong type
- Means that <path> is either is a string when it should be a list,
- vice versa, or just that vveerriiffyy__kkrrbb55__ccoonnff is confused.
-
- <path>: unknown entry
- Means that <string> is not known by .
-
-EENNVVIIRROONNMMEENNTT
- KRB5_CONFIG points to the configuration file to read.
-
-FFIILLEESS
- /etc/krb5.conf Kerberos 5 configuration file
-
-SSEEEE AALLSSOO
- krb5.conf(5)
-
-BBUUGGSS
- Since each application can put almost anything in the config file, it's
- hard to come up with a water tight verification process. Most of the de-
- fault settings are sanity checked, but this does not mean that every
- problem is discovered, or that everything that is reported as a possible
- problem actually is one. This tool should thus be used with some care.
-
- It should warn about obsolete data, or bad practice, but currently
- doesn't.
-
- HEIMDAL August 30, 2001 1
diff --git a/kerberosV/src/lib/roken/getarg.cat3 b/kerberosV/src/lib/roken/getarg.cat3
deleted file mode 100644
index 84611f04401..00000000000
--- a/kerberosV/src/lib/roken/getarg.cat3
+++ /dev/null
@@ -1,230 +0,0 @@
-
-GETARG(3) UNIX Programmer's Manual GETARG(3)
-
-NNAAMMEE
- ggeettaarrgg, aarrgg__pprriinnttuussaaggee - collect command line options
-
-SSYYNNOOPPSSIISS
- _i_n_t
- ggeettaarrgg(_s_t_r_u_c_t _g_e_t_a_r_g_s _*_a_r_g_s, _s_i_z_e___t _n_u_m___a_r_g_s, _i_n_t _a_r_g_c, _c_h_a_r _*_*_a_r_g_v,
- _i_n_t _*_o_p_t_i_n_d)
-
- _v_o_i_d
- aarrgg__pprriinnttuussaaggee(_s_t_r_u_c_t _g_e_t_a_r_g_s _*_a_r_g_s, _s_i_z_e___t _n_u_m___a_r_g_s,
- _c_o_n_s_t _c_h_a_r _*_p_r_o_g_n_a_m_e, _c_o_n_s_t _c_h_a_r _*_e_x_t_r_a___s_t_r_i_n_g)
-
-DDEESSCCRRIIPPTTIIOONN
- ggeettaarrgg() collects any command line options given to a program in an easi-
- ly used way. aarrgg__pprriinnttuussaaggee() pretty-prints the available options, with
- a short help text.
-
- _a_r_g_s is the option specification to use, and it's an array of _s_t_r_u_c_t
- _g_e_t_a_r_g_s elements. _n_u_m___a_r_g_s is the size of _a_r_g_s (in elements). _a_r_g_c and
- _a_r_g_v are the argument count and argument vector to extract option from.
- _o_p_t_i_n_d is a pointer to an integer where the index to the last processed
- argument is stored, it must be initialised to the first index (minus one)
- to process (normally 0) before the first call.
-
- _a_r_g___p_r_i_n_t_u_s_a_g_e take the same _a_r_g_s and _n_u_m___a_r_g_s as getarg; _p_r_o_g_n_a_m_e is the
- name of the program (to be used in the help text), and _e_x_t_r_a___s_t_r_i_n_g is a
- string to print after the actual options to indicate more arguments. The
- usefulness of this function is realised only be people who has used pro-
- grams that has help strings that doesn't match what the code does.
-
- The _g_e_t_a_r_g_s struct has the following elements.
-
- struct getargs{
- const char *long_name;
- char short_name;
- enum { arg_integer,
- arg_string,
- arg_flag,
- arg_negative_flag,
- arg_strings,
- arg_double,
- arg_collect
- } type;
- void *value;
- const char *help;
- const char *arg_help;
- };
-
- _l_o_n_g___n_a_m_e is the long name of the option, it can be NULL, if you don't
- want a long name. _s_h_o_r_t___n_a_m_e is the characted to use as short option, it
- can be zero. If the option has a value the _v_a_l_u_e field gets filled in
- with that value interpreted as specified by the _t_y_p_e field. _h_e_l_p is a
- longer help string for the option as a whole, if it's NULL the help text
- for the option is omitted (but it's still displayed in the synopsis).
- _a_r_g___h_e_l_p is a description of the argument, if NULL a default value will
- be used, depending on the type of the option:
-
- arg_integer the argument is a signed integer, and _v_a_l_u_e should
- point to an _i_n_t.
-
- _a_r_g___s_t_r_i_n_g the argument is a string, and _v_a_l_u_e should point to a
-
- _c_h_a_r_*.
-
- _a_r_g___f_l_a_g the argument is a flag, and _v_a_l_u_e should point to a
- _i_n_t. It gets filled in with either zero or one, de-
- pending on how the option is given, the normal case
- being one. Note that if the option isn't given, the
- value isn't altered, so it should be initialised to
- some useful default.
-
- _a_r_g___n_e_g_a_t_i_v_e___f_l_a_g this is the same as _a_r_g___f_l_a_g but it reverses the mean-
- ing of the flag (a given short option clears the
- flag), and the synopsis of a long option is negated.
-
- _a_r_g___s_t_r_i_n_g_s the argument can be given multiple times, and the val-
- ues are collected in an array; _v_a_l_u_e should be a
- pointer to a _s_t_r_u_c_t _g_e_t_a_r_g___s_t_r_i_n_g_s structure, which
- holds a length and a string pointer.
-
- _a_r_g___d_o_u_b_l_e argument is a double precision floating point value,
- and _v_a_l_u_e should point to a _d_o_u_b_l_e.
-
- _a_r_g___c_o_l_l_e_c_t allows more fine-grained control of the option parsing
- process. _v_a_l_u_e should be a pointer to a
- _g_e_t_a_r_g___c_o_l_l_e_c_t___i_n_f_o structure:
-
- typedef int (*getarg_collect_func)(int short_opt,
- int argc,
- char **argv,
- int *optind,
- int *optarg,
- void *data);
-
- typedef struct getarg_collect_info {
- getarg_collect_func func;
- void *data;
- } getarg_collect_info;
-
- With the _f_u_n_c member set to a function to call, and
- _d_a_t_a to some application specific data. The parameters
- to the collect function are:
-
- _s_h_o_r_t___f_l_a_g non-zero if this call is via a short option
- flag, zero otherwise
-
- _a_r_g_c, _a_r_g_v the whole argument list
-
- _o_p_t_i_n_d pointer to the index in argv where the flag is
-
- _o_p_t_a_r_g pointer to the index in argv[*optind] where the
- flag name starts
-
- _d_a_t_a application specific data
-
- You can modify _*_o_p_t_i_n_d, and _*_o_p_t_a_r_g, but to do this
- correct you (more or less) have to know about the in-
- ner workings of getarg.
-
- You can skip parts of arguments by increasing _*_o_p_t_a_r_g
- (you could implement the --zz_3 set of flags from ggzziipp
- with this), or whole argument strings by increasing
- _*_o_p_t_i_n_d (let's say you want a flag --cc _x _y _z to specify
- a coordinate); if you also have to set _*_o_p_t_a_r_g to a
- sane value.
-
- The collect function should return one of
- ARG_ERR_NO_MATCH, ARG_ERR_BAD_ARG, ARG_ERR_NO_ARG on
- error, zero otherwise.
-
- For your convenience there is a function,
- ggeettaarrgg__ooppttaarrgg(), that returns the traditional argument
- string, and you pass it all arguments, sans data, that
- where given to the collection function.
-
- Don't use this more this unless you absolutely have
- to.
-
- Option parsing is similar to what getopt uses. Short options without ar-
- guments can be compressed (--xxyyzz is the same as --xx --yy --zz), and short op-
- tions with arguments take these as either the rest of the argv-string or
- as the next option (--oo_f_o_o, or --oo _f_o_o).
-
- Long option names are prefixed with -- (double dash), and the value with
- a = (equal), ----ffoooo==_b_a_r. Long option flags can either be specified as they
- are (----hheellpp), or with an (boolean parsable) option (----hheellpp==_y_e_s,
- ----hheellpp==_t_r_u_e, or similar), or they can also be negated (----nnoo--hheellpp is the
- same as ----hheellpp==no), and if you're really confused you can do it multiple
- times (----nnoo--nnoo--hheellpp==_f_a_l_s_e, or even ----nnoo--nnoo--hheellpp==_m_a_y_b_e).
-
-EEXXAAMMPPLLEE
- #include <stdio.h>
- #include <string.h>
- #include <getarg.h>
-
- char *source = "Ouagadougou";
- char *destination;
- int weight;
- int include_catalog = 1;
- int help_flag;
-
- struct getargs args[] = {
- { "source", 's', arg_string, &source,
- "source of shippment", "city" },
- { "destination", 'd', arg_string, &destination,
- "destination of shippment", "city" },
- { "weight", 'w', arg_integer, &weight,
- "weight of shippment", "tons" },
- { "catalog", 'c', arg_negative_flag, &include_catalog,
- "include product catalog" },
- { "help", 'h', arg_flag, &help_flag }
- };
-
- int num_args = sizeof(args) / sizeof(args[0]); /* number of elements in args */
-
- const char *progname = "ship++";
-
- int
- main(int argc, char **argv)
- {
- int optind = 0;
- if (getarg(args, num_args, argc, argv, &optind)) {
- arg_printusage(args, num_args, progname, "stuff...");
- exit (1);
- }
- if (help_flag) {
- arg_printusage(args, num_args, progname, "stuff...");
- exit (0);
- }
- if (destination == NULL) {
- fprintf(stderr, "%s: must specify destination\n", progname);
- exit(1);
- }
- if (strcmp(source, destination) == 0) {
- fprintf(stderr, "%s: destination must be different from source\n");
- exit(1);
- }
- /* include more stuff here ... */
- exit(2);
- }
-
- The output help output from this program looks like this:
-
- $ ship++ --help
- Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city]
- [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff...
- -s city, --source=city source of shippment
- -d city, --destination=city destination of shippment
- -w tons, --weight=tons weight of shippment
- -c, --no-catalog include product catalog
-
-BBUUGGSS
- It should be more flexible, so it would be possible to use other more
- complicated option syntaxes, such as what ps(1), and tar(1), uses, or
- the AFS model where you can skip the flag names as long as the options
- come in the correct order.
-
- Options with multiple arguments should be handled better.
-
- Should be integreated with SL.
-
- It's very confusing that the struct you pass in is called getargS.
-
-SSEEEE AALLSSOO
- getopt(3)
-
- ROKEN September 24, 1999 4
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.