[Midnightbsd-cvs] src [7184] trunk/crypto/heimdal: remove files not used.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Mon Jul 27 21:26:29 EDT 2015
Revision: 7184
http://svnweb.midnightbsd.org/src/?rev=7184
Author: laffer1
Date: 2015-07-27 21:26:28 -0400 (Mon, 27 Jul 2015)
Log Message:
-----------
remove files not used.
Removed Paths:
-------------
trunk/crypto/heimdal/appl/afsutil/NTMakefile
trunk/crypto/heimdal/appl/afsutil/afslog.cat1
trunk/crypto/heimdal/appl/afsutil/pagsh.cat1
trunk/crypto/heimdal/appl/ftp/NTMakefile
trunk/crypto/heimdal/appl/ftp/common/NTMakefile
trunk/crypto/heimdal/appl/ftp/ftp/NTMakefile
trunk/crypto/heimdal/appl/ftp/ftp/ftp.cat1
trunk/crypto/heimdal/appl/ftp/ftp/krb4.c
trunk/crypto/heimdal/appl/ftp/ftpd/NTMakefile
trunk/crypto/heimdal/appl/ftp/ftpd/ftpd.cat8
trunk/crypto/heimdal/appl/ftp/ftpd/ftpusers.cat5
trunk/crypto/heimdal/appl/ftp/ftpd/krb4.c
trunk/crypto/heimdal/appl/gssmask/NTMakefile
trunk/crypto/heimdal/appl/kf/NTMakefile
trunk/crypto/heimdal/appl/kf/kf.cat1
trunk/crypto/heimdal/appl/kf/kfd.cat8
trunk/crypto/heimdal/appl/kx/
trunk/crypto/heimdal/appl/login/NTMakefile
trunk/crypto/heimdal/appl/login/login.access.cat5
trunk/crypto/heimdal/appl/login/login.cat1
trunk/crypto/heimdal/appl/login/login_protos.h
trunk/crypto/heimdal/appl/push/NTMakefile
trunk/crypto/heimdal/appl/push/pfrom.cat1
trunk/crypto/heimdal/appl/push/push.cat8
trunk/crypto/heimdal/appl/rcp/NTMakefile
trunk/crypto/heimdal/appl/rcp/rcp.cat1
trunk/crypto/heimdal/appl/rsh/NTMakefile
trunk/crypto/heimdal/appl/rsh/rsh.cat1
trunk/crypto/heimdal/appl/rsh/rshd.cat8
trunk/crypto/heimdal/appl/su/NTMakefile
trunk/crypto/heimdal/appl/su/su.cat1
trunk/crypto/heimdal/appl/telnet/NTMakefile
trunk/crypto/heimdal/appl/telnet/libtelnet/NTMakefile
trunk/crypto/heimdal/appl/telnet/libtelnet/kerberos.c
trunk/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c
trunk/crypto/heimdal/appl/telnet/telnet/NTMakefile
trunk/crypto/heimdal/appl/telnet/telnet/telnet.cat1
trunk/crypto/heimdal/appl/telnet/telnetd/NTMakefile
trunk/crypto/heimdal/appl/telnet/telnetd/telnetd.cat8
trunk/crypto/heimdal/appl/test/NTMakefile
trunk/crypto/heimdal/doc/NTMakefile
trunk/crypto/heimdal/doc/footer.html
trunk/crypto/heimdal/doc/hdb.din
trunk/crypto/heimdal/doc/heimdal.info
trunk/crypto/heimdal/doc/hx509.info
trunk/crypto/heimdal/etc/NTMakefile
trunk/crypto/heimdal/lib/com_err/NTMakefile
trunk/crypto/heimdal/lib/com_err/compile_et-version.rc
trunk/crypto/heimdal/lib/com_err/libcom_err-exports.def
trunk/crypto/heimdal/lib/com_err/libcom_err-version.rc
trunk/crypto/heimdal/lib/kadm5/NTMakefile
trunk/crypto/heimdal/lib/kadm5/iprop-log-version.rc
trunk/crypto/heimdal/lib/kadm5/iprop-log.cat8
trunk/crypto/heimdal/lib/kadm5/iprop.cat8
trunk/crypto/heimdal/lib/kadm5/ipropd-master-version.rc
trunk/crypto/heimdal/lib/kadm5/ipropd-slave-version.rc
trunk/crypto/heimdal/lib/kadm5/kadm5_pwcheck.cat3
trunk/crypto/heimdal/lib/kadm5/libkadm5srv-exports.def
trunk/crypto/heimdal/lib/kadm5/libkadm5srv-version.rc
trunk/crypto/heimdal/lib/krb5/NTMakefile
trunk/crypto/heimdal/lib/krb5/config_file_netinfo.c
trunk/crypto/heimdal/lib/krb5/get_in_tkt_pw.c
trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c
trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c
trunk/crypto/heimdal/lib/krb5/heim_threads.h
trunk/crypto/heimdal/lib/krb5/kerberos.cat8
trunk/crypto/heimdal/lib/krb5/keytab_krb4.c
trunk/crypto/heimdal/lib/krb5/krb5.conf.cat5
trunk/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.cat3
trunk/crypto/heimdal/lib/krb5/krb5_425_conv_principal.cat3
trunk/crypto/heimdal/lib/krb5/krb5_acl_match_file.cat3
trunk/crypto/heimdal/lib/krb5/krb5_aname_to_localname.cat3
trunk/crypto/heimdal/lib/krb5/krb5_appdefault.cat3
trunk/crypto/heimdal/lib/krb5/krb5_auth_context.cat3
trunk/crypto/heimdal/lib/krb5/krb5_c_make_checksum.cat3
trunk/crypto/heimdal/lib/krb5/krb5_check_transited.cat3
trunk/crypto/heimdal/lib/krb5/krb5_create_checksum.cat3
trunk/crypto/heimdal/lib/krb5/krb5_creds.cat3
trunk/crypto/heimdal/lib/krb5/krb5_digest.cat3
trunk/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.cat3
trunk/crypto/heimdal/lib/krb5/krb5_encrypt.cat3
trunk/crypto/heimdal/lib/krb5/krb5_find_padata.cat3
trunk/crypto/heimdal/lib/krb5/krb5_generate_random_block.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_credentials.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_creds.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_in_cred.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_init_creds.cat3
trunk/crypto/heimdal/lib/krb5/krb5_get_krbhst.cat3
trunk/crypto/heimdal/lib/krb5/krb5_getportbyname.cat3
trunk/crypto/heimdal/lib/krb5/krb5_init_context.cat3
trunk/crypto/heimdal/lib/krb5/krb5_is_thread_safe.cat3
trunk/crypto/heimdal/lib/krb5/krb5_krbhst_init.cat3
trunk/crypto/heimdal/lib/krb5/krb5_mk_req.cat3
trunk/crypto/heimdal/lib/krb5/krb5_mk_safe.cat3
trunk/crypto/heimdal/lib/krb5/krb5_openlog.cat3
trunk/crypto/heimdal/lib/krb5/krb5_parse_name.cat3
trunk/crypto/heimdal/lib/krb5/krb5_principal.cat3
trunk/crypto/heimdal/lib/krb5/krb5_rcache.cat3
trunk/crypto/heimdal/lib/krb5/krb5_rd_error.cat3
trunk/crypto/heimdal/lib/krb5/krb5_rd_safe.cat3
trunk/crypto/heimdal/lib/krb5/krb5_set_default_realm.cat3
trunk/crypto/heimdal/lib/krb5/krb5_set_password.cat3
trunk/crypto/heimdal/lib/krb5/krb5_string_to_key.cat3
trunk/crypto/heimdal/lib/krb5/krb5_timeofday.cat3
trunk/crypto/heimdal/lib/krb5/krb5_verify_init_creds.cat3
trunk/crypto/heimdal/lib/krb5/krb5_verify_user.cat3
trunk/crypto/heimdal/lib/krb5/name-45-test.c
trunk/crypto/heimdal/lib/krb5/test_ap-req.c
trunk/crypto/heimdal/lib/krb5/test_config_strings.cfg
trunk/crypto/heimdal/lib/krb5/test_fx.c
trunk/crypto/heimdal/lib/krb5/test_gic.c
trunk/crypto/heimdal/lib/krb5/test_pknistkdf.c
trunk/crypto/heimdal/lib/krb5/test_rfc3961.c
trunk/crypto/heimdal/lib/krb5/test_x500.c
trunk/crypto/heimdal/lib/krb5/v4_glue.c
trunk/crypto/heimdal/lib/krb5/verify_krb5_conf-version.rc
trunk/crypto/heimdal/lib/krb5/verify_krb5_conf.cat8
Deleted: trunk/crypto/heimdal/appl/afsutil/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/afsutil/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/afsutil/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\afsutil
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/afsutil/afslog.cat1
===================================================================
--- trunk/crypto/heimdal/appl/afsutil/afslog.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/afsutil/afslog.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,69 +0,0 @@
-
-AFSLOG(1) BSD General Commands Manual AFSLOG(1)
-
-N�NA�AM�ME�E
- a�af�fs�sl�lo�og�g -- obtain AFS tokens
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- a�af�fs�sl�lo�og�g [-�-h�h | -�--�-h�he�el�lp�p] [-�--�-n�no�o-�-v�v4�4] [-�--�-n�no�o-�-v�v5�5] [-�-u�u | -�--�-u�un�nl�lo�og�g] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e]
- [-�--�-v�ve�er�rs�si�io�on�n] [-�-c�c _�c_�e_�l_�l | -�--�-c�ce�el�ll�l=�=_�c_�e_�l_�l] [-�-k�k _�r_�e_�a_�l_�m | -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�-P�P
- _�p_�r_�i_�n_�c_�i_�p_�a_�l | -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-p�p _�p_�a_�t_�h | -�--�-f�fi�il�le�e=�=_�p_�a_�t_�h]
- [_�c_�e_�l_�l | _�p_�a_�t_�h _�._�._�.]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- a�af�fs�sl�lo�og�g obtains AFS tokens for a number of cells. What cells to get tokens
- for can either be specified as an explicit list, as file paths to get
- tokens for, or be left unspecified, in which case a�af�fs�sl�lo�og�g will use what-
- ever magic krb_afslog(3) decides upon.
-
- Supported options:
-
- -�--�-n�no�o-�-v�v4�4
- This makes a�af�fs�sl�lo�og�g not try using Kerberos 4.
-
- -�--�-n�no�o-�-v�v5�5
- This makes a�af�fs�sl�lo�og�g not try using Kerberos 5.
-
- -�-P�P _�p_�r_�i_�n_�c_�i_�p_�a_�l, -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l _�p_�r_�i_�n_�c_�i_�p_�a_�l
- select what Kerberos 5 principal to use.
-
- -�--�-c�ca�ac�ch�he�e _�c_�a_�c_�h_�e
- select what Kerberos 5 credential cache to use. -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l
- overrides this option.
-
- -�-u�u, -�--�-u�un�nl�lo�og�g
- Destroy tokens instead of obtaining new. If this is specified,
- all other options are ignored (except for -�--�-h�he�el�lp�p and -�--�-v�ve�er�rs�si�io�on�n).
-
- -�-v�v, -�--�-v�ve�er�rb�bo�os�se�e
- Adds more verbosity for what is actually going on.
-
- -�-c�c _�c_�e_�l_�l_�, -�--�-c�ce�el�ll�l=�=_�c_�e_�l_�l
- This specified one or more cell names to get tokens for.
-
- -�-k�k _�r_�e_�a_�l_�m, -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
- This is the Kerberos realm the AFS servers live in, this should
- normally not be specified.
-
- -�-p�p _�p_�a_�t_�h, -�--�-f�fi�il�le�e=�=_�p_�a_�t_�h
- This specified one or more file paths for which tokens should be
- obtained.
-
- Instead of using -�-c�c and -�-p�p, you may also pass a list of cells and file
- paths after any other options. These arguments are considered files if
- they are either the strings ``.'' or ``..'' or they contain a slash, or
- if there exists a file by that name.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Assuming that there is no file called ``openafs.org'' in the current
- directory, and that _�/_�a_�f_�s_�/_�o_�p_�e_�n_�a_�f_�s_�._�o_�r_�g points to that cell, the follwing
- should be identical:
-
- $ afslog -c openafs.org
- $ afslog openafs.org
- $ afslog /afs/openafs.org/some/file
-
-S�SE�EE�E A�AL�LS�SO�O
- krb_afslog(3)
-
-HEIMDAL November 26, 2002 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/afsutil/pagsh.cat1
===================================================================
--- trunk/crypto/heimdal/appl/afsutil/pagsh.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/afsutil/pagsh.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,47 +0,0 @@
-
-PAGSH(1) BSD General Commands Manual PAGSH(1)
-
-N�NA�AM�ME�E
- p�pa�ag�gs�sh�h -- creates a new credential cache sandbox
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- p�pa�ag�gs�sh�h [-�-c�c _�c_�o_�m_�m_�a_�n_�d_�-_�s_�t_�r_�i_�n_�g] [-�-h�h | -�--�-h�he�el�lp�p] [-�--�-v�ve�er�rs�si�io�on�n] [-�--�-c�ca�ac�ch�he�e-�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g]
- _�c_�o_�m_�m_�a_�n_�d _�[_�a_�r_�g_�s_�._�._�._�]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Supported options:
-
- -�-c�c _�c_�o_�m_�m_�a_�n_�d_�-_�s_�t_�r_�i_�n_�g Executes command(s) contained in _�c_�o_�m_�m_�a_�n_�d_�-_�s_�t_�r_�i_�n_�g.
-
- -�--�-c�ca�ac�ch�he�e-�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
-
- -�-h�h, -�--�-h�he�el�lp�p
-
- -�--�-v�ve�er�rs�si�io�on�n
-
- p�pa�ag�gs�sh�h creates a new credential cache sandbox for the user to live in. If
- AFS is installed on the computer, the user is put in a newly created
- Process Authentication Group (PAG).
-
- For Kerberos 5, the credential cache type that is used is the same as the
- credential cache type that was used at the time of p�pa�ag�gs�sh�h invocation. The
- credential cache type can be controlled by the option -�--�-c�ca�ac�ch�he�e-�-t�ty�yp�pe�e.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Create a new sandbox where new credentials can be used, while the old
- credentials can be used by other processes.
-
- $ klist
- Credentials cache: FILE:/tmp/krb5cc_913
- Principal: lha at E.KTH.SE
-
- Issued Expires Principal
- Feb 12 10:08:31 Feb 12 20:06:36 krbtgt/E.KTH.SE at E.KTH.SE
- $ pagsh
- $ klist
- klist: No ticket file: /tmp/krb5cc_03014a
-
-S�SE�EE�E A�AL�LS�SO�O
- afslog(1), kinit(1)
-
-Heimdal February 12, 2005 Heimdal
Deleted: trunk/crypto/heimdal/appl/ftp/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/ftp/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\ftp
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/ftp/common/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/ftp/common/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/common/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\ftp\common
-
-!include ../../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/ftp/ftp/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftp/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftp/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\ftp\ftp
-
-!include ../../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/ftp/ftp/ftp.cat1
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftp/ftp.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftp/ftp.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,658 +0,0 @@
-
-FTP(1) BSD General Commands Manual FTP(1)
-
-N�NA�AM�ME�E
- f�ft�tp�p -- ARPANET file transfer program
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- f�ft�tp�p [-�-K�K] [-�-d�d] [-�-g�g] [-�-i�i] [-�-l�l] [-�-n�n] [-�-p�p] [-�-t�t] [-�-v�v] [-�-x�x] [-�--�-n�no�o-�-g�gs�ss�s-�-b�bi�in�nd�di�in�ng�gs�s]
- [-�--�-n�no�o-�-g�gs�ss�s-�-d�de�el�le�eg�ga�at�te�e] [_�h_�o_�s_�t]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- f�ft�tp�p is the user interface to the ARPANET standard File Transfer Protocol.
- The program allows a user to transfer files to and from a remote network
- site.
-
- Modifications have been made so that it almost follows the FTP Security
- Extensions, RFC 2228.
-
- Options may be specified at the command line, or to the command inter-
- preter.
-
- -�-K�K Disable Kerberos authentication.
-
- -�-t�t Enables packet tracing.
-
- -�-v�v Verbose option forces f�ft�tp�p to show all responses from the remote
- server, as well as report on data transfer statistics.
-
- -�-n�n Restrains f�ft�tp�p from attempting ``auto-login'' upon initial connec-
- tion. If auto-login is enabled, f�ft�tp�p will check the _�._�n_�e_�t_�r_�c (see
- below) file in the user's home directory for an entry describing an
- account on the remote machine. If no entry exists, f�ft�tp�p will prompt
- for the remote machine login name (default is the user identity on
- the local machine), and, if necessary, prompt for a password and an
- account with which to login.
-
- -�-i�i Turns off interactive prompting during multiple file transfers.
-
- -�-p�p Turn on passive mode.
-
- -�-d�d Enables debugging.
-
- -�-g�g Disables file name globbing.
- .It Fl Fl no-gss-bindings Don't use GSS-API bindings when talking
- to peer. IP addresses will not be checked to ensure they match.
-
- -�--�-n�no�o-�-g�gs�ss�s-�-d�de�el�le�eg�ga�at�te�e
- Disable delegation of GSSAPI credentials.
-
- -�-l�l Disables command line editing.
-
- -�-x�x Encrypt command and data channel.
-
- The client host with which f�ft�tp�p is to communicate may be specified on the
- command line. If this is done, f�ft�tp�p will immediately attempt to establish
- a connection to an FTP server on that host; otherwise, f�ft�tp�p will enter its
- command interpreter and await instructions from the user. When f�ft�tp�p is
- awaiting commands from the user the prompt `ftp>' is provided to the
- user. The following commands are recognized by f�ft�tp�p:
-
- !�! [_�c_�o_�m_�m_�a_�n_�d [_�a_�r_�g_�s]]
- Invoke an interactive shell on the local machine. If there
- are arguments, the first is taken to be a command to execute
- directly, with the rest of the arguments as its arguments.
-
- $�$ _�m_�a_�c_�r_�o_�-_�n_�a_�m_�e [_�a_�r_�g_�s]
- Execute the macro _�m_�a_�c_�r_�o_�-_�n_�a_�m_�e that was defined with the m�ma�ac�cd�de�ef�f
- command. Arguments are passed to the macro unglobbed.
-
- a�ac�cc�co�ou�un�nt�t [_�p_�a_�s_�s_�w_�d]
- Supply a supplemental password required by a remote system
- for access to resources once a login has been successfully
- completed. If no argument is included, the user will be
- prompted for an account password in a non-echoing input mode.
-
- a�ap�pp�pe�en�nd�d _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e [_�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e]
- Append a local file to a file on the remote machine. If
- _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e is left unspecified, the local file name is used
- in naming the remote file after being altered by any n�nt�tr�ra�an�ns�s
- or n�nm�ma�ap�p setting. File transfer uses the current settings for
- t�ty�yp�pe�e, f�fo�or�rm�ma�at�t, m�mo�od�de�e, and s�st�tr�ru�uc�ct�tu�ur�re�e.
-
- a�as�sc�ci�ii�i Set the file transfer t�ty�yp�pe�e to network ASCII. This is the
- default type.
-
- b�be�el�ll�l Arrange that a bell be sounded after each file transfer com-
- mand is completed.
-
- b�bi�in�na�ar�ry�y Set the file transfer t�ty�yp�pe�e to support binary image transfer.
-
- b�by�ye�e Terminate the FTP session with the remote server and exit
- f�ft�tp�p. An end of file will also terminate the session and
- exit.
-
- c�ca�as�se�e Toggle remote computer file name case mapping during m�mg�ge�et�t
- commands. When c�ca�as�se�e is on (default is off), remote computer
- file names with all letters in upper case are written in the
- local directory with the letters mapped to lower case.
-
- c�cd�d _�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y
- Change the working directory on the remote machine to
- _�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y.
-
- c�cd�du�up�p Change the remote machine working directory to the parent of
- the current remote machine working directory.
-
- c�ch�hm�mo�od�d _�m_�o_�d_�e _�f_�i_�l_�e_�-_�n_�a_�m_�e
- Change the permission modes of the file _�f_�i_�l_�e_�-_�n_�a_�m_�e on the
- remote sytem to _�m_�o_�d_�e.
-
- c�cl�lo�os�se�e Terminate the FTP session with the remote server, and return
- to the command interpreter. Any defined macros are erased.
-
- c�cr�r Toggle carriage return stripping during ascii type file
- retrieval. Records are denoted by a carriage return/linefeed
- sequence during ascii type file transfer. When c�cr�r is on (the
- default), carriage returns are stripped from this sequence to
- conform with the UNIX single linefeed record delimiter.
- Records on non-UNIX remote systems may contain single line-
- feeds; when an ascii type transfer is made, these linefeeds
- may be distinguished from a record delimiter only when c�cr�r is
- off.
-
- d�de�el�le�et�te�e _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e
- Delete the file _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e on the remote machine.
-
- d�de�eb�bu�ug�g [_�d_�e_�b_�u_�g_�-_�v_�a_�l_�u_�e]
- Toggle debugging mode. If an optional _�d_�e_�b_�u_�g_�-_�v_�a_�l_�u_�e is speci-
- fied it is used to set the debugging level. When debugging
- is on, f�ft�tp�p prints each command sent to the remote machine,
- preceded by the string `-->'
-
- d�di�ir�r [_�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y] [_�l_�o_�c_�a_�l_�-_�f_�i_�l_�e]
- Print a listing of the directory contents in the directory,
- _�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y, and, optionally, placing the output in
- _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e. If interactive prompting is on, f�ft�tp�p will prompt
- the user to verify that the last argument is indeed the tar-
- get local file for receiving d�di�ir�r output. If no directory is
- specified, the current working directory on the remote
- machine is used. If no local file is specified, or
- _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e is -�-, output comes to the terminal.
-
- d�di�is�sc�co�on�nn�ne�ec�ct�t A synonym for _�c_�l_�o_�s_�e.
-
- f�fo�or�rm�m _�f_�o_�r_�m_�a_�t
- Set the file transfer f�fo�or�rm�m to _�f_�o_�r_�m_�a_�t. The default format is
- ``file''.
-
- g�ge�et�t _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e [_�l_�o_�c_�a_�l_�-_�f_�i_�l_�e]
- Retrieve the _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e and store it on the local machine.
- If the local file name is not specified, it is given the same
- name it has on the remote machine, subject to alteration by
- the current c�ca�as�se�e, n�nt�tr�ra�an�ns�s, and n�nm�ma�ap�p settings. The current
- settings for t�ty�yp�pe�e, f�fo�or�rm�m, m�mo�od�de�e, and s�st�tr�ru�uc�ct�tu�ur�re�e are used while
- transferring the file.
-
- g�gl�lo�ob�b Toggle filename expansion for m�md�de�el�le�et�te�e, m�mg�ge�et�t and m�mp�pu�ut�t. If
- globbing is turned off with g�gl�lo�ob�b, the file name arguments are
- taken literally and not expanded. Globbing for m�mp�pu�ut�t is done
- as in csh(1). For m�md�de�el�le�et�te�e and m�mg�ge�et�t, each remote file name is
- expanded separately on the remote machine and the lists are
- not merged. Expansion of a directory name is likely to be
- different from expansion of the name of an ordinary file: the
- exact result depends on the foreign operating system and ftp
- server, and can be previewed by doing `mls remote-files -'.
- As a security measure, remotely globbed files that starts
- with `/' or contains `../', will not be automatically
- received. If you have interactive prompting turned off, these
- filenames will be ignored. Note: m�mg�ge�et�t and m�mp�pu�ut�t are not meant
- to transfer entire directory subtrees of files. That can be
- done by transferring a tar(1) archive of the subtree (in
- binary mode).
-
- h�ha�as�sh�h Toggle hash-sign (``#'') printing for each data block trans-
- ferred. The size of a data block is 1024 bytes.
-
- h�he�el�lp�p [_�c_�o_�m_�m_�a_�n_�d]
- Print an informative message about the meaning of _�c_�o_�m_�m_�a_�n_�d.
- If no argument is given, f�ft�tp�p prints a list of the known com-
- mands.
-
- i�id�dl�le�e [_�s_�e_�c_�o_�n_�d_�s]
- Set the inactivity timer on the remote server to _�s_�e_�c_�o_�n_�d_�s sec-
- onds. If _�s_�e_�c_�o_�n_�d_�s is omitted, the current inactivity timer is
- printed.
-
- l�lc�cd�d [_�d_�i_�r_�e_�c_�t_�o_�r_�y]
- Change the working directory on the local machine. If no
- _�d_�i_�r_�e_�c_�t_�o_�r_�y is specified, the user's home directory is used.
-
- l�ls�s [_�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y] [_�l_�o_�c_�a_�l_�-_�f_�i_�l_�e]
- Print a listing of the contents of a directory on the remote
- machine. The listing includes any system-dependent informa-
- tion that the server chooses to include; for example, most
- UNIX systems will produce output from the command `ls -l'.
- (See also n�nl�li�is�st�t.) If _�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y is left unspecified,
- the current working directory is used. If interactive
- prompting is on, f�ft�tp�p will prompt the user to verify that the
- last argument is indeed the target local file for receiving
- l�ls�s output. If no local file is specified, or if _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e
- is `-�-', the output is sent to the terminal.
-
- m�ma�ac�cd�de�ef�f _�m_�a_�c_�r_�o_�-_�n_�a_�m_�e
- Define a macro. Subsequent lines are stored as the macro
- _�m_�a_�c_�r_�o_�-_�n_�a_�m_�e; a null line (consecutive newline characters in a
- file or carriage returns from the terminal) terminates macro
- input mode. There is a limit of 16 macros and 4096 total
- characters in all defined macros. Macros remain defined
- until a c�cl�lo�os�se�e command is executed. The macro processor
- interprets `$' and `\' as special characters. A `$' followed
- by a number (or numbers) is replaced by the corresponding
- argument on the macro invocation command line. A `$' fol-
- lowed by an `i' signals that macro processor that the execut-
- ing macro is to be looped. On the first pass `$i' is
- replaced by the first argument on the macro invocation com-
- mand line, on the second pass it is replaced by the second
- argument, and so on. A `\' followed by any character is
- replaced by that character. Use the `\' to prevent special
- treatment of the `$'.
-
- m�md�de�el�le�et�te�e [_�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e_�s]
- Delete the _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e_�s on the remote machine.
-
- m�md�di�ir�r _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e_�s _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e
- Like d�di�ir�r, except multiple remote files may be specified. If
- interactive prompting is on, f�ft�tp�p will prompt the user to ver-
- ify that the last argument is indeed the target local file
- for receiving m�md�di�ir�r output.
-
- m�mg�ge�et�t _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e_�s
- Expand the _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e_�s on the remote machine and do a g�ge�et�t
- for each file name thus produced. See g�gl�lo�ob�b for details on
- the filename expansion. Resulting file names will then be
- processed according to c�ca�as�se�e, n�nt�tr�ra�an�ns�s, and n�nm�ma�ap�p settings.
- Files are transferred into the local working directory, which
- can be changed with `lcd directory'; new local directories
- can be created with `! mkdir directory'.
-
- m�mk�kd�di�ir�r _�d_�i_�r_�e_�c_�t_�o_�r_�y_�-_�n_�a_�m_�e
- Make a directory on the remote machine.
-
- m�ml�ls�s _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e_�s _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e
- Like n�nl�li�is�st�t, except multiple remote files may be specified,
- and the _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e must be specified. If interactive prompt-
- ing is on, f�ft�tp�p will prompt the user to verify that the last
- argument is indeed the target local file for receiving m�ml�ls�s
- output.
-
- m�mo�od�de�e [_�m_�o_�d_�e_�-_�n_�a_�m_�e]
- Set the file transfer m�mo�od�de�e to _�m_�o_�d_�e_�-_�n_�a_�m_�e. The default mode is
- ``stream'' mode.
-
- m�mo�od�dt�ti�im�me�e _�f_�i_�l_�e_�-_�n_�a_�m_�e
- Show the last modification time of the file on the remote
- machine.
-
- m�mp�pu�ut�t _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e_�s
- Expand wild cards in the list of local files given as argu-
- ments and do a p�pu�ut�t for each file in the resulting list. See
- g�gl�lo�ob�b for details of filename expansion. Resulting file names
- will then be processed according to n�nt�tr�ra�an�ns�s and n�nm�ma�ap�p settings.
-
- n�ne�ew�we�er�r _�f_�i_�l_�e_�-_�n_�a_�m_�e
- Get the file only if the modification time of the remote file
- is more recent that the file on the current system. If the
- file does not exist on the current system, the remote file is
- considered n�ne�ew�we�er�r. Otherwise, this command is identical to
- _�g_�e_�t.
-
- n�nl�li�is�st�t [_�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y] [_�l_�o_�c_�a_�l_�-_�f_�i_�l_�e]
- Print a list of the files in a directory on the remote
- machine. If _�r_�e_�m_�o_�t_�e_�-_�d_�i_�r_�e_�c_�t_�o_�r_�y is left unspecified, the cur-
- rent working directory is used. If interactive prompting is
- on, f�ft�tp�p will prompt the user to verify that the last argument
- is indeed the target local file for receiving n�nl�li�is�st�t output.
- If no local file is specified, or if _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e is -�-, the
- output is sent to the terminal.
-
- n�nm�ma�ap�p [_�i_�n_�p_�a_�t_�t_�e_�r_�n _�o_�u_�t_�p_�a_�t_�t_�e_�r_�n]
- Set or unset the filename mapping mechanism. If no arguments
- are specified, the filename mapping mechanism is unset. If
- arguments are specified, remote filenames are mapped during
- m�mp�pu�ut�t commands and p�pu�ut�t commands issued without a specified
- remote target filename. If arguments are specified, local
- filenames are mapped during m�mg�ge�et�t commands and g�ge�et�t commands
- issued without a specified local target filename. This com-
- mand is useful when connecting to a non-UNIX remote computer
- with different file naming conventions or practices. The
- mapping follows the pattern set by _�i_�n_�p_�a_�t_�t_�e_�r_�n and _�o_�u_�t_�p_�a_�t_�t_�e_�r_�n.
- [_�I_�n_�p_�a_�t_�t_�e_�r_�n] is a template for incoming filenames (which may
- have already been processed according to the n�nt�tr�ra�an�ns�s and c�ca�as�se�e
- settings). Variable templating is accomplished by including
- the sequences `$1', `$2', ..., `$9' in _�i_�n_�p_�a_�t_�t_�e_�r_�n. Use `\' to
- prevent this special treatment of the `$' character. All
- other characters are treated literally, and are used to
- determine the n�nm�ma�ap�p [_�i_�n_�p_�a_�t_�t_�e_�r_�n] variable values. For example,
- given _�i_�n_�p_�a_�t_�t_�e_�r_�n $1.$2 and the remote file name "mydata.data",
- $1 would have the value "mydata", and $2 would have the value
- "data". The _�o_�u_�t_�p_�a_�t_�t_�e_�r_�n determines the resulting mapped file-
- name. The sequences `$1', `$2', ...., `$9' are replaced by
- any value resulting from the _�i_�n_�p_�a_�t_�t_�e_�r_�n template. The
- sequence `$0' is replace by the original filename. Addition-
- ally, the sequence `[_�s_�e_�q_�1, _�s_�e_�q_�2]' is replaced by [_�s_�e_�q_�1] if
- _�s_�e_�q_�1 is not a null string; otherwise it is replaced by _�s_�e_�q_�2.
- For example, the command
-
- nmap $1.$2.$3 [$1,$2].[$2,file]
-
- would yield the output filename "myfile.data" for input file-
- names "myfile.data" and "myfile.data.old", "myfile.file" for
- the input filename "myfile", and "myfile.myfile" for the
- input filename ".myfile". Spaces may be included in
- _�o_�u_�t_�p_�a_�t_�t_�e_�r_�n, as in the example: `nmap $1 sed "s/ *$//" > $1'
- . Use the `\' character to prevent special treatment of the
- `$','[','[', and `,' characters.
-
- n�nt�tr�ra�an�ns�s [_�i_�n_�c_�h_�a_�r_�s [_�o_�u_�t_�c_�h_�a_�r_�s]]
- Set or unset the filename character translation mechanism.
- If no arguments are specified, the filename character trans-
- lation mechanism is unset. If arguments are specified, char-
- acters in remote filenames are translated during m�mp�pu�ut�t com-
- mands and p�pu�ut�t commands issued without a specified remote tar-
- get filename. If arguments are specified, characters in
- local filenames are translated during m�mg�ge�et�t commands and g�ge�et�t
- commands issued without a specified local target filename.
- This command is useful when connecting to a non-UNIX remote
- computer with different file naming conventions or practices.
- Characters in a filename matching a character in _�i_�n_�c_�h_�a_�r_�s are
- replaced with the corresponding character in _�o_�u_�t_�c_�h_�a_�r_�s. If
- the character's position in _�i_�n_�c_�h_�a_�r_�s is longer than the length
- of _�o_�u_�t_�c_�h_�a_�r_�s, the character is deleted from the file name.
-
- o�op�pe�en�n _�h_�o_�s_�t [_�p_�o_�r_�t]
- Establish a connection to the specified _�h_�o_�s_�t FTP server. An
- optional port number may be supplied, in which case, f�ft�tp�p will
- attempt to contact an FTP server at that port. If the
- a�au�ut�to�o-�-l�lo�og�gi�in�n option is on (default), f�ft�tp�p will also attempt to
- automatically log the user in to the FTP server (see below).
-
- p�pa�as�ss�si�iv�ve�e Toggle passive mode. If passive mode is turned on (default
- is off), the ftp client will send a PASV command for all data
- connections instead of the usual PORT command. The PASV com-
- mand requests that the remote server open a port for the data
- connection and return the address of that port. The remote
- server listens on that port and the client connects to it.
- When using the more traditional PORT command, the client lis-
- tens on a port and sends that address to the remote server,
- who connects back to it. Passive mode is useful when using
- f�ft�tp�p through a gateway router or host that controls the direc-
- tionality of traffic. (Note that though ftp servers are
- required to support the PASV command by RFC 1123, some do
- not.)
-
- p�pr�ro�om�mp�pt�t Toggle interactive prompting. Interactive prompting occurs
- during multiple file transfers to allow the user to selec-
- tively retrieve or store files. If prompting is turned off
- (default is on), any m�mg�ge�et�t or m�mp�pu�ut�t will transfer all files,
- and any m�md�de�el�le�et�te�e will delete all files.
-
- p�pr�ro�ox�xy�y _�f_�t_�p_�-_�c_�o_�m_�m_�a_�n_�d
- Execute an ftp command on a secondary control connection.
- This command allows simultaneous connection to two remote ftp
- servers for transferring files between the two servers. The
- first p�pr�ro�ox�xy�y command should be an o�op�pe�en�n, to establish the sec-
- ondary control connection. Enter the command "proxy ?" to
- see other ftp commands executable on the secondary connec-
- tion. The following commands behave differently when pref-
- aced by p�pr�ro�ox�xy�y: o�op�pe�en�n will not define new macros during the
- auto-login process, c�cl�lo�os�se�e will not erase existing macro defi-
- nitions, g�ge�et�t and m�mg�ge�et�t transfer files from the host on the
- primary control connection to the host on the secondary con-
- trol connection, and p�pu�ut�t, m�mp�pu�ut�t, and a�ap�pp�pe�en�nd�d transfer files
- from the host on the secondary control connection to the host
- on the primary control connection. Third party file trans-
- fers depend upon support of the ftp protocol PASV command by
- the server on the secondary control connection.
-
- p�pu�ut�t _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e [_�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e]
- Store a local file on the remote machine. If _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e is
- left unspecified, the local file name is used after process-
- ing according to any n�nt�tr�ra�an�ns�s or n�nm�ma�ap�p settings in naming the
- remote file. File transfer uses the current settings for
- t�ty�yp�pe�e, f�fo�or�rm�ma�at�t, m�mo�od�de�e, and s�st�tr�ru�uc�ct�tu�ur�re�e.
-
- p�pw�wd�d Print the name of the current working directory on the remote
- machine.
-
- q�qu�ui�it�t A synonym for b�by�ye�e.
-
- q�qu�uo�ot�te�e _�a_�r_�g_�1 _�a_�r_�g_�2 _�._�._�.
- The arguments specified are sent, verbatim, to the remote FTP
- server.
-
- r�re�ec�cv�v _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e [_�l_�o_�c_�a_�l_�-_�f_�i_�l_�e]
- A synonym for get.
-
- r�re�eg�ge�et�t _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e [_�l_�o_�c_�a_�l_�-_�f_�i_�l_�e]
- Reget acts like get, except that if _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e exists and is
- smaller than _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e, _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e is presumed to be a par-
- tially transferred copy of _�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e and the transfer is
- continued from the apparent point of failure. This command
- is useful when transferring very large files over networks
- that are prone to dropping connections.
-
- r�re�em�mo�ot�te�eh�he�el�lp�p [_�c_�o_�m_�m_�a_�n_�d_�-_�n_�a_�m_�e]
- Request help from the remote FTP server. If a _�c_�o_�m_�m_�a_�n_�d_�-_�n_�a_�m_�e
- is specified it is supplied to the server as well.
-
- r�re�em�mo�ot�te�es�st�ta�at�tu�us�s [_�f_�i_�l_�e_�-_�n_�a_�m_�e]
- With no arguments, show status of remote machine. If
- _�f_�i_�l_�e_�-_�n_�a_�m_�e is specified, show status of _�f_�i_�l_�e_�-_�n_�a_�m_�e on remote
- machine.
-
- r�re�en�na�am�me�e [_�f_�r_�o_�m] [_�t_�o]
- Rename the file _�f_�r_�o_�m on the remote machine, to the file _�t_�o.
-
- r�re�es�se�et�t Clear reply queue. This command re-synchronizes com-
- mand/reply sequencing with the remote ftp server. Resynchro-
- nization may be necessary following a violation of the ftp
- protocol by the remote server.
-
- r�re�es�st�ta�ar�rt�t _�m_�a_�r_�k_�e_�r
- Restart the immediately following g�ge�et�t or p�pu�ut�t at the indicated
- _�m_�a_�r_�k_�e_�r. On UNIX systems, marker is usually a byte offset
- into the file.
-
- r�rm�md�di�ir�r _�d_�i_�r_�e_�c_�t_�o_�r_�y_�-_�n_�a_�m_�e
- Delete a directory on the remote machine.
-
- r�ru�un�ni�iq�qu�ue�e Toggle storing of files on the local system with unique file-
- names. If a file already exists with a name equal to the
- target local filename for a g�ge�et�t or m�mg�ge�et�t command, a ".1" is
- appended to the name. If the resulting name matches another
- existing file, a ".2" is appended to the original name. If
- this process continues up to ".99", an error message is
- printed, and the transfer does not take place. The generated
- unique filename will be reported. Note that r�ru�un�ni�iq�qu�ue�e will not
- affect local files generated from a shell command (see
- below). The default value is off.
-
- s�se�en�nd�d _�l_�o_�c_�a_�l_�-_�f_�i_�l_�e [_�r_�e_�m_�o_�t_�e_�-_�f_�i_�l_�e]
- A synonym for put.
-
- s�se�en�nd�dp�po�or�rt�t Toggle the use of PORT commands. By default, f�ft�tp�p will
- attempt to use a PORT command when establishing a connection
- for each data transfer. The use of PORT commands can prevent
- delays when performing multiple file transfers. If the PORT
- command fails, f�ft�tp�p will use the default data port. When the
- use of PORT commands is disabled, no attempt will be made to
- use PORT commands for each data transfer. This is useful for
- certain FTP implementations which do ignore PORT commands
- but, incorrectly, indicate they've been accepted.
-
- s�si�it�te�e _�a_�r_�g_�1 _�a_�r_�g_�2 _�._�._�.
- The arguments specified are sent, verbatim, to the remote FTP
- server as a SITE command.
-
- s�si�iz�ze�e _�f_�i_�l_�e_�-_�n_�a_�m_�e
- Return size of _�f_�i_�l_�e_�-_�n_�a_�m_�e on remote machine.
-
- s�st�ta�at�tu�us�s Show the current status of f�ft�tp�p.
-
- s�st�tr�ru�uc�ct�t [_�s_�t_�r_�u_�c_�t_�-_�n_�a_�m_�e]
- Set the file transfer _�s_�t_�r_�u_�c_�t_�u_�r_�e to _�s_�t_�r_�u_�c_�t_�-_�n_�a_�m_�e. By default
- ``stream'' structure is used.
-
- s�su�un�ni�iq�qu�ue�e Toggle storing of files on remote machine under unique file
- names. Remote ftp server must support ftp protocol STOU com-
- mand for successful completion. The remote server will
- report unique name. Default value is off.
-
- s�sy�ys�st�te�em�m Show the type of operating system running on the remote
- machine.
-
- t�te�en�ne�ex�x Set the file transfer type to that needed to talk to TENEX
- machines.
-
- t�tr�ra�ac�ce�e Toggle packet tracing.
-
- t�ty�yp�pe�e [_�t_�y_�p_�e_�-_�n_�a_�m_�e]
- Set the file transfer t�ty�yp�pe�e to _�t_�y_�p_�e_�-_�n_�a_�m_�e. If no type is spec-
- ified, the current type is printed. The default type is net-
- work ASCII.
-
- u�um�ma�as�sk�k [_�n_�e_�w_�m_�a_�s_�k]
- Set the default umask on the remote server to _�n_�e_�w_�m_�a_�s_�k. If
- _�n_�e_�w_�m_�a_�s_�k is omitted, the current umask is printed.
-
- u�us�se�er�r _�u_�s_�e_�r_�-_�n_�a_�m_�e [_�p_�a_�s_�s_�w_�o_�r_�d] [_�a_�c_�c_�o_�u_�n_�t]
- Identify yourself to the remote FTP server. If the _�p_�a_�s_�s_�w_�o_�r_�d
- is not specified and the server requires it, f�ft�tp�p will prompt
- the user for it (after disabling local echo). If an _�a_�c_�c_�o_�u_�n_�t
- field is not specified, and the FTP server requires it, the
- user will be prompted for it. If an _�a_�c_�c_�o_�u_�n_�t field is speci-
- fied, an account command will be relayed to the remote server
- after the login sequence is completed if the remote server
- did not require it for logging in. Unless f�ft�tp�p is invoked
- with ``auto-login'' disabled, this process is done automati-
- cally on initial connection to the FTP server.
-
- v�ve�er�rb�bo�os�se�e Toggle verbose mode. In verbose mode, all responses from the
- FTP server are displayed to the user. In addition, if ver-
- bose is on, when a file transfer completes, statistics
- regarding the efficiency of the transfer are reported. By
- default, verbose is on.
-
- ?�? [_�c_�o_�m_�m_�a_�n_�d]
- A synonym for help.
-
- The following command can be used with ftpsec-aware servers.
-
- p�pr�ro�ot�t _�c_�l_�e_�a_�r | _�s_�a_�f_�e | _�c_�o_�n_�f_�i_�d_�e_�n_�t_�i_�a_�l | _�p_�r_�i_�v_�a_�t_�e
- Set the data protection level to the requested level.
-
- The following command can be used with ftp servers that has implemented
- the KAUTH site command.
-
- k�ka�au�ut�th�h [_�p_�r_�i_�n_�c_�i_�p_�a_�l]
- Obtain remote tickets.
-
- Command arguments which have embedded spaces may be quoted with quote `"'
- marks.
-
-A�AB�BO�OR�RT�TI�IN�NG�G A�A F�FI�IL�LE�E T�TR�RA�AN�NS�SF�FE�ER�R
- To abort a file transfer, use the terminal interrupt key (usually Ctrl-
- C). Sending transfers will be immediately halted. Receiving transfers
- will be halted by sending a ftp protocol ABOR command to the remote
- server, and discarding any further data received. The speed at which
- this is accomplished depends upon the remote server's support for ABOR
- processing. If the remote server does not support the ABOR command, an
- `ftp>' prompt will not appear until the remote server has completed send-
- ing the requested file.
-
- The terminal interrupt key sequence will be ignored when f�ft�tp�p has com-
- pleted any local processing and is awaiting a reply from the remote
- server. A long delay in this mode may result from the ABOR processing
- described above, or from unexpected behavior by the remote server,
- including violations of the ftp protocol. If the delay results from
- unexpected remote server behavior, the local f�ft�tp�p program must be killed
- by hand.
-
-F�FI�IL�LE�E N�NA�AM�MI�IN�NG�G C�CO�ON�NV�VE�EN�NT�TI�IO�ON�NS�S
- Files specified as arguments to f�ft�tp�p commands are processed according to
- the following rules.
-
- 1. If the file name `-�-' is specified, the _�s_�t_�d_�i_�n (for reading) or _�s_�t_�d_�o_�u_�t
- (for writing) is used.
-
- 2. If the first character of the file name is `|', the remainder of the
- argument is interpreted as a shell command. F�Ft�tp�p then forks a shell,
- using popen(3) with the argument supplied, and reads (writes) from
- the stdout (stdin). If the shell command includes spaces, the argu-
- ment must be quoted; e.g. ``" ls -lt"''. A particularly useful
- example of this mechanism is: ``dir more''.
-
- 3. Failing the above checks, if ``globbing'' is enabled, local file
- names are expanded according to the rules used in the csh(1); c.f.
- the g�gl�lo�ob�b command. If the f�ft�tp�p command expects a single local file
- (.e.g. p�pu�ut�t), only the first filename generated by the "globbing"
- operation is used.
-
- 4. For m�mg�ge�et�t commands and g�ge�et�t commands with unspecified local file
- names, the local filename is the remote filename, which may be
- altered by a c�ca�as�se�e, n�nt�tr�ra�an�ns�s, or n�nm�ma�ap�p setting. The resulting filename
- may then be altered if r�ru�un�ni�iq�qu�ue�e is on.
-
- 5. For m�mp�pu�ut�t commands and p�pu�ut�t commands with unspecified remote file
- names, the remote filename is the local filename, which may be
- altered by a n�nt�tr�ra�an�ns�s or n�nm�ma�ap�p setting. The resulting filename may
- then be altered by the remote server if s�su�un�ni�iq�qu�ue�e is on.
-
-F�FI�IL�LE�E T�TR�RA�AN�NS�SF�FE�ER�R P�PA�AR�RA�AM�ME�ET�TE�ER�RS�S
- The FTP specification specifies many parameters which may affect a file
- transfer. The t�ty�yp�pe�e may be one of ``ascii'', ``image'' (binary),
- ``ebcdic'', and ``local byte size'' (for PDP-10's and PDP-20's mostly).
- F�Ft�tp�p supports the ascii and image types of file transfer, plus local byte
- size 8 for t�te�en�ne�ex�x mode transfers.
-
- F�Ft�tp�p supports only the default values for the remaining file transfer
- parameters: m�mo�od�de�e, f�fo�or�rm�m, and s�st�tr�ru�uc�ct�t.
-
-T�TH�HE�E .�.n�ne�et�tr�rc�c F�FI�IL�LE�E
- The _�._�n_�e_�t_�r_�c file contains login and initialization information used by the
- auto-login process. It resides in the user's home directory. The fol-
- lowing tokens are recognized; they may be separated by spaces, tabs, or
- new-lines:
-
- m�ma�ac�ch�hi�in�ne�e _�n_�a_�m_�e
- Identify a remote machine _�n_�a_�m_�e. The auto-login process
- searches the _�._�n_�e_�t_�r_�c file for a m�ma�ac�ch�hi�in�ne�e token that matches the
- remote machine specified on the f�ft�tp�p command line or as an o�op�pe�en�n
- command argument. Once a match is made, the subsequent _�._�n_�e_�t_�r_�c
- tokens are processed, stopping when the end of file is reached
- or another m�ma�ac�ch�hi�in�ne�e or a d�de�ef�fa�au�ul�lt�t token is encountered.
-
- d�de�ef�fa�au�ul�lt�t This is the same as m�ma�ac�ch�hi�in�ne�e _�n_�a_�m_�e except that d�de�ef�fa�au�ul�lt�t matches
- any name. There can be only one d�de�ef�fa�au�ul�lt�t token, and it must be
- after all m�ma�ac�ch�hi�in�ne�e tokens. This is normally used as:
-
- default login anonymous password user at site
-
- thereby giving the user _�a_�u_�t_�o_�m_�a_�t_�i_�c anonymous ftp login to
- machines not specified in _�._�n_�e_�t_�r_�c. This can be overridden by
- using the -�-n�n flag to disable auto-login.
-
- l�lo�og�gi�in�n _�n_�a_�m_�e
- Identify a user on the remote machine. If this token is
- present, the auto-login process will initiate a login using the
- specified _�n_�a_�m_�e.
-
- p�pa�as�ss�sw�wo�or�rd�d _�s_�t_�r_�i_�n_�g
- Supply a password. If this token is present, the auto-login
- process will supply the specified string if the remote server
- requires a password as part of the login process. Note that if
- this token is present in the _�._�n_�e_�t_�r_�c file for any user other
- than _�a_�n_�o_�n_�y_�m_�o_�u_�s, f�ft�tp�p will abort the auto-login process if the
- _�._�n_�e_�t_�r_�c is readable by anyone besides the user.
-
- a�ac�cc�co�ou�un�nt�t _�s_�t_�r_�i_�n_�g
- Supply an additional account password. If this token is
- present, the auto-login process will supply the specified
- string if the remote server requires an additional account
- password, or the auto-login process will initiate an ACCT com-
- mand if it does not.
-
- m�ma�ac�cd�de�ef�f _�n_�a_�m_�e
- Define a macro. This token functions like the f�ft�tp�p m�ma�ac�cd�de�ef�f com-
- mand functions. A macro is defined with the specified name;
- its contents begin with the next _�._�n_�e_�t_�r_�c line and continue until
- a null line (consecutive new-line characters) is encountered.
- If a macro named i�in�ni�it�t is defined, it is automatically executed
- as the last step in the auto-login process.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- F�Ft�tp�p uses the following environment variables.
-
- HOME For default location of a _�._�n_�e_�t_�r_�c file, if one exists.
-
- SHELL For default shell.
-
-S�SE�EE�E A�AL�LS�SO�O
- ftpd(8)
-
- _�R_�F_�C_�2_�2_�2_�8.
-
-H�HI�IS�ST�TO�OR�RY�Y
- The f�ft�tp�p command appeared in 4.2BSD.
-
-B�BU�UG�GS�S
- Correct execution of many commands depends upon proper behavior by the
- remote server.
-
- An error in the treatment of carriage returns in the 4.2BSD ascii-mode
- transfer code has been corrected. This correction may result in incor-
- rect transfers of binary files to and from 4.2BSD servers using the ascii
- type. Avoid this problem by using the binary image type.
-
-4.2 Berkeley Distribution March 23, 2006 4.2 Berkeley Distribution
Deleted: trunk/crypto/heimdal/appl/ftp/ftp/krb4.c
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftp/krb4.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftp/krb4.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,340 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef FTP_SERVER
-#include "ftpd_locl.h"
-#else
-#include "ftp_locl.h"
-#endif
-#include <krb.h>
-
-RCSID("$Id: krb4.c,v 1.1.1.3 2012-07-21 15:09:09 laffer1 Exp $");
-
-#ifdef FTP_SERVER
-#define LOCAL_ADDR ctrl_addr
-#define REMOTE_ADDR his_addr
-#else
-#define LOCAL_ADDR myctladdr
-#define REMOTE_ADDR hisctladdr
-#endif
-
-extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR;
-
-struct krb4_data {
- des_cblock key;
- des_key_schedule schedule;
- char name[ANAME_SZ];
- char instance[INST_SZ];
- char realm[REALM_SZ];
-};
-
-static int
-krb4_check_prot(void *app_data, int level)
-{
- if(level == prot_confidential)
- return -1;
- return 0;
-}
-
-static int
-krb4_decode(void *app_data, void *buf, int len, int level)
-{
- MSG_DAT m;
- int e;
- struct krb4_data *d = app_data;
-
- if(level == prot_safe)
- e = krb_rd_safe(buf, len, &d->key,
- (struct sockaddr_in *)REMOTE_ADDR,
- (struct sockaddr_in *)LOCAL_ADDR, &m);
- else
- e = krb_rd_priv(buf, len, d->schedule, &d->key,
- (struct sockaddr_in *)REMOTE_ADDR,
- (struct sockaddr_in *)LOCAL_ADDR, &m);
- if(e){
- syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e));
- return -1;
- }
- memmove(buf, m.app_data, m.app_length);
- return m.app_length;
-}
-
-static int
-krb4_overhead(void *app_data, int level, int len)
-{
- return 31;
-}
-
-static int
-krb4_encode(void *app_data, void *from, int length, int level, void **to)
-{
- struct krb4_data *d = app_data;
- *to = malloc(length + 31);
- if(level == prot_safe)
- return krb_mk_safe(from, *to, length, &d->key,
- (struct sockaddr_in *)LOCAL_ADDR,
- (struct sockaddr_in *)REMOTE_ADDR);
- else if(level == prot_private)
- return krb_mk_priv(from, *to, length, d->schedule, &d->key,
- (struct sockaddr_in *)LOCAL_ADDR,
- (struct sockaddr_in *)REMOTE_ADDR);
- else
- return -1;
-}
-
-#ifdef FTP_SERVER
-
-static int
-krb4_adat(void *app_data, void *buf, size_t len)
-{
- KTEXT_ST tkt;
- AUTH_DAT auth_dat;
- char *p;
- int kerror;
- uint32_t cs;
- char msg[35]; /* size of encrypted block */
- int tmp_len;
- struct krb4_data *d = app_data;
- char inst[INST_SZ];
- struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr;
-
- memcpy(tkt.dat, buf, len);
- tkt.length = len;
-
- k_getsockinst(0, inst, sizeof(inst));
- kerror = krb_rd_req(&tkt, "ftp", inst,
- his_addr_sin->sin_addr.s_addr, &auth_dat, "");
- if(kerror == RD_AP_UNDEC){
- k_getsockinst(0, inst, sizeof(inst));
- kerror = krb_rd_req(&tkt, "rcmd", inst,
- his_addr_sin->sin_addr.s_addr, &auth_dat, "");
- }
-
- if(kerror){
- reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
- return -1;
- }
-
- memcpy(d->key, auth_dat.session, sizeof(d->key));
- des_set_key(&d->key, d->schedule);
-
- strlcpy(d->name, auth_dat.pname, sizeof(d->name));
- strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance));
- strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance));
-
- cs = auth_dat.checksum + 1;
- {
- unsigned char tmp[4];
- KRB_PUT_INT(cs, tmp, 4, sizeof(tmp));
- tmp_len = krb_mk_safe(tmp, msg, 4, &d->key,
- (struct sockaddr_in *)LOCAL_ADDR,
- (struct sockaddr_in *)REMOTE_ADDR);
- }
- if(tmp_len < 0){
- reply(535, "Error creating reply: %s.", strerror(errno));
- return -1;
- }
- len = tmp_len;
- if(base64_encode(msg, len, &p) < 0) {
- reply(535, "Out of memory base64-encoding.");
- return -1;
- }
- reply(235, "ADAT=%s", p);
- sec_complete = 1;
- free(p);
- return 0;
-}
-
-static int
-krb4_userok(void *app_data, char *user)
-{
- struct krb4_data *d = app_data;
- return krb_kuserok(d->name, d->instance, d->realm, user);
-}
-
-struct sec_server_mech krb4_server_mech = {
- "KERBEROS_V4",
- sizeof(struct krb4_data),
- NULL, /* init */
- NULL, /* end */
- krb4_check_prot,
- krb4_overhead,
- krb4_encode,
- krb4_decode,
- /* */
- NULL,
- krb4_adat,
- NULL, /* pbsz */
- NULL, /* ccc */
- krb4_userok
-};
-
-#else /* FTP_SERVER */
-
-static int
-krb4_init(void *app_data)
-{
- return !use_kerberos;
-}
-
-static int
-mk_auth(struct krb4_data *d, KTEXT adat,
- char *service, char *host, int checksum)
-{
- int ret;
- CREDENTIALS cred;
- char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ];
-
- strlcpy(sname, service, sizeof(sname));
- strlcpy(inst, krb_get_phost(host), sizeof(inst));
- strlcpy(realm, krb_realmofhost(host), sizeof(realm));
- ret = krb_mk_req(adat, sname, inst, realm, checksum);
- if(ret)
- return ret;
- strlcpy(sname, service, sizeof(sname));
- strlcpy(inst, krb_get_phost(host), sizeof(inst));
- strlcpy(realm, krb_realmofhost(host), sizeof(realm));
- ret = krb_get_cred(sname, inst, realm, &cred);
- memmove(&d->key, &cred.session, sizeof(des_cblock));
- des_key_sched(&d->key, d->schedule);
- memset(&cred, 0, sizeof(cred));
- return ret;
-}
-
-static int
-krb4_auth(void *app_data, char *host)
-{
- int ret;
- char *p;
- int len;
- KTEXT_ST adat;
- MSG_DAT msg_data;
- int checksum;
- uint32_t cs;
- struct krb4_data *d = app_data;
- struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR;
- struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR;
-
- checksum = getpid();
- ret = mk_auth(d, &adat, "ftp", host, checksum);
- if(ret == KDC_PR_UNKNOWN)
- ret = mk_auth(d, &adat, "rcmd", host, checksum);
- if(ret){
- printf("%s\n", krb_get_err_text(ret));
- return AUTH_CONTINUE;
- }
-
-#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM
- if (krb_get_config_bool("nat_in_use")) {
- struct in_addr natAddr;
-
- if (krb_get_our_ip_for_realm(krb_realmofhost(host),
- &natAddr) != KSUCCESS
- && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS)
- printf("Can't get address for realm %s\n",
- krb_realmofhost(host));
- else {
- if (natAddr.s_addr != localaddr->sin_addr.s_addr) {
- printf("Using NAT IP address (%s) for kerberos 4\n",
- inet_ntoa(natAddr));
- localaddr->sin_addr = natAddr;
-
- /*
- * This not the best place to do this, but it
- * is here we know that (probably) NAT is in
- * use!
- */
-
- passivemode = 1;
- printf("Setting: Passive mode on.\n");
- }
- }
- }
-#endif
-
- printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr));
- printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr));
-
- if(base64_encode(adat.dat, adat.length, &p) < 0) {
- printf("Out of memory base64-encoding.\n");
- return AUTH_CONTINUE;
- }
- ret = command("ADAT %s", p);
- free(p);
-
- if(ret != COMPLETE){
- printf("Server didn't accept auth data.\n");
- return AUTH_ERROR;
- }
-
- p = strstr(reply_string, "ADAT=");
- if(!p){
- printf("Remote host didn't send adat reply.\n");
- return AUTH_ERROR;
- }
- p += 5;
- len = base64_decode(p, adat.dat);
- if(len < 0){
- printf("Failed to decode base64 from server.\n");
- return AUTH_ERROR;
- }
- adat.length = len;
- ret = krb_rd_safe(adat.dat, adat.length, &d->key,
- (struct sockaddr_in *)hisctladdr,
- (struct sockaddr_in *)myctladdr, &msg_data);
- if(ret){
- printf("Error reading reply from server: %s.\n",
- krb_get_err_text(ret));
- return AUTH_ERROR;
- }
- krb_get_int(msg_data.app_data, &cs, 4, 0);
- if(cs - checksum != 1){
- printf("Bad checksum returned from server.\n");
- return AUTH_ERROR;
- }
- return AUTH_OK;
-}
-
-struct sec_client_mech krb4_client_mech = {
- "KERBEROS_V4",
- sizeof(struct krb4_data),
- krb4_init, /* init */
- krb4_auth,
- NULL, /* end */
- krb4_check_prot,
- krb4_overhead,
- krb4_encode,
- krb4_decode
-};
-
-#endif /* FTP_SERVER */
Deleted: trunk/crypto/heimdal/appl/ftp/ftpd/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftpd/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftpd/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\ftp\ftpd
-
-!include ../../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/ftp/ftpd/ftpd.cat8
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftpd/ftpd.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftpd/ftpd.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,309 +0,0 @@
-
-FTPD(8) BSD System Manager's Manual FTPD(8)
-
-N�NA�AM�ME�E
- f�ft�tp�pd�d -- Internet File Transfer Protocol server
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- f�ft�tp�pd�d [-�-a�a _�a_�u_�t_�h_�m_�o_�d_�e] [-�-d�di�il�lv�vU�U] [-�-g�g _�u_�m_�a_�s_�k] [-�-p�p _�p_�o_�r_�t] [-�-T�T _�m_�a_�x_�t_�i_�m_�e_�o_�u_�t]
- [-�-t�t _�t_�i_�m_�e_�o_�u_�t] [-�--�-g�gs�ss�s-�-b�bi�in�nd�di�in�ng�gs�s] [-�-I�I | -�--�-n�no�o-�-i�in�ns�se�ec�cu�ur�re�e-�-o�oo�ob�b]
- [-�-u�u _�d_�e_�f_�a_�u_�l_�t _�u_�m_�a_�s_�k] [-�-B�B | -�--�-b�bu�ui�il�lt�ti�in�n-�-l�ls�s] [-�--�-g�go�oo�od�d-�-c�ch�ha�ar�rs�s=�=_�s_�t_�r_�i_�n_�g]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- F�Ft�tp�pd�d is the Internet File Transfer Protocol server process. The server
- uses the TCP protocol and listens at the port specified in the ``ftp''
- service specification; see services(5).
-
- Available options:
-
- -�-a�a Select the level of authentication required. Kerberised login
- can not be turned off. The default is to only allow kerberised
- login. Other possibilities can be turned on by giving a string
- of comma separated flags as argument to -�-a�a. Recognised flags
- are:
-
- _�p_�l_�a_�i_�n Allow logging in with plaintext password. The password can
- be a(n) OTP or an ordinary password.
-
- _�o_�t_�p Same as _�p_�l_�a_�i_�n, but only OTP is allowed.
-
- _�f_�t_�p Allow anonymous login.
-
- The following combination modes exists for backwards compatibil-
- ity:
-
- _�n_�o_�n_�e Same as _�p_�l_�a_�i_�n_�,_�f_�t_�p.
-
- _�s_�a_�f_�e Same as _�f_�t_�p.
-
- _�u_�s_�e_�r Ignored.
-
- -�-d�d Debugging information is written to the syslog using LOG_FTP.
-
- -�-g�g Anonymous users will get a umask of _�u_�m_�a_�s_�k.
-
- -�--�-g�gs�ss�s-�-b�bi�in�nd�di�in�ng�gs�s
- require the peer to use GSS-API bindings (ie make sure IP
- addresses match).
-
- -�-i�i Open a socket and wait for a connection. This is mainly used for
- debugging when ftpd isn't started by inetd.
-
- -�-l�l Each successful and failed ftp(1) session is logged using syslog
- with a facility of LOG_FTP. If this option is specified twice,
- the retrieve (get), store (put), append, delete, make directory,
- remove directory and rename operations and their filename argu-
- ments are also logged.
-
- -�-p�p Use _�p_�o_�r_�t (a service name or number) instead of the default
- _�f_�t_�p_�/_�t_�c_�p.
-
- -�-T�T A client may also request a different timeout period; the maximum
- period allowed may be set to _�t_�i_�m_�e_�o_�u_�t seconds with the -�-T�T option.
- The default limit is 2 hours.
-
- -�-t�t The inactivity timeout period is set to _�t_�i_�m_�e_�o_�u_�t seconds (the
- default is 15 minutes).
-
- -�-u�u Set the initial umask to something else than the default 027.
-
- -�-U�U In previous versions of f�ft�tp�pd�d, when a passive mode client
- requested a data connection to the server, the server would use
- data ports in the range 1024..4999. Now, by default, if the sys-
- tem supports the IP_PORTRANGE socket option, the server will use
- data ports in the range 49152..65535. Specifying this option
- will revert to the old behavior.
-
- -�-v�v Verbose mode.
-
- -�-B�B, -�--�-b�bu�ui�il�lt�ti�in�n-�-l�ls�s
- use built-in ls to list files
-
- -�--�-g�go�oo�od�d-�-c�ch�ha�ar�rs�s=�=_�s_�t_�r_�i_�n_�g
- allowed anonymous upload filename chars
-
- -�-I�I -�--�-n�no�o-�-i�in�ns�se�ec�cu�ur�re�e-�-o�oo�ob�b
- don't allow insecure out of band. Heimdal ftp clients before
- 0.6.3 doesn't support secure oob, so turning on this option makes
- them no longer work.
-
- The file _�/_�e_�t_�c_�/_�n_�o_�l_�o_�g_�i_�n can be used to disable ftp access. If the file
- exists, f�ft�tp�pd�d displays it and exits. If the file _�/_�e_�t_�c_�/_�f_�t_�p_�w_�e_�l_�c_�o_�m_�e exists,
- f�ft�tp�pd�d prints it before issuing the ``ready'' message. If the file
- _�/_�e_�t_�c_�/_�m_�o_�t_�d exists, f�ft�tp�pd�d prints it after a successful login.
-
- The ftp server currently supports the following ftp requests. The case
- of the requests is ignored.
-
- Request Description
- ABOR abort previous command
- ACCT specify account (ignored)
- ALLO allocate storage (vacuously)
- APPE append to a file
- CDUP change to parent of current working directory
- CWD change working directory
- DELE delete a file
- HELP give help information
- LIST give list files in a directory (``ls -lgA'')
- MKD make a directory
- MDTM show last modification time of file
- MODE specify data transfer _�m_�o_�d_�e
- NLST give name list of files in directory
- NOOP do nothing
- PASS specify password
- PASV prepare for server-to-server transfer
- PORT specify data connection port
- PWD print the current working directory
- QUIT terminate session
- REST restart incomplete transfer
- RETR retrieve a file
- RMD remove a directory
- RNFR specify rename-from file name
- RNTO specify rename-to file name
- SITE non-standard commands (see next section)
- SIZE return size of file
- STAT return status of server
- STOR store a file
- STOU store a file with a unique name
- STRU specify data transfer _�s_�t_�r_�u_�c_�t_�u_�r_�e
- SYST show operating system type of server system
- TYPE specify data transfer _�t_�y_�p_�e
- USER specify user name
- XCUP change to parent of current working directory
- (deprecated)
- XCWD change working directory (deprecated)
- XMKD make a directory (deprecated)
- XPWD print the current working directory (deprecated)
- XRMD remove a directory (deprecated)
-
- The following commands are specified by RFC2228.
-
- AUTH authentication/security mechanism
- ADAT authentication/security data
- PROT data channel protection level
- PBSZ protection buffer size
- MIC integrity protected command
- CONF confidentiality protected command
- ENC privacy protected command
- CCC clear command channel
-
- The following non-standard or UNIX specific commands are supported by the
- SITE request.
-
- UMASK change umask, (e.g. S�SI�IT�TE�E U�UM�MA�AS�SK�K 0�00�02�2)
- IDLE set idle-timer, (e.g. S�SI�IT�TE�E I�ID�DL�LE�E 6�60�0)
- CHMOD change mode of a file (e.g. S�SI�IT�TE�E C�CH�HM�MO�OD�D 7�75�55�5 f�fi�il�le�en�na�am�me�e)
- FIND quickly find a specific file with GNU locate(1).
- HELP give help information.
-
- The following Kerberos related site commands are understood.
-
- KAUTH obtain remote tickets.
- KLIST show remote tickets
-
- The remaining ftp requests specified in Internet RFC 959 are recognized,
- but not implemented. MDTM and SIZE are not specified in RFC 959, but
- will appear in the next updated FTP RFC.
-
- The ftp server will abort an active file transfer only when the ABOR com-
- mand is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet
- "Synch" signal in the command Telnet stream, as described in Internet RFC
- 959. If a STAT command is received during a data transfer, preceded by a
- Telnet IP and Synch, transfer status will be returned.
-
- F�Ft�tp�pd�d interprets file names according to the ``globbing'' conventions used
- by csh(1). This allows users to use the metacharacters ``*?[]{}~''.
-
- F�Ft�tp�pd�d authenticates users according to these rules.
-
- 1. If Kerberos authentication is used, the user must pass valid
- tickets and the principal must be allowed to login as the
- remote user.
-
- 2. The login name must be in the password data base, and not have
- a null password (if Kerberos is used the password field is not
- checked). In this case a password must be provided by the
- client before any file operations may be performed. If the
- user has an OTP key, the response from a successful USER com-
- mand will include an OTP challenge. The client may choose to
- respond with a PASS command giving either a standard password
- or an OTP one-time password. The server will automatically
- determine which type of password it has been given and attempt
- to authenticate accordingly. See otp(1) for more information
- on OTP authentication.
-
- 3. The login name must not appear in the file _�/_�e_�t_�c_�/_�f_�t_�p_�u_�s_�e_�r_�s.
-
- 4. The user must have a standard shell returned by
- getusershell(3).
-
- 5. If the user name appears in the file _�/_�e_�t_�c_�/_�f_�t_�p_�c_�h_�r_�o_�o_�t the ses-
- sion's root will be changed to the user's login directory by
- chroot(2) as for an ``anonymous'' or ``ftp'' account (see next
- item). However, the user must still supply a password. This
- feature is intended as a compromise between a fully anonymous
- account and a fully privileged account. The account should
- also be set up as for an anonymous account.
-
- 6. If the user name is ``anonymous'' or ``ftp'', an anonymous ftp
- account must be present in the password file (user ``ftp'').
- In this case the user is allowed to log in by specifying any
- password (by convention an email address for the user should
- be used as the password).
-
- In the last case, f�ft�tp�pd�d takes special measures to restrict the client's
- access privileges. The server performs a chroot(2) to the home directory
- of the ``ftp'' user. In order that system security is not breached, it
- is recommended that the ``ftp'' subtree be constructed with care, con-
- sider following these guidelines for anonymous ftp.
-
- In general all files should be owned by ``root'', and have non-write per-
- missions (644 or 755 depending on the kind of file). No files should be
- owned or writable by ``ftp'' (possibly with exception for the
- _�~_�f_�t_�p_�/_�i_�n_�c_�o_�m_�i_�n_�g, as specified below).
-
- _�~_�f_�t_�p The ``ftp'' homedirectory should be owned by root.
-
- _�~_�f_�t_�p_�/_�b_�i_�n The directory for external programs (such as ls(1)).
- These programs must either be statically linked, or you
- must setup an environment for dynamic linking when run-
- ning chrooted. These programs will be used if present:
-
- ls Used when listing files.
-
- compress
- When retrieving a filename that ends in _�._�Z,
- and that file isn't present, f�ft�tp�pd�d will try
- to find the filename without _�._�Z and com-
- press it on the fly.
-
- gzip Same as compress, just with files ending in
- _�._�g_�z.
-
- gtar Enables retrieval of whole directories as
- files ending in _�._�t_�a_�r. Can also be combined
- with compression. You must use GNU Tar (or
- some other that supports the -�-z�z and -�-Z�Z
- flags).
-
- locate Will enable ``fast find'' with the S�SI�IT�TE�E
- F�FI�IN�ND�D command. You must also create a
- _�l_�o_�c_�a_�t_�e_�d_�b file in _�~_�f_�t_�p_�/_�e_�t_�c.
-
- _�~_�f_�t_�p_�/_�e_�t_�c If you put copies of the passwd(5) and group(5) files
- here, ls will be able to produce owner names rather than
- numbers. Remember to remove any passwords from these
- files.
-
- The file _�m_�o_�t_�d, if present, will be printed after a suc-
- cessful login.
-
- _�~_�f_�t_�p_�/_�d_�e_�v Put a copy of /dev/null(7) here.
-
- _�~_�f_�t_�p_�/_�p_�u_�b Traditional place to put whatever you want to make pub-
- lic.
-
- If you want guests to be able to upload files, create a _�~_�f_�t_�p_�/_�i_�n_�c_�o_�m_�i_�n_�g
- directory owned by ``root'', and group ``ftp'' with mode 730 (make sure
- ``ftp'' is member of group ``ftp''). The following restrictions apply to
- anonymous users:
-
- +�+�o�o Directories created will have mode 700.
-
- +�+�o�o Uploaded files will be created with an umask of 777, if not changed
- with the -�-g�g option.
-
- +�+�o�o These command are not accessible: D�DE�EL�LE�E, R�RM�MD�D, R�RN�NT�TO�O, R�RN�NF�FR�R, S�SI�IT�TE�E U�UM�MA�AS�SK�K,
- and S�SI�IT�TE�E C�CH�HM�MO�OD�D.
-
- +�+�o�o Filenames must start with an alpha-numeric character, and consist of
- alpha-numeric characters or any of the following: + (plus), -
- (minus), = (equal), _ (underscore), . (period), and , (comma).
-
-F�FI�IL�LE�ES�S
- /etc/ftpusers Access list for users.
- /etc/ftpchroot List of normal users who should be chroot'd.
- /etc/ftpwelcome Welcome notice.
- /etc/motd Welcome notice after login.
- /etc/nologin Displayed and access refused.
- ~/.klogin Login access for Kerberos.
-
-S�SE�EE�E A�AL�LS�SO�O
- ftp(1), otp(1), getusershell(3), ftpusers(5), syslogd(8)
-
-S�ST�TA�AN�ND�DA�AR�RD�DS�S
- R�RF�FC�C 9�95�59�9 FTP PROTOCOL SPECIFICATION
- R�RF�FC�C 1�19�93�38�8 OTP Specification
- R�RF�FC�C 2�22�22�28�8 FTP Security Extensions.
-
-B�BU�UG�GS�S
- The server must run as the super-user to create sockets with privileged
- port numbers. It maintains an effective user id of the logged in user,
- reverting to the super-user only when binding addresses to sockets. The
- possible security holes have been extensively scrutinized, but are possi-
- bly incomplete.
-
-H�HI�IS�ST�TO�OR�RY�Y
- The f�ft�tp�pd�d command appeared in 4.2BSD.
-
-4.2 Berkeley Distribution July 19, 2003 4.2 Berkeley Distribution
Deleted: trunk/crypto/heimdal/appl/ftp/ftpd/ftpusers.cat5
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftpd/ftpusers.cat5 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftpd/ftpusers.cat5 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,27 +0,0 @@
-
-FTPUSERS(5) BSD File Formats Manual FTPUSERS(5)
-
-N�NA�AM�ME�E
- _�/_�e_�t_�c_�/_�f_�t_�p_�u_�s_�e_�r_�s -- FTP access list file
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- _�/_�e_�t_�c_�/_�f_�t_�p_�u_�s_�e_�r_�s contains a list of users that should be allowed or denied
- FTP access. Each line contains a user, optionally followed by ``allow''
- (anything but ``allow'' is ignored). The semi-user ``*'' matches any
- user. Users that has an explicit ``allow'', or that does not match any
- line, are allowed access. Anyone else is denied access.
-
- Note that this is compatible with the old format, where this file con-
- tained a list of users that should be denied access.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- This will deny anyone but ``foo'' and ``bar'' to use FTP:
-
- foo allow
- bar allow
- *
-
-S�SE�EE�E A�AL�LS�SO�O
- ftpd(8)
-
-KTH-KRB May 7, 1997 KTH-KRB
Deleted: trunk/crypto/heimdal/appl/ftp/ftpd/krb4.c
===================================================================
--- trunk/crypto/heimdal/appl/ftp/ftpd/krb4.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/ftp/ftpd/krb4.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,340 +0,0 @@
-/*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef FTP_SERVER
-#include "ftpd_locl.h"
-#else
-#include "ftp_locl.h"
-#endif
-#include <krb.h>
-
-RCSID("$Id: krb4.c,v 1.1.1.1 2012-07-21 15:09:09 laffer1 Exp $");
-
-#ifdef FTP_SERVER
-#define LOCAL_ADDR ctrl_addr
-#define REMOTE_ADDR his_addr
-#else
-#define LOCAL_ADDR myctladdr
-#define REMOTE_ADDR hisctladdr
-#endif
-
-extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR;
-
-struct krb4_data {
- des_cblock key;
- des_key_schedule schedule;
- char name[ANAME_SZ];
- char instance[INST_SZ];
- char realm[REALM_SZ];
-};
-
-static int
-krb4_check_prot(void *app_data, int level)
-{
- if(level == prot_confidential)
- return -1;
- return 0;
-}
-
-static int
-krb4_decode(void *app_data, void *buf, int len, int level)
-{
- MSG_DAT m;
- int e;
- struct krb4_data *d = app_data;
-
- if(level == prot_safe)
- e = krb_rd_safe(buf, len, &d->key,
- (struct sockaddr_in *)REMOTE_ADDR,
- (struct sockaddr_in *)LOCAL_ADDR, &m);
- else
- e = krb_rd_priv(buf, len, d->schedule, &d->key,
- (struct sockaddr_in *)REMOTE_ADDR,
- (struct sockaddr_in *)LOCAL_ADDR, &m);
- if(e){
- syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e));
- return -1;
- }
- memmove(buf, m.app_data, m.app_length);
- return m.app_length;
-}
-
-static int
-krb4_overhead(void *app_data, int level, int len)
-{
- return 31;
-}
-
-static int
-krb4_encode(void *app_data, void *from, int length, int level, void **to)
-{
- struct krb4_data *d = app_data;
- *to = malloc(length + 31);
- if(level == prot_safe)
- return krb_mk_safe(from, *to, length, &d->key,
- (struct sockaddr_in *)LOCAL_ADDR,
- (struct sockaddr_in *)REMOTE_ADDR);
- else if(level == prot_private)
- return krb_mk_priv(from, *to, length, d->schedule, &d->key,
- (struct sockaddr_in *)LOCAL_ADDR,
- (struct sockaddr_in *)REMOTE_ADDR);
- else
- return -1;
-}
-
-#ifdef FTP_SERVER
-
-static int
-krb4_adat(void *app_data, void *buf, size_t len)
-{
- KTEXT_ST tkt;
- AUTH_DAT auth_dat;
- char *p;
- int kerror;
- uint32_t cs;
- char msg[35]; /* size of encrypted block */
- int tmp_len;
- struct krb4_data *d = app_data;
- char inst[INST_SZ];
- struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr;
-
- memcpy(tkt.dat, buf, len);
- tkt.length = len;
-
- k_getsockinst(0, inst, sizeof(inst));
- kerror = krb_rd_req(&tkt, "ftp", inst,
- his_addr_sin->sin_addr.s_addr, &auth_dat, "");
- if(kerror == RD_AP_UNDEC){
- k_getsockinst(0, inst, sizeof(inst));
- kerror = krb_rd_req(&tkt, "rcmd", inst,
- his_addr_sin->sin_addr.s_addr, &auth_dat, "");
- }
-
- if(kerror){
- reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
- return -1;
- }
-
- memcpy(d->key, auth_dat.session, sizeof(d->key));
- des_set_key(&d->key, d->schedule);
-
- strlcpy(d->name, auth_dat.pname, sizeof(d->name));
- strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance));
- strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance));
-
- cs = auth_dat.checksum + 1;
- {
- unsigned char tmp[4];
- KRB_PUT_INT(cs, tmp, 4, sizeof(tmp));
- tmp_len = krb_mk_safe(tmp, msg, 4, &d->key,
- (struct sockaddr_in *)LOCAL_ADDR,
- (struct sockaddr_in *)REMOTE_ADDR);
- }
- if(tmp_len < 0){
- reply(535, "Error creating reply: %s.", strerror(errno));
- return -1;
- }
- len = tmp_len;
- if(base64_encode(msg, len, &p) < 0) {
- reply(535, "Out of memory base64-encoding.");
- return -1;
- }
- reply(235, "ADAT=%s", p);
- sec_complete = 1;
- free(p);
- return 0;
-}
-
-static int
-krb4_userok(void *app_data, char *user)
-{
- struct krb4_data *d = app_data;
- return krb_kuserok(d->name, d->instance, d->realm, user);
-}
-
-struct sec_server_mech krb4_server_mech = {
- "KERBEROS_V4",
- sizeof(struct krb4_data),
- NULL, /* init */
- NULL, /* end */
- krb4_check_prot,
- krb4_overhead,
- krb4_encode,
- krb4_decode,
- /* */
- NULL,
- krb4_adat,
- NULL, /* pbsz */
- NULL, /* ccc */
- krb4_userok
-};
-
-#else /* FTP_SERVER */
-
-static int
-krb4_init(void *app_data)
-{
- return !use_kerberos;
-}
-
-static int
-mk_auth(struct krb4_data *d, KTEXT adat,
- char *service, char *host, int checksum)
-{
- int ret;
- CREDENTIALS cred;
- char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ];
-
- strlcpy(sname, service, sizeof(sname));
- strlcpy(inst, krb_get_phost(host), sizeof(inst));
- strlcpy(realm, krb_realmofhost(host), sizeof(realm));
- ret = krb_mk_req(adat, sname, inst, realm, checksum);
- if(ret)
- return ret;
- strlcpy(sname, service, sizeof(sname));
- strlcpy(inst, krb_get_phost(host), sizeof(inst));
- strlcpy(realm, krb_realmofhost(host), sizeof(realm));
- ret = krb_get_cred(sname, inst, realm, &cred);
- memmove(&d->key, &cred.session, sizeof(des_cblock));
- des_key_sched(&d->key, d->schedule);
- memset(&cred, 0, sizeof(cred));
- return ret;
-}
-
-static int
-krb4_auth(void *app_data, char *host)
-{
- int ret;
- char *p;
- int len;
- KTEXT_ST adat;
- MSG_DAT msg_data;
- int checksum;
- uint32_t cs;
- struct krb4_data *d = app_data;
- struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR;
- struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR;
-
- checksum = getpid();
- ret = mk_auth(d, &adat, "ftp", host, checksum);
- if(ret == KDC_PR_UNKNOWN)
- ret = mk_auth(d, &adat, "rcmd", host, checksum);
- if(ret){
- printf("%s\n", krb_get_err_text(ret));
- return AUTH_CONTINUE;
- }
-
-#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM
- if (krb_get_config_bool("nat_in_use")) {
- struct in_addr natAddr;
-
- if (krb_get_our_ip_for_realm(krb_realmofhost(host),
- &natAddr) != KSUCCESS
- && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS)
- printf("Can't get address for realm %s\n",
- krb_realmofhost(host));
- else {
- if (natAddr.s_addr != localaddr->sin_addr.s_addr) {
- printf("Using NAT IP address (%s) for kerberos 4\n",
- inet_ntoa(natAddr));
- localaddr->sin_addr = natAddr;
-
- /*
- * This not the best place to do this, but it
- * is here we know that (probably) NAT is in
- * use!
- */
-
- passivemode = 1;
- printf("Setting: Passive mode on.\n");
- }
- }
- }
-#endif
-
- printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr));
- printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr));
-
- if(base64_encode(adat.dat, adat.length, &p) < 0) {
- printf("Out of memory base64-encoding.\n");
- return AUTH_CONTINUE;
- }
- ret = command("ADAT %s", p);
- free(p);
-
- if(ret != COMPLETE){
- printf("Server didn't accept auth data.\n");
- return AUTH_ERROR;
- }
-
- p = strstr(reply_string, "ADAT=");
- if(!p){
- printf("Remote host didn't send adat reply.\n");
- return AUTH_ERROR;
- }
- p += 5;
- len = base64_decode(p, adat.dat);
- if(len < 0){
- printf("Failed to decode base64 from server.\n");
- return AUTH_ERROR;
- }
- adat.length = len;
- ret = krb_rd_safe(adat.dat, adat.length, &d->key,
- (struct sockaddr_in *)hisctladdr,
- (struct sockaddr_in *)myctladdr, &msg_data);
- if(ret){
- printf("Error reading reply from server: %s.\n",
- krb_get_err_text(ret));
- return AUTH_ERROR;
- }
- krb_get_int(msg_data.app_data, &cs, 4, 0);
- if(cs - checksum != 1){
- printf("Bad checksum returned from server.\n");
- return AUTH_ERROR;
- }
- return AUTH_OK;
-}
-
-struct sec_client_mech krb4_client_mech = {
- "KERBEROS_V4",
- sizeof(struct krb4_data),
- krb4_init, /* init */
- krb4_auth,
- NULL, /* end */
- krb4_check_prot,
- krb4_overhead,
- krb4_encode,
- krb4_decode
-};
-
-#endif /* FTP_SERVER */
Deleted: trunk/crypto/heimdal/appl/gssmask/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/gssmask/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/gssmask/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\gssmask
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/kf/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/kf/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/kf/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\kf
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/kf/kf.cat1
===================================================================
--- trunk/crypto/heimdal/appl/kf/kf.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/kf/kf.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,46 +0,0 @@
-
-KF(1) BSD General Commands Manual KF(1)
-
-N�NA�AM�ME�E
- k�kf�f -- securely forward tickets
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kf�f [-�-p�p _�p_�o_�r_�t | -�--�-p�po�or�rt�t=_�p_�o_�r_�t] [-�-l�l _�l_�o_�g_�i_�n | -�--�-l�lo�og�gi�in�n=_�l_�o_�g_�i_�n] [-�-c�c _�c_�c_�a_�c_�h_�e |
- -�--�-c�cc�ca�ac�ch�he�e=_�c_�c_�a_�c_�h_�e] [-�-F�F | -�--�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e] [-�-G�G | -�--�-n�no�o-�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e]
- [-�-h�h | -�--�-h�he�el�lp�p] [-�--�-v�ve�er�rs�si�io�on�n] _�h_�o_�s_�t _�._�._�.
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kf�f program forwards tickets to a remote host through an authenticated
- and encrypted stream. Options supported are:
-
- -�-p�p _�p_�o_�r_�t, -�--�-p�po�or�rt�t=_�p_�o_�r_�t
- port to connect to
-
- -�-l�l _�l_�o_�g_�i_�n, -�--�-l�lo�og�gi�in�n=_�l_�o_�g_�i_�n
- remote login name
-
- -�-c�c _�c_�c_�a_�c_�h_�e, -�--�-c�cc�ca�ac�ch�he�e=_�c_�c_�a_�c_�h_�e
- remote cred cache
-
- -�-F�F, -�--�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e
- forward forwardable credentials
-
- -�-G�G, -�--�-n�no�o-�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e
- do not forward forwardable credentials
-
- -�-h�h, -�--�-h�he�el�lp�p
-
- -�--�-v�ve�er�rs�si�io�on�n
-
- k�kf�f is useful when you do not want to enter your password on a remote host
- but want to have your tickets one for example AFS.
-
- In order for k�kf�f to work you will need to acquire your initial ticket with
- forwardable flag, i.e. k�ki�in�ni�it�t -�--�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e.
-
- t�te�el�ln�ne�et�t is able to forward tickets by itself.
-
-S�SE�EE�E A�AL�LS�SO�O
- kinit(1), telnet(1), kfd(8)
-
-Heimdal July 2, 2000 Heimdal
Deleted: trunk/crypto/heimdal/appl/kf/kfd.cat8
===================================================================
--- trunk/crypto/heimdal/appl/kf/kfd.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/kf/kfd.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,31 +0,0 @@
-
-KFD(8) BSD System Manager's Manual KFD(8)
-
-N�NA�AM�ME�E
- k�kf�fd�d -- receive forwarded tickets
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kf�fd�d [-�-p�p _�p_�o_�r_�t | -�--�-p�po�or�rt�t=_�p_�o_�r_�t] [-�-i�i | -�--�-i�in�ne�et�td�d] [-�-R�R _�r_�e_�g_�p_�a_�g | -�--�-r�re�eg�gp�pa�ag�g=_�r_�e_�g_�p_�a_�g]
- [-�-h�h | -�--�-h�he�el�lp�p] [-�--�-v�ve�er�rs�si�io�on�n]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- This is the daemon for kf(1). Supported options:
-
- -�-p�p _�p_�o_�r_�t, -�--�-p�po�or�rt�t=_�p_�o_�r_�t
- port to listen to
-
- -�-i�i, -�--�-i�in�ne�et�td�d
- not started from inetd
-
- -�-R�R _�r_�e_�g_�p_�a_�g, -�--�-r�re�eg�gp�pa�ag�g=�=_�r_�e_�g_�p_�a_�g
- path to regpag binary
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Put the following in _�/_�e_�t_�c_�/_�i_�n_�e_�t_�d_�._�c_�o_�n_�f:
-
- kf stream tcp nowait root /usr/heimdal/libexec/kfd kfd
-
-S�SE�EE�E A�AL�LS�SO�O
- kf(1)
-
-Heimdal July 2, 2000 Heimdal
Deleted: trunk/crypto/heimdal/appl/login/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/login/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/login/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\login
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/login/login.access.cat5
===================================================================
--- trunk/crypto/heimdal/appl/login/login.access.cat5 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/login/login.access.cat5 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,45 +0,0 @@
-
-LOGIN.ACCESS(5) BSD File Formats Manual LOGIN.ACCESS(5)
-
-N�NA�AM�ME�E
- l�lo�og�gi�in�n.�.a�ac�cc�ce�es�ss�s -- login access control table
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The l�lo�og�gi�in�n.�.a�ac�cc�ce�es�ss�s file specifies on which ttys or from which hosts certain
- users are allowed to login.
-
- At login, the _�/_�e_�t_�c_�/_�l_�o_�g_�i_�n_�._�a_�c_�c_�e_�s_�s file is checked for the first entry that
- matches a specific user/host or user/tty combination. That entry can
- either allow or deny login access to that user.
-
- Each entry have three fields separated by colon:
-
- +�+�o�o The first field indicates the permission given if the entry matches.
- It can be either ``+'' (allow access) or ``-'' (deny access) .
-
- +�+�o�o The second field is a comma separated list of users or groups for
- which the current entry applies. NIS netgroups can used (if config-
- ured) if preceeded by @. The magic string ALL matches all users. A
- group will match if the user is a member of that group, or it is the
- user's primary group.
-
- +�+�o�o The third field is a list of ttys, or network names. A network name
- can be either a hostname, a domain (indicated by a starting period),
- or a netgroup. As with the user list, ALL matches anything. LOCAL
- matches a string not containing a period.
-
- If the string EXCEPT is found in either the user or from list, the rest
- of the list are exceptions to the list before EXCEPT.
-
-B�BU�UG�GS�S
- If there's a user and a group with the same name, there is no way to make
- the group match if the user also matches.
-
-S�SE�EE�E A�AL�LS�SO�O
- login(1)
-
-A�AU�UT�TH�HO�OR�RS�S
- The l�lo�og�gi�in�n_�_a�ac�cc�ce�es�ss�s() function was written by Wietse Venema. This manual
- page was written for Heimdal.
-
-HEIMDAL March 21, 2003 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/login/login.cat1
===================================================================
--- trunk/crypto/heimdal/appl/login/login.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/login/login.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,164 +0,0 @@
-
-LOGIN(1) BSD General Commands Manual LOGIN(1)
-
-N�NA�AM�ME�E
- l�lo�og�gi�in�n -- authenticate a user and start new session
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- l�lo�og�gi�in�n [-�-f�fp�p] [-�-a�a _�l_�e_�v_�e_�l] [-�-h�h _�h_�o_�s_�t_�n_�a_�m_�e] _�[_�u_�s_�e_�r_�n_�a_�m_�e_�]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- This manual page documents the l�lo�og�gi�in�n program distributed with the Heim-
- dal Kerberos 5 implementation, it may differ in important ways from your
- system version.
-
- The l�lo�og�gi�in�n programs logs users into the system. It is intended to be run
- by system daemons like getty(8) or telnetd(8). If you are already logged
- in, but want to change to another user, you should use su(1).
-
- A username can be given on the command line, else one will be prompted
- for.
-
- A password is required to login, unless the -�-f�f option is given (indicat-
- ing that the calling program has already done proper authentication).
- With -�-f�f the user will be logged in without further questions.
-
- For password authentication Kerberos 5, Kerberos 4 (if compiled in), OTP
- (if compiled in) and local (_�/_�e_�t_�c_�/_�p_�a_�s_�s_�w_�d) passwords are supported. OTP
- will be used if the the user is registered to use it, and l�lo�og�gi�in�n is given
- the option -�-a�a otp. When using OTP, a challenge is shown to the user.
-
- Further options are:
-
- -�-a�a _�s_�t_�r_�i_�n_�g
- Which authentication mode to use, the only supported value is
- currently ``otp''.
-
- -�-f�f Indicates that the user is already authenticated. This happens,
- for instance, when login is started by telnetd, and the user has
- proved authentic via Kerberos.
-
- -�-h�h _�h_�o_�s_�t_�n_�a_�m_�e
- Indicates which host the user is logging in from. This is passed
- from telnetd, and is entered into the login database.
-
- -�-p�p This tells l�lo�og�gi�in�n to preserve all environment variables. If not
- given, only the TERM and TZ variables are preserved. It could be
- a security risk to pass random variables to l�lo�og�gi�in�n or the user
- shell, so the calling daemon should make sure it only passes
- ``safe'' variables.
-
- The process of logging user in proceeds as follows.
-
- First a check is made that logins are allowed at all. This usually means
- checking _�/_�e_�t_�c_�/_�n_�o_�l_�o_�g_�i_�n. If it exists, and the user trying to login is not
- root, the contents is printed, and then login exits.
-
- Then various system parameters are set up, like changing the owner of the
- tty to the user, setting up signals, setting the group list, and user and
- group id. Also various machine specific tasks are performed.
-
- Next l�lo�og�gi�in�n changes to the users home directory, or if that fails, to _�/.
- The environment is setup, by adding some required variables (such as
- PATH), and also authentication related ones (such as KRB5CCNAME). If an
- environment file exists (_�/_�e_�t_�c_�/_�e_�n_�v_�i_�r_�o_�n_�m_�e_�n_�t), variables are set according
- to it.
-
- If one or more login message files are configured, their contents is
- printed to the terminal.
-
- If a login time command is configured, it is executed. A logout time com-
- mand can also be configured, which makes l�lo�og�gi�in�n fork, and wait for the
- user shell to exit, and then run the command. This can be used to clean
- up user credentials.
-
- Finally, the user's shell is executed. If the user logging in is root,
- and root's login shell does not exist, a default shell (usually _�/_�b_�i_�n_�/_�s_�h)
- is also tried before giving up.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- These environment variables are set by login (not including ones set by
- _�/_�e_�t_�c_�/_�e_�n_�v_�i_�r_�o_�n_�m_�e_�n_�t):
-
- PATH the default system path
- HOME the user's home directory (or possibly _�/)
- USER, LOGNAME both set to the username
- SHELL the user's shell
- TERM, TZ set to whatever is passed to l�lo�og�gi�in�n
- KRB5CCNAME if the password is verified via Kerberos 5, this will
- point to the credentials cache file
- KRBTKFILE if the password is verified via Kerberos 4, this will
- point to the ticket file
-
-F�FI�IL�LE�ES�S
- /etc/environment
- Contains a set of environment variables that should be set in
- addition to the ones above. It should contain sh-style assign-
- ments like ``VARIABLE=value''. Note that they are not parsed the
- way a shell would. No variable expansion is performed, and all
- strings are literal, and quotation marks should not be used.
- Everything after a hash mark is considered a comment. The follow-
- ing are all different (the last will set the variable BAR, not
- FOO).
-
- FOO=this is a string
- FOO="this is a string"
- BAR= FOO='this is a string'
- /etc/login.access
- See login.access(5).
- /etc/login.conf
- This is a termcap style configuration file, that contains various
- settings used by l�lo�og�gi�in�n. Currently only the ``default'' capabil-
- ity record is used. The possible capability strings include:
-
- environment
- This is a comma separated list of environment files that
- are read in the order specified. If this is missing the
- default _�/_�e_�t_�c_�/_�e_�n_�v_�i_�r_�o_�n_�m_�e_�n_�t is used.
- login_program
- This program will be executed just before the user's
- shell is started. It will be called without arguments.
- logout_program
- This program will be executed just after the user's shell
- has terminated. It will be called without arguments. This
- program will be the parent process of the spawned shell.
- motd A comma separated list of text files that will be printed
- to the user's terminal before starting the shell. The
- string welcome works similarly, but points to a single
- file.
- limits Points to a file containing ulimit settings for various
- users. Syntax is inspired by what pam_limits uses, and
- the default is _�/_�e_�t_�c_�/_�s_�e_�c_�u_�r_�i_�t_�y_�/_�l_�i_�m_�i_�t_�s_�._�c_�o_�n_�f.
- /etc/nologin
- If it exists, login is denied to all but root. The contents of
- this file is printed before login exits.
-
- Other l�lo�og�gi�in�n programs typically print all sorts of information by default,
- such as last time you logged in, if you have mail, and system message
- files. This version of l�lo�og�gi�in�n does not, so there is no reason for
- _�._�h_�u_�s_�h_�l_�o_�g_�i_�n files or similar. We feel that these tasks are best left to
- the user's shell, but the login_program facility allows for a shell inde-
- pendent solution, if that is desired.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- A _�l_�o_�g_�i_�n_�._�c_�o_�n_�f file could look like:
-
- default:\
- :motd=/etc/motd,/etc/motd.local:\
- :limits=/etc/limits.conf:
-
- The _�l_�i_�m_�i_�t_�s_�._�c_�o_�n_�f file consists of a table with four whitespace separated
- fields. First field is a username or a groupname (prefixed with `@'), or
- `*'. Second field is `soft', `hard', or `-' (the last meaning both soft
- and hard). Third field is a limit name (such as `cpu' or `core'). Last
- field is the limit value (a number or `-' for unlimited). In the case of
- data sizes, the value is in kilobytes, and cputime is in minutes.
-
-S�SE�EE�E A�AL�LS�SO�O
- su(1), login.access(5), getty(8), telnetd(8)
-
-A�AU�UT�TH�HO�OR�RS�S
- This login program was written for the Heimdal Kerberos 5 implementation.
- The login.access code was written by Wietse Venema.
-
-HEIMDAL April 22, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/login/login_protos.h
===================================================================
--- trunk/crypto/heimdal/appl/login/login_protos.h 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/login/login_protos.h 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,91 +0,0 @@
-/* This is a generated file */
-#ifndef __login_protos_h__
-#define __login_protos_h__
-
-#include <stdarg.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-void
-add_env (
- const char */*var*/,
- const char */*value*/);
-
-void
-check_shadow (
- const struct passwd */*pw*/,
- const struct spwd */*sp*/);
-
-char *
-clean_ttyname (char */*tty*/);
-
-void
-copy_env (void);
-
-int
-do_osfc2_magic (uid_t /*uid*/);
-
-void
-extend_env (char */*str*/);
-
-int
-login_access (
- struct passwd */*user*/,
- char */*from*/);
-
-char *
-login_conf_get_string (const char */*str*/);
-
-int
-login_read_env (const char */*file*/);
-
-char *
-make_id (char */*tty*/);
-
-void
-prepare_utmp (
- struct utmp */*utmp*/,
- char */*tty*/,
- const char */*username*/,
- const char */*hostname*/);
-
-int
-read_limits_conf (
- const char */*file*/,
- const struct passwd */*pwd*/);
-
-int
-read_string (
- const char */*prompt*/,
- char */*buf*/,
- size_t /*len*/,
- int /*echo*/);
-
-void
-shrink_hostname (
- const char */*hostname*/,
- char */*dst*/,
- size_t /*dst_sz*/);
-
-void
-stty_default (void);
-
-void
-utmp_login (
- char */*tty*/,
- const char */*username*/,
- const char */*hostname*/);
-
-int
-utmpx_login (
- char */*line*/,
- const char */*user*/,
- const char */*host*/);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __login_protos_h__ */
Deleted: trunk/crypto/heimdal/appl/push/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/push/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/push/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\push
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/push/pfrom.cat1
===================================================================
--- trunk/crypto/heimdal/appl/push/pfrom.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/push/pfrom.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,17 +0,0 @@
-
-PFROM(1) BSD General Commands Manual PFROM(1)
-
-N�NA�AM�ME�E
- p�pf�fr�ro�om�m -- fetch a list of the current mail via POP
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- p�pf�fr�ro�om�m [-�-4�4 | -�--�-k�kr�rb�b4�4] [-�-5�5 | -�--�-k�kr�rb�b5�5] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e] [-�-c�c | -�--�-c�co�ou�un�nt�t]
- [-�--�-h�he�ea�ad�de�er�r] [-�-p�p _�p_�o_�r_�t_�-_�s_�p_�e_�c | -�--�-p�po�or�rt�t=�=_�p_�o_�r_�t_�-_�s_�p_�e_�c]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- p�pf�fr�ro�om�m is a script that does push --from.
-
-S�SE�EE�E A�AL�LS�SO�O
- push(8)
-
-HEIMDAL March 4, 2000 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/push/push.cat8
===================================================================
--- trunk/crypto/heimdal/appl/push/push.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/push/push.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,74 +0,0 @@
-
-PUSH(8) BSD System Manager's Manual PUSH(8)
-
-N�NA�AM�ME�E
- p�pu�us�sh�h -- fetch mail via POP
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- p�pu�us�sh�h [-�-5�5 | -�--�-k�kr�rb�b5�5] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e] [-�-f�f | -�--�-f�fo�or�rk�k] [-�-l�l | -�--�-l�le�ea�av�ve�e] [-�--�-f�fr�ro�om�m]
- [-�-c�c | -�--�-c�co�ou�un�nt�t] [-�--�-h�he�ea�ad�de�er�rs�s=_�h_�e_�a_�d_�e_�r_�s] [-�-p�p _�p_�o_�r_�t_�-_�s_�p_�e_�c | -�--�-p�po�or�rt�t=_�p_�o_�r_�t_�-_�s_�p_�e_�c]
- _�p_�o_�-_�b_�o_�x _�f_�i_�l_�e_�n_�a_�m_�e
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- p�pu�us�sh�h retrieves mail from the post office box _�p_�o_�-_�b_�o_�x, and stores the mail
- in mbox format in _�f_�i_�l_�e_�n_�a_�m_�e. The _�p_�o_�-_�b_�o_�x can have any of the following
- formats:
- `hostname:username'
- `po:hostname:username'
- `username at hostname'
- `po:username at hostname'
- `hostname'
- `po:username'
-
- If no username is specified, p�pu�us�sh�h assumes that it's the same as on the
- local machine; _�h_�o_�s_�t_�n_�a_�m_�e defaults to the value of the MAILHOST environment
- variable.
-
- Supported options:
-
- -�-5�5, -�--�-k�kr�rb�b5�5
- use Kerberos 5 (if compiled with support for Kerberos 5)
-
- -�-f�f, -�--�-f�fo�or�rk�k
- fork before starting to delete messages
-
- -�-l�l, -�--�-l�le�ea�av�ve�e
- don't delete fetched mail
-
- -�--�-f�fr�ro�om�m behave like from.
-
- -�-c�c, -�--�-c�co�ou�un�nt�t
- first print how many messages and bytes there are.
-
- -�--�-h�he�ea�ad�de�er�rs�s=_�h_�e_�a_�d_�e_�r_�s
- a list of comma-separated headers that should get printed.
-
- -�-p�p _�p_�o_�r_�t_�-_�s_�p_�e_�c, -�--�-p�po�or�rt�t=_�p_�o_�r_�t_�-_�s_�p_�e_�c
- use this port instead of the default `kpop' or `1109'.
-
- The default is to first try Kerberos 5 authentication and then, if that
- fails, Kerberos 4.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- MAILHOST
- points to the post office, if no other hostname is specified.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- $ push cornfield:roosta ~/.emacs-mail-crash-box
-
- tries to fetch mail for the user _�r_�o_�o_�s_�t_�a from the post office at
- ``cornfield'', and stores the mail in _�~_�/_�._�e_�m_�a_�c_�s_�-_�m_�a_�i_�l_�-_�c_�r_�a_�s_�h_�-_�b_�o_�x (you are
- using Gnus, aren't you?)
-
- $ push --from -5 havregryn
-
- tries to fetch F�Fr�ro�om�m:�: lines for current user at post office ``havregryn''
- using Kerberos 5.
-
-S�SE�EE�E A�AL�LS�SO�O
- from(1), pfrom(1), movemail(8), popper(8)
-
-H�HI�IS�ST�TO�OR�RY�Y
- p�pu�us�sh�h was written while waiting for m�mo�ov�ve�em�ma�ai�il�l to finish getting the mail.
-
-HEIMDAL May 31, 1998 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/rcp/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/rcp/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/rcp/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\rcp
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/rcp/rcp.cat1
===================================================================
--- trunk/crypto/heimdal/appl/rcp/rcp.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/rcp/rcp.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,38 +0,0 @@
-
-RCP(1) BSD General Commands Manual RCP(1)
-
-N�NA�AM�ME�E
- r�rc�cp�p -- copy file to and from remote machines
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- r�rc�cp�p [-�-4�45�5F�FK�Kp�px�xz�z] [-�-P�P _�p_�o_�r_�t] _�f_�i_�l_�e_�1 _�f_�i_�l_�e_�2
- r�rc�cp�p [-�-4�45�5F�FK�Kp�pr�rx�xz�z] [-�-P�P _�p_�o_�r_�t] _�f_�i_�l_�e_�._�._�. _�d_�i_�r_�e_�c_�t_�o_�r_�y
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- r�rc�cp�p copies files between machines. Each file argument is either a remote
- file name of the form ``rname at rhost:path'' or a local file (containing no
- colon or with a slash before the first colon).
-
- Supported options:
-
- -�-4�4, -�-5�5, -�-K�K, -�-F�F, -�-x�x, -�-z�z
- These options are passed on to rsh(1).
-
- -�-P�P _�p_�o_�r_�t
- This will pass the option -�-p�p _�p_�o_�r_�t to rsh(1).
-
- -�-p�p Preserve file permissions.
-
- -�-r�r Copy source directories recursively.
-
-D�DI�IA�AG�GN�NO�OS�ST�TI�IC�CS�S
- r�rc�cp�p is implemented as a protocol on top of rsh(1), and thus requires a
- working rsh. If you intend to use Kerberos authentication, rsh needs to
- be Kerberos aware, else you may see more or less strange errors, such as
- "login incorrect", or "lost connection".
-
-H�HI�IS�ST�TO�OR�RY�Y
- The r�rc�cp�p utility first appeared in 4.2BSD. This version is derived from
- 4.3BSD-Reno.
-
-HEIMDAL April 16, 2003 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/rsh/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/rsh/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/rsh/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\rsh
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/rsh/rsh.cat1
===================================================================
--- trunk/crypto/heimdal/appl/rsh/rsh.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/rsh/rsh.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,139 +0,0 @@
-
-RSH(1) BSD General Commands Manual RSH(1)
-
-N�NA�AM�ME�E
- r�rs�sh�h -- remote shell
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- r�rs�sh�h [-�-4�45�5F�FG�GK�Kd�de�ef�fn�nu�ux�xz�z] [-�-U�U _�s_�t_�r_�i_�n_�g] [-�-p�p _�p_�o_�r_�t] [-�-l�l _�u_�s_�e_�r_�n_�a_�m_�e] [-�-P�P _�N_�|_�O] _�h_�o_�s_�t
- _�[_�c_�o_�m_�m_�a_�n_�d_�]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- r�rs�sh�h authenticates to the rshd(8) daemon on the remote _�h_�o_�s_�t, and then exe-
- cutes the specified _�c_�o_�m_�m_�a_�n_�d.
-
- r�rs�sh�h copies its standard input to the remote command, and the standard
- output and error of the remote command to its own.
-
- Valid options are:
-
- -�-4�4, -�--�-k�kr�rb�b4�4
- The -�-4�4 option requests Kerberos 4 authentication. Normally all
- supported authentication mechanisms will be tried, but in some
- cases more explicit control is desired.
-
- -�-5�5, -�--�-k�kr�rb�b5�5
- The -�-5�5 option requests Kerberos 5 authentication. This is analo-
- gous to the -�-4�4 option.
-
- -�-K�K, -�--�-b�br�ro�ok�ke�en�n
- The -�-K�K option turns off all Kerberos authentication. The security
- in this mode relies on reserved ports. The long name is an indi-
- cation of how good this is.
-
- -�-n�n, -�--�-n�no�o-�-i�in�np�pu�ut�t
- The -�-n�n option directs the input from the _�/_�d_�e_�v_�/_�n_�u_�l_�l device (see
- the _�B_�U_�G_�S section of this manual page).
-
- -�-d�d Enable setsockopt(2) socket debugging.
-
- -�-e�e, -�--�-n�no�o-�-s�st�td�de�er�rr�r
- Don't use a separate socket for the stderr stream. This can be
- necessary if rsh-ing through a NAT bridge.
-
- -�-x�x, -�--�-e�en�nc�cr�ry�yp�pt�t
- The -�-x�x option enables encryption for all data exchange. This is
- only valid for Kerberos authenticated connections (see the _�B_�U_�G_�S
- section for limitations).
-
- -�-z�z The opposite of -�-x�x. This is the default, and is mainly useful if
- encryption has been enabled by default, for instance in the
- appdefaults section of _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�c_�o_�n_�f when using Kerberos 5.
-
- -�-f�f, -�--�-f�fo�or�rw�wa�ar�rd�d
- Forward Kerberos 5 credentials to the remote host. Also settable
- via appdefaults (see krb5.conf).
-
- -�-F�F, -�--�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e
- Make the forwarded credentials re-forwardable. Also settable via
- appdefaults (see krb5.conf).
-
- -�-l�l _�s_�t_�r_�i_�n_�g, -�--�-u�us�se�er�r=�=_�s_�t_�r_�i_�n_�g
- By default the remote username is the same as the local. The -�-l�l
- option or the _�u_�s_�e_�r_�n_�a_�m_�e_�@_�h_�o_�s_�t format allow the remote name to be
- specified.
-
- -�-n�n, -�--�-n�no�o-�-i�in�np�pu�ut�t
- Direct input from _�/_�d_�e_�v_�/_�n_�u_�l_�l (see the _�B_�U_�G_�S section).
-
- -�-p�p _�n_�u_�m_�b_�e_�r_�-_�o_�r_�-_�s_�e_�r_�v_�i_�c_�e, -�--�-p�po�or�rt�t=�=_�n_�u_�m_�b_�e_�r_�-_�o_�r_�-_�s_�e_�r_�v_�i_�c_�e
- Connect to this port instead of the default (which is 514 when
- using old port based authentication, 544 for Kerberos 5 and non-
- encrypted Kerberos 4, and 545 for encrytpted Kerberos 4; subject
- of course to the contents of _�/_�e_�t_�c_�/_�s_�e_�r_�v_�i_�c_�e_�s).
-
- -�-P�P _�N_�|_�O_�|_�1_�|_�2, -�--�-p�pr�ro�ot�to�oc�co�ol�l=�=_�N_�|_�O_�|_�1_�|_�2
- Specifies the protocol version to use with Kerberos 5. _�N and _�2
- select protocol version 2, while _�O and _�1 select version 1. Ver-
- sion 2 is believed to be more secure, and is the default. Unless
- asked for a specific version, r�rs�sh�h will try both. This behaviour
- may change in the future.
-
- -�-u�u, -�--�-u�un�ni�iq�qu�ue�e
- Make sure the remote credentials cache is unique, that is, don't
- reuse any existing cache. Mutually exclusive to -�-U�U.
-
- -�-U�U _�s_�t_�r_�i_�n_�g, -�--�-t�tk�kf�fi�il�le�e=�=_�s_�t_�r_�i_�n_�g
- Name of the remote credentials cache. Mutually exclusive to -�-u�u.
-
- -�-x�x, -�--�-e�en�nc�cr�ry�yp�pt�t
- The -�-x�x option enables encryption for all data exchange. This is
- only valid for Kerberos authenticated connections (see the _�B_�U_�G_�S
- section for limitations).
-
- -�-z�z The opposite of -�-x�x. This is the default, but encryption can be
- enabled when using Kerberos 5, by setting the libdefaults/encrypt
- option in krb5.conf(5).
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Care should be taken when issuing commands containing shell meta charac-
- ters. Without quoting, these will be expanded on the local machine.
-
- The following command:
-
- rsh otherhost cat remotefile > localfile
-
- will write the contents of the remote _�r_�e_�m_�o_�t_�e_�f_�i_�l_�e to the local _�l_�o_�c_�a_�l_�f_�i_�l_�e,
- but:
-
- rsh otherhost 'cat remotefile > remotefile2'
-
- will write it to the remote _�r_�e_�m_�o_�t_�e_�f_�i_�l_�e_�2.
-
-F�FI�IL�LE�ES�S
- /etc/hosts
-
-S�SE�EE�E A�AL�LS�SO�O
- rlogin(1), krb_realmofhost(3), krb_sendauth(3), hosts.equiv(5),
- krb5.conf(5), rhosts(5), kerberos(8) rshd(8)
-
-H�HI�IS�ST�TO�OR�RY�Y
- The r�rs�sh�h command appeared in 4.2BSD.
-
-A�AU�UT�TH�HO�OR�RS�S
- This implementation of r�rs�sh�h was written as part of the Heimdal Kerberos 5
- implementation.
-
-B�BU�UG�GS�S
- Some shells (notably csh(1)) will cause r�rs�sh�h to block if run in the back-
- ground, unless the standard input is directed away from the terminal.
- This is what the -�-n�n option is for.
-
- The -�-x�x options enables encryption for the session, but for both Kerberos
- 4 and 5 the actual command is sent unencrypted, so you should not send
- any secret information in the command line (which is probably a bad idea
- anyway, since the command line can usually be read with tools like
- ps(1)). Forthermore in Kerberos 4 the command is not even integrity pro-
- tected, so anyone with the right tools can modify the command.
-
-HEIMDAL February 20, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/rsh/rshd.cat8
===================================================================
--- trunk/crypto/heimdal/appl/rsh/rshd.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/rsh/rshd.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,79 +0,0 @@
-
-RSHD(8) BSD System Manager's Manual RSHD(8)
-
-N�NA�AM�ME�E
- r�rs�sh�hd�d -- remote shell server
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- r�rs�sh�hd�d [-�-a�ai�ik�kl�ln�nv�vx�xP�PL�L] [-�-p�p _�p_�o_�r_�t]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- r�rs�sh�hd�d is the server for the rsh(1) program. It provides an authenticated
- remote command execution service. Supported options are:
-
- -�-n�n, -�--�-n�no�o-�-k�ke�ee�ep�pa�al�li�iv�ve�e
- Disables keep-alive messages. Keep-alives are packets sent at
- certain intervals to make sure that the client is still there,
- even when it doesn't send any data.
-
- -�-k�k, -�--�-k�ke�er�rb�be�er�ro�os�s
- Assume that clients connecting to this server will use some form
- of Kerberos authentication. See the _�E_�X_�A_�M_�P_�L_�E_�S section for a sample
- inetd.conf(5) configuration.
-
- -�-x�x, -�--�-e�en�nc�cr�ry�yp�pt�t
- For Kerberos 4 this means that the connections are encrypted.
- Kerberos 5 can negotiate encryption even without this option, but
- if it's present r�rs�sh�hd�d will deny unencrypted connections. This
- option implies -�-k�k.
-
- -�-v�v, -�--�-v�va�ac�cu�uo�ou�us�s
- If the connecting client does not use any Kerberised authentica-
- tion, print a message that complains about this fact, and exit.
- This is helpful if you want to move away from old port-based
- authentication.
-
- -�-P�P When using the AFS filesystem, users' authentication tokens are
- put in something called a PAG (Process Authentication Group).
- Multiple processes can share a PAG, but normally each login ses-
- sion has its own PAG. This option disables the s�se�et�tp�pa�ag�g() call, so
- all tokens will be put in the default (uid-based) PAG, making it
- possible to share tokens between sessions. This is only useful in
- peculiar environments, such as some batch systems.
-
- -�-i�i, -�--�-n�no�o-�-i�in�ne�et�td�d
- The -�-i�i option will cause r�rs�sh�hd�d to create a socket, instead of
- assuming that its stdin came from inetd(8). This is mostly use-
- ful for debugging.
-
- -�-p�p _�p_�o_�r_�t, -�--�-p�po�or�rt�t=�=_�p_�o_�r_�t
- Port to use with -�-i�i.
-
- -�-a�a This flag is for backwards compatibility only.
-
- -�-L�L This flag enables logging of connections to syslogd(8). This
- option is always on in this implementation.
-
-F�FI�IL�LE�ES�S
- /etc/hosts.equiv
- ~/.rhosts
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- The following can be used to enable Kerberised rsh in inetd.cond(5),
- while disabling non-Kerberised connections:
-
- shell stream tcp nowait root /usr/libexec/rshd rshd -v
- kshell stream tcp nowait root /usr/libexec/rshd rshd -k
- ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx
-
-S�SE�EE�E A�AL�LS�SO�O
- rsh(1), iruserok(3)
-
-H�HI�IS�ST�TO�OR�RY�Y
- The r�rs�sh�hd�d command appeared in 4.2BSD.
-
-A�AU�UT�TH�HO�OR�RS�S
- This implementation of r�rs�sh�hd�d was written as part of the Heimdal Kerberos 5
- implementation.
-
-HEIMDAL November 22, 2002 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/su/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/su/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/su/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\su
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/su/su.cat1
===================================================================
--- trunk/crypto/heimdal/appl/su/su.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/su/su.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,44 +0,0 @@
-
-SU(1) BSD General Commands Manual SU(1)
-
-N�NA�AM�ME�E
- s�su�u -- substitute user identity
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- s�su�u [-�-K�K | -�--�-n�no�o-�-k�ke�er�rb�be�er�ro�os�s] [-�-f�f] [-�-l�l | -�--�-f�fu�ul�ll�l] [-�-m�m] [-�-i�i _�i_�n_�s_�t_�a_�n_�c_�e |
- -�--�-i�in�ns�st�ta�an�nc�ce�e=�=_�i_�n_�s_�t_�a_�n_�c_�e] [-�-c�c _�c_�o_�m_�m_�a_�n_�d | -�--�-c�co�om�mm�ma�an�nd�d=�=_�c_�o_�m_�m_�a_�n_�d] [_�l_�o_�g_�i_�n [_�s_�h_�e_�l_�l
- _�a_�r_�g_�u_�m_�e_�n_�t_�s]]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- s�su�u will use Kerberos authentication provided that an instance for the
- user wanting to change effective UID is present in a file named _�._�k_�5_�l_�o_�g_�i_�n
- in the target user id's home directory
-
- A special case exists where `root's' _�~_�/_�._�k_�5_�l_�o_�g_�i_�n needs to contain an entry
- for: `user/<instance>@REALM' for s�su�u to succed (where <instance> is `root'
- unless changed with -�-i�i).
-
- In the absence of either an entry for current user in said file or other
- problems like missing `host/hostname at REALM' keys in the system's keytab,
- or user typing the wrong password, s�su�u will fall back to traditional
- _�/_�e_�t_�c_�/_�p_�a_�s_�s_�w_�d authentication.
-
- When using _�/_�e_�t_�c_�/_�p_�a_�s_�s_�w_�d authentication, s�su�u allows `root' access only to
- members of the group `wheel', or to any user (with knowledge of the
- `root' password) if that group does not exist, or has no members.
-
- The options are as follows:
-
- -�-K�K, -�--�-n�no�o-�-k�ke�er�rb�be�er�ro�os�s don't use Kerberos.
-
- -�-f�f don't read .cshrc.
-
- -�-l�l, -�--�-f�fu�ul�ll�l simulate full login.
-
- -�-m�m leave environment unmodified.
-
- -�-i�i _�i_�n_�s_�t_�a_�n_�c_�e, -�--�-i�in�ns�st�ta�an�nc�ce�e=�=_�i_�n_�s_�t_�a_�n_�c_�e root instance to use.
-
- -�-c�c _�c_�o_�m_�m_�a_�n_�d, -�--�-c�co�om�mm�ma�an�nd�d=�=_�c_�o_�m_�m_�a_�n_�d command to execute.
-
-HEIMDAL January 12, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/telnet/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/telnet/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\telnet
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/telnet/libtelnet/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/telnet/libtelnet/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/libtelnet/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\telnet\libtelnet
-
-!include ../../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/telnet/libtelnet/kerberos.c
===================================================================
--- trunk/crypto/heimdal/appl/telnet/libtelnet/kerberos.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/libtelnet/kerberos.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,723 +0,0 @@
-/*-
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/*
- * Copyright (C) 1990 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: kerberos.c,v 1.1.1.3 2012-07-21 15:09:08 laffer1 Exp $");
-
-#ifdef KRB4
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_ARPA_TELNET_H
-#include <arpa/telnet.h>
-#endif
-#include <stdio.h>
-#include <krb.h>
-#include <pwd.h>
-#include <stdlib.h>
-#include <string.h>
-#include <roken.h>
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-
-int kerberos4_cksum (unsigned char *, int);
-extern int auth_debug_mode;
-
-static unsigned char str_data[2048] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
- AUTHTYPE_KERBEROS_V4, };
-
-#define KRB_AUTH 0 /* Authentication data follows */
-#define KRB_REJECT 1 /* Rejected (reason might follow) */
-#define KRB_ACCEPT 2 /* Accepted */
-#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */
-#define KRB_RESPONSE 4 /* Response for mutual auth. */
-
-#define KRB_FORWARD 5 /* */
-#define KRB_FORWARD_ACCEPT 6 /* */
-#define KRB_FORWARD_REJECT 7 /* */
-
-#define KRB_SERVICE_NAME "rcmd"
-
-static KTEXT_ST auth;
-static char name[ANAME_SZ];
-static AUTH_DAT adat;
-static des_cblock session_key;
-static des_cblock cred_session;
-static des_key_schedule sched;
-static des_cblock challenge;
-static int auth_done; /* XXX */
-
-static int pack_cred(CREDENTIALS *cred, unsigned char *buf);
-static int unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred);
-
-
-static int
-Data(Authenticator *ap, int type, const void *d, int c)
-{
- unsigned char *p = str_data + 4;
- const unsigned char *cd = (const unsigned char *)d;
-
- if (c == -1)
- c = strlen((const char *)cd);
-
- if (auth_debug_mode) {
- printf("%s:%d: [%d] (%d)",
- str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
- str_data[3],
- type, c);
- printd(d, c);
- printf("\r\n");
- }
- *p++ = ap->type;
- *p++ = ap->way;
- *p++ = type;
- while (c-- > 0) {
- if ((*p++ = *cd++) == IAC)
- *p++ = IAC;
- }
- *p++ = IAC;
- *p++ = SE;
- if (str_data[3] == TELQUAL_IS)
- printsub('>', &str_data[2], p - (&str_data[2]));
- return(telnet_net_write(str_data, p - str_data));
-}
-
-int
-kerberos4_init(Authenticator *ap, int server)
-{
- FILE *fp;
-
- if (server) {
- str_data[3] = TELQUAL_REPLY;
- if ((fp = fopen(KEYFILE, "r")) == NULL)
- return(0);
- fclose(fp);
- } else {
- str_data[3] = TELQUAL_IS;
- }
- return(1);
-}
-
-char dst_realm_buf[REALM_SZ], *dest_realm = NULL;
-int dst_realm_sz = REALM_SZ;
-
-static int
-kerberos4_send(char *name, Authenticator *ap)
-{
- KTEXT_ST auth;
- char instance[INST_SZ];
- char *realm;
- CREDENTIALS cred;
- int r;
-
- if (!UserNameRequested) {
- if (auth_debug_mode) {
- printf("Kerberos V4: no user name supplied\r\n");
- }
- return(0);
- }
-
- memset(instance, 0, sizeof(instance));
-
- strlcpy (instance,
- krb_get_phost(RemoteHostName),
- INST_SZ);
-
- realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName);
-
- if (!realm) {
- printf("Kerberos V4: no realm for %s\r\n", RemoteHostName);
- return(0);
- }
- printf("[ Trying %s (%s.%s@%s) ... ]\r\n", name,
- KRB_SERVICE_NAME, instance, realm);
- r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L);
- if (r) {
- printf("mk_req failed: %s\r\n", krb_get_err_text(r));
- return(0);
- }
- r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred);
- if (r) {
- printf("get_cred failed: %s\r\n", krb_get_err_text(r));
- return(0);
- }
- if (!auth_sendname((unsigned char*)UserNameRequested,
- strlen(UserNameRequested))) {
- if (auth_debug_mode)
- printf("Not enough room for user name\r\n");
- return(0);
- }
- if (auth_debug_mode)
- printf("Sent %d bytes of authentication data\r\n", auth.length);
- if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) {
- if (auth_debug_mode)
- printf("Not enough room for authentication data\r\n");
- return(0);
- }
-#ifdef ENCRYPTION
- /* create challenge */
- if ((ap->way & AUTH_HOW_MASK)==AUTH_HOW_MUTUAL) {
- int i;
-
- des_key_sched(&cred.session, sched);
- memcpy (&cred_session, &cred.session, sizeof(cred_session));
-#ifndef HAVE_OPENSSL
- des_init_random_number_generator(&cred.session);
-#endif
- des_new_random_key(&session_key);
- des_ecb_encrypt(&session_key, &session_key, sched, 0);
- des_ecb_encrypt(&session_key, &challenge, sched, 0);
-
- /*
- old code
- Some CERT Advisory thinks this is a bad thing...
-
- des_init_random_number_generator(&cred.session);
- des_new_random_key(&challenge);
- des_ecb_encrypt(&challenge, &session_key, sched, 1);
- */
-
- /*
- * Increment the challenge by 1, and encrypt it for
- * later comparison.
- */
- for (i = 7; i >= 0; --i)
- if(++challenge[i] != 0) /* No carry! */
- break;
- des_ecb_encrypt(&challenge, &challenge, sched, 1);
- }
-
-#endif
-
- if (auth_debug_mode) {
- printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length));
- printd(auth.dat, auth.length);
- printf("\r\n");
- printf("Sent Kerberos V4 credentials to server\r\n");
- }
- return(1);
-}
-int
-kerberos4_send_mutual(Authenticator *ap)
-{
- return kerberos4_send("mutual KERBEROS4", ap);
-}
-
-int
-kerberos4_send_oneway(Authenticator *ap)
-{
- return kerberos4_send("KERBEROS4", ap);
-}
-
-void
-kerberos4_is(Authenticator *ap, unsigned char *data, int cnt)
-{
- struct sockaddr_in addr;
- char realm[REALM_SZ];
- char instance[INST_SZ];
- int r;
- socklen_t addr_len;
-
- if (cnt-- < 1)
- return;
- switch (*data++) {
- case KRB_AUTH:
- if (krb_get_lrealm(realm, 1) != KSUCCESS) {
- Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1);
- auth_finished(ap, AUTH_REJECT);
- if (auth_debug_mode)
- printf("No local realm\r\n");
- return;
- }
- memmove(auth.dat, data, auth.length = cnt);
- if (auth_debug_mode) {
- printf("Got %d bytes of authentication data\r\n", cnt);
- printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length));
- printd(auth.dat, auth.length);
- printf("\r\n");
- }
- k_getsockinst(0, instance, sizeof(instance));
- addr_len = sizeof(addr);
- if(getpeername(0, (struct sockaddr *)&addr, &addr_len) < 0) {
- if(auth_debug_mode)
- printf("getpeername failed\r\n");
- Data(ap, KRB_REJECT, "getpeername failed", -1);
- auth_finished(ap, AUTH_REJECT);
- return;
- }
- if (addr.sin_family != AF_INET) {
- if (auth_debug_mode)
- printf("unknown address family: %d\r\n", addr.sin_family);
- Data(ap, KRB_REJECT, "bad address family", -1);
- auth_finished(ap, AUTH_REJECT);
- return;
- }
-
- r = krb_rd_req(&auth, KRB_SERVICE_NAME,
- instance, addr.sin_addr.s_addr, &adat, "");
- if (r) {
- if (auth_debug_mode)
- printf("Kerberos failed him as %s\r\n", name);
- Data(ap, KRB_REJECT, (void *)krb_get_err_text(r), -1);
- auth_finished(ap, AUTH_REJECT);
- return;
- }
- /* save the session key */
- memmove(session_key, adat.session, sizeof(adat.session));
- krb_kntoln(&adat, name);
-
- if (UserNameRequested && !kuserok(&adat, UserNameRequested)){
- char ts[MaxPathLen];
- struct passwd *pw = getpwnam(UserNameRequested);
-
- if(pw){
- snprintf(ts, sizeof(ts),
- "%s%u",
- TKT_ROOT,
- (unsigned)pw->pw_uid);
- esetenv("KRBTKFILE", ts, 1);
-
- if (pw->pw_uid == 0)
- syslog(LOG_INFO|LOG_AUTH,
- "ROOT Kerberos login from %s on %s\n",
- krb_unparse_name_long(adat.pname,
- adat.pinst,
- adat.prealm),
- RemoteHostName);
- }
- Data(ap, KRB_ACCEPT, NULL, 0);
- } else {
- char *msg;
- int ret;
-
- ret = asprintf (&msg, "user `%s' is not authorized to "
- "login as `%s'",
- krb_unparse_name_long(adat.pname,
- adat.pinst,
- adat.prealm),
- UserNameRequested ? UserNameRequested : "<nobody>");
- if (ret == -1)
- Data(ap, KRB_REJECT, NULL, 0);
- else {
- Data(ap, KRB_REJECT, (void *)msg, -1);
- free(msg);
- }
- auth_finished(ap, AUTH_REJECT);
- break;
- }
- auth_finished(ap, AUTH_USER);
- break;
-
- case KRB_CHALLENGE:
-#ifndef ENCRYPTION
- Data(ap, KRB_RESPONSE, NULL, 0);
-#else
- if(!VALIDKEY(session_key)){
- Data(ap, KRB_RESPONSE, NULL, 0);
- break;
- }
- des_key_sched(&session_key, sched);
- {
- des_cblock d_block;
- int i;
- Session_Key skey;
-
- memmove(d_block, data, sizeof(d_block));
-
- /* make a session key for encryption */
- des_ecb_encrypt(&d_block, &session_key, sched, 1);
- skey.type=SK_DES;
- skey.length=8;
- skey.data=session_key;
- encrypt_session_key(&skey, 1);
-
- /* decrypt challenge, add one and encrypt it */
- des_ecb_encrypt(&d_block, &challenge, sched, 0);
- for (i = 7; i >= 0; i--)
- if(++challenge[i] != 0)
- break;
- des_ecb_encrypt(&challenge, &challenge, sched, 1);
- Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge));
- }
-#endif
- break;
-
- case KRB_FORWARD:
- {
- des_key_schedule ks;
- unsigned char netcred[sizeof(CREDENTIALS)];
- CREDENTIALS cred;
- int ret;
- if(cnt > sizeof(cred))
- abort();
-
- memcpy (session_key, adat.session, sizeof(session_key));
- des_set_key(&session_key, ks);
- des_pcbc_encrypt((void*)data, (void*)netcred, cnt,
- ks, &session_key, DES_DECRYPT);
- unpack_cred(netcred, cnt, &cred);
- {
- if(strcmp(cred.service, KRB_TICKET_GRANTING_TICKET) ||
- strncmp(cred.instance, cred.realm, sizeof(cred.instance)) ||
- cred.lifetime < 0 || cred.lifetime > 255 ||
- cred.kvno < 0 || cred.kvno > 255 ||
- cred.issue_date < 0 ||
- cred.issue_date > time(0) + CLOCK_SKEW ||
- strncmp(cred.pname, adat.pname, sizeof(cred.pname)) ||
- strncmp(cred.pinst, adat.pinst, sizeof(cred.pinst))){
- Data(ap, KRB_FORWARD_REJECT, "Bad credentials", -1);
- }else{
- if((ret = tf_setup(&cred,
- cred.pname,
- cred.pinst)) == KSUCCESS){
- struct passwd *pw = getpwnam(UserNameRequested);
-
- if (pw)
- chown(tkt_string(), pw->pw_uid, pw->pw_gid);
- Data(ap, KRB_FORWARD_ACCEPT, 0, 0);
- } else{
- Data(ap, KRB_FORWARD_REJECT,
- krb_get_err_text(ret), -1);
- }
- }
- }
- memset(data, 0, cnt);
- memset(&ks, 0, sizeof(ks));
- memset(&cred, 0, sizeof(cred));
- }
-
- break;
-
- default:
- if (auth_debug_mode)
- printf("Unknown Kerberos option %d\r\n", data[-1]);
- Data(ap, KRB_REJECT, 0, 0);
- break;
- }
-}
-
-void
-kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt)
-{
- Session_Key skey;
-
- if (cnt-- < 1)
- return;
- switch (*data++) {
- case KRB_REJECT:
- if(auth_done){ /* XXX Ick! */
- printf("[ Kerberos V4 received unknown opcode ]\r\n");
- }else{
- printf("[ Kerberos V4 refuses authentication ");
- if (cnt > 0)
- printf("because %.*s ", cnt, data);
- printf("]\r\n");
- auth_send_retry();
- }
- return;
- case KRB_ACCEPT:
- printf("[ Kerberos V4 accepts you ]\r\n");
- auth_done = 1;
- if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
- /*
- * Send over the encrypted challenge.
- */
- Data(ap, KRB_CHALLENGE, session_key,
- sizeof(session_key));
- des_ecb_encrypt(&session_key, &session_key, sched, 1);
- skey.type = SK_DES;
- skey.length = 8;
- skey.data = session_key;
- encrypt_session_key(&skey, 0);
-#if 0
- kerberos4_forward(ap, &cred_session);
-#endif
- return;
- }
- auth_finished(ap, AUTH_USER);
- return;
- case KRB_RESPONSE:
- /* make sure the response is correct */
- if ((cnt != sizeof(des_cblock)) ||
- (memcmp(data, challenge, sizeof(challenge)))){
- printf("[ Kerberos V4 challenge failed!!! ]\r\n");
- auth_send_retry();
- return;
- }
- printf("[ Kerberos V4 challenge successful ]\r\n");
- auth_finished(ap, AUTH_USER);
- break;
- case KRB_FORWARD_ACCEPT:
- printf("[ Kerberos V4 accepted forwarded credentials ]\r\n");
- break;
- case KRB_FORWARD_REJECT:
- printf("[ Kerberos V4 rejected forwarded credentials: `%.*s']\r\n",
- cnt, data);
- break;
- default:
- if (auth_debug_mode)
- printf("Unknown Kerberos option %d\r\n", data[-1]);
- return;
- }
-}
-
-int
-kerberos4_status(Authenticator *ap, char *name, size_t name_sz, int level)
-{
- if (level < AUTH_USER)
- return(level);
-
- if (UserNameRequested && !kuserok(&adat, UserNameRequested)) {
- strlcpy(name, UserNameRequested, name_sz);
- return(AUTH_VALID);
- } else
- return(AUTH_USER);
-}
-
-#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
-#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
-
-void
-kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen)
-{
- int i;
-
- buf[buflen-1] = '\0'; /* make sure it's NULL terminated */
- buflen -= 1;
-
- switch(data[3]) {
- case KRB_REJECT: /* Rejected (reason might follow) */
- strlcpy((char *)buf, " REJECT ", buflen);
- goto common;
-
- case KRB_ACCEPT: /* Accepted (name might follow) */
- strlcpy((char *)buf, " ACCEPT ", buflen);
- common:
- BUMP(buf, buflen);
- if (cnt <= 4)
- break;
- ADDC(buf, buflen, '"');
- for (i = 4; i < cnt; i++)
- ADDC(buf, buflen, data[i]);
- ADDC(buf, buflen, '"');
- ADDC(buf, buflen, '\0');
- break;
-
- case KRB_AUTH: /* Authentication data follows */
- strlcpy((char *)buf, " AUTH", buflen);
- goto common2;
-
- case KRB_CHALLENGE:
- strlcpy((char *)buf, " CHALLENGE", buflen);
- goto common2;
-
- case KRB_RESPONSE:
- strlcpy((char *)buf, " RESPONSE", buflen);
- goto common2;
-
- default:
- snprintf((char*)buf, buflen, " %d (unknown)", data[3]);
- common2:
- BUMP(buf, buflen);
- for (i = 4; i < cnt; i++) {
- snprintf((char*)buf, buflen, " %d", data[i]);
- BUMP(buf, buflen);
- }
- break;
- }
-}
-
-int
-kerberos4_cksum(unsigned char *d, int n)
-{
- int ck = 0;
-
- /*
- * A comment is probably needed here for those not
- * well versed in the "C" language. Yes, this is
- * supposed to be a "switch" with the body of the
- * "switch" being a "while" statement. The whole
- * purpose of the switch is to allow us to jump into
- * the middle of the while() loop, and then not have
- * to do any more switch()s.
- *
- * Some compilers will spit out a warning message
- * about the loop not being entered at the top.
- */
- switch (n&03)
- while (n > 0) {
- case 0:
- ck ^= (int)*d++ << 24;
- --n;
- case 3:
- ck ^= (int)*d++ << 16;
- --n;
- case 2:
- ck ^= (int)*d++ << 8;
- --n;
- case 1:
- ck ^= (int)*d++;
- --n;
- }
- return(ck);
-}
-
-static int
-pack_cred(CREDENTIALS *cred, unsigned char *buf)
-{
- unsigned char *p = buf;
-
- memcpy (p, cred->service, ANAME_SZ);
- p += ANAME_SZ;
- memcpy (p, cred->instance, INST_SZ);
- p += INST_SZ;
- memcpy (p, cred->realm, REALM_SZ);
- p += REALM_SZ;
- memcpy(p, cred->session, 8);
- p += 8;
- p += KRB_PUT_INT(cred->lifetime, p, 4, 4);
- p += KRB_PUT_INT(cred->kvno, p, 4, 4);
- p += KRB_PUT_INT(cred->ticket_st.length, p, 4, 4);
- memcpy(p, cred->ticket_st.dat, cred->ticket_st.length);
- p += cred->ticket_st.length;
- p += KRB_PUT_INT(0, p, 4, 4);
- p += KRB_PUT_INT(cred->issue_date, p, 4, 4);
- memcpy (p, cred->pname, ANAME_SZ);
- p += ANAME_SZ;
- memcpy (p, cred->pinst, INST_SZ);
- p += INST_SZ;
- return p - buf;
-}
-
-static int
-unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred)
-{
- char *p = (char*)buf;
- uint32_t tmp;
-
- strncpy (cred->service, p, ANAME_SZ);
- cred->service[ANAME_SZ - 1] = '\0';
- p += ANAME_SZ;
- strncpy (cred->instance, p, INST_SZ);
- cred->instance[INST_SZ - 1] = '\0';
- p += INST_SZ;
- strncpy (cred->realm, p, REALM_SZ);
- cred->realm[REALM_SZ - 1] = '\0';
- p += REALM_SZ;
-
- memcpy(cred->session, p, 8);
- p += 8;
- p += krb_get_int(p, &tmp, 4, 0);
- cred->lifetime = tmp;
- p += krb_get_int(p, &tmp, 4, 0);
- cred->kvno = tmp;
-
- p += krb_get_int(p, &cred->ticket_st.length, 4, 0);
- memcpy(cred->ticket_st.dat, p, cred->ticket_st.length);
- p += cred->ticket_st.length;
- p += krb_get_int(p, &tmp, 4, 0);
- cred->ticket_st.mbz = 0;
- p += krb_get_int(p, (uint32_t *)&cred->issue_date, 4, 0);
-
- strncpy (cred->pname, p, ANAME_SZ);
- cred->pname[ANAME_SZ - 1] = '\0';
- p += ANAME_SZ;
- strncpy (cred->pinst, p, INST_SZ);
- cred->pinst[INST_SZ - 1] = '\0';
- p += INST_SZ;
- return 0;
-}
-
-
-int
-kerberos4_forward(Authenticator *ap, void *v)
-{
- des_cblock *key = (des_cblock *)v;
- CREDENTIALS cred;
- char *realm;
- des_key_schedule ks;
- int len;
- unsigned char netcred[sizeof(CREDENTIALS)];
- int ret;
-
- realm = krb_realmofhost(RemoteHostName);
- if(realm == NULL)
- return -1;
- memset(&cred, 0, sizeof(cred));
- ret = krb_get_cred(KRB_TICKET_GRANTING_TICKET,
- realm,
- realm,
- &cred);
- if(ret)
- return ret;
- des_set_key(key, ks);
- len = pack_cred(&cred, netcred);
- des_pcbc_encrypt((void*)netcred, (void*)netcred, len,
- ks, key, DES_ENCRYPT);
- memset(&ks, 0, sizeof(ks));
- Data(ap, KRB_FORWARD, netcred, len);
- memset(netcred, 0, sizeof(netcred));
- return 0;
-}
-
-#endif /* KRB4 */
-
Deleted: trunk/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c
===================================================================
--- trunk/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/libtelnet/krb4encpwd.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,436 +0,0 @@
-/*-
- * Copyright (c) 1992, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include <config.h>
-
-RCSID("$Id: krb4encpwd.c,v 1.1.1.3 2012-07-21 15:09:08 laffer1 Exp $");
-
-#ifdef KRB4_ENCPWD
-/*
- * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION
- * ALL RIGHTS RESERVED
- *
- * "Digital Equipment Corporation authorizes the reproduction,
- * distribution and modification of this software subject to the following
- * restrictions:
- *
- * 1. Any partial or whole copy of this software, or any modification
- * thereof, must include this copyright notice in its entirety.
- *
- * 2. This software is supplied "as is" with no warranty of any kind,
- * expressed or implied, for any purpose, including any warranty of fitness
- * or merchantibility. DIGITAL assumes no responsibility for the use or
- * reliability of this software, nor promises to provide any form of
- * support for it on any basis.
- *
- * 3. Distribution of this software is authorized only if no profit or
- * remuneration of any kind is received in exchange for such distribution.
- *
- * 4. This software produces public key authentication certificates
- * bearing an expiration date established by DIGITAL and RSA Data
- * Security, Inc. It may cease to generate certificates after the expiration
- * date. Any modification of this software that changes or defeats
- * the expiration date or its effect is unauthorized.
- *
- * 5. Software that will renew or extend the expiration date of
- * authentication certificates produced by this software may be obtained
- * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA
- * 94065, (415)595-8782, or from DIGITAL"
- *
- */
-
-#include <sys/types.h>
-#include <arpa/telnet.h>
-#include <pwd.h>
-#include <stdio.h>
-
-#include <krb.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef SOCKS
-#include <socks.h>
-#endif
-
-#include "encrypt.h"
-#include "auth.h"
-#include "misc.h"
-
-int krb_mk_encpwd_req (KTEXT, char *, char *, char *, char *, char *, char *);
-int krb_rd_encpwd_req (KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *);
-
-extern auth_debug_mode;
-
-static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0,
- AUTHTYPE_KRB4_ENCPWD, };
-static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION,
- TELQUAL_NAME, };
-
-#define KRB4_ENCPWD_AUTH 0 /* Authentication data follows */
-#define KRB4_ENCPWD_REJECT 1 /* Rejected (reason might follow) */
-#define KRB4_ENCPWD_ACCEPT 2 /* Accepted */
-#define KRB4_ENCPWD_CHALLENGE 3 /* Challenge for mutual auth. */
-#define KRB4_ENCPWD_ACK 4 /* Acknowledge */
-
-#define KRB_SERVICE_NAME "rcmd"
-
-static KTEXT_ST auth;
-static char name[ANAME_SZ];
-static char user_passwd[ANAME_SZ];
-static AUTH_DAT adat = { 0 };
-static des_key_schedule sched;
-static char challenge[REALM_SZ];
-
- static int
-Data(ap, type, d, c)
- Authenticator *ap;
- int type;
- void *d;
- int c;
-{
- unsigned char *p = str_data + 4;
- unsigned char *cd = (unsigned char *)d;
-
- if (c == -1)
- c = strlen(cd);
-
- if (0) {
- printf("%s:%d: [%d] (%d)",
- str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY",
- str_data[3],
- type, c);
- printd(d, c);
- printf("\r\n");
- }
- *p++ = ap->type;
- *p++ = ap->way;
- *p++ = type;
- while (c-- > 0) {
- if ((*p++ = *cd++) == IAC)
- *p++ = IAC;
- }
- *p++ = IAC;
- *p++ = SE;
- if (str_data[3] == TELQUAL_IS)
- printsub('>', &str_data[2], p - (&str_data[2]));
- return(telnet_net_write(str_data, p - str_data));
-}
-
- int
-krb4encpwd_init(ap, server)
- Authenticator *ap;
- int server;
-{
- char hostname[80], *cp, *realm;
- des_clock skey;
-
- if (server) {
- str_data[3] = TELQUAL_REPLY;
- } else {
- str_data[3] = TELQUAL_IS;
- gethostname(hostname, sizeof(hostname));
- realm = krb_realmofhost(hostname);
- cp = strchr(hostname, '.');
- if (*cp != NULL) *cp = NULL;
- if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0,
- KEYFILE, (char *)skey)) {
- return(0);
- }
- }
- return(1);
-}
-
- int
-krb4encpwd_send(ap)
- Authenticator *ap;
-{
-
- printf("[ Trying KRB4ENCPWD ... ]\r\n");
- if (!UserNameRequested) {
- return(0);
- }
- if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
- return(0);
- }
-
- if (!Data(ap, KRB4_ENCPWD_ACK, NULL, 0)) {
- return(0);
- }
-
- return(1);
-}
-
- void
-krb4encpwd_is(ap, data, cnt)
- Authenticator *ap;
- unsigned char *data;
- int cnt;
-{
- Session_Key skey;
- des_cblock datablock;
- char r_passwd[ANAME_SZ], r_user[ANAME_SZ];
- char lhostname[ANAME_SZ], *cp;
- int r;
- time_t now;
-
- if (cnt-- < 1)
- return;
- switch (*data++) {
- case KRB4_ENCPWD_AUTH:
- memmove(auth.dat, data, auth.length = cnt);
-
- gethostname(lhostname, sizeof(lhostname));
- if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0';
-
- if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) {
- Data(ap, KRB4_ENCPWD_REJECT, "Auth failed", -1);
- auth_finished(ap, AUTH_REJECT);
- return;
- }
- auth_encrypt_userpwd(r_passwd);
- if (passwdok(UserNameRequested, UserPassword) == 0) {
- /*
- * illegal username and password
- */
- Data(ap, KRB4_ENCPWD_REJECT, "Illegal password", -1);
- auth_finished(ap, AUTH_REJECT);
- return;
- }
-
- memmove(session_key, adat.session, sizeof(des_cblock));
- Data(ap, KRB4_ENCPWD_ACCEPT, 0, 0);
- auth_finished(ap, AUTH_USER);
- break;
-
- case KRB4_ENCPWD_CHALLENGE:
- /*
- * Take the received random challenge text and save
- * for future authentication.
- */
- memmove(challenge, data, sizeof(des_cblock));
- break;
-
-
- case KRB4_ENCPWD_ACK:
- /*
- * Receive ack, if mutual then send random challenge
- */
-
- /*
- * If we are doing mutual authentication, get set up to send
- * the challenge, and verify it when the response comes back.
- */
-
- if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
- int i;
-
- time(&now);
- snprintf(challenge, sizeof(challenge), "%x", now);
- Data(ap, KRB4_ENCPWD_CHALLENGE, challenge, strlen(challenge));
- }
- break;
-
- default:
- Data(ap, KRB4_ENCPWD_REJECT, 0, 0);
- break;
- }
-}
-
-
- void
-krb4encpwd_reply(ap, data, cnt)
- Authenticator *ap;
- unsigned char *data;
- int cnt;
-{
- Session_Key skey;
- KTEXT_ST krb_token;
- des_cblock enckey;
- CREDENTIALS cred;
- int r;
- char randchal[REALM_SZ], instance[ANAME_SZ], *cp;
- char hostname[80], *realm;
-
- if (cnt-- < 1)
- return;
- switch (*data++) {
- case KRB4_ENCPWD_REJECT:
- if (cnt > 0) {
- printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n",
- cnt, data);
- } else
- printf("[ KRB4_ENCPWD refuses authentication ]\r\n");
- auth_send_retry();
- return;
- case KRB4_ENCPWD_ACCEPT:
- printf("[ KRB4_ENCPWD accepts you ]\r\n");
- auth_finished(ap, AUTH_USER);
- return;
- case KRB4_ENCPWD_CHALLENGE:
- /*
- * Verify that the response to the challenge is correct.
- */
-
- gethostname(hostname, sizeof(hostname));
- realm = krb_realmofhost(hostname);
- memmove(challenge, data, cnt);
- memset(user_passwd, 0, sizeof(user_passwd));
- des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0);
- UserPassword = user_passwd;
- Challenge = challenge;
- strlcpy(instance, RemoteHostName, sizeof(instance));
- if ((cp = strchr(instance, '.')) != 0) *cp = '\0';
-
- if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) {
- krb_token.length = 0;
- }
-
- if (!Data(ap, KRB4_ENCPWD_AUTH, krb_token.dat, krb_token.length)) {
- return;
- }
-
- break;
-
- default:
- return;
- }
-}
-
- int
-krb4encpwd_status(ap, name, name_sz, level)
- Authenticator *ap;
- char *name;
- size_t name_sz;
- int level;
-{
-
- if (level < AUTH_USER)
- return(level);
-
- if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) {
- strlcpy(name, UserNameRequested, name_sz);
- return(AUTH_VALID);
- } else {
- return(AUTH_USER);
- }
-}
-
-#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);}
-#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);}
-
- void
-krb4encpwd_printsub(data, cnt, buf, buflen)
- unsigned char *data, *buf;
- int cnt, buflen;
-{
- int i;
-
- buf[buflen-1] = '\0'; /* make sure it's NULL terminated */
- buflen -= 1;
-
- switch(data[3]) {
- case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */
- strlcpy((char *)buf, " REJECT ", buflen);
- goto common;
-
- case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */
- strlcpy((char *)buf, " ACCEPT ", buflen);
- common:
- BUMP(buf, buflen);
- if (cnt <= 4)
- break;
- ADDC(buf, buflen, '"');
- for (i = 4; i < cnt; i++)
- ADDC(buf, buflen, data[i]);
- ADDC(buf, buflen, '"');
- ADDC(buf, buflen, '\0');
- break;
-
- case KRB4_ENCPWD_AUTH: /* Authentication data follows */
- strlcpy((char *)buf, " AUTH", buflen);
- goto common2;
-
- case KRB4_ENCPWD_CHALLENGE:
- strlcpy((char *)buf, " CHALLENGE", buflen);
- goto common2;
-
- case KRB4_ENCPWD_ACK:
- strlcpy((char *)buf, " ACK", buflen);
- goto common2;
-
- default:
- snprintf(buf, buflen, " %d (unknown)", data[3]);
- common2:
- BUMP(buf, buflen);
- for (i = 4; i < cnt; i++) {
- snprintf(buf, buflen, " %d", data[i]);
- BUMP(buf, buflen);
- }
- break;
- }
-}
-
-int passwdok(name, passwd)
-char *name, *passwd;
-{
- char *crypt();
- char *salt, *p;
- struct passwd *pwd;
- int passwdok_status = 0;
-
- if (pwd = k_getpwnam(name))
- salt = pwd->pw_passwd;
- else salt = "xx";
-
- p = crypt(passwd, salt);
-
- if (pwd && !strcmp(p, pwd->pw_passwd)) {
- passwdok_status = 1;
- } else passwdok_status = 0;
- return(passwdok_status);
-}
-
-#endif
-
-#ifdef notdef
-
-prkey(msg, key)
- char *msg;
- unsigned char *key;
-{
- int i;
- printf("%s:", msg);
- for (i = 0; i < 8; i++)
- printf(" %3d", key[i]);
- printf("\r\n");
-}
-#endif
Deleted: trunk/crypto/heimdal/appl/telnet/telnet/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/telnet/telnet/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/telnet/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\telnet\telnet
-
-!include ../../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/telnet/telnet/telnet.cat1
===================================================================
--- trunk/crypto/heimdal/appl/telnet/telnet/telnet.cat1 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/telnet/telnet.cat1 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,715 +0,0 @@
-
-TELNET(1) BSD General Commands Manual TELNET(1)
-
-N�NA�AM�ME�E
- t�te�el�ln�ne�et�t -- user interface to the TELNET protocol
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- t�te�el�ln�ne�et�t [-�-7�78�8E�EF�FK�KL�La�ac�cd�df�fr�rx�x] [-�-S�S _�t_�o_�s] [-�-X�X _�a_�u_�t_�h_�t_�y_�p_�e] [-�-e�e _�e_�s_�c_�a_�p_�e_�c_�h_�a_�r] [-�-k�k _�r_�e_�a_�l_�m]
- [-�-l�l _�u_�s_�e_�r] [-�-n�n _�t_�r_�a_�c_�e_�f_�i_�l_�e] [_�h_�o_�s_�t [port]]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The t�te�el�ln�ne�et�t command is used to communicate with another host using the
- TELNET protocol. If t�te�el�ln�ne�et�t is invoked without the _�h_�o_�s_�t argument, it
- enters command mode, indicated by its prompt (t�te�el�ln�ne�et�t>�>). In this mode, it
- accepts and executes the commands listed below. If it is invoked with
- arguments, it performs an o�op�pe�en�n command with those arguments.
-
- Options:
-
- -�-8�8 Specifies an 8-bit data path. This causes an attempt to negoti-
- ate the TELNET BINARY option on both input and output.
-
- -�-7�7 Do not try to negotiate TELNET BINARY option.
-
- -�-E�E Stops any character from being recognized as an escape character.
-
- -�-F�F If Kerberos V5 authentication is being used, the -�-F�F option allows
- the local credentials to be forwarded to the remote system,
- including any credentials that have already been forwarded into
- the local environment.
-
- -�-K�K Specifies no automatic login to the remote system.
-
- -�-L�L Specifies an 8-bit data path on output. This causes the BINARY
- option to be negotiated on output.
-
- -�-S�S _�t_�o_�s Sets the IP type-of-service (TOS) option for the telnet connec-
- tion to the value _�t_�o_�s, which can be a numeric TOS value or, on
- systems that support it, a symbolic TOS name found in the
- /etc/iptos file.
-
- -�-X�X _�a_�t_�y_�p_�e
- Disables the _�a_�t_�y_�p_�e type of authentication.
-
- -�-a�a Attempt automatic login. Currently, this sends the user name via
- the USER variable of the ENVIRON option if supported by the
- remote system. The name used is that of the current user as
- returned by getlogin(2) if it agrees with the current user ID,
- otherwise it is the name associated with the user ID.
-
- -�-c�c Disables the reading of the user's _�._�t_�e_�l_�n_�e_�t_�r_�c file. (See the
- t�to�og�gg�gl�le�e s�sk�ki�ip�pr�rc�c command on this man page.)
-
- -�-d�d Sets the initial value of the d�de�eb�bu�ug�g toggle to TRUE
-
- -�-e�e _�e_�s_�c_�a_�p_�e _�c_�h_�a_�r
- Sets the initial t�te�el�ln�ne�et�t t�te�el�ln�ne�et�t escape character to _�e_�s_�c_�a_�p_�e _�c_�h_�a_�r.
- If _�e_�s_�c_�a_�p_�e _�c_�h_�a_�r is omitted, then there will be no escape charac-
- ter.
-
- -�-f�f If Kerberos V5 authentication is being used, the -�-f�f option allows
- the local credentials to be forwarded to the remote system.
-
- -�-k�k _�r_�e_�a_�l_�m
- If Kerberos authentication is being used, the -�-k�k option requests
- that telnet obtain tickets for the remote host in realm realm
- instead of the remote host's realm, as determined by
- krb_realmofhost(3).
-
- -�-l�l _�u_�s_�e_�r
- When connecting to the remote system, if the remote system under-
- stands the ENVIRON option, then _�u_�s_�e_�r will be sent to the remote
- system as the value for the variable USER. This option implies
- the -�-a�a option. This option may also be used with the o�op�pe�en�n com-
- mand.
-
- -�-n�n _�t_�r_�a_�c_�e_�f_�i_�l_�e
- Opens _�t_�r_�a_�c_�e_�f_�i_�l_�e for recording trace information. See the s�se�et�t
- t�tr�ra�ac�ce�ef�fi�il�le�e command below.
-
- -�-r�r Specifies a user interface similar to rlogin(1). In this mode,
- the escape character is set to the tilde (~) character, unless
- modified by the -e option.
-
- -�-x�x Turn on encryption of the data stream. When this option is
- turned on, will exit with an error if authentication cannot be
- negotiated or if encryption cannot be turned on.
-
- _�h_�o_�s_�t Indicates the official name, an alias, or the Internet address of
- a remote host.
-
- _�p_�o_�r_�t Indicates a port number (address of an application). If a number
- is not specified, the default t�te�el�ln�ne�et�t port is used.
-
- When in rlogin mode, a line of the form ~. disconnects from the remote
- host; ~ is the telnet escape character. Similarly, the line ~^Z suspends
- the telnet session. The line ~^] escapes to the normal telnet escape
- prompt.
-
- Once a connection has been opened, t�te�el�ln�ne�et�t will attempt to enable the
- TELNET LINEMODE option. If this fails, then t�te�el�ln�ne�et�t will revert to one of
- two input modes: either ``character at a time'' or ``old line by line''
- depending on what the remote system supports.
-
- When LINEMODE is enabled, character processing is done on the local sys-
- tem, under the control of the remote system. When input editing or char-
- acter echoing is to be disabled, the remote system will relay that infor-
- mation. The remote system will also relay changes to any special charac-
- ters that happen on the remote system, so that they can take effect on
- the local system.
-
- In ``character at a time'' mode, most text typed is immediately sent to
- the remote host for processing.
-
- In ``old line by line'' mode, all text is echoed locally, and (normally)
- only completed lines are sent to the remote host. The ``local echo char-
- acter'' (initially ``^E'') may be used to turn off and on the local echo
- (this would mostly be used to enter passwords without the password being
- echoed).
-
- If the LINEMODE option is enabled, or if the l�lo�oc�ca�al�lc�ch�ha�ar�rs�s toggle is TRUE
- (the default for ``old line by line``; see below), the user's q�qu�ui�it�t, i�in�nt�tr�r,
- and f�fl�lu�us�sh�h characters are trapped locally, and sent as TELNET protocol
- sequences to the remote side. If LINEMODE has ever been enabled, then
- the user's s�su�us�sp�p and e�eo�of�f are also sent as TELNET protocol sequences, and
- q�qu�ui�it�t is sent as a TELNET ABORT instead of BREAK There are options (see
- t�to�og�gg�gl�le�e a�au�ut�to�of�fl�lu�us�sh�h and t�to�og�gg�gl�le�e a�au�ut�to�os�sy�yn�nc�ch�h below) which cause this action to
- flush subsequent output to the terminal (until the remote host acknowl-
- edges the TELNET sequence) and flush previous terminal input (in the case
- of q�qu�ui�it�t and i�in�nt�tr�r).
-
- While connected to a remote host, t�te�el�ln�ne�et�t command mode may be entered by
- typing the t�te�el�ln�ne�et�t ``escape character'' (initially ``^]''). When in com-
- mand mode, the normal terminal editing conventions are available.
-
- The following t�te�el�ln�ne�et�t commands are available. Only enough of each command
- to uniquely identify it need be typed (this is also true for arguments to
- the m�mo�od�de�e, s�se�et�t, t�to�og�gg�gl�le�e, u�un�ns�se�et�t, s�sl�lc�c, e�en�nv�vi�ir�ro�on�n, and d�di�is�sp�pl�la�ay�y commands).
-
- a�au�ut�th�h _�a_�r_�g_�u_�m_�e_�n_�t _�._�._�.
- The auth command manipulates the information sent through the
- TELNET AUTHENTICATE option. Valid arguments for the auth com-
- mand are as follows:
-
- d�di�is�sa�ab�bl�le�e _�t_�y_�p_�e Disables the specified type of authentication.
- To obtain a list of available types, use the
- a�au�ut�th�h d�di�is�sa�ab�bl�le�e ?�? command.
-
- e�en�na�ab�bl�le�e _�t_�y_�p_�e Enables the specified type of authentication.
- To obtain a list of available types, use the
- a�au�ut�th�h e�en�na�ab�bl�le�e ?�? command.
-
- s�st�ta�at�tu�us�s Lists the current status of the various types of
- authentication.
-
- c�cl�lo�os�se�e Close a TELNET session and return to command mode.
-
- d�di�is�sp�pl�la�ay�y _�a_�r_�g_�u_�m_�e_�n_�t _�._�._�.
- Displays all, or some, of the s�se�et�t and t�to�og�gg�gl�le�e values (see
- below).
-
- e�en�nc�cr�ry�yp�pt�t _�a_�r_�g_�u_�m_�e_�n_�t _�._�._�.
- The encrypt command manipulates the information sent through
- the TELNET ENCRYPT option.
-
- Note: Because of export controls, the TELNET ENCRYPT option
- is not supported outside of the United States and Canada.
-
- Valid arguments for the encrypt command are as follows:
-
- d�di�is�sa�ab�bl�le�e _�t_�y_�p_�e [i�in�np�pu�ut�t | o�ou�ut�tp�pu�ut�t]
- Disables the specified type of encryption. If
- you omit the input and output, both input and
- output are disabled. To obtain a list of avail-
- able types, use the e�en�nc�cr�ry�yp�pt�t d�di�is�sa�ab�bl�le�e ?�? command.
-
- e�en�na�ab�bl�le�e _�t_�y_�p_�e [i�in�np�pu�ut�t | o�ou�ut�tp�pu�ut�t]
- Enables the specified type of encryption. If
- you omit input and output, both input and output
- are enabled. To obtain a list of available
- types, use the e�en�nc�cr�ry�yp�pt�t e�en�na�ab�bl�le�e ?�? command.
-
- i�in�np�pu�ut�t This is the same as the e�en�nc�cr�ry�yp�pt�t s�st�ta�ar�rt�t i�in�np�pu�ut�t com-
- mand.
-
- -�-i�in�np�pu�ut�t This is the same as the e�en�nc�cr�ry�yp�pt�t s�st�to�op�p i�in�np�pu�ut�t com-
- mand.
-
- o�ou�ut�tp�pu�ut�t This is the same as the e�en�nc�cr�ry�yp�pt�t s�st�ta�ar�rt�t o�ou�ut�tp�pu�ut�t
- command.
-
- -�-o�ou�ut�tp�pu�ut�t This is the same as the e�en�nc�cr�ry�yp�pt�t s�st�to�op�p o�ou�ut�tp�pu�ut�t com-
- mand.
-
- s�st�ta�ar�rt�t [i�in�np�pu�ut�t | o�ou�ut�tp�pu�ut�t]
- Attempts to start encryption. If you omit i�in�np�pu�ut�t
- and o�ou�ut�tp�pu�ut�t, both input and output are enabled.
- To obtain a list of available types, use the
- e�en�nc�cr�ry�yp�pt�t e�en�na�ab�bl�le�e ?�? command.
-
- s�st�ta�at�tu�us�s Lists the current status of encryption.
-
- s�st�to�op�p [i�in�np�pu�ut�t | o�ou�ut�tp�pu�ut�t]
- Stops encryption. If you omit input and output,
- encryption is on both input and output.
-
- t�ty�yp�pe�e _�t_�y_�p_�e Sets the default type of encryption to be used
- with later e�en�nc�cr�ry�yp�pt�t s�st�ta�ar�rt�t or e�en�nc�cr�ry�yp�pt�t s�st�to�op�p com-
- mands.
-
- e�en�nv�vi�ir�ro�on�n _�a_�r_�g_�u_�m_�e_�n_�t_�s _�._�._�.
- The e�en�nv�vi�ir�ro�on�n command is used to manipulate the the variables
- that my be sent through the TELNET ENVIRON option. The ini-
- tial set of variables is taken from the users environment,
- with only the DISPLAY and PRINTER variables being exported by
- default. The USER variable is also exported if the -�-a�a or -�-l�l
- options are used.
-
- Valid arguments for the e�en�nv�vi�ir�ro�on�n command are:
-
- d�de�ef�fi�in�ne�e _�v_�a_�r_�i_�a_�b_�l_�e _�v_�a_�l_�u_�e
- Define the variable _�v_�a_�r_�i_�a_�b_�l_�e to have a value of
- _�v_�a_�l_�u_�e. Any variables defined by this command are
- automatically exported. The _�v_�a_�l_�u_�e may be enclosed
- in single or double quotes so that tabs and spaces
- may be included.
-
- u�un�nd�de�ef�fi�in�ne�e _�v_�a_�r_�i_�a_�b_�l_�e
- Remove _�v_�a_�r_�i_�a_�b_�l_�e from the list of environment vari-
- ables.
-
- e�ex�xp�po�or�rt�t _�v_�a_�r_�i_�a_�b_�l_�e
- Mark the variable _�v_�a_�r_�i_�a_�b_�l_�e to be exported to the
- remote side.
-
- u�un�ne�ex�xp�po�or�rt�t _�v_�a_�r_�i_�a_�b_�l_�e
- Mark the variable _�v_�a_�r_�i_�a_�b_�l_�e to not be exported
- unless explicitly asked for by the remote side.
-
- l�li�is�st�t List the current set of environment variables.
- Those marked with a *�* will be sent automatically,
- other variables will only be sent if explicitly
- requested.
-
- ?�? Prints out help information for the e�en�nv�vi�ir�ro�on�n com-
- mand.
-
- l�lo�og�go�ou�ut�t Sends the TELNET LOGOUT option to the remote side. This com-
- mand is similar to a c�cl�lo�os�se�e command; however, if the remote
- side does not support the LOGOUT option, nothing happens. If,
- however, the remote side does support the LOGOUT option, this
- command should cause the remote side to close the TELNET con-
- nection. If the remote side also supports the concept of sus-
- pending a user's session for later reattachment, the logout
- argument indicates that you should terminate the session imme-
- diately.
-
- m�mo�od�de�e _�t_�y_�p_�e _�T_�y_�p_�e is one of several options, depending on the state of the
- TELNET session. The remote host is asked for permission to go
- into the requested mode. If the remote host is capable of
- entering that mode, the requested mode will be entered.
-
- c�ch�ha�ar�ra�ac�ct�te�er�r Disable the TELNET LINEMODE option, or, if the
- remote side does not understand the LINEMODE
- option, then enter ``character at a time`` mode.
-
- l�li�in�ne�e Enable the TELNET LINEMODE option, or, if the
- remote side does not understand the LINEMODE
- option, then attempt to enter ``old-line-by-
- line`` mode.
-
- i�is�si�ig�g (-�-i�is�si�ig�g) Attempt to enable (disable) the TRAPSIG mode of
- the LINEMODE option. This requires that the
- LINEMODE option be enabled.
-
- e�ed�di�it�t (-�-e�ed�di�it�t) Attempt to enable (disable) the EDIT mode of the
- LINEMODE option. This requires that the
- LINEMODE option be enabled.
-
- s�so�of�ft�tt�ta�ab�bs�s (-�-s�so�of�ft�tt�ta�ab�bs�s)
- Attempt to enable (disable) the SOFT_TAB mode of
- the LINEMODE option. This requires that the
- LINEMODE option be enabled.
-
- l�li�it�te�ec�ch�ho�o (-�-l�li�it�te�ec�ch�ho�o)
- Attempt to enable (disable) the LIT_ECHO mode of
- the LINEMODE option. This requires that the
- LINEMODE option be enabled.
-
- ?�? Prints out help information for the m�mo�od�de�e com-
- mand.
-
- o�op�pe�en�n _�h_�o_�s_�t [-�-l�l _�u_�s_�e_�r] [[-�-]_�p_�o_�r_�t]
- Open a connection to the named host. If no port number is
- specified, t�te�el�ln�ne�et�t will attempt to contact a TELNET server at
- the default port. The host specification may be either a host
- name (see hosts(5)) or an Internet address specified in the
- ``dot notation'' (see inet(3)). The [-�-l�l] option may be used
- to specify the user name to be passed to the remote system via
- the ENVIRON option. When connecting to a non-standard port,
- t�te�el�ln�ne�et�t omits any automatic initiation of TELNET options. When
- the port number is preceded by a minus sign, the initial
- option negotiation is done. After establishing a connection,
- the file _�._�t_�e_�l_�n_�e_�t_�r_�c in the users home directory is opened.
- Lines beginning with a # are comment lines. Blank lines are
- ignored. Lines that begin without white space are the start
- of a machine entry. The first thing on the line is the name
- of the machine that is being connected to. The rest of the
- line, and successive lines that begin with white space are
- assumed to be t�te�el�ln�ne�et�t commands and are processed as if they had
- been typed in manually to the t�te�el�ln�ne�et�t command prompt.
-
- q�qu�ui�it�t Close any open TELNET session and exit t�te�el�ln�ne�et�t. An end of file
- (in command mode) will also close a session and exit.
-
- s�se�en�nd�d _�a_�r_�g_�u_�m_�e_�n_�t_�s
- Sends one or more special character sequences to the remote
- host. The following are the arguments which may be specified
- (more than one argument may be specified at a time):
-
- a�ab�bo�or�rt�t Sends the TELNET ABORT (Abort processes) sequence.
-
- a�ao�o Sends the TELNET AO (Abort Output) sequence, which
- should cause the remote system to flush all output
- _�f_�r_�o_�m the remote system _�t_�o the user's terminal.
-
- a�ay�yt�t Sends the TELNET AYT (Are You There) sequence, to
- which the remote system may or may not choose to
- respond.
-
- b�br�rk�k Sends the TELNET BRK (Break) sequence, which may have
- significance to the remote system.
-
- e�ec�c Sends the TELNET EC (Erase Character) sequence, which
- should cause the remote system to erase the last char-
- acter entered.
-
- e�el�l Sends the TELNET EL (Erase Line) sequence, which
- should cause the remote system to erase the line cur-
- rently being entered.
-
- e�eo�of�f Sends the TELNET EOF (End Of File) sequence.
-
- e�eo�or�r Sends the TELNET EOR (End of Record) sequence.
-
- e�es�sc�ca�ap�pe�e Sends the current t�te�el�ln�ne�et�t escape character (initially
- ``^'').
-
- g�ga�a Sends the TELNET GA (Go Ahead) sequence, which likely
- has no significance to the remote system.
-
- g�ge�et�ts�st�ta�at�tu�us�s
- If the remote side supports the TELNET STATUS command,
- g�ge�et�ts�st�ta�at�tu�us�s will send the subnegotiation to request that
- the server send its current option status.
-
- i�ip�p Sends the TELNET IP (Interrupt Process) sequence,
- which should cause the remote system to abort the cur-
- rently running process.
-
- n�no�op�p Sends the TELNET NOP (No OPeration) sequence.
-
- s�su�us�sp�p Sends the TELNET SUSP (SUSPend process) sequence.
-
- s�sy�yn�nc�ch�h Sends the TELNET SYNCH sequence. This sequence causes
- the remote system to discard all previously typed (but
- not yet read) input. This sequence is sent as TCP
- urgent data (and may not work if the remote system is
- a 4.2BSD system -- if it doesn't work, a lower case
- ``r'' may be echoed on the terminal).
-
- d�do�o _�c_�m_�d
-
- d�do�on�nt�t _�c_�m_�d
-
- w�wi�il�ll�l _�c_�m_�d
-
- w�wo�on�nt�t _�c_�m_�d
- Sends the TELNET DO _�c_�m_�d sequence. _�C_�m_�d can be either a
- decimal number between 0 and 255, or a symbolic name
- for a specific TELNET command. _�C_�m_�d can also be either
- h�he�el�lp�p or ?�? to print out help information, including a
- list of known symbolic names.
-
- ?�? Prints out help information for the s�se�en�nd�d command.
-
- s�se�et�t _�a_�r_�g_�u_�m_�e_�n_�t _�v_�a_�l_�u_�e
-
- u�un�ns�se�et�t _�a_�r_�g_�u_�m_�e_�n_�t _�v_�a_�l_�u_�e
- The s�se�et�t command will set any one of a number of t�te�el�ln�ne�et�t vari-
- ables to a specific value or to TRUE. The special value o�of�ff�f
- turns off the function associated with the variable, this is
- equivalent to using the u�un�ns�se�et�t command. The u�un�ns�se�et�t command will
- disable or set to FALSE any of the specified functions. The
- values of variables may be interrogated with the d�di�is�sp�pl�la�ay�y com-
- mand. The variables which may be set or unset, but not tog-
- gled, are listed here. In addition, any of the variables for
- the t�to�og�gg�gl�le�e command may be explicitly set or unset using the
- s�se�et�t and u�un�ns�se�et�t commands.
-
- a�ay�yt�t If TELNET is in localchars mode, or LINEMODE is
- enabled, and the status character is typed, a TELNET
- AYT sequence (see s�se�en�nd�d a�ay�yt�t preceding) is sent to the
- remote host. The initial value for the "Are You
- There" character is the terminal's status character.
-
- e�ec�ch�ho�o This is the value (initially ``^E'') which, when in
- ``line by line'' mode, toggles between doing local
- echoing of entered characters (for normal processing),
- and suppressing echoing of entered characters (for
- entering, say, a password).
-
- e�eo�of�f If t�te�el�ln�ne�et�t is operating in LINEMODE or ``old line by
- line'' mode, entering this character as the first
- character on a line will cause this character to be
- sent to the remote system. The initial value of the
- eof character is taken to be the terminal's e�eo�of�f char-
- acter.
-
- e�er�ra�as�se�e If t�te�el�ln�ne�et�t is in l�lo�oc�ca�al�lc�ch�ha�ar�rs�s mode (see t�to�og�gg�gl�le�e l�lo�oc�ca�al�lc�ch�ha�ar�rs�s
- below), a�an�nd�d if t�te�el�ln�ne�et�t is operating in ``character at a
- time'' mode, then when this character is typed, a
- TELNET EC sequence (see s�se�en�nd�d e�ec�c above) is sent to the
- remote system. The initial value for the erase char-
- acter is taken to be the terminal's e�er�ra�as�se�e character.
-
- e�es�sc�ca�ap�pe�e This is the t�te�el�ln�ne�et�t escape character (initially ``^['')
- which causes entry into t�te�el�ln�ne�et�t command mode (when con-
- nected to a remote system).
-
- f�fl�lu�us�sh�ho�ou�ut�tp�pu�ut�t
- If t�te�el�ln�ne�et�t is in l�lo�oc�ca�al�lc�ch�ha�ar�rs�s mode (see t�to�og�gg�gl�le�e l�lo�oc�ca�al�lc�ch�ha�ar�rs�s
- below) and the f�fl�lu�us�sh�ho�ou�ut�tp�pu�ut�t character is typed, a
- TELNET AO sequence (see s�se�en�nd�d a�ao�o above) is sent to the
- remote host. The initial value for the flush charac-
- ter is taken to be the terminal's f�fl�lu�us�sh�h character.
-
- f�fo�or�rw�w1�1
-
- f�fo�or�rw�w2�2 If TELNET is operating in LINEMODE, these are the
- characters that, when typed, cause partial lines to be
- forwarded to the remote system. The initial value for
- the forwarding characters are taken from the termi-
- nal's eol and eol2 characters.
-
- i�in�nt�te�er�rr�ru�up�pt�t
- If t�te�el�ln�ne�et�t is in l�lo�oc�ca�al�lc�ch�ha�ar�rs�s mode (see t�to�og�gg�gl�le�e l�lo�oc�ca�al�lc�ch�ha�ar�rs�s
- below) and the i�in�nt�te�er�rr�ru�up�pt�t character is typed, a TELNET
- IP sequence (see s�se�en�nd�d i�ip�p above) is sent to the remote
- host. The initial value for the interrupt character
- is taken to be the terminal's i�in�nt�tr�r character.
-
- k�ki�il�ll�l If t�te�el�ln�ne�et�t is in l�lo�oc�ca�al�lc�ch�ha�ar�rs�s mode (see t�to�og�gg�gl�le�e l�lo�oc�ca�al�lc�ch�ha�ar�rs�s
- below), a�an�nd�d if t�te�el�ln�ne�et�t is operating in ``character at a
- time'' mode, then when this character is typed, a
- TELNET EL sequence (see s�se�en�nd�d e�el�l above) is sent to the
- remote system. The initial value for the kill charac-
- ter is taken to be the terminal's k�ki�il�ll�l character.
-
- l�ln�ne�ex�xt�t If t�te�el�ln�ne�et�t is operating in LINEMODE or ``old line by
- line`` mode, then this character is taken to be the
- terminal's l�ln�ne�ex�xt�t character. The initial value for the
- lnext character is taken to be the terminal's l�ln�ne�ex�xt�t
- character.
-
- q�qu�ui�it�t If t�te�el�ln�ne�et�t is in l�lo�oc�ca�al�lc�ch�ha�ar�rs�s mode (see t�to�og�gg�gl�le�e l�lo�oc�ca�al�lc�ch�ha�ar�rs�s
- below) and the q�qu�ui�it�t character is typed, a TELNET BRK
- sequence (see s�se�en�nd�d b�br�rk�k above) is sent to the remote
- host. The initial value for the quit character is
- taken to be the terminal's q�qu�ui�it�t character.
-
- r�re�ep�pr�ri�in�nt�t
- If t�te�el�ln�ne�et�t is operating in LINEMODE or ``old line by
- line`` mode, then this character is taken to be the
- terminal's r�re�ep�pr�ri�in�nt�t character. The initial value for
- the reprint character is taken to be the terminal's
- r�re�ep�pr�ri�in�nt�t character.
-
- r�rl�lo�og�gi�in�n This is the rlogin escape character. If set, the nor-
- mal TELNET escape character is ignored unless it is
- preceded by this character at the beginning of a line.
- This character, at the beginning of a line followed by
- a "." closes the connection; when followed by a ^Z it
- suspends the telnet command. The initial state is to
- disable the rlogin escape character.
-
- s�st�ta�ar�rt�t If the TELNET TOGGLE-FLOW-CONTROL option has been
- enabled, then this character is taken to be the termi-
- nal's s�st�ta�ar�rt�t character. The initial value for the kill
- character is taken to be the terminal's s�st�ta�ar�rt�t charac-
- ter.
-
- s�st�to�op�p If the TELNET TOGGLE-FLOW-CONTROL option has been
- enabled, then this character is taken to be the termi-
- nal's s�st�to�op�p character. The initial value for the kill
- character is taken to be the terminal's s�st�to�op�p charac-
- ter.
-
- s�su�us�sp�p If t�te�el�ln�ne�et�t is in l�lo�oc�ca�al�lc�ch�ha�ar�rs�s mode, or LINEMODE is
- enabled, and the s�su�us�sp�pe�en�nd�d character is typed, a TELNET
- SUSP sequence (see s�se�en�nd�d s�su�us�sp�p above) is sent to the
- remote host. The initial value for the suspend char-
- acter is taken to be the terminal's s�su�us�sp�pe�en�nd�d character.
-
- t�tr�ra�ac�ce�ef�fi�il�le�e
- This is the file to which the output, caused by
- n�ne�et�td�da�at�ta�a or o�op�pt�ti�io�on�n tracing being TRUE, will be written.
- If it is set to ``-�-'', then tracing information will
- be written to standard output (the default).
-
- w�wo�or�rd�de�er�ra�as�se�e
- If t�te�el�ln�ne�et�t is operating in LINEMODE or ``old line by
- line`` mode, then this character is taken to be the
- terminal's w�wo�or�rd�de�er�ra�as�se�e character. The initial value for
- the worderase character is taken to be the terminal's
- w�wo�or�rd�de�er�ra�as�se�e character.
-
- ?�? Displays the legal s�se�et�t (u�un�ns�se�et�t) commands.
-
- s�sl�lc�c _�s_�t_�a_�t_�e The s�sl�lc�c command (Set Local Characters) is used to set or
- change the state of the the special characters when the TELNET
- LINEMODE option has been enabled. Special characters are
- characters that get mapped to TELNET commands sequences (like
- i�ip�p or q�qu�ui�it�t) or line editing characters (like e�er�ra�as�se�e and k�ki�il�ll�l).
- By default, the local special characters are exported.
-
- c�ch�he�ec�ck�k Verify the current settings for the current spe-
- cial characters. The remote side is requested to
- send all the current special character settings,
- and if there are any discrepancies with the local
- side, the local side will switch to the remote
- value.
-
- e�ex�xp�po�or�rt�t Switch to the local defaults for the special char-
- acters. The local default characters are those of
- the local terminal at the time when t�te�el�ln�ne�et�t was
- started.
-
- i�im�mp�po�or�rt�t Switch to the remote defaults for the special
- characters. The remote default characters are
- those of the remote system at the time when the
- TELNET connection was established.
-
- ?�? Prints out help information for the s�sl�lc�c command.
-
- s�st�ta�at�tu�us�s Show the current status of t�te�el�ln�ne�et�t. This includes the peer one
- is connected to, as well as the current mode.
-
- t�to�og�gg�gl�le�e _�a_�r_�g_�u_�m_�e_�n_�t_�s _�._�._�.
- Toggle (between TRUE and FALSE) various flags that control how
- t�te�el�ln�ne�et�t responds to events. These flags may be set explicitly
- to TRUE or FALSE using the s�se�et�t and u�un�ns�se�et�t commands listed
- above. More than one argument may be specified. The state of
- these flags may be interrogated with the d�di�is�sp�pl�la�ay�y command.
- Valid arguments are:
-
- a�au�ut�th�hd�de�eb�bu�ug�g Turns on debugging information for the authenti-
- cation code.
-
- a�au�ut�to�of�fl�lu�us�sh�h If a�au�ut�to�of�fl�lu�us�sh�h and l�lo�oc�ca�al�lc�ch�ha�ar�rs�s are both TRUE, then
- when the a�ao�o, or q�qu�ui�it�t characters are recognized
- (and transformed into TELNET sequences; see s�se�et�t
- above for details), t�te�el�ln�ne�et�t refuses to display
- any data on the user's terminal until the remote
- system acknowledges (via a TELNET TIMING MARK
- option) that it has processed those TELNET
- sequences. The initial value for this toggle is
- TRUE if the terminal user had not done an "stty
- noflsh", otherwise FALSE (see stty(1)).
-
- a�au�ut�to�od�de�ec�cr�ry�yp�pt�t When the TELNET ENCRYPT option is negotiated, by
- default the actual encryption (decryption) of
- the data stream does not start automatically.
- The autoencrypt (autodecrypt) command states
- that encryption of the output (input) stream
- should be enabled as soon as possible.
-
- Note: Because of export controls, the TELNET
- ENCRYPT option is not supported outside the
- United States and Canada.
-
- a�au�ut�to�ol�lo�og�gi�in�n If the remote side supports the TELNET
- AUTHENTICATION option TELNET attempts to use it
- to perform automatic authentication. If the
- AUTHENTICATION option is not supported, the
- user's login name are propagated through the
- TELNET ENVIRON option. This command is the same
- as specifying _�a option on the o�op�pe�en�n command.
-
- a�au�ut�to�os�sy�yn�nc�ch�h If a�au�ut�to�os�sy�yn�nc�ch�h and l�lo�oc�ca�al�lc�ch�ha�ar�rs�s are both TRUE, then
- when either the i�in�nt�tr�r or q�qu�ui�it�t characters is typed
- (see s�se�et�t above for descriptions of the i�in�nt�tr�r and
- q�qu�ui�it�t characters), the resulting TELNET sequence
- sent is followed by the TELNET SYNCH sequence.
- This procedure s�sh�ho�ou�ul�ld�d cause the remote system to
- begin throwing away all previously typed input
- until both of the TELNET sequences have been
- read and acted upon. The initial value of this
- toggle is FALSE.
-
- b�bi�in�na�ar�ry�y Enable or disable the TELNET BINARY option on
- both input and output.
-
- i�in�nb�bi�in�na�ar�ry�y Enable or disable the TELNET BINARY option on
- input.
-
- o�ou�ut�tb�bi�in�na�ar�ry�y Enable or disable the TELNET BINARY option on
- output.
-
- c�cr�rl�lf�f If this is TRUE, then carriage returns will be
- sent as <CR><LF>. If this is FALSE, then car-
- riage returns will be send as <CR><NUL>. The
- initial value for this toggle is FALSE.
-
- c�cr�rm�mo�od�d Toggle carriage return mode. When this mode is
- enabled, most carriage return characters
- received from the remote host will be mapped
- into a carriage return followed by a line feed.
- This mode does not affect those characters typed
- by the user, only those received from the remote
- host. This mode is not very useful unless the
- remote host only sends carriage return, but
- never line feed. The initial value for this
- toggle is FALSE.
-
- d�de�eb�bu�ug�g Toggles socket level debugging (useful only to
- the s�su�up�pe�er�r u�us�se�er�r). The initial value for this
- toggle is FALSE.
-
- e�en�nc�cd�de�eb�bu�ug�g Turns on debugging information for the encryp-
- tion code.
-
- l�lo�oc�ca�al�lc�ch�ha�ar�rs�s If this is TRUE, then the f�fl�lu�us�sh�h, i�in�nt�te�er�rr�ru�up�pt�t,
- q�qu�ui�it�t, e�er�ra�as�se�e, and k�ki�il�ll�l characters (see s�se�et�t above)
- are recognized locally, and transformed into
- (hopefully) appropriate TELNET control sequences
- (respectively a�ao�o, i�ip�p, b�br�rk�k, e�ec�c, and e�el�l; see s�se�en�nd�d
- above). The initial value for this toggle is
- TRUE in ``old line by line'' mode, and FALSE in
- ``character at a time'' mode. When the LINEMODE
- option is enabled, the value of l�lo�oc�ca�al�lc�ch�ha�ar�rs�s is
- ignored, and assumed to always be TRUE. If
- LINEMODE has ever been enabled, then q�qu�ui�it�t is
- sent as a�ab�bo�or�rt�t, and e�eo�of�f and s�su�us�sp�pe�en�nd�d are sent as
- e�eo�of�f and s�su�us�sp�p, see s�se�en�nd�d above).
-
- n�ne�et�td�da�at�ta�a Toggles the display of all network data (in
- hexadecimal format). The initial value for this
- toggle is FALSE.
-
- o�op�pt�ti�io�on�ns�s Toggles the display of some internal t�te�el�ln�ne�et�t pro-
- tocol processing (having to do with TELNET
- options). The initial value for this toggle is
- FALSE.
-
- p�pr�re�et�tt�ty�yd�du�um�mp�p When the n�ne�et�td�da�at�ta�a toggle is enabled, if
- p�pr�re�et�tt�ty�yd�du�um�mp�p is enabled the output from the
- n�ne�et�td�da�at�ta�a command will be formatted in a more user
- readable format. Spaces are put between each
- character in the output, and the beginning of
- any TELNET escape sequence is preceded by a '*'
- to aid in locating them.
-
- s�sk�ki�ip�pr�rc�c When the skiprc toggle is TRUE, TELNET skips the
- reading of the _�._�t_�e_�l_�n_�e_�t_�r_�c file in the users home
- directory when connections are opened. The ini-
- tial value for this toggle is FALSE.
-
- t�te�er�rm�md�da�at�ta�a Toggles the display of all terminal data (in
- hexadecimal format). The initial value for this
- toggle is FALSE.
-
- v�ve�er�rb�bo�os�se�e_�_e�en�nc�cr�ry�yp�pt�t
- When the v�ve�er�rb�bo�os�se�e_�_e�en�nc�cr�ry�yp�pt�t toggle is TRUE, TELNET
- prints out a message each time encryption is
- enabled or disabled. The initial value for this
- toggle is FALSE. Note: Because of export con-
- trols, data encryption is not supported outside
- of the United States and Canada.
-
- ?�? Displays the legal t�to�og�gg�gl�le�e commands.
-
- z�z Suspend t�te�el�ln�ne�et�t. This command only works when the user is
- using the csh(1).
-
- !�! [_�c_�o_�m_�m_�a_�n_�d]
- Execute a single command in a subshell on the local system.
- If c�co�om�mm�ma�an�nd�d is omitted, then an interactive subshell is
- invoked.
-
- ?�? [_�c_�o_�m_�m_�a_�n_�d]
- Get help. With no arguments, t�te�el�ln�ne�et�t prints a help summary.
- If a command is specified, t�te�el�ln�ne�et�t will print the help informa-
- tion for just that command.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- T�Te�el�ln�ne�et�t uses at least the HOME, SHELL, DISPLAY, and TERM environment vari-
- ables. Other environment variables may be propagated to the other side
- via the TELNET ENVIRON option.
-
-F�FI�IL�LE�ES�S
- ~/.telnetrc user customized telnet startup values
-
-H�HI�IS�ST�TO�OR�RY�Y
- The T�Te�el�ln�ne�et�t command appeared in 4.2BSD.
-
-N�NO�OT�TE�ES�S
- On some remote systems, echo has to be turned off manually when in ``old
- line by line'' mode.
-
- In ``old line by line'' mode or LINEMODE the terminal's e�eo�of�f character is
- only recognized (and sent to the remote system) when it is the first
- character on a line.
-
-4.2 Berkeley Distribution June 1, 1994 4.2 Berkeley Distribution
Deleted: trunk/crypto/heimdal/appl/telnet/telnetd/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/telnet/telnetd/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/telnetd/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\telnet\telnetd
-
-!include ../../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/appl/telnet/telnetd/telnetd.cat8
===================================================================
--- trunk/crypto/heimdal/appl/telnet/telnetd/telnetd.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/telnet/telnetd/telnetd.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,298 +0,0 @@
-
-TELNETD(8) BSD System Manager's Manual TELNETD(8)
-
-N�NA�AM�ME�E
- t�te�el�ln�ne�et�td�d -- DARPA TELNET protocol server
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- t�te�el�ln�ne�et�td�d [-�-B�Be�eU�Uh�hk�kl�ln�n] [-�-D�D _�d_�e_�b_�u_�g_�m_�o_�d_�e] [-�-S�S _�t_�o_�s] [-�-X�X _�a_�u_�t_�h_�t_�y_�p_�e] [-�-a�a _�a_�u_�t_�h_�m_�o_�d_�e]
- [-�-r�r_�l_�o_�w_�p_�t_�y_�-_�h_�i_�g_�h_�p_�t_�y] [-�-u�u _�l_�e_�n] [-�-d�de�eb�bu�ug�g] [-�-L�L _�/_�b_�i_�n_�/_�l_�o_�g_�i_�n] [-�-y�y] [_�p_�o_�r_�t]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The t�te�el�ln�ne�et�td�d command is a server which supports the DARPA standard TELNET
- virtual terminal protocol. T�Te�el�ln�ne�et�td�d is normally invoked by the internet
- server (see inetd(8)) for requests to connect to the TELNET port as indi-
- cated by the _�/_�e_�t_�c_�/_�s_�e_�r_�v_�i_�c_�e_�s file (see services(5)). The -�-d�de�eb�bu�ug�g option may
- be used to start up t�te�el�ln�ne�et�td�d manually, instead of through inetd(8). If
- started up this way, _�p_�o_�r_�t may be specified to run t�te�el�ln�ne�et�td�d on an alternate
- TCP port number.
-
- The t�te�el�ln�ne�et�td�d command accepts the following options:
-
- -�-a�a _�a_�u_�t_�h_�m_�o_�d_�e This option may be used for specifying what mode should be
- used for authentication. Note that this option is only use-
- ful if t�te�el�ln�ne�et�td�d has been compiled with support for the
- AUTHENTICATION option. There are several valid values for
- _�a_�u_�t_�h_�m_�o_�d_�e:
-
- debug Turns on authentication debugging code.
-
- user Only allow connections when the remote user can pro-
- vide valid authentication information to identify the
- remote user, and is allowed access to the specified
- account without providing a password.
-
- valid Only allow connections when the remote user can pro-
- vide valid authentication information to identify the
- remote user. The login(1) command will provide any
- additional user verification needed if the remote
- user is not allowed automatic access to the specified
- account.
-
- other Only allow connections that supply some authentica-
- tion information. This option is currently not sup-
- ported by any of the existing authentication mecha-
- nisms, and is thus the same as specifying -�-a�a v�va�al�li�id�d.
-
- otp Only allow authenticated connections (as with -�-a�a
- u�us�se�er�r) and also logins with one-time passwords (OTPs).
- This option will call login with an option so that
- only OTPs are accepted. The user can of course still
- type secret information at the prompt.
-
- none This is the default state. Authentication informa-
- tion is not required. If no or insufficient authen-
- tication information is provided, then the login(1)
- program will provide the necessary user verification.
-
- off This disables the authentication code. All user ver-
- ification will happen through the login(1) program.
-
- -�-B�B Ignored.
-
- -�-D�D _�d_�e_�b_�u_�g_�m_�o_�d_�e
- This option may be used for debugging purposes. This allows
- t�te�el�ln�ne�et�td�d to print out debugging information to the connec-
- tion, allowing the user to see what t�te�el�ln�ne�et�td�d is doing. There
- are several possible values for _�d_�e_�b_�u_�g_�m_�o_�d_�e:
-
- o�op�pt�ti�io�on�ns�s Prints information about the negotiation of TELNET
- options.
-
- r�re�ep�po�or�rt�t Prints the o�op�pt�ti�io�on�ns�s information, plus some addi-
- tional information about what processing is going
- on.
-
- n�ne�et�td�da�at�ta�a Displays the data stream received by t�te�el�ln�ne�et�td�d.
-
- p�pt�ty�yd�da�at�ta�a Displays data written to the pty.
-
- e�ex�xe�er�rc�ci�is�se�e Has not been implemented yet.
-
- -�-e�e require encryption to be turned on (in both direction) by
- the client and disconnects if the client tries to turn the
- encryption off (in either direction).
-
- -�-h�h Disables the printing of host-specific information before
- login has been completed.
-
- -�-k�k
-
- -�-l�l Ignored.
-
- -�-n�n Disable TCP keep-alives. Normally t�te�el�ln�ne�et�td�d enables the TCP
- keep-alive mechanism to probe connections that have been
- idle for some period of time to determine if the client is
- still there, so that idle connections from machines that
- have crashed or can no longer be reached may be cleaned up.
-
- -�-r�r _�l_�o_�w_�p_�t_�y_�-_�h_�i_�g_�h_�p_�t_�y
- This option is only enabled when t�te�el�ln�ne�et�td�d is compiled for
- UNICOS. It specifies an inclusive range of pseudo-terminal
- devices to use. If the system has sysconf variable
- _SC_CRAY_NPTY configured, the default pty search range is 0
- to _SC_CRAY_NPTY; otherwise, the default range is 0 to 128.
- Either _�l_�o_�w_�p_�t_�y or _�h_�i_�g_�h_�p_�t_�y may be omitted to allow changing
- either end of the search range. If _�l_�o_�w_�p_�t_�y is omitted, the -
- character is still required so that t�te�el�ln�ne�et�td�d can differenti-
- ate _�h_�i_�g_�h_�p_�t_�y from _�l_�o_�w_�p_�t_�y.
-
- -�-S�S _�t_�o_�s
-
- -�-u�u _�l_�e_�n This option is used to specify the size of the field in the
- utmp structure that holds the remote host name. If the
- resolved host name is longer than _�l_�e_�n, the dotted decimal
- value will be used instead. This allows hosts with very
- long host names that overflow this field to still be
- uniquely identified. Specifying -�-u�u0�0 indicates that only
- dotted decimal addresses should be put into the _�u_�t_�m_�p file.
-
- -�-U�U This option causes t�te�el�ln�ne�et�td�d to refuse connections from
- addresses that cannot be mapped back into a symbolic name
- via the gethostbyaddr(3) routine.
-
- -�-X�X _�a_�u_�t_�h_�t_�y_�p_�e This option is only valid if t�te�el�ln�ne�et�td�d has been built with
- support for the authentication option. It disables the use
- of _�a_�u_�t_�h_�t_�y_�p_�e authentication, and can be used to temporarily
- disable a specific authentication type without having to
- recompile t�te�el�ln�ne�et�td�d.
-
- -�-L�L _�p_�a_�t_�h_�n_�a_�m_�e Specify pathname to an alternative login program.
-
- -�-y�y Makes t�te�el�ln�ne�et�td�d not warn when a user is trying to login with a
- cleartext password.
-
- T�Te�el�ln�ne�et�td�d operates by allocating a pseudo-terminal device (see pty(4)) for
- a client, then creating a login process which has the slave side of the
- pseudo-terminal as stdin, stdout and stderr. T�Te�el�ln�ne�et�td�d manipulates the
- master side of the pseudo-terminal, implementing the TELNET protocol and
- passing characters between the remote client and the login process.
-
- When a TELNET session is started up, t�te�el�ln�ne�et�td�d sends TELNET options to the
- client side indicating a willingness to do the following TELNET options,
- which are described in more detail below:
-
- DO AUTHENTICATION
- WILL ENCRYPT
- DO TERMINAL TYPE
- DO TSPEED
- DO XDISPLOC
- DO NEW-ENVIRON
- DO ENVIRON
- WILL SUPPRESS GO AHEAD
- DO ECHO
- DO LINEMODE
- DO NAWS
- WILL STATUS
- DO LFLOW
- DO TIMING-MARK
-
- The pseudo-terminal allocated to the client is configured to operate in
- ``cooked'' mode, and with XTABS and CRMOD enabled (see tty(4)).
-
- T�Te�el�ln�ne�et�td�d has support for enabling locally the following TELNET options:
-
- WILL ECHO When the LINEMODE option is enabled, a WILL ECHO or
- WONT ECHO will be sent to the client to indicate the
- current state of terminal echoing. When terminal echo
- is not desired, a WILL ECHO is sent to indicate that
- telnetd will take care of echoing any data that needs
- to be echoed to the terminal, and then nothing is
- echoed. When terminal echo is desired, a WONT ECHO is
- sent to indicate that telnetd will not be doing any
- terminal echoing, so the client should do any terminal
- echoing that is needed.
-
- WILL BINARY Indicates that the client is willing to send a 8 bits
- of data, rather than the normal 7 bits of the Network
- Virtual Terminal.
-
- WILL SGA Indicates that it will not be sending IAC GA, go
- ahead, commands.
-
- WILL STATUS Indicates a willingness to send the client, upon
- request, of the current status of all TELNET options.
-
- WILL TIMING-MARK Whenever a DO TIMING-MARK command is received, it is
- always responded to with a WILL TIMING-MARK
-
- WILL LOGOUT When a DO LOGOUT is received, a WILL LOGOUT is sent in
- response, and the TELNET session is shut down.
-
- WILL ENCRYPT Only sent if t�te�el�ln�ne�et�td�d is compiled with support for data
- encryption, and indicates a willingness to decrypt the
- data stream.
-
- T�Te�el�ln�ne�et�td�d has support for enabling remotely the following TELNET options:
-
- DO BINARY Sent to indicate that telnetd is willing to receive an
- 8 bit data stream.
-
- DO LFLOW Requests that the client handle flow control charac-
- ters remotely.
-
- DO ECHO This is not really supported, but is sent to identify
- a 4.2BSD telnet(1) client, which will improperly
- respond with WILL ECHO. If a WILL ECHO is received, a
- DONT ECHO will be sent in response.
-
- DO TERMINAL-TYPE Indicates a desire to be able to request the name of
- the type of terminal that is attached to the client
- side of the connection.
-
- DO SGA Indicates that it does not need to receive IAC GA, the
- go ahead command.
-
- DO NAWS Requests that the client inform the server when the
- window (display) size changes.
-
- DO TERMINAL-SPEED Indicates a desire to be able to request information
- about the speed of the serial line to which the client
- is attached.
-
- DO XDISPLOC Indicates a desire to be able to request the name of
- the X windows display that is associated with the tel-
- net client.
-
- DO NEW-ENVIRON Indicates a desire to be able to request environment
- variable information, as described in RFC 1572.
-
- DO ENVIRON Indicates a desire to be able to request environment
- variable information, as described in RFC 1408.
-
- DO LINEMODE Only sent if t�te�el�ln�ne�et�td�d is compiled with support for
- linemode, and requests that the client do line by line
- processing.
-
- DO TIMING-MARK Only sent if t�te�el�ln�ne�et�td�d is compiled with support for both
- linemode and kludge linemode, and the client responded
- with WONT LINEMODE. If the client responds with WILL
- TM, the it is assumed that the client supports kludge
- linemode. Note that the [-�-k�k] option can be used to
- disable this.
-
- DO AUTHENTICATION Only sent if t�te�el�ln�ne�et�td�d is compiled with support for
- authentication, and indicates a willingness to receive
- authentication information for automatic login.
-
- DO ENCRYPT Only sent if t�te�el�ln�ne�et�td�d is compiled with support for data
- encryption, and indicates a willingness to decrypt the
- data stream.
-
-F�FI�IL�LE�ES�S
- /etc/services
- /etc/inittab (UNICOS systems only)
- /etc/iptos (if supported)
-
-S�SE�EE�E A�AL�LS�SO�O
- telnet(1), login(1)
-
-S�ST�TA�AN�ND�DA�AR�RD�DS�S
- R�RF�FC�C-�-8�85�54�4 TELNET PROTOCOL SPECIFICATION
- R�RF�FC�C-�-8�85�55�5 TELNET OPTION SPECIFICATIONS
- R�RF�FC�C-�-8�85�56�6 TELNET BINARY TRANSMISSION
- R�RF�FC�C-�-8�85�57�7 TELNET ECHO OPTION
- R�RF�FC�C-�-8�85�58�8 TELNET SUPPRESS GO AHEAD OPTION
- R�RF�FC�C-�-8�85�59�9 TELNET STATUS OPTION
- R�RF�FC�C-�-8�86�60�0 TELNET TIMING MARK OPTION
- R�RF�FC�C-�-8�86�61�1 TELNET EXTENDED OPTIONS - LIST OPTION
- R�RF�FC�C-�-8�88�85�5 TELNET END OF RECORD OPTION
- R�RF�FC�C-�-1�10�07�73�3 Telnet Window Size Option
- R�RF�FC�C-�-1�10�07�79�9 Telnet Terminal Speed Option
- R�RF�FC�C-�-1�10�09�91�1 Telnet Terminal-Type Option
- R�RF�FC�C-�-1�10�09�96�6 Telnet X Display Location Option
- R�RF�FC�C-�-1�11�12�23�3 Requirements for Internet Hosts -- Application and Support
- R�RF�FC�C-�-1�11�18�84�4 Telnet Linemode Option
- R�RF�FC�C-�-1�13�37�72�2 Telnet Remote Flow Control Option
- R�RF�FC�C-�-1�14�41�16�6 Telnet Authentication Option
- R�RF�FC�C-�-1�14�41�11�1 Telnet Authentication: Kerberos Version 4
- R�RF�FC�C-�-1�14�41�12�2 Telnet Authentication: SPX
- R�RF�FC�C-�-1�15�57�71�1 Telnet Environment Option Interoperability Issues
- R�RF�FC�C-�-1�15�57�72�2 Telnet Environment Option
-
-B�BU�UG�GS�S
- Some TELNET commands are only partially implemented.
-
- Because of bugs in the original 4.2 BSD telnet(1), t�te�el�ln�ne�et�td�d performs some
- dubious protocol exchanges to try to discover if the remote client is, in
- fact, a 4.2 BSD telnet(1).
-
- Binary mode has no common interpretation except between similar operating
- systems (Unix in this case).
-
- The terminal type name received from the remote client is converted to
- lower case.
-
- T�Te�el�ln�ne�et�td�d never sends TELNET IAC GA (go ahead) commands.
-
-4.2 Berkeley Distribution September 19, 2006 4.2 Berkeley Distribution
Deleted: trunk/crypto/heimdal/appl/test/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/test/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/appl/test/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl\test
-
-!include ../../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/doc/NTMakefile
===================================================================
--- trunk/crypto/heimdal/doc/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/doc/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,119 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=doc
-
-!include ../windows/NTMakefile.w32
-
-heimdal_TEXINFOS = \
- $(OBJ)\ack.texi \
- $(OBJ)\apps.texi \
- $(OBJ)\copyright.texi \
- $(OBJ)\heimdal.texi \
- $(OBJ)\install.texi \
- $(OBJ)\intro.texi \
- $(OBJ)\kerberos4.texi \
- $(OBJ)\migration.texi \
- $(OBJ)\misc.texi \
- $(OBJ)\programming.texi \
- $(OBJ)\setup.texi \
- $(OBJ)\vars.texi \
- $(OBJ)\whatis.texi \
- $(OBJ)\win2k.texi
-
-hx509_TEXINFOS = \
- $(OBJ)\hx509.texi
-
-{}.texi{$(OBJ)}.texi:
- $(CP) $** $@
-
-{}.tin{$(OBJ)}.texi:
- $(SED) -e "s,[@]dbdir[@],x,g" \
- -e "s,[@]PACKAGE_VERSION[@],$(VER_PACKAGE_VERSION),g" < $** > $@
-
-MAKEINFOFLAGS = --css-include=$(SRCDIR)/heimdal.css
-
-######################################################################
-# Build heimdal.chm
-
-# Copyrights-and-Licenses.html is where the table of contents ends up
-# when generating HTML output using makeinfo. Same goes for
-# How-to-use-the-PKCS11-module.html below.
-
-$(OBJ)\heimdal\index.html $(OBJ)\heimdal\Copyrights-and-Licenses.html: $(heimdal_TEXINFOS)
- cd $(OBJ)
- $(MAKEINFO) $(MAKEINFOFLAGS) --html heimdal.texi
- cd $(SRCDIR)
-
-$(OBJ)\heimdal\toc.hhc: $(OBJ)\heimdal\Copyrights-and-Licenses.html
- $(PERL) $(SRC)\cf\w32-hh-toc-from-info.pl -o$@ $**
-
-$(OBJ)\heimdal\heimdal.hhp: heimdal.hhp
- $(CP) $** $@
-
-$(DOCDIR)\heimdal.chm: $(OBJ)\heimdal\heimdal.hhp $(OBJ)\heimdal\toc.hhc
- cd $(OBJ)\heimdal
- -$(HHC) heimdal.hhp
- $(CP) heimdal.chm $@
- cd $(SRCDIR)
-
-######################################################################
-# Build hx509.chm
-
-$(OBJ)\hx509\index.html $(OBJ)\hx509\How-to-use-the-PKCS11-module.html: $(hx509_TEXINFOS)
- cd $(OBJ)
- $(MAKEINFO) $(MAKEINFOFLAGS) --html hx509.texi
- cd $(SRCDIR)
-
-$(OBJ)\hx509\toc.hhc: $(OBJ)\hx509\How-to-use-the-PKCS11-module.html
- $(PERL) $(SRC)\cf\w32-hh-toc-from-info.pl -o$@ $**
-
-$(OBJ)\hx509\hx509.hhp: hx509.hhp
- $(CP) $** $@
-
-$(DOCDIR)\hx509.chm: $(OBJ)\hx509\hx509.hhp $(OBJ)\hx509\toc.hhc
- cd $(OBJ)\hx509
- -$(HHC) hx509.hhp
- $(CP) hx509.chm $@
- cd $(SRCDIR)
-
-!ifndef NO_DOC
-all:: $(OBJ)\heimdal\index.html $(OBJ)\hx509\index.html \
- $(DOCDIR)\heimdal.chm $(DOCDIR)\hx509.chm
-!endif
-
-clean::
- -$(RM) $(OBJ)\heimdal\*.*
- -$(RM) $(OBJ)\hx509\*.*
- -$(RM) $(DOCDIR)\heimdal.chm
- -$(RM) $(DOCDIR)\hx509.chm
-
-.SUFFIXES: .texi .tin
Deleted: trunk/crypto/heimdal/doc/footer.html
===================================================================
--- trunk/crypto/heimdal/doc/footer.html 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/doc/footer.html 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,4 +0,0 @@
-<hr size="1"><address style="text-align: right;"><small>
-Generated on $datetime for $projectname by <a href="http://www.doxygen.org/index.html"><img src="doxygen.png" alt="doxygen" align="middle" border="0"></a> $doxygenversion</small></address>
-</body>
-</html>
Deleted: trunk/crypto/heimdal/doc/hdb.din
===================================================================
--- trunk/crypto/heimdal/doc/hdb.din 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/doc/hdb.din 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,15 +0,0 @@
-# Doxyfile 1.5.3
-
-PROJECT_NAME = Heimdal hdb library
-PROJECT_NUMBER = @PACKAGE_VERSION@
-OUTPUT_DIRECTORY = @srcdir@/doxyout/hdb
-INPUT = @srcdir@/../lib/hdb
-
-WARN_IF_UNDOCUMENTED = YES
-
-PERL_PATH = /usr/bin/perl
-
-HTML_HEADER = "@srcdir@/header.html"
-HTML_FOOTER = "@srcdir@/footer.html"
-
- at INCLUDE = "@srcdir@/doxytmpl.dxy"
Deleted: trunk/crypto/heimdal/doc/heimdal.info
===================================================================
(Binary files differ)
Deleted: trunk/crypto/heimdal/doc/hx509.info
===================================================================
(Binary files differ)
Deleted: trunk/crypto/heimdal/etc/NTMakefile
===================================================================
--- trunk/crypto/heimdal/etc/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/etc/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=etc
-
-!include ../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/lib/com_err/NTMakefile
===================================================================
--- trunk/crypto/heimdal/lib/com_err/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/com_err/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,91 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR = lib\com_err
-
-intcflags=-DBUILD_KRB5_LIB
-
-!include ../../windows/NTMakefile.w32
-
-INCFILES=$(INCDIR)\com_err.h $(INCDIR)\com_right.h
-
-libcomerr_OBJs=$(OBJ)\error.obj $(OBJ)\com_err.obj
-
-COMERRDLL=$(BINDIR)\com_err.dll
-
-!ifdef STATICLIBS
-
-$(LIBCOMERR): $(libcomerr_OBJs)
- $(LIBCON)
-
-!else
-
-$(LIBCOMERR): $(COMERRDLL)
-
-$(COMERRDLL): $(libcomerr_OBJs) $(OBJ)\libcom_err-version.res
- $(DLLGUILINK_C) -out:$(COMERRDLL) -implib:$(LIBCOMERR) $** \
- $(LIBROKEN) \
- -def:libcom_err-exports.def
- $(DLLPREP_NODIST)
-
-!endif
-
-$(BINDIR)\compile_et.exe: $(OBJ)\parse.obj $(OBJ)\lex.obj $(OBJ)\compile_et.obj $(OBJ)\compile_et-version.res
- $(EXECONLINK) $(LIBROKEN) $(LIBVERS)
- $(EXEPREP_NOHEIM)
-
-$(OBJ)\parse.obj: $(OBJ)\parse.c
- $(C2OBJ) -I$(SRC)\$(RELDIR)
-
-$(OBJ)\lex.obj: $(OBJ)\lex.c
- $(C2OBJ) -I$(SRC)\$(RELDIR) -DYY_NO_UNISTD_H
-
-$(OBJ)\compile_et.obj: compile_et.c
- $(C2OBJ) -I$(OBJ)
-
-$(OBJ)\parse.c: parse.y
- $(YACC) -o $@ --defines=$(OBJ)\parse.h parse.y
-
-$(OBJ)\lex.c: lex.l
- $(LEX) -o$@ lex.l
-
-all:: $(INCFILES) $(LIBCOMERR) $(BINDIR)\compile_et.exe
-
-clean::
- -$(RM) $(LIBCOMERR)
- -$(RM) $(INCFILES)
- -$(RM) $(COMERRDLL:.dll=.*)
- -$(RM) $(BINDIR)\compile_et.*
-
-test-exports:
- $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libcom_err-exports.def
-
-test:: test-exports
Deleted: trunk/crypto/heimdal/lib/com_err/compile_et-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/com_err/compile_et-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/com_err/compile_et-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Error Table Compiler"
-#define RC_FILE_ORIG_0409 "compile_et.exe"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/com_err/libcom_err-exports.def
===================================================================
--- trunk/crypto/heimdal/lib/com_err/libcom_err-exports.def 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/com_err/libcom_err-exports.def 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,14 +0,0 @@
-EXPORTS
- com_right
- com_right_r
- free_error_table
- initialize_error_table_r
- add_to_error_table
- com_err
- com_err_va
- error_message
- error_table_name
- init_error_table
- reset_com_err_hook
- set_com_err_hook
- _et_list DATA
Deleted: trunk/crypto/heimdal/lib/com_err/libcom_err-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/com_err/libcom_err-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/com_err/libcom_err-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2009, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_DLL
-#define RC_FILE_DESC_0409 "Common Error Library"
-#define RC_FILE_ORIG_0409 "com_err.dll"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/kadm5/NTMakefile
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,273 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=lib\kadm5
-
-!include ../../windows/NTMakefile.w32
-
-dist_libkadm5clnt_la_SOURCES = \
- ad.c \
- chpass_c.c \
- client_glue.c \
- common_glue.c \
- create_c.c \
- delete_c.c \
- destroy_c.c \
- flush_c.c \
- free.c \
- get_c.c \
- get_princs_c.c \
- init_c.c \
- kadm5_locl.h \
- marshall.c \
- modify_c.c \
- private.h \
- privs_c.c \
- randkey_c.c \
- rename_c.c \
- send_recv.c \
- kadm5-pwcheck.h \
- admin.h
-
-dist_libkadm5srv_la_SOURCES = \
- acl.c \
- admin.h \
- bump_pw_expire.c \
- chpass_s.c \
- common_glue.c \
- context_s.c \
- create_s.c \
- delete_s.c \
- destroy_s.c \
- ent_setup.c \
- error.c \
- flush_s.c \
- free.c \
- get_princs_s.c \
- get_s.c \
- init_s.c \
- kadm5_locl.h \
- keys.c \
- log.c \
- marshall.c \
- modify_s.c \
- password_quality.c \
- private.h \
- privs_s.c \
- randkey_s.c \
- rename_s.c \
- server_glue.c \
- set_keys.c \
- set_modifier.c \
- kadm5-pwcheck.h \
- admin.h
-
-LIBKADM5CLNT_OBJS= \
- $(OBJ)\ad.obj \
- $(OBJ)\chpass_c.obj \
- $(OBJ)\client_glue.obj \
- $(OBJ)\common_glue.obj \
- $(OBJ)\create_c.obj \
- $(OBJ)\delete_c.obj \
- $(OBJ)\destroy_c.obj \
- $(OBJ)\flush_c.obj \
- $(OBJ)\free.obj \
- $(OBJ)\get_c.obj \
- $(OBJ)\get_princs_c.obj \
- $(OBJ)\init_c.obj \
- $(OBJ)\marshall.obj \
- $(OBJ)\modify_c.obj \
- $(OBJ)\privs_c.obj \
- $(OBJ)\randkey_c.obj \
- $(OBJ)\rename_c.obj \
- $(OBJ)\send_recv.obj \
- $(OBJ)\kadm5_err.obj
-
-LIBKADM5SRV_OBJS= \
- $(OBJ)\acl.obj \
- $(OBJ)\bump_pw_expire.obj \
- $(OBJ)\chpass_s.obj \
- $(OBJ)\common_glue.obj \
- $(OBJ)\context_s.obj \
- $(OBJ)\create_s.obj \
- $(OBJ)\delete_s.obj \
- $(OBJ)\destroy_s.obj \
- $(OBJ)\ent_setup.obj \
- $(OBJ)\error.obj \
- $(OBJ)\flush_s.obj \
- $(OBJ)\free.obj \
- $(OBJ)\get_princs_s.obj \
- $(OBJ)\get_s.obj \
- $(OBJ)\init_s.obj \
- $(OBJ)\keys.obj \
- $(OBJ)\log.obj \
- $(OBJ)\marshall.obj \
- $(OBJ)\modify_s.obj \
- $(OBJ)\password_quality.obj \
- $(OBJ)\privs_s.obj \
- $(OBJ)\randkey_s.obj \
- $(OBJ)\rename_s.obj \
- $(OBJ)\server_glue.obj \
- $(OBJ)\set_keys.obj \
- $(OBJ)\set_modifier.obj \
- $(OBJ)\kadm5_err.obj
-
-
-proto_opts = -q -R "^(_|kadm5_c_|kadm5_s_|kadm5_log)" -P remove
-
-$(OBJ)\kadm5-protos.h: $(dist_libkadm5srv_la_SOURCES) $(dist_libkadm5clnt_la_SOURCES)
- $(PERL) ..\..\cf\make-proto.pl $(proto_opts) \
- -o $@ \
- $(dist_libkadm5srv_la_SOURCES) \
- $(dist_libkadm5clnt_la_SOURCES) \
- || $(RM) $@
-
-$(OBJ)\kadm5-private.h: $(dist_libkadm5srv_la_SOURCES) $(dist_libkadm5clnt_la_SOURCES)
- $(PERL) ..\..\cf\make-proto.pl $(proto_opts) \
- -p $@ \
- $(dist_libkadm5srv_la_SOURCES) \
- $(dist_libkadm5clnt_la_SOURCES) \
- || $(RM) $@
-
-$(OBJ)\iprop-commands.c $(OBJ)\iprop-commands.h: iprop-commands.in
- cd $(OBJ)
- $(CP) $(SRCDIR)\iprop-commands.in $(OBJ)
- $(BINDIR)\slc.exe iprop-commands.in
- cd $(SRCDIR)
-
-$(OBJ)\kadm5_err.h $(OBJ)kadm5_err.c: kadm5_err.et
- cd $(OBJ)
- $(BINDIR)\compile_et.exe $(SRCDIR)\kadm5_err.et
- cd $(SRCDIR)
-
-$(KADM5INCDIR)\kadm5_err.h: $(OBJ)\kadm5_err.h
-
-KADM5INCDIR=$(INCDIR)\kadm5
-
-INCFILES=\
- $(KADM5INCDIR)\kadm5_err.h \
- $(KADM5INCDIR)\admin.h \
- $(KADM5INCDIR)\private.h \
- $(KADM5INCDIR)\kadm5-protos.h \
- $(KADM5INCDIR)\kadm5-private.h \
- $(OBJ)\iprop-commands.h
-
-SBINPROGRAMS=$(SBINDIR)\iprop-log.exe
-
-LIBEXECPROGRAMS=$(LIBEXECDIR)\ipropd-master.exe $(LIBEXECDIR)\ipropd-slave.exe
-
-EXELIBDEPS= \
- $(LIBKADM5SRV) \
- $(LIBROKEN) \
- $(LIBHEIMDAL) \
- $(LIBHDB) \
- $(LIBSQLITE) \
- $(LIBSL) \
- $(LIBCOMERR) \
- $(LIBVERS)
-
-$(SBINDIR)\iprop-log.exe: $(OBJ)\iprop-log.obj $(OBJ)\iprop-commands.obj $(EXELIBDEPS) \
- $(OBJ)\iprop-log-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(LIBEXECDIR)\ipropd-master.exe: $(OBJ)\ipropd_master.obj $(OBJ)\ipropd_common.obj \
- $(EXELIBDEPS) $(OBJ)\ipropd-master-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(LIBEXECDIR)\ipropd-slave.exe: $(OBJ)\ipropd_slave.obj $(OBJ)\ipropd_common.obj \
- $(EXELIBDEPS) $(OBJ)\ipropd-slave-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(LIBKADM5CLNT): $(LIBKADM5CLNT_OBJS)
- $(LIBCON)
-
-LIBKADM5SRVRES=$(OBJ)\libkadm5srv-version.res
-
-$(LIBKADM5SRV): $(BINDIR)\libkadm5srv.dll
-
-$(BINDIR)\libkadm5srv.dll: $(LIBKADM5SRV_OBJS) $(LIBHEIMDAL) $(LIBROKEN) $(LIBHDB) $(LIBCOMERR) $(LIBSQLITE) $(LIBKADM5SRVRES)
- $(DLLGUILINK) -implib:$(LIBKADM5SRV) -def:libkadm5srv-exports.def
- $(DLLPREP)
-
-all:: $(INCFILES) $(LIBKADM5SRV) $(LIBKADM5CLNT)
-
-all-tools:: $(SBINPROGRAMS) $(LIBEXECPROGRAMS)
-
-clean::
- -$(RM) $(INCFILES)
- -$(RM) $(LIBKADM5CLNT)
- -$(RM) $(LIBKADM5SRV)
- -$(RM) $(BINDIR)\libkadm5srv.*
- -$(RM) $(SBINPROGRAMS:.exe=.*)
- -$(RM) $(LIBEXECPROGRAMS:.exe=.*)
-
-test:: test-binaries test-run
-
-test-binaries: \
- $(OBJ)\default_keys.exe \
- $(OBJ)\test_pw_quality.exe \
- $(OBJ)\sample_passwd_check.dll
-
-$(OBJ)\default_keys.exe: $(OBJ)\default_keys.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHDB)
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-$(OBJ)\test_pw_quality.exe: $(OBJ)\test_pw_quality.obj \
- $(LIBROKEN) $(LIBKADM5SRV) $(LIBVERS) $(LIBHEIMDAL)
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-$(OBJ)\sample_passwd_check.dll: $(OBJ)\sample_passwd_check.obj $(LIBHEIMDAL)
- $(DLLGUILINK) /DEF:<<
-EXPORTS
- version DATA
- check_length
-<<
- $(DLLPREP_NODIST)
-
-test-run:
-
-{$(OBJ)}.h{$(KADM5INCDIR)}.h:
- $(CP) $< $@
-
-{}.h{$(KADM5INCDIR)}.h:
- $(CP) $< $@
-
-{}.c{$(OBJ)}.obj::
- $(C2OBJ_P) -I$(OBJ) -I$(KADM5INCDIR)
-
-test-exports:
- $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libkadm5srv-exports.def
-
-test:: test-exports
Deleted: trunk/crypto/heimdal/lib/kadm5/iprop-log-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/iprop-log-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/iprop-log-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "IProp Log Tool"
-#define RC_FILE_ORIG_0409 "iprop-log.exe"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/kadm5/iprop-log.cat8
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/iprop-log.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/iprop-log.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,82 +0,0 @@
-
-IPROP-LOG(8) BSD System Manager's Manual IPROP-LOG(8)
-
-N�NA�AM�ME�E
- i�ip�pr�ro�op�p-�-l�lo�og�g -- maintain the iprop log file
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- i�ip�pr�ro�op�p-�-l�lo�og�g [-�--�-v�ve�er�rs�si�io�on�n] [-�-h�h | -�--�-h�he�el�lp�p] _�c_�o_�m_�m_�a_�n_�d
-
- i�ip�pr�ro�op�p-�-l�lo�og�g t�tr�ru�un�nc�ca�at�te�e [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e] [-�-r�r _�s_�t_�r_�i_�n_�g |
- -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-h�h | -�--�-h�he�el�lp�p]
-
- i�ip�pr�ro�op�p-�-l�lo�og�g d�du�um�mp�p [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e] [-�-r�r _�s_�t_�r_�i_�n_�g |
- -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-h�h | -�--�-h�he�el�lp�p]
-
- i�ip�pr�ro�op�p-�-l�lo�og�g r�re�ep�pl�la�ay�y [-�--�-s�st�ta�ar�rt�t-�-v�ve�er�rs�si�io�on�n=�=_�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r]
- [-�--�-e�en�nd�d-�-v�ve�er�rs�si�io�on�n=�=_�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r] [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e]
- [-�-r�r _�s_�t_�r_�i_�n_�g | -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-h�h | -�--�-h�he�el�lp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Supported options:
-
- -�--�-v�ve�er�rs�si�io�on�n
-
- -�-h�h, -�--�-h�he�el�lp�p
-
- command can be one of the following:
-
- truncate
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- configuration file
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- realm
-
- Truncates the log. Sets the new logs version number for the to
- the last entry of the old log. If the log is truncted by emp-
- tying the file, the log will start over at the first version
- (0).
-
- dump
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- configuration file
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- realm
-
- Print out all entries in the log to standard output.
-
- replay
-
- -�--�-s�st�ta�ar�rt�t-�-v�ve�er�rs�si�io�on�n=�=_�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r
- start replay with this version
-
- -�--�-e�en�nd�d-�-v�ve�er�rs�si�io�on�n=�=_�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r
- end replay with this version
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- configuration file
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- realm
-
- Replay the changes from specified entries (or all if none is
- specified) in the transaction log to the database.
-
- last-version
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- configuration file
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- realm
-
- prints the version of the last log entry.
-
-S�SE�EE�E A�AL�LS�SO�O
- iprop(8)
-
-Heimdal February 18, 2007 Heimdal
Deleted: trunk/crypto/heimdal/lib/kadm5/iprop.cat8
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/iprop.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/iprop.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,106 +0,0 @@
-
-IPROP(8) BSD System Manager's Manual IPROP(8)
-
-N�NA�AM�ME�E
- i�ip�pr�ro�op�p, i�ip�pr�ro�op�pd�d-�-m�ma�as�st�te�er�r, i�ip�pr�ro�op�pd�d-�-s�sl�la�av�ve�e -- propagate changes to a Heimdal Ker-
- beros master KDC to slave KDCs
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- i�ip�pr�ro�op�pd�d-�-m�ma�as�st�te�er�r [-�-c�c _�s_�t_�r_�i_�n_�g | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�s_�t_�r_�i_�n_�g] [-�-r�r _�s_�t_�r_�i_�n_�g |
- -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-k�k _�k_�s_�p_�e_�c | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�s_�p_�e_�c] [-�-d�d _�f_�i_�l_�e |
- -�--�-d�da�at�ta�ab�ba�as�se�e=�=_�f_�i_�l_�e] [-�--�-s�sl�la�av�ve�e-�-s�st�ta�at�ts�s-�-f�fi�il�le�e=�=_�f_�i_�l_�e]
- [-�--�-t�ti�im�me�e-�-m�mi�is�ss�si�in�ng�g=�=_�t_�i_�m_�e] [-�--�-t�ti�im�me�e-�-g�go�on�ne�e=�=_�t_�i_�m_�e] [-�--�-d�de�et�ta�ac�ch�h]
- [-�--�-v�ve�er�rs�si�io�on�n] [-�--�-h�he�el�lp�p]
- i�ip�pr�ro�op�pd�d-�-s�sl�la�av�ve�e [-�-c�c _�s_�t_�r_�i_�n_�g | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�s_�t_�r_�i_�n_�g] [-�-r�r _�s_�t_�r_�i_�n_�g |
- -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-k�k _�k_�s_�p_�e_�c | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�s_�p_�e_�c]
- [-�--�-t�ti�im�me�e-�-l�lo�os�st�t=�=_�t_�i_�m_�e] [-�--�-d�de�et�ta�ac�ch�h] [-�--�-v�ve�er�rs�si�io�on�n] [-�--�-h�he�el�lp�p] _�m_�a_�s_�t_�e_�r
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- i�ip�pr�ro�op�pd�d-�-m�ma�as�st�te�er�r is used to propagate changes to a Heimdal Kerberos database
- from the master Kerberos server on which it runs to slave Kerberos
- servers running i�ip�pr�ro�op�pd�d-�-s�sl�la�av�ve�e.
-
- The slaves are specified by the contents of the _�s_�l_�a_�v_�e_�s file in the KDC's
- database directory, e.g. _�/_�v_�a_�r_�/_�h_�e_�i_�m_�d_�a_�l_�/_�s_�l_�a_�v_�e_�s. This has principals one
- per-line of the form
- iprop/_�s_�l_�a_�v_�e at _�R_�E_�A_�L_�M
- where _�s_�l_�a_�v_�e is the hostname of the slave server in the given _�R_�E_�A_�L_�M, e.g.
- iprop/kerberos-1.example.com at EXAMPLE.COM
- On a slave, the argument _�m_�a_�s_�t_�e_�r specifies the hostname of the master
- server from which to receive updates.
-
- In contrast to hprop(8), which sends the whole database to the slaves
- regularly, i�ip�pr�ro�op�p normally sends only the changes as they happen on the
- master. The master keeps track of all the changes by assigning a version
- number to every change to the database. The slaves know which was the
- latest version they saw, and in this way it can be determined if they are
- in sync or not. A log of all the changes is kept on the master. When a
- slave is at an older version than the oldest one in the log, the whole
- database has to be sent.
-
- The changes are propagated over a secure channel (on port 2121 by
- default). This should normally be defined as ``iprop/tcp'' in
- _�/_�e_�t_�c_�/_�s_�e_�r_�v_�i_�c_�e_�s or another source of the services database. The master and
- slaves must each have access to a keytab with keys for the i�ip�pr�ro�op�p service
- principal on the local host.
-
- There is a keep-alive feature logged in the master's _�s_�l_�a_�v_�e_�-_�s_�t_�a_�t_�s file
- (e.g. _�/_�v_�a_�r_�/_�h_�e_�i_�m_�d_�a_�l_�/_�s_�l_�a_�v_�e_�-_�s_�t_�a_�t_�s).
-
- Supported options for i�ip�pr�ro�op�pd�d-�-m�ma�as�st�te�er�r:
-
- -�-c�c _�s_�t_�r_�i_�n_�g, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�s_�t_�r_�i_�n_�g
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
-
- -�-k�k _�k_�s_�p_�e_�c, -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�s_�p_�e_�c
- keytab to get authentication from
-
- -�-d�d _�f_�i_�l_�e, -�--�-d�da�at�ta�ab�ba�as�se�e=�=_�f_�i_�l_�e
- Database (default per KDC)
-
- -�--�-s�sl�la�av�ve�e-�-s�st�ta�at�ts�s-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- file for slave status information
-
- -�--�-t�ti�im�me�e-�-m�mi�is�ss�si�in�ng�g=�=_�t_�i_�m_�e
- time before slave is polled for presence (default 2 min)
-
- -�--�-t�ti�im�me�e-�-g�go�on�ne�e=�=_�t_�i_�m_�e
- time of inactivity after which a slave is considered gone
- (default 5 min)
-
- -�--�-d�de�et�ta�ac�ch�h
- detach from console
-
- -�--�-v�ve�er�rs�si�io�on�n
-
- -�--�-h�he�el�lp�p
-
- Supported options for i�ip�pr�ro�op�pd�d-�-s�sl�la�av�ve�e:
-
- -�-c�c _�s_�t_�r_�i_�n_�g, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�s_�t_�r_�i_�n_�g
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
-
- -�-k�k _�k_�s_�p_�e_�c, -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�s_�p_�e_�c
- keytab to get authentication from
-
- -�--�-t�ti�im�me�e-�-l�lo�os�st�t=�=_�t_�i_�m_�e
- time before server is considered lost (default 5 min)
-
- -�--�-d�de�et�ta�ac�ch�h
- detach from console
-
- -�--�-v�ve�er�rs�si�io�on�n
-
- -�--�-h�he�el�lp�p
- Time arguments for the relevant options above may be specified in forms
- like 5 min, 300 s, or simply a number of seconds.
-
-F�FI�IL�LE�ES�S
- _�s_�l_�a_�v_�e_�s, _�s_�l_�a_�v_�e_�-_�s_�t_�a_�t_�s in the database directory.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5.conf(5), hprop(8), hpropd(8), iprop-log(8), kdc(8).
-
-Heimdal May 24, 2005 Heimdal
Deleted: trunk/crypto/heimdal/lib/kadm5/ipropd-master-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/ipropd-master-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/ipropd-master-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "IProp Master"
-#define RC_FILE_ORIG_0409 "ipropd-master.exe"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/kadm5/ipropd-slave-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/ipropd-slave-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/ipropd-slave-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "IProp Slave"
-#define RC_FILE_ORIG_0409 "ipropd-slave.exe"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/kadm5/kadm5_pwcheck.cat3
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/kadm5_pwcheck.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/kadm5_pwcheck.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,88 +0,0 @@
-
-KADM5_PWCHECK(3) BSD Library Functions Manual KADM5_PWCHECK(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_p�pw�wc�ch�he�ec�ck�k, k�ka�ad�dm�m5�5_�_s�se�et�tu�up�p_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_c�ch�he�ec�ck�k,
- k�ka�ad�dm�m5�5_�_a�ad�dd�d_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_v�ve�er�ri�if�fi�ie�er�r, k�ka�ad�dm�m5�5_�_c�ch�he�ec�ck�k_�_p�pa�as�ss�sw�wo�or�rd�d_�_q�qu�ua�al�li�it�ty�y -- Heim-
- dal warning and error functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkadm5srv, -lkadm5srv)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�ka�ad�dm�m5�5-�-p�pr�ro�ot�to�os�s.�.h�h>�>
- #�#i�in�nc�cl�lu�ud�de�e <�<k�ka�ad�dm�m5�5-�-p�pw�wc�ch�he�ec�ck�k.�.h�h>�>
-
- _�v_�o_�i_�d
- k�ka�ad�dm�m5�5_�_s�se�et�tu�up�p_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_c�ch�he�ec�ck�k(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�c_�h_�e_�c_�k_�__�l_�i_�b_�r_�a_�r_�y, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�c_�h_�e_�c_�k_�__�f_�u_�n_�c_�t_�i_�o_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�ka�ad�dm�m5�5_�_a�ad�dd�d_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_v�ve�er�ri�if�fi�ie�er�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�c_�h_�e_�c_�k_�__�l_�i_�b_�r_�a_�r_�y);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�ka�ad�dm�m5�5_�_c�ch�he�ec�ck�k_�_p�pa�as�ss�sw�wo�or�rd�d_�_q�qu�ua�al�li�it�ty�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�p_�w_�d_�__�d_�a_�t_�a);
-
- _�i_�n_�t
- (�(*�*k�ka�ad�dm�m5�5_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_c�ch�he�ec�ck�k_�_f�fu�un�nc�c)�)(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�t_�u_�n_�i_�n_�g,
- _�c_�h_�a_�r _�*_�m_�e_�s_�s_�a_�g_�e, _�s_�i_�z_�e_�__�t _�l_�e_�n_�g_�t_�h);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions perform the quality check for the heimdal database
- library.
-
- There are two versions of the shared object API; the old version (0) is
- deprecated, but still supported. The new version (1) supports multiple
- password quality checking policies in the same shared object. See below
- for details.
-
- The password quality checker will run all policies that are configured by
- the user. If any policy rejects the password, the password will be
- rejected.
-
- Policy names are of the form `module-name:policy-name' or, if the the
- policy name is unique enough, just `policy-name'.
-
-I�IM�MP�PL�LE�EM�ME�EN�NT�TI�IN�NG�G A�A P�PA�AS�SS�SW�WO�OR�RD�D Q�QU�UA�AL�LI�IT�TY�Y C�CH�HE�EC�CK�KI�IN�NG�G S�SH�HA�AR�RE�ED�D O�OB�BJ�JE�EC�CT�T
- (This refers to the version 1 API only.)
-
- Module shared objects may conveniently be compiled and linked with
- libtool(1). An object needs to export a symbol called
- `kadm5_password_verifier' of the type _�s_�t_�r_�u_�c_�t _�k_�a_�d_�m_�5_�__�p_�w_�__�p_�o_�l_�i_�c_�y_�__�v_�e_�r_�i_�f_�i_�e_�r.
-
- Its _�n_�a_�m_�e and _�v_�e_�n_�d_�o_�r fields should contain the obvious information. _�n_�a_�m_�e
- must match the `module-name' portion of the policy name (the part before
- the colon), if the policy name contains a colon, or the policy will not
- be run. _�v_�e_�r_�s_�i_�o_�n should be KADM5_PASSWD_VERSION_V1.
-
- _�f_�u_�n_�c_�s contains an array of _�s_�t_�r_�u_�c_�t _�k_�a_�d_�m_�5_�__�p_�w_�__�p_�o_�l_�i_�c_�y_�__�c_�h_�e_�c_�k_�__�f_�u_�n_�c structures
- that is terminated with an entry whose _�n_�a_�m_�e component is NULL. The _�n_�a_�m_�e
- field of the array must match the `policy-name' portion of a policy name
- (the part after the colon, or the complete policy name if there is no
- colon) specified by the user or the policy will not be run. The _�f_�u_�n_�c
- fields of the array elements are functions that are exported by the mod-
- ule to be called to check the password. They get the following argu-
- ments: the Kerberos context, principal, password, a tuning parameter,
- and a pointer to a message buffer and its length. The tuning parameter
- for the quality check function is currently always NULL. If the password
- is acceptable, the function returns zero. Otherwise it returns non-zero
- and fills in the message buffer with an appropriate explanation.
-
-R�RU�UN�NN�NI�IN�NG�G T�TH�HE�E C�CH�HE�EC�CK�KS�S
- k�ka�ad�dm�m5�5_�_s�se�et�tu�up�p_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_c�ch�he�ec�ck�k sets up type 0 checks. It sets up all
- type 0 checks defined in krb5.conf(5) if called with the last two argu-
- ments null.
-
- k�ka�ad�dm�m5�5_�_a�ad�dd�d_�_p�pa�as�ss�sw�wd�d_�_q�qu�ua�al�li�it�ty�y_�_v�ve�er�ri�if�fi�ie�er�r sets up type 1 checks. It sets up all
- type 1 tests defined in krb5.conf(5) if called with a null second argu-
- ment. k�ka�ad�dm�m5�5_�_c�ch�he�ec�ck�k_�_p�pa�as�ss�sw�wo�or�rd�d_�_q�qu�ua�al�li�it�ty�y runs the checks in the order in which
- they are defined in krb5.conf(5) and the order in which they occur in a
- module's _�f_�u_�n_�c_�s array until one returns non-zero.
-
-S�SE�EE�E A�AL�LS�SO�O
- libtool(1), krb5(3), krb5.conf(5)
-
-HEIMDAL February 29, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/kadm5/libkadm5srv-exports.def
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/libkadm5srv-exports.def 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/libkadm5srv-exports.def 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,61 +0,0 @@
-EXPORTS
-;! kadm5_ad_init_with_password
-;! kadm5_ad_init_with_password_ctx
- kadm5_add_passwd_quality_verifier
- kadm5_check_password_quality
- kadm5_chpass_principal
- kadm5_chpass_principal_with_key
- kadm5_create_principal
- kadm5_delete_principal
- kadm5_destroy
- kadm5_flush
- kadm5_free_key_data
- kadm5_free_name_list
- kadm5_free_principal_ent
- kadm5_get_principal
- kadm5_get_principals
- kadm5_get_privs
- kadm5_init_with_creds
- kadm5_init_with_creds_ctx
- kadm5_init_with_password
- kadm5_init_with_password_ctx
- kadm5_init_with_skey
- kadm5_init_with_skey_ctx
- kadm5_modify_principal
- kadm5_randkey_principal
- kadm5_rename_principal
- kadm5_ret_key_data
- kadm5_ret_principal_ent
- kadm5_ret_principal_ent_mask
- kadm5_ret_tl_data
- kadm5_setup_passwd_quality_check
- kadm5_store_key_data
- kadm5_store_principal_ent
- kadm5_store_principal_ent_mask
- kadm5_store_tl_data
- kadm5_s_init_with_password_ctx
- kadm5_s_init_with_password
- kadm5_s_init_with_skey_ctx
- kadm5_s_init_with_skey
- kadm5_s_init_with_creds_ctx
- kadm5_s_init_with_creds
- kadm5_s_chpass_principal_cond
- kadm5_log_set_version
-;! kadm5_log_signal_socket
- kadm5_log_signal_socket_info ;!
- kadm5_log_previous
- kadm5_log_goto_end
- kadm5_log_foreach
- kadm5_log_get_version_fd
- kadm5_log_get_version
- kadm5_log_replay
- kadm5_log_end
- kadm5_log_reinit
- kadm5_log_init
- kadm5_log_nop
- kadm5_log_truncate
- kadm5_log_modify
- _kadm5_acl_check_permission
- _kadm5_unmarshal_params
- _kadm5_s_get_db
- _kadm5_privs_to_string
Deleted: trunk/crypto/heimdal/lib/kadm5/libkadm5srv-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/kadm5/libkadm5srv-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/kadm5/libkadm5srv-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_DLL
-#define RC_FILE_DESC_0409 "Heimdal Kerberos v5 Administration Library"
-#define RC_FILE_ORIG_0409 "libkadm5srv.dll"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/krb5/NTMakefile
===================================================================
--- trunk/crypto/heimdal/lib/krb5/NTMakefile 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/NTMakefile 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,485 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=lib\krb5
-
-!include ../../windows/NTMakefile.w32
-
-libkrb5_OBJS = \
- $(OBJ)\acache.obj \
- $(OBJ)\acl.obj \
- $(OBJ)\add_et_list.obj \
- $(OBJ)\addr_families.obj \
- $(OBJ)\aname_to_localname.obj \
- $(OBJ)\appdefault.obj \
- $(OBJ)\asn1_glue.obj \
- $(OBJ)\auth_context.obj \
- $(OBJ)\build_ap_req.obj \
- $(OBJ)\build_auth.obj \
- $(OBJ)\cache.obj \
- $(OBJ)\changepw.obj \
- $(OBJ)\codec.obj \
- $(OBJ)\config_file.obj \
- $(OBJ)\config_reg.obj \
- $(OBJ)\constants.obj \
- $(OBJ)\context.obj \
- $(OBJ)\copy_host_realm.obj \
- $(OBJ)\crc.obj \
- $(OBJ)\creds.obj \
- $(OBJ)\crypto.obj \
- $(OBJ)\crypto-aes.obj \
- $(OBJ)\crypto-algs.obj \
- $(OBJ)\crypto-arcfour.obj \
- $(OBJ)\crypto-des-common.obj \
- $(OBJ)\crypto-des.obj \
- $(OBJ)\crypto-des3.obj \
- $(OBJ)\crypto-evp.obj \
- $(OBJ)\crypto-null.obj \
- $(OBJ)\crypto-pk.obj \
- $(OBJ)\crypto-rand.obj \
- $(OBJ)\data.obj \
- $(OBJ)\deprecated.obj \
- $(OBJ)\digest.obj \
- $(OBJ)\dll.obj \
- $(OBJ)\eai_to_heim_errno.obj \
- $(OBJ)\error_string.obj \
- $(OBJ)\expand_hostname.obj \
- $(OBJ)\expand_path.obj \
- $(OBJ)\fcache.obj \
- $(OBJ)\free.obj \
- $(OBJ)\free_host_realm.obj \
- $(OBJ)\generate_seq_number.obj \
- $(OBJ)\generate_subkey.obj \
- $(OBJ)\get_addrs.obj \
- $(OBJ)\get_cred.obj \
- $(OBJ)\get_default_principal.obj \
- $(OBJ)\get_default_realm.obj \
- $(OBJ)\get_for_creds.obj \
- $(OBJ)\get_host_realm.obj \
- $(OBJ)\get_in_tkt.obj \
- $(OBJ)\get_port.obj \
- $(OBJ)\init_creds.obj \
- $(OBJ)\init_creds_pw.obj \
- $(OBJ)\kcm.obj \
- $(OBJ)\keyblock.obj \
- $(OBJ)\keytab.obj \
- $(OBJ)\keytab_any.obj \
- $(OBJ)\keytab_file.obj \
- $(OBJ)\keytab_keyfile.obj \
- $(OBJ)\keytab_memory.obj \
- $(OBJ)\krbhst.obj \
- $(OBJ)\kuserok.obj \
- $(OBJ)\log.obj \
- $(OBJ)\mcache.obj \
- $(OBJ)\misc.obj \
- $(OBJ)\mit_glue.obj \
- $(OBJ)\mk_error.obj \
- $(OBJ)\mk_priv.obj \
- $(OBJ)\mk_rep.obj \
- $(OBJ)\mk_req.obj \
- $(OBJ)\mk_req_ext.obj \
- $(OBJ)\mk_safe.obj \
- $(OBJ)\net_read.obj \
- $(OBJ)\net_write.obj \
- $(OBJ)\n-fold.obj \
- $(OBJ)\pac.obj \
- $(OBJ)\padata.obj \
- $(OBJ)\pkinit.obj \
- $(OBJ)\principal.obj \
- $(OBJ)\prog_setup.obj \
- $(OBJ)\prompter_posix.obj \
- $(OBJ)\rd_cred.obj \
- $(OBJ)\rd_error.obj \
- $(OBJ)\rd_priv.obj \
- $(OBJ)\rd_rep.obj \
- $(OBJ)\rd_req.obj \
- $(OBJ)\rd_safe.obj \
- $(OBJ)\read_message.obj \
- $(OBJ)\recvauth.obj \
- $(OBJ)\replay.obj \
- $(OBJ)\salt-aes.obj \
- $(OBJ)\salt-arcfour.obj \
- $(OBJ)\salt-des.obj \
- $(OBJ)\salt-des3.obj \
- $(OBJ)\salt.obj \
- $(OBJ)\scache.obj \
- $(OBJ)\send_to_kdc.obj \
- $(OBJ)\sendauth.obj \
- $(OBJ)\set_default_realm.obj \
- $(OBJ)\sock_principal.obj \
- $(OBJ)\store.obj \
- $(OBJ)\store-int.obj \
- $(OBJ)\store_emem.obj \
- $(OBJ)\store_fd.obj \
- $(OBJ)\store_mem.obj \
- $(OBJ)\pcache.obj \
- $(OBJ)\plugin.obj \
- $(OBJ)\ticket.obj \
- $(OBJ)\time.obj \
- $(OBJ)\transited.obj \
- $(OBJ)\verify_init.obj \
- $(OBJ)\verify_user.obj \
- $(OBJ)\version.obj \
- $(OBJ)\warn.obj \
- $(OBJ)\write_message.obj
-
-libkrb5_gen_OBJS= \
- $(OBJ)\krb5_err.obj \
- $(OBJ)\krb_err.obj \
- $(OBJ)\heim_err.obj \
- $(OBJ)\k524_err.obj
-
-INCFILES= \
- $(INCDIR)\heim_err.h \
- $(INCDIR)\k524_err.h \
- $(INCDIR)\kcm.h \
- $(INCDIR)\krb_err.h \
- $(INCDIR)\krb5.h \
- $(INCDIR)\krb5_ccapi.h \
- $(INCDIR)\krb5_err.h \
- $(INCDIR)\krb5_locl.h \
- $(INCDIR)\krb5-protos.h \
- $(INCDIR)\krb5-private.h \
- $(INCDIR)\krb5-v4compat.h \
- $(INCDIR)\crypto.h
-
-all:: $(INCFILES)
-
-clean::
- -$(RM) $(INCFILES)
-
-dist_libkrb5_la_SOURCES = \
- acache.c \
- acl.c \
- add_et_list.c \
- addr_families.c \
- aname_to_localname.c \
- appdefault.c \
- asn1_glue.c \
- auth_context.c \
- build_ap_req.c \
- build_auth.c \
- cache.c \
- changepw.c \
- codec.c \
- config_file.c \
- config_reg.c \
- constants.c \
- context.c \
- copy_host_realm.c \
- crc.c \
- creds.c \
- crypto.c \
- crypto.h \
- crypto-aes.c \
- crypto-algs.c \
- crypto-arcfour.c \
- crypto-des.c \
- crypto-des-common.c \
- crypto-des3.c \
- crypto-evp.c \
- crypto-pk.c \
- crypto-rand.c \
- doxygen.c \
- data.c \
- deprecated.c \
- digest.c \
- eai_to_heim_errno.c \
- error_string.c \
- expand_hostname.c \
- expand_path.c \
- fcache.c \
- free.c \
- free_host_realm.c \
- generate_seq_number.c \
- generate_subkey.c \
- get_addrs.c \
- get_cred.c \
- get_default_principal.c \
- get_default_realm.c \
- get_for_creds.c \
- get_host_realm.c \
- get_in_tkt.c \
- get_port.c \
- init_creds.c \
- init_creds_pw.c \
- kcm.c \
- kcm.h \
- keyblock.c \
- keytab.c \
- keytab_any.c \
- keytab_file.c \
- keytab_keyfile.c \
- keytab_memory.c \
- krb5_locl.h \
- krb5-v4compat.h \
- krbhst.c \
- kuserok.c \
- log.c \
- mcache.c \
- misc.c \
- mk_error.c \
- mk_priv.c \
- mk_rep.c \
- mk_req.c \
- mk_req_ext.c \
- mk_safe.c \
- mit_glue.c \
- net_read.c \
- net_write.c \
- n-fold.c \
- pac.c \
- padata.c \
- pkinit.c \
- principal.c \
- prog_setup.c \
- prompter_posix.c \
- rd_cred.c \
- rd_error.c \
- rd_priv.c \
- rd_rep.c \
- rd_req.c \
- rd_safe.c \
- read_message.c \
- recvauth.c \
- replay.c \
- salt.c \
- salt-aes.c \
- salt-arcfour.c \
- salt-des.c \
- salt-des3.c \
- scache.c \
- send_to_kdc.c \
- sendauth.c \
- set_default_realm.c \
- sock_principal.c \
- store.c \
- store-int.c \
- store-int.h \
- store_emem.c \
- store_fd.c \
- store_mem.c \
- pcache.c \
- plugin.c \
- ticket.c \
- time.c \
- transited.c \
- verify_init.c \
- verify_user.c \
- version.c \
- warn.c \
- write_message.c
-
-$(OBJ)\krb5-protos.h: $(dist_libkrb5_la_SOURCES)
- $(PERL) ..\..\cf\make-proto.pl -E KRB5_LIB -q -P remove -o $(OBJ)\krb5-protos.h $(dist_libkrb5_la_SOURCES) || $(RM) -f $(OBJ)\krb5-protos.h
-
-$(OBJ)\krb5-private.h: $(dist_libkrb5_la_SOURCES)
- $(PERL) ..\..\cf\make-proto.pl -q -P remove -p $(OBJ)\krb5-private.h $(dist_libkrb5_la_SOURCES) || $(RM) -f $(OBJ)\krb5-private.h
-
-$(OBJ)\krb5_err.c $(OBJ)\krb5_err.h: krb5_err.et
- cd $(OBJ)
- $(BINDIR)\compile_et.exe $(SRCDIR)\krb5_err.et
- cd $(SRCDIR)
-
-$(OBJ)\krb_err.c $(OBJ)\krb_err.h: krb_err.et
- cd $(OBJ)
- $(BINDIR)\compile_et.exe $(SRCDIR)\krb_err.et
- cd $(SRCDIR)
-
-$(OBJ)\heim_err.c $(OBJ)\heim_err.h: heim_err.et
- cd $(OBJ)
- $(BINDIR)\compile_et.exe $(SRCDIR)\heim_err.et
- cd $(SRCDIR)
-
-$(OBJ)\k524_err.c $(OBJ)\k524_err.h: k524_err.et
- cd $(OBJ)
- $(BINDIR)\compile_et.exe $(SRCDIR)\k524_err.et
- cd $(SRCDIR)
-
-#----------------------------------------------------------------------
-# libkrb5
-
-$(LIBKRB5): $(libkrb5_OBJS) $(libkrb5_gen_OBJS)
- $(LIBCON)
-
-all:: $(LIBKRB5)
-
-clean::
- -$(RM) $(LIBKRB5)
-
-$(OBJ)\libkrb5-exports.def: libkrb5-exports.def.in $(INCDIR)\config.h
- $(CPREPROCESSOUT) libkrb5-exports.def.in > $@ || $(RM) $@
-
-all:: $(OBJ)\libkrb5-exports.def
-
-clean::
- -$(RM) $(OBJ)\libkrb5-exports.def
-
-#----------------------------------------------------------------------
-# librfc3961
-
-librfc3961_OBJS=\
- $(OBJ)\crc.obj \
- $(OBJ)\crypto.obj \
- $(OBJ)\crypto-aes.obj \
- $(OBJ)\crypto-algs.obj \
- $(OBJ)\crypto-arcfour.obj \
- $(OBJ)\crypto-des.obj \
- $(OBJ)\crypto-des-common.obj \
- $(OBJ)\crypto-des3.obj \
- $(OBJ)\crypto-evp.obj \
- $(OBJ)\crypto-null.obj \
- $(OBJ)\crypto-pk.obj \
- $(OBJ)\crypto-rand.obj \
- $(OBJ)\crypto-stubs.obj \
- $(OBJ)\data.obj \
- $(OBJ)\error_string.obj \
- $(OBJ)\keyblock.obj \
- $(OBJ)\n-fold.obj \
- $(OBJ)\salt.obj \
- $(OBJ)\salt-aes.obj \
- $(OBJ)\salt-arcfour.obj \
- $(OBJ)\salt-des.obj \
- $(OBJ)\salt-des3.obj \
- $(OBJ)\store-int.obj \
- $(OBJ)\warn.obj
-
-$(LIBRFC3961): $(librfc3961_OBJS)
- $(LIBCON)
-
-all:: $(LIBRFC3961)
-
-clean::
- -$(RM) $(LIBRFC3961)
-
-#----------------------------------------------------------------------
-# Tools
-
-all-tools:: $(BINDIR)\verify_krb5_conf.exe
-
-clean::
- -$(RM) $(BINDIR)\verify_krb5_conf.*
-
-$(BINDIR)\verify_krb5_conf.exe: $(OBJ)\verify_krb5_conf.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBVERS) $(OBJ)\verify_krb5_conf-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-{}.c{$(OBJ)}.obj::
- $(C2OBJ_P) -DBUILD_KRB5_LIB -DASN1_LIB
-
-{$(OBJ)}.c{$(OBJ)}.obj::
- $(C2OBJ_P) -DBUILD_KRB5_LIB -DASN1_LIB
-
-#----------------------------------------------------------------------
-# Tests
-
-test:: test-binaries test-files test-run
-
-test_binaries = \
- $(OBJ)\aes-test.exe \
- $(OBJ)\derived-key-test.exe \
- $(OBJ)\krbhst-test.exe \
- $(OBJ)\n-fold-test.exe \
- $(OBJ)\parse-name-test.exe \
- $(OBJ)\store-test.exe \
- $(OBJ)\string-to-key-test.exe \
- $(OBJ)\test_acl.exe \
- $(OBJ)\test_addr.exe \
- $(OBJ)\test_alname.exe \
- $(OBJ)\test_cc.exe \
- $(OBJ)\test_config.exe \
- $(OBJ)\test_crypto.exe \
- $(OBJ)\test_crypto_wrapping.exe \
- $(OBJ)\test_forward.exe \
- $(OBJ)\test_get_addrs.exe \
- $(OBJ)\test_hostname.exe \
- $(OBJ)\test_keytab.exe \
- $(OBJ)\test_kuserok.exe \
- $(OBJ)\test_mem.exe \
- $(OBJ)\test_pac.exe \
- $(OBJ)\test_pkinit_dh2key.exe \
- $(OBJ)\test_pknistkdf.exe \
- $(OBJ)\test_plugin.exe \
- $(OBJ)\test_prf.exe \
- $(OBJ)\test_princ.exe \
- $(OBJ)\test_renew.exe \
- $(OBJ)\test_rfc3961.exe \
- $(OBJ)\test_store.exe \
- $(OBJ)\test_time.exe \
-
-test-binaries: $(test_binaries)
-
-test-files: $(OBJ)\test_config_strings.out
-
-$(OBJ)\test_config_strings.out: test_config_strings.cfg
- $(CP) $** $@
-
-test-run:
- cd $(OBJ)
- aes-test.exe
- derived-key-test.exe
- n-fold-test.exe
- parse-name-test.exe
- store-test.exe
- string-to-key-test.exe
- test_acl.exe
- test_addr.exe
- test_cc.exe
- test_config.exe
- test_prf.exe
- test_store.exe
- test_crypto.exe
- test_crypto_wrapping.exe
- test_keytab.exe
- test_mem.exe
- test_pac.exe
- test_plugin.exe
- test_princ.exe
- test_pkinit_dh2key.exe
- test_pknistkdf.exe
- test_time.exe
- cd $(SRCDIR)
-
-$(test_binaries): $$(@R).obj $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN)
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-$(OBJ)\test_rfc3961.exe: $(OBJ)\test_rfc3961.obj $(LIBRFC3961) $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN)
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-$(test_binaries:.exe=.obj): $$(@B).c
- $(C2OBJ_C) -Fo$@ -Fd$(@D)\ $** -DBlah
-
-test-exports:
- $(PERL) ..\..\cf\w32-check-exported-symbols.pl --vs version-script.map --def libkrb5-exports.def.in
-
-test:: test-exports
Deleted: trunk/crypto/heimdal/lib/krb5/config_file_netinfo.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/config_file_netinfo.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/config_file_netinfo.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,180 +0,0 @@
-/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb5_locl.h"
-RCSID("$Id: config_file_netinfo.c,v 1.1.1.3 2012-07-21 15:09:08 laffer1 Exp $");
-
-/*
- * Netinfo implementation from Luke Howard <lukeh at xedoc.com.au>
- */
-
-#ifdef HAVE_NETINFO
-#include <netinfo/ni.h>
-static ni_status
-ni_proplist2binding(ni_proplist *pl, krb5_config_section **ret)
-{
- int i, j;
- krb5_config_section **next = NULL;
-
- for (i = 0; i < pl->ni_proplist_len; i++) {
- if (!strcmp(pl->nipl_val[i].nip_name, "name"))
- continue;
-
- for (j = 0; j < pl->nipl_val[i].nip_val.ni_namelist_len; j++) {
- krb5_config_binding *b;
-
- b = malloc(sizeof(*b));
- if (b == NULL)
- return NI_FAILED;
-
- b->next = NULL;
- b->type = krb5_config_string;
- b->name = ni_name_dup(pl->nipl_val[i].nip_name);
- b->u.string = ni_name_dup(pl->nipl_val[i].nip_val.ninl_val[j]);
-
- if (next == NULL) {
- *ret = b;
- } else {
- *next = b;
- }
- next = &b->next;
- }
- }
- return NI_OK;
-}
-
-static ni_status
-ni_idlist2binding(void *ni, ni_idlist *idlist, krb5_config_section **ret)
-{
- int i;
- ni_status nis;
- krb5_config_section **next;
-
- for (i = 0; i < idlist->ni_idlist_len; i++) {
- ni_proplist pl;
- ni_id nid;
- ni_idlist children;
- krb5_config_binding *b;
- ni_index index;
-
- nid.nii_instance = 0;
- nid.nii_object = idlist->ni_idlist_val[i];
-
- nis = ni_read(ni, &nid, &pl);
-
- if (nis != NI_OK) {
- return nis;
- }
- index = ni_proplist_match(pl, "name", NULL);
- b = malloc(sizeof(*b));
- if (b == NULL) return NI_FAILED;
-
- if (i == 0) {
- *ret = b;
- } else {
- *next = b;
- }
-
- b->type = krb5_config_list;
- b->name = ni_name_dup(pl.nipl_val[index].nip_val.ninl_val[0]);
- b->next = NULL;
- b->u.list = NULL;
-
- /* get the child directories */
- nis = ni_children(ni, &nid, &children);
- if (nis == NI_OK) {
- nis = ni_idlist2binding(ni, &children, &b->u.list);
- if (nis != NI_OK) {
- return nis;
- }
- }
-
- nis = ni_proplist2binding(&pl, b->u.list == NULL ? &b->u.list : &b->u.list->next);
- ni_proplist_free(&pl);
- if (nis != NI_OK) {
- return nis;
- }
- next = &b->next;
- }
- ni_idlist_free(idlist);
- return NI_OK;
-}
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_config_parse_file (krb5_context context,
- const char *fname,
- krb5_config_section **res)
-{
- void *ni = NULL, *lastni = NULL;
- int i;
- ni_status nis;
- ni_id nid;
- ni_idlist children;
-
- krb5_config_section *s;
- int ret;
-
- s = NULL;
-
- for (i = 0; i < 256; i++) {
- if (i == 0) {
- nis = ni_open(NULL, ".", &ni);
- } else {
- if (lastni != NULL) ni_free(lastni);
- lastni = ni;
- nis = ni_open(lastni, "..", &ni);
- }
- if (nis != NI_OK)
- break;
- nis = ni_pathsearch(ni, &nid, "/locations/kerberos");
- if (nis == NI_OK) {
- nis = ni_children(ni, &nid, &children);
- if (nis != NI_OK)
- break;
- nis = ni_idlist2binding(ni, &children, &s);
- break;
- }
- }
-
- if (ni != NULL) ni_free(ni);
- if (ni != lastni && lastni != NULL) ni_free(lastni);
-
- ret = (nis == NI_OK) ? 0 : -1;
- if (ret == 0) {
- *res = s;
- } else {
- *res = NULL;
- }
- return ret;
-}
-#endif /* HAVE_NETINFO */
Deleted: trunk/crypto/heimdal/lib/krb5/get_in_tkt_pw.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/get_in_tkt_pw.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/get_in_tkt_pw.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,90 +0,0 @@
-/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb5_locl.h"
-
-RCSID("$Id: get_in_tkt_pw.c,v 1.1.1.3 2012-07-21 15:09:07 laffer1 Exp $");
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_password_key_proc (krb5_context context,
- krb5_enctype type,
- krb5_salt salt,
- krb5_const_pointer keyseed,
- krb5_keyblock **key)
-{
- krb5_error_code ret;
- const char *password = (const char *)keyseed;
- char buf[BUFSIZ];
-
- *key = malloc (sizeof (**key));
- if (*key == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- if (password == NULL) {
- if(UI_UTIL_read_pw_string (buf, sizeof(buf), "Password: ", 0)) {
- free (*key);
- krb5_clear_error_string(context);
- return KRB5_LIBOS_PWDINTR;
- }
- password = buf;
- }
- ret = krb5_string_to_key_salt (context, type, password, salt, *key);
- memset (buf, 0, sizeof(buf));
- return ret;
-}
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_get_in_tkt_with_password (krb5_context context,
- krb5_flags options,
- krb5_addresses *addrs,
- const krb5_enctype *etypes,
- const krb5_preauthtype *pre_auth_types,
- const char *password,
- krb5_ccache ccache,
- krb5_creds *creds,
- krb5_kdc_rep *ret_as_reply)
-{
- return krb5_get_in_tkt (context,
- options,
- addrs,
- etypes,
- pre_auth_types,
- krb5_password_key_proc,
- password,
- NULL,
- NULL,
- creds,
- ccache,
- ret_as_reply);
-}
Deleted: trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_keytab.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,99 +0,0 @@
-/*
- * Copyright (c) 1997 - 2001 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb5_locl.h"
-
-RCSID("$Id: get_in_tkt_with_keytab.c,v 1.1.1.3 2012-07-21 15:09:07 laffer1 Exp $");
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_keytab_key_proc (krb5_context context,
- krb5_enctype enctype,
- krb5_salt salt,
- krb5_const_pointer keyseed,
- krb5_keyblock **key)
-{
- krb5_keytab_key_proc_args *args = rk_UNCONST(keyseed);
- krb5_keytab keytab = args->keytab;
- krb5_principal principal = args->principal;
- krb5_error_code ret;
- krb5_keytab real_keytab;
- krb5_keytab_entry entry;
-
- if(keytab == NULL)
- krb5_kt_default(context, &real_keytab);
- else
- real_keytab = keytab;
-
- ret = krb5_kt_get_entry (context, real_keytab, principal,
- 0, enctype, &entry);
-
- if (keytab == NULL)
- krb5_kt_close (context, real_keytab);
-
- if (ret)
- return ret;
-
- ret = krb5_copy_keyblock (context, &entry.keyblock, key);
- krb5_kt_free_entry(context, &entry);
- return ret;
-}
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_get_in_tkt_with_keytab (krb5_context context,
- krb5_flags options,
- krb5_addresses *addrs,
- const krb5_enctype *etypes,
- const krb5_preauthtype *pre_auth_types,
- krb5_keytab keytab,
- krb5_ccache ccache,
- krb5_creds *creds,
- krb5_kdc_rep *ret_as_reply)
-{
- krb5_keytab_key_proc_args a;
-
- a.principal = creds->client;
- a.keytab = keytab;
-
- return krb5_get_in_tkt (context,
- options,
- addrs,
- etypes,
- pre_auth_types,
- krb5_keytab_key_proc,
- &a,
- NULL,
- NULL,
- creds,
- ccache,
- ret_as_reply);
-}
Deleted: trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/get_in_tkt_with_skey.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,82 +0,0 @@
-/*
- * Copyright (c) 1997, 1998 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb5_locl.h"
-
-RCSID("$Id: get_in_tkt_with_skey.c,v 1.1.1.3 2012-07-21 15:09:07 laffer1 Exp $");
-
-static krb5_error_code
-krb5_skey_key_proc (krb5_context context,
- krb5_enctype type,
- krb5_salt salt,
- krb5_const_pointer keyseed,
- krb5_keyblock **key)
-{
- return krb5_copy_keyblock (context, keyseed, key);
-}
-
-krb5_error_code KRB5_LIB_FUNCTION
-krb5_get_in_tkt_with_skey (krb5_context context,
- krb5_flags options,
- krb5_addresses *addrs,
- const krb5_enctype *etypes,
- const krb5_preauthtype *pre_auth_types,
- const krb5_keyblock *key,
- krb5_ccache ccache,
- krb5_creds *creds,
- krb5_kdc_rep *ret_as_reply)
-{
- if(key == NULL)
- return krb5_get_in_tkt_with_keytab (context,
- options,
- addrs,
- etypes,
- pre_auth_types,
- NULL,
- ccache,
- creds,
- ret_as_reply);
- else
- return krb5_get_in_tkt (context,
- options,
- addrs,
- etypes,
- pre_auth_types,
- krb5_skey_key_proc,
- key,
- NULL,
- NULL,
- creds,
- ccache,
- ret_as_reply);
-}
Deleted: trunk/crypto/heimdal/lib/krb5/heim_threads.h
===================================================================
--- trunk/crypto/heimdal/lib/krb5/heim_threads.h 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/heim_threads.h 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,175 +0,0 @@
-/*
- * Copyright (c) 2003 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: heim_threads.h,v 1.1.1.1 2012-07-21 15:09:07 laffer1 Exp $ */
-
-/*
- * Provide wrapper macros for thread synchronization primitives so we
- * can use native thread functions for those operating system that
- * supports it.
- *
- * This is so libkrb5.so (or more importantly, libgssapi.so) can have
- * thread support while the program that that dlopen(3)s the library
- * don't need to be linked to libpthread.
- */
-
-#ifndef HEIM_THREADS_H
-#define HEIM_THREADS_H 1
-
-/* assume headers already included */
-
-#if defined(__NetBSD__) && __NetBSD_Version__ >= 106120000 && __NetBSD_Version__< 299001200 && defined(ENABLE_PTHREAD_SUPPORT)
-
-/*
- * NetBSD have a thread lib that we can use that part of libc that
- * works regardless if application are linked to pthreads or not.
- * NetBSD newer then 2.99.11 just use pthread.h, and the same thing
- * will happen.
- */
-#include <threadlib.h>
-
-#define HEIMDAL_MUTEX mutex_t
-#define HEIMDAL_MUTEX_INITIALIZER MUTEX_INITIALIZER
-#define HEIMDAL_MUTEX_init(m) mutex_init(m, NULL)
-#define HEIMDAL_MUTEX_lock(m) mutex_lock(m)
-#define HEIMDAL_MUTEX_unlock(m) mutex_unlock(m)
-#define HEIMDAL_MUTEX_destroy(m) mutex_destroy(m)
-
-#define HEIMDAL_RWLOCK rwlock_t
-#define HEIMDAL_RWLOCK_INITIALIZER RWLOCK_INITIALIZER
-#define HEIMDAL_RWLOCK_init(l) rwlock_init(l, NULL)
-#define HEIMDAL_RWLOCK_rdlock(l) rwlock_rdlock(l)
-#define HEIMDAL_RWLOCK_wrlock(l) rwlock_wrlock(l)
-#define HEIMDAL_RWLOCK_tryrdlock(l) rwlock_tryrdlock(l)
-#define HEIMDAL_RWLOCK_trywrlock(l) rwlock_trywrlock(l)
-#define HEIMDAL_RWLOCK_unlock(l) rwlock_unlock(l)
-#define HEIMDAL_RWLOCK_destroy(l) rwlock_destroy(l)
-
-#define HEIMDAL_thread_key thread_key_t
-#define HEIMDAL_key_create(k,d,r) do { r = thr_keycreate(k,d); } while(0)
-#define HEIMDAL_setspecific(k,s,r) do { r = thr_setspecific(k,s); } while(0)
-#define HEIMDAL_getspecific(k) thr_getspecific(k)
-#define HEIMDAL_key_delete(k) thr_keydelete(k)
-
-#elif defined(ENABLE_PTHREAD_SUPPORT) && (!defined(__NetBSD__) || __NetBSD_Version__ >= 299001200)
-
-#include <pthread.h>
-
-#define HEIMDAL_MUTEX pthread_mutex_t
-#define HEIMDAL_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
-#define HEIMDAL_MUTEX_init(m) pthread_mutex_init(m, NULL)
-#define HEIMDAL_MUTEX_lock(m) pthread_mutex_lock(m)
-#define HEIMDAL_MUTEX_unlock(m) pthread_mutex_unlock(m)
-#define HEIMDAL_MUTEX_destroy(m) pthread_mutex_destroy(m)
-
-#define HEIMDAL_RWLOCK rwlock_t
-#define HEIMDAL_RWLOCK_INITIALIZER RWLOCK_INITIALIZER
-#define HEIMDAL_RWLOCK_init(l) pthread_rwlock_init(l, NULL)
-#define HEIMDAL_RWLOCK_rdlock(l) pthread_rwlock_rdlock(l)
-#define HEIMDAL_RWLOCK_wrlock(l) pthread_rwlock_wrlock(l)
-#define HEIMDAL_RWLOCK_tryrdlock(l) pthread_rwlock_tryrdlock(l)
-#define HEIMDAL_RWLOCK_trywrlock(l) pthread_rwlock_trywrlock(l)
-#define HEIMDAL_RWLOCK_unlock(l) pthread_rwlock_unlock(l)
-#define HEIMDAL_RWLOCK_destroy(l) pthread_rwlock_destroy(l)
-
-#define HEIMDAL_thread_key pthread_key_t
-#define HEIMDAL_key_create(k,d,r) do { r = pthread_key_create(k,d); } while(0)
-#define HEIMDAL_setspecific(k,s,r) do { r = pthread_setspecific(k,s); } while(0)
-#define HEIMDAL_getspecific(k) pthread_getspecific(k)
-#define HEIMDAL_key_delete(k) pthread_key_delete(k)
-
-#elif defined(HEIMDAL_DEBUG_THREADS)
-
-/* no threads support, just do consistency checks */
-#include <stdlib.h>
-
-#define HEIMDAL_MUTEX int
-#define HEIMDAL_MUTEX_INITIALIZER 0
-#define HEIMDAL_MUTEX_init(m) do { (*(m)) = 0; } while(0)
-#define HEIMDAL_MUTEX_lock(m) do { if ((*(m))++ != 0) abort(); } while(0)
-#define HEIMDAL_MUTEX_unlock(m) do { if ((*(m))-- != 1) abort(); } while(0)
-#define HEIMDAL_MUTEX_destroy(m) do {if ((*(m)) != 0) abort(); } while(0)
-
-#define HEIMDAL_RWLOCK rwlock_t int
-#define HEIMDAL_RWLOCK_INITIALIZER 0
-#define HEIMDAL_RWLOCK_init(l) do { } while(0)
-#define HEIMDAL_RWLOCK_rdlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_wrlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_tryrdlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_trywrlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_unlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_destroy(l) do { } while(0)
-
-#define HEIMDAL_internal_thread_key 1
-
-#else /* no thread support, no debug case */
-
-#define HEIMDAL_MUTEX int
-#define HEIMDAL_MUTEX_INITIALIZER 0
-#define HEIMDAL_MUTEX_init(m) do { (void)(m); } while(0)
-#define HEIMDAL_MUTEX_lock(m) do { (void)(m); } while(0)
-#define HEIMDAL_MUTEX_unlock(m) do { (void)(m); } while(0)
-#define HEIMDAL_MUTEX_destroy(m) do { (void)(m); } while(0)
-
-#define HEIMDAL_RWLOCK rwlock_t int
-#define HEIMDAL_RWLOCK_INITIALIZER 0
-#define HEIMDAL_RWLOCK_init(l) do { } while(0)
-#define HEIMDAL_RWLOCK_rdlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_wrlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_tryrdlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_trywrlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_unlock(l) do { } while(0)
-#define HEIMDAL_RWLOCK_destroy(l) do { } while(0)
-
-#define HEIMDAL_internal_thread_key 1
-
-#endif /* no thread support */
-
-#ifdef HEIMDAL_internal_thread_key
-
-typedef struct heim_thread_key {
- void *value;
- void (*destructor)(void *);
-} heim_thread_key;
-
-#define HEIMDAL_thread_key heim_thread_key
-#define HEIMDAL_key_create(k,d,r) \
- do { (k)->value = NULL; (k)->destructor = (d); r = 0; } while(0)
-#define HEIMDAL_setspecific(k,s,r) do { (k).value = s ; r = 0; } while(0)
-#define HEIMDAL_getspecific(k) ((k).value)
-#define HEIMDAL_key_delete(k) do { (*(k).destructor)((k).value); } while(0)
-
-#undef HEIMDAL_internal_thread_key
-#endif /* HEIMDAL_internal_thread_key */
-
-#endif /* HEIM_THREADS_H */
Deleted: trunk/crypto/heimdal/lib/krb5/kerberos.cat8
===================================================================
--- trunk/crypto/heimdal/lib/krb5/kerberos.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/kerberos.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,57 +0,0 @@
-
-KERBEROS(8) BSD System Manager's Manual KERBEROS(8)
-
-N�NA�AM�ME�E
- k�ke�er�rb�be�er�ro�os�s -- introduction to the Kerberos system
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Kerberos is a network authentication system. Its purpose is to securely
- authenticate users and services in an insecure network environment.
-
- This is done with a Kerberos server acting as a trusted third party,
- keeping a database with secret keys for all users and services (collec-
- tively called _�p_�r_�i_�n_�c_�i_�p_�a_�l_�s).
-
- Each principal belongs to exactly one _�r_�e_�a_�l_�m, which is the administrative
- domain in Kerberos. A realm usually corresponds to an organisation, and
- the realm should normally be derived from that organisation's domain
- name. A realm is served by one or more Kerberos servers.
-
- The authentication process involves exchange of `tickets' and
- `authenticators' which together prove the principal's identity.
-
- When you login to the Kerberos system, either through the normal system
- login or with the kinit(1) program, you acquire a _�t_�i_�c_�k_�e_�t _�g_�r_�a_�n_�t_�i_�n_�g _�t_�i_�c_�k_�e_�t
- which allows you to get new tickets for other services, such as t�te�el�ln�ne�et�t or
- f�ft�tp�p, without giving your password.
-
- For more information on how Kerberos works, and other general Kerberos
- questions see the Kerberos FAQ at
- _�h_�t_�t_�p_�:_�/_�/_�w_�w_�w_�._�n_�r_�l_�._�n_�a_�v_�y_�._�m_�i_�l_�/_�C_�C_�S_�/_�p_�e_�o_�p_�l_�e_�/_�k_�e_�n_�h_�/_�k_�e_�r_�b_�e_�r_�o_�s_�-_�f_�a_�q_�._�h_�t_�m_�l.
-
- For setup instructions see the Heimdal Texinfo manual.
-
-S�SE�EE�E A�AL�LS�SO�O
- ftp(1), kdestroy(1), kinit(1), klist(1), kpasswd(1), telnet(1)
-
-H�HI�IS�ST�TO�OR�RY�Y
- The Kerberos authentication system was developed in the late 1980's as
- part of the Athena Project at the Massachusetts Institute of Technology.
- Versions one through three never reached outside MIT, but version 4 was
- (and still is) quite popular, especially in the academic community, but
- is also used in commercial products like the AFS filesystem.
-
- The problems with version 4 are that it has many limitations, the code
- was not too well written (since it had been developed over a long time),
- and it has a number of known security problems. To resolve many of these
- issues work on version five started, and resulted in IETF RFC 1510 in
- 1993. IETF RFC 1510 was obsoleted in 2005 with IETF RFC 4120, also known
- as Kerberos clarifications. With the arrival of IETF RFC 4120, the work
- on adding extensibility and internationalization have started (Kerberos
- extensions), and a new RFC will hopefully appear soon.
-
- This manual page is part of the H�He�ei�im�md�da�al�l Kerberos 5 distribution, which
- has been in development at the Royal Institute of Technology in Stock-
- holm, Sweden, since about 1997.
-
-HEIMDAL September 1, 2000 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/keytab_krb4.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/keytab_krb4.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/keytab_krb4.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,448 +0,0 @@
-/*
- * Copyright (c) 1997 - 2002 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb5_locl.h"
-
-RCSID("$Id: keytab_krb4.c,v 1.1.1.3 2012-07-21 15:09:07 laffer1 Exp $");
-
-struct krb4_kt_data {
- char *filename;
-};
-
-static krb5_error_code
-krb4_kt_resolve(krb5_context context, const char *name, krb5_keytab id)
-{
- struct krb4_kt_data *d;
-
- d = malloc (sizeof(*d));
- if (d == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- d->filename = strdup (name);
- if (d->filename == NULL) {
- free(d);
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- id->data = d;
- return 0;
-}
-
-static krb5_error_code
-krb4_kt_get_name (krb5_context context,
- krb5_keytab id,
- char *name,
- size_t name_sz)
-{
- struct krb4_kt_data *d = id->data;
-
- strlcpy (name, d->filename, name_sz);
- return 0;
-}
-
-static krb5_error_code
-krb4_kt_close (krb5_context context,
- krb5_keytab id)
-{
- struct krb4_kt_data *d = id->data;
-
- free (d->filename);
- free (d);
- return 0;
-}
-
-struct krb4_cursor_extra_data {
- krb5_keytab_entry entry;
- int num;
-};
-
-static int
-open_flock(const char *filename, int flags, int mode)
-{
- int lock_mode;
- int tries = 0;
- int fd = open(filename, flags, mode);
- if(fd < 0)
- return fd;
- if((flags & O_ACCMODE) == O_RDONLY)
- lock_mode = LOCK_SH | LOCK_NB;
- else
- lock_mode = LOCK_EX | LOCK_NB;
- while(flock(fd, lock_mode) < 0) {
- if(++tries < 5) {
- sleep(1);
- } else {
- close(fd);
- return -1;
- }
- }
- return fd;
-}
-
-
-
-static krb5_error_code
-krb4_kt_start_seq_get_int (krb5_context context,
- krb5_keytab id,
- int flags,
- krb5_kt_cursor *c)
-{
- struct krb4_kt_data *d = id->data;
- struct krb4_cursor_extra_data *ed;
- int ret;
-
- ed = malloc (sizeof(*ed));
- if (ed == NULL) {
- krb5_set_error_string (context, "malloc: out of memory");
- return ENOMEM;
- }
- ed->entry.principal = NULL;
- ed->num = -1;
- c->data = ed;
- c->fd = open_flock (d->filename, flags, 0);
- if (c->fd < 0) {
- ret = errno;
- free (ed);
- krb5_set_error_string(context, "open(%s): %s", d->filename,
- strerror(ret));
- return ret;
- }
- c->sp = krb5_storage_from_fd(c->fd);
- if(c->sp == NULL) {
- close(c->fd);
- free(ed);
- return ENOMEM;
- }
- krb5_storage_set_eof_code(c->sp, KRB5_KT_END);
- return 0;
-}
-
-static krb5_error_code
-krb4_kt_start_seq_get (krb5_context context,
- krb5_keytab id,
- krb5_kt_cursor *c)
-{
- return krb4_kt_start_seq_get_int (context, id, O_BINARY | O_RDONLY, c);
-}
-
-static krb5_error_code
-read_v4_entry (krb5_context context,
- struct krb4_kt_data *d,
- krb5_kt_cursor *c,
- struct krb4_cursor_extra_data *ed)
-{
- unsigned char des_key[8];
- krb5_error_code ret;
- char *service, *instance, *realm;
- int8_t kvno;
-
- ret = krb5_ret_stringz(c->sp, &service);
- if (ret)
- return ret;
- ret = krb5_ret_stringz(c->sp, &instance);
- if (ret) {
- free (service);
- return ret;
- }
- ret = krb5_ret_stringz(c->sp, &realm);
- if (ret) {
- free (service);
- free (instance);
- return ret;
- }
- ret = krb5_425_conv_principal (context, service, instance, realm,
- &ed->entry.principal);
- free (service);
- free (instance);
- free (realm);
- if (ret)
- return ret;
- ret = krb5_ret_int8(c->sp, &kvno);
- if (ret) {
- krb5_free_principal (context, ed->entry.principal);
- return ret;
- }
- ret = krb5_storage_read(c->sp, des_key, sizeof(des_key));
- if (ret < 0) {
- krb5_free_principal(context, ed->entry.principal);
- return ret;
- }
- if (ret < 8) {
- krb5_free_principal(context, ed->entry.principal);
- return EINVAL;
- }
- ed->entry.vno = kvno;
- ret = krb5_data_copy (&ed->entry.keyblock.keyvalue,
- des_key, sizeof(des_key));
- if (ret)
- return ret;
- ed->entry.timestamp = time(NULL);
- ed->num = 0;
- return 0;
-}
-
-static krb5_error_code
-krb4_kt_next_entry (krb5_context context,
- krb5_keytab id,
- krb5_keytab_entry *entry,
- krb5_kt_cursor *c)
-{
- krb5_error_code ret;
- struct krb4_kt_data *d = id->data;
- struct krb4_cursor_extra_data *ed = c->data;
- const krb5_enctype keytypes[] = {ETYPE_DES_CBC_MD5,
- ETYPE_DES_CBC_MD4,
- ETYPE_DES_CBC_CRC};
-
- if (ed->num == -1) {
- ret = read_v4_entry (context, d, c, ed);
- if (ret)
- return ret;
- }
- ret = krb5_kt_copy_entry_contents (context,
- &ed->entry,
- entry);
- if (ret)
- return ret;
- entry->keyblock.keytype = keytypes[ed->num];
- if (++ed->num == 3) {
- krb5_kt_free_entry (context, &ed->entry);
- ed->num = -1;
- }
- return 0;
-}
-
-static krb5_error_code
-krb4_kt_end_seq_get (krb5_context context,
- krb5_keytab id,
- krb5_kt_cursor *c)
-{
- struct krb4_cursor_extra_data *ed = c->data;
-
- krb5_storage_free (c->sp);
- if (ed->num != -1)
- krb5_kt_free_entry (context, &ed->entry);
- free (c->data);
- close (c->fd);
- return 0;
-}
-
-static krb5_error_code
-krb4_store_keytab_entry(krb5_context context,
- krb5_keytab_entry *entry,
- krb5_storage *sp)
-{
- krb5_error_code ret;
-#define ANAME_SZ 40
-#define INST_SZ 40
-#define REALM_SZ 40
- char service[ANAME_SZ];
- char instance[INST_SZ];
- char realm[REALM_SZ];
- ret = krb5_524_conv_principal (context, entry->principal,
- service, instance, realm);
- if (ret)
- return ret;
- if (entry->keyblock.keyvalue.length == 8
- && entry->keyblock.keytype == ETYPE_DES_CBC_MD5) {
- ret = krb5_store_stringz(sp, service);
- ret = krb5_store_stringz(sp, instance);
- ret = krb5_store_stringz(sp, realm);
- ret = krb5_store_int8(sp, entry->vno);
- ret = krb5_storage_write(sp, entry->keyblock.keyvalue.data, 8);
- }
- return 0;
-}
-
-static krb5_error_code
-krb4_kt_add_entry (krb5_context context,
- krb5_keytab id,
- krb5_keytab_entry *entry)
-{
- struct krb4_kt_data *d = id->data;
- krb5_storage *sp;
- krb5_error_code ret;
- int fd;
-
- fd = open_flock (d->filename, O_WRONLY | O_APPEND | O_BINARY, 0);
- if (fd < 0) {
- fd = open_flock (d->filename,
- O_WRONLY | O_APPEND | O_BINARY | O_CREAT, 0600);
- if (fd < 0) {
- ret = errno;
- krb5_set_error_string(context, "open(%s): %s", d->filename,
- strerror(ret));
- return ret;
- }
- }
- sp = krb5_storage_from_fd(fd);
- if(sp == NULL) {
- close(fd);
- return ENOMEM;
- }
- krb5_storage_set_eof_code(sp, KRB5_KT_END);
- ret = krb4_store_keytab_entry(context, entry, sp);
- krb5_storage_free(sp);
- if(close (fd) < 0)
- return errno;
- return ret;
-}
-
-static krb5_error_code
-krb4_kt_remove_entry(krb5_context context,
- krb5_keytab id,
- krb5_keytab_entry *entry)
-{
- struct krb4_kt_data *d = id->data;
- krb5_error_code ret;
- krb5_keytab_entry e;
- krb5_kt_cursor cursor;
- krb5_storage *sp;
- int remove_flag = 0;
-
- sp = krb5_storage_emem();
- if (sp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- ret = krb5_kt_start_seq_get(context, id, &cursor);
- if (ret) {
- krb5_storage_free(sp);
- return ret;
- }
- while(krb5_kt_next_entry(context, id, &e, &cursor) == 0) {
- if(!krb5_kt_compare(context, &e, entry->principal,
- entry->vno, entry->keyblock.keytype)) {
- ret = krb4_store_keytab_entry(context, &e, sp);
- if(ret) {
- krb5_kt_free_entry(context, &e);
- krb5_storage_free(sp);
- return ret;
- }
- } else
- remove_flag = 1;
- krb5_kt_free_entry(context, &e);
- }
- krb5_kt_end_seq_get(context, id, &cursor);
- if(remove_flag) {
- int fd;
- unsigned char buf[1024];
- ssize_t n;
- krb5_data data;
- struct stat st;
-
- krb5_storage_to_data(sp, &data);
- krb5_storage_free(sp);
-
- fd = open_flock (d->filename, O_RDWR | O_BINARY, 0);
- if(fd < 0) {
- memset(data.data, 0, data.length);
- krb5_data_free(&data);
- if(errno == EACCES || errno == EROFS)
- return KRB5_KT_NOWRITE;
- return errno;
- }
-
- if(write(fd, data.data, data.length) != data.length) {
- memset(data.data, 0, data.length);
- krb5_data_free(&data);
- close(fd);
- krb5_set_error_string(context, "failed writing to \"%s\"", d->filename);
- return errno;
- }
- memset(data.data, 0, data.length);
- if(fstat(fd, &st) < 0) {
- krb5_data_free(&data);
- close(fd);
- krb5_set_error_string(context, "failed getting size of \"%s\"", d->filename);
- return errno;
- }
- st.st_size -= data.length;
- memset(buf, 0, sizeof(buf));
- while(st.st_size > 0) {
- n = min(st.st_size, sizeof(buf));
- n = write(fd, buf, n);
- if(n <= 0) {
- krb5_data_free(&data);
- close(fd);
- krb5_set_error_string(context, "failed writing to \"%s\"", d->filename);
- return errno;
-
- }
- st.st_size -= n;
- }
- if(ftruncate(fd, data.length) < 0) {
- krb5_data_free(&data);
- close(fd);
- krb5_set_error_string(context, "failed truncating \"%s\"", d->filename);
- return errno;
- }
- krb5_data_free(&data);
- if(close(fd) < 0) {
- krb5_set_error_string(context, "error closing \"%s\"", d->filename);
- return errno;
- }
- return 0;
- } else {
- krb5_storage_free(sp);
- return KRB5_KT_NOTFOUND;
- }
-}
-
-
-const krb5_kt_ops krb4_fkt_ops = {
- "krb4",
- krb4_kt_resolve,
- krb4_kt_get_name,
- krb4_kt_close,
- NULL, /* get */
- krb4_kt_start_seq_get,
- krb4_kt_next_entry,
- krb4_kt_end_seq_get,
- krb4_kt_add_entry, /* add_entry */
- krb4_kt_remove_entry /* remove_entry */
-};
-
-const krb5_kt_ops krb5_srvtab_fkt_ops = {
- "SRVTAB",
- krb4_kt_resolve,
- krb4_kt_get_name,
- krb4_kt_close,
- NULL, /* get */
- krb4_kt_start_seq_get,
- krb4_kt_next_entry,
- krb4_kt_end_seq_get,
- krb4_kt_add_entry, /* add_entry */
- krb4_kt_remove_entry /* remove_entry */
-};
Deleted: trunk/crypto/heimdal/lib/krb5/krb5.conf.cat5
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5.conf.cat5 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5.conf.cat5 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,600 +0,0 @@
-
-KRB5.CONF(5) BSD File Formats Manual KRB5.CONF(5)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5.�.c�co�on�nf�f -- configuration file for Kerberos 5
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kr�rb�b5�5.�.c�co�on�nf�f file specifies several configuration parameters for the
- Kerberos 5 library, as well as for some programs.
-
- The file consists of one or more sections, containing a number of bind-
- ings. The value of each binding can be either a string or a list of
- other bindings. The grammar looks like:
-
- file:
- /* empty */
- sections
-
- sections:
- section sections
- section
-
- section:
- '[' section_name ']' bindings
-
- section_name:
- STRING
-
- bindings:
- binding bindings
- binding
-
- binding:
- name '=' STRING
- name '=' '{' bindings '}'
-
- name:
- STRING
-
- STRINGs consists of one or more non-whitespace characters.
-
- STRINGs that are specified later in this man-page uses the following
- notation.
-
- boolean
- values can be either yes/true or no/false.
-
- time
- values can be a list of year, month, day, hour, min, second.
- Example: 1 month 2 days 30 min. If no unit is given, seconds
- is assumed.
-
- etypes
- valid encryption types are: des-cbc-crc, des-cbc-md4, des-cbc-
- md5, des3-cbc-sha1, arcfour-hmac-md5, aes128-cts-hmac-sha1-96,
- and aes256-cts-hmac-sha1-96 .
-
- address
- an address can be either a IPv4 or a IPv6 address.
-
- Currently recognised sections and bindings are:
-
- [appdefaults]
- Specifies the default values to be used for Kerberos applica-
- tions. You can specify defaults per application, realm, or a
- combination of these. The preference order is:
- 1. _�a_�p_�p_�l_�i_�c_�a_�t_�i_�o_�n _�r_�e_�a_�l_�m _�o_�p_�t_�i_�o_�n
- 2. _�a_�p_�p_�l_�i_�c_�a_�t_�i_�o_�n _�o_�p_�t_�i_�o_�n
- 3. _�r_�e_�a_�l_�m _�o_�p_�t_�i_�o_�n
- 4. _�o_�p_�t_�i_�o_�n
-
- The supported options are:
-
- forwardable = _�b_�o_�o_�l_�e_�a_�n
- When obtaining initial credentials, make the cre-
- dentials forwardable.
-
- proxiable = _�b_�o_�o_�l_�e_�a_�n
- When obtaining initial credentials, make the cre-
- dentials proxiable.
-
- no-addresses = _�b_�o_�o_�l_�e_�a_�n
- When obtaining initial credentials, request them
- for an empty set of addresses, making the tickets
- valid from any address.
-
- ticket_lifetime = _�t_�i_�m_�e
- Default ticket lifetime.
-
- renew_lifetime = _�t_�i_�m_�e
- Default renewable ticket lifetime.
-
- encrypt = _�b_�o_�o_�l_�e_�a_�n
- Use encryption, when available.
-
- forward = _�b_�o_�o_�l_�e_�a_�n
- Forward credentials to remote host (for rsh(1),
- telnet(1), etc).
-
- [libdefaults]
-
- default_realm = _�R_�E_�A_�L_�M
- Default realm to use, this is also known as your
- ``local realm''. The default is the result of
- k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m(_�l_�o_�c_�a_�l _�h_�o_�s_�t_�n_�a_�m_�e).
-
- allow_weak_crypto = _�b_�o_�o_�l_�e_�a_�n
- is weaks crypto algorithms allowed to be used,
- among others, DES is considered weak.
-
- clockskew = _�t_�i_�m_�e
- Maximum time differential (in seconds) allowed when
- comparing times. Default is 300 seconds (five min-
- utes).
-
- kdc_timeout = _�t_�i_�m_�e
- Maximum time to wait for a reply from the kdc,
- default is 3 seconds.
-
- v4_name_convert
-
- v4_instance_resolve
- These are described in the
- krb5_425_conv_principal(3) manual page.
-
- capath = {
-
- _�d_�e_�s_�t_�i_�n_�a_�t_�i_�o_�n_�-_�r_�e_�a_�l_�m = _�n_�e_�x_�t_�-_�h_�o_�p_�-_�r_�e_�a_�l_�m
-
- ...
-
- }
- This is deprecated, see the capaths section below.
-
- default_cc_type = _�c_�c_�t_�y_�p_�e
- sets the default credentials type.
-
- default_cc_name = _�c_�c_�n_�a_�m_�e
- the default credentials cache name. If you want to
- change the type only use default_cc_type. The
- string can contain variables that are expanded on
- runtime. Only support variable now is %{uid} that
- expands to the current user id.
-
- default_etypes = _�e_�t_�y_�p_�e_�s _�._�._�.
- A list of default encryption types to use.
- (Default: all enctypes if allow_weak_crypto = TRUE,
- else all enctypes except single DES enctypes.)
-
- default_as_etypes = _�e_�t_�y_�p_�e_�s _�._�._�.
- A list of default encryption types to use in AS
- requests. (Default: the value of default_etypes.)
-
- default_tgs_etypes = _�e_�t_�y_�p_�e_�s _�._�._�.
- A list of default encryption types to use in TGS
- requests. (Default: the value of default_etypes.)
-
- default_etypes_des = _�e_�t_�y_�p_�e_�s _�._�._�.
- A list of default encryption types to use when
- requesting a DES credential.
-
- default_keytab_name = _�k_�e_�y_�t_�a_�b
- The keytab to use if no other is specified, default
- is ``FILE:/etc/krb5.keytab''.
-
- dns_lookup_kdc = _�b_�o_�o_�l_�e_�a_�n
- Use DNS SRV records to lookup KDC services loca-
- tion.
-
- dns_lookup_realm = _�b_�o_�o_�l_�e_�a_�n
- Use DNS TXT records to lookup domain to realm map-
- pings.
-
- kdc_timesync = _�b_�o_�o_�l_�e_�a_�n
- Try to keep track of the time differential between
- the local machine and the KDC, and then compensate
- for that when issuing requests.
-
- max_retries = _�n_�u_�m_�b_�e_�r
- The max number of times to try to contact each KDC.
-
- large_msg_size = _�n_�u_�m_�b_�e_�r
- The threshold where protocols with tiny maximum
- message sizes are not considered usable to send
- messages to the KDC.
-
- ticket_lifetime = _�t_�i_�m_�e
- Default ticket lifetime.
-
- renew_lifetime = _�t_�i_�m_�e
- Default renewable ticket lifetime.
-
- forwardable = _�b_�o_�o_�l_�e_�a_�n
- When obtaining initial credentials, make the cre-
- dentials forwardable. This option is also valid in
- the [realms] section.
-
- proxiable = _�b_�o_�o_�l_�e_�a_�n
- When obtaining initial credentials, make the cre-
- dentials proxiable. This option is also valid in
- the [realms] section.
-
- verify_ap_req_nofail = _�b_�o_�o_�l_�e_�a_�n
- If enabled, failure to verify credentials against a
- local key is a fatal error. The application has to
- be able to read the corresponding service key for
- this to work. Some applications, like su(1),
- enable this option unconditionally.
-
- warn_pwexpire = _�t_�i_�m_�e
- How soon to warn for expiring password. Default is
- seven days.
-
- http_proxy = _�p_�r_�o_�x_�y_�-_�s_�p_�e_�c
- A HTTP-proxy to use when talking to the KDC via
- HTTP.
-
- dns_proxy = _�p_�r_�o_�x_�y_�-_�s_�p_�e_�c
- Enable using DNS via HTTP.
-
- extra_addresses = _�a_�d_�d_�r_�e_�s_�s _�._�._�.
- A list of addresses to get tickets for along with
- all local addresses.
-
- time_format = _�s_�t_�r_�i_�n_�g
- How to print time strings in logs, this string is
- passed to strftime(3).
-
- date_format = _�s_�t_�r_�i_�n_�g
- How to print date strings in logs, this string is
- passed to strftime(3).
-
- log_utc = _�b_�o_�o_�l_�e_�a_�n
- Write log-entries using UTC instead of your local
- time zone.
-
- scan_interfaces = _�b_�o_�o_�l_�e_�a_�n
- Scan all network interfaces for addresses, as
- opposed to simply using the address associated with
- the system's host name.
-
- fcache_version = _�i_�n_�t
- Use file credential cache format version specified.
-
- krb4_get_tickets = _�b_�o_�o_�l_�e_�a_�n
- Also get Kerberos 4 tickets in k�ki�in�ni�it�t, l�lo�og�gi�in�n, and
- other programs. This option is also valid in the
- [realms] section.
-
- fcc-mit-ticketflags = _�b_�o_�o_�l_�e_�a_�n
- Use MIT compatible format for file credential
- cache. It's the field ticketflags that is stored
- in reverse bit order for older than Heimdal 0.7.
- Setting this flag to TRUE make it store the MIT
- way, this is default for Heimdal 0.7.
-
- check-rd-req-server
- If set to "ignore", the framework will ignore any
- the server input to krb5_rd_req(3,) this is very
- useful when the GSS-API server input the wrong
- server name into the gss_accept_sec_context call.
-
- [domain_realm]
- This is a list of mappings from DNS domain to Kerberos realm.
- Each binding in this section looks like:
-
- domain = realm
-
- The domain can be either a full name of a host or a trailing
- component, in the latter case the domain-string should start
- with a period. The trailing component only matches hosts that
- are in the same domain, ie ``.example.com'' matches
- ``foo.example.com'', but not ``foo.test.example.com''.
-
- The realm may be the token `dns_locate', in which case the
- actual realm will be determined using DNS (independently of
- the setting of the `dns_lookup_realm' option).
-
- [realms]
-
- _�R_�E_�A_�L_�M = {
-
- kdc = _�[_�s_�e_�r_�v_�i_�c_�e_�/_�]_�h_�o_�s_�t_�[_�:_�p_�o_�r_�t_�]
- Specifies a list of kdcs for this realm.
- If the optional _�p_�o_�r_�t is absent, the
- default value for the ``kerberos/udp''
- ``kerberos/tcp'', and ``http/tcp'' port
- (depending on service) will be used.
- The kdcs will be used in the order that
- they are specified.
-
- The optional _�s_�e_�r_�v_�i_�c_�e specifies over what
- medium the kdc should be contacted.
- Possible services are ``udp'', ``tcp'',
- and ``http''. Http can also be written
- as ``http://''. Default service is
- ``udp'' and ``tcp''.
-
- admin_server = _�h_�o_�s_�t_�[_�:_�p_�o_�r_�t_�]
- Specifies the admin server for this
- realm, where all the modifications to
- the database are performed.
-
- kpasswd_server = _�h_�o_�s_�t_�[_�:_�p_�o_�r_�t_�]
- Points to the server where all the pass-
- word changes are performed. If there is
- no such entry, the kpasswd port on the
- admin_server host will be tried.
-
- krb524_server = _�h_�o_�s_�t_�[_�:_�p_�o_�r_�t_�]
- Points to the server that does 524 con-
- versions. If it is not mentioned, the
- krb524 port on the kdcs will be tried.
-
- v4_instance_convert
-
- v4_name_convert
-
- default_domain
- See krb5_425_conv_principal(3).
-
- tgs_require_subkey
- a boolan variable that defaults to
- false. Old DCE secd (pre 1.1) might
- need this to be true.
-
- }
-
- [capaths]
-
- _�c_�l_�i_�e_�n_�t_�-_�r_�e_�a_�l_�m = {
-
- _�s_�e_�r_�v_�e_�r_�-_�r_�e_�a_�l_�m = _�h_�o_�p_�-_�r_�e_�a_�l_�m _�._�._�.
- This serves two purposes. First the
- first listed _�h_�o_�p_�-_�r_�e_�a_�l_�m tells a client
- which realm it should contact in order
- to ultimately obtain credentials for a
- service in the _�s_�e_�r_�v_�e_�r_�-_�r_�e_�a_�l_�m. Secondly,
- it tells the KDC (and other servers)
- which realms are allowed in a multi-hop
- traversal from _�c_�l_�i_�e_�n_�t_�-_�r_�e_�a_�l_�m to
- _�s_�e_�r_�v_�e_�r_�-_�r_�e_�a_�l_�m. Except for the client
- case, the order of the realms are not
- important.
-
- _�}
-
- [logging]
-
- _�e_�n_�t_�i_�t_�y = _�d_�e_�s_�t_�i_�n_�a_�t_�i_�o_�n
- Specifies that _�e_�n_�t_�i_�t_�y should use the specified
- destination for logging. See the krb5_openlog(3)
- manual page for a list of defined destinations.
-
- [kdc]
-
- database = {
-
- dbname = _�D_�A_�T_�A_�B_�A_�S_�E_�N_�A_�M_�E
- Use this database for this realm. See
- the info documetation how to configure
- different database backends.
-
- realm = _�R_�E_�A_�L_�M
- Specifies the realm that will be stored
- in this database. It realm isn't set,
- it will used as the default database,
- there can only be one entry that doesn't
- have a realm stanza.
-
- mkey_file = _�F_�I_�L_�E_�N_�A_�M_�E
- Use this keytab file for the master key
- of this database. If not specified
- _�D_�A_�T_�A_�B_�A_�S_�E_�N_�A_�M_�E.mkey will be used.
-
- acl_file = PA FILENAME
- Use this file for the ACL list of this
- database.
-
- log_file = _�F_�I_�L_�E_�N_�A_�M_�E
- Use this file as the log of changes per-
- formed to the database. This file is
- used by i�ip�pr�ro�op�pd�d-�-m�ma�as�st�te�er�r for propagating
- changes to slaves.
-
- }
-
- max-request = _�S_�I_�Z_�E
- Maximum size of a kdc request.
-
- require-preauth = _�B_�O_�O_�L
- If set pre-authentication is required. Since krb4
- requests are not pre-authenticated they will be
- rejected.
-
- ports = _�l_�i_�s_�t _�o_�f _�p_�o_�r_�t_�s
- List of ports the kdc should listen to.
-
- addresses = _�l_�i_�s_�t _�o_�f _�i_�n_�t_�e_�r_�f_�a_�c_�e_�s
- List of addresses the kdc should bind to.
-
- enable-kerberos4 = _�B_�O_�O_�L
- Turn on Kerberos 4 support.
-
- v4-realm = _�R_�E_�A_�L_�M
- To what realm v4 requests should be mapped.
-
- enable-524 = _�B_�O_�O_�L
- Should the Kerberos 524 converting facility be
- turned on. Default is the same as
- _�e_�n_�a_�b_�l_�e_�-_�k_�e_�r_�b_�e_�r_�o_�s_�4.
-
- enable-http = _�B_�O_�O_�L
- Should the kdc answer kdc-requests over http.
-
- enable-kaserver = _�B_�O_�O_�L
- If this kdc should emulate the AFS kaserver.
-
- tgt-use-strongest-session-key = _�B_�O_�O_�L
- If this is TRUE then the KDC will prefer the
- strongest key from the client's AS-REQ or TGS-REQ
- enctype list for the ticket session key that is
- supported by the KDC and the target principal when
- the target principal is a krbtgt principal. Else
- it will prefer the first key from the client's AS-
- REQ enctype list that is also supported by the KDC
- and the target principal. Defaults to TRUE.
-
- svc-use-strongest-session-key = _�B_�O_�O_�L
- Like tgt-use-strongest-session-key, but applies to
- the session key enctype of tickets for services
- other than krbtgt principals. Defaults to TRUE.
-
- preauth-use-strongest-session-key = _�B_�O_�O_�L
- If TRUE then select the strongest possible enctype
- from the client's AS-REQ for PA-ETYPE-INFO2 (i.e.,
- for password-based pre-authentication). Else pick
- the first supported enctype from the client's AS-
- REQ. Defaults to TRUE.
-
- use-strongest-server-key = _�B_�O_�O_�L
- If TRUE then the KDC picks, for the ticket
- encrypted part's key, the first supported enctype
- from the target service principal's hdb entry's
- current keyset. Else the KDC picks the first sup-
- ported enctype from the target service principal's
- hdb entry's current keyset. Defaults to TRUE.
-
- check-ticket-addresses = _�B_�O_�O_�L
- Verify the addresses in the tickets used in tgs
- requests.
-
- allow-null-ticket-addresses = _�B_�O_�O_�L
- Allow address-less tickets.
-
- allow-anonymous = _�B_�O_�O_�L
- If the kdc is allowed to hand out anonymous tick-
- ets.
-
- encode_as_rep_as_tgs_rep = _�B_�O_�O_�L
- Encode as-rep as tgs-rep tobe compatible with mis-
- takes older DCE secd did.
-
- kdc_warn_pwexpire = _�T_�I_�M_�E
- The time before expiration that the user should be
- warned that her password is about to expire.
-
- logging = _�L_�o_�g_�g_�i_�n_�g
- What type of logging the kdc should use, see also
- [logging]/kdc.
-
- use_2b = {
-
- _�p_�r_�i_�n_�c_�i_�p_�a_�l = _�B_�O_�O_�L
- boolean value if the 524 daemon should
- return AFS 2b tokens for _�p_�r_�i_�n_�c_�i_�p_�a_�l.
-
- ...
-
- }
-
- hdb-ldap-structural-object _�s_�t_�r_�u_�c_�t_�u_�r_�a_�l _�o_�b_�j_�e_�c_�t
- If the LDAP backend is used for storing principals,
- this is the structural object that will be used
- when creating and when reading objects. The
- default value is account .
-
- hdb-ldap-create-base _�c_�r_�e_�a_�t_�i_�o_�n _�d_�n
- is the dn that will be appended to the principal
- when creating entries. Default value is the search
- dn.
-
- enable-digest = _�B_�O_�O_�L
- Should the kdc answer digest requests. The default
- is FALSE.
-
- digests_allowed = _�l_�i_�s_�t _�o_�f _�d_�i_�g_�e_�s_�t_�s
- Specifies the digests the kdc will reply to. The
- default is ntlm-v2.
-
- [kadmin]
-
- require-preauth = _�B_�O_�O_�L
- If pre-authentication is required to talk to the
- kadmin server.
-
- password_lifetime = _�t_�i_�m_�e
- If a principal already have its password set for
- expiration, this is the time it will be valid for
- after a change.
-
- default_keys = _�k_�e_�y_�t_�y_�p_�e_�s_�._�._�.
- For each entry in _�d_�e_�f_�a_�u_�l_�t_�__�k_�e_�y_�s try to parse it as a
- sequence of _�e_�t_�y_�p_�e_�:_�s_�a_�l_�t_�t_�y_�p_�e_�:_�s_�a_�l_�t syntax of this if
- something like:
-
- [(des|des3|etype):](pw-salt|afs3-salt)[:string]
-
- If _�e_�t_�y_�p_�e is omitted it means everything, and if
- string is omitted it means the default salt string
- (for that principal and encryption type). Addi-
- tional special values of keytypes are:
-
- v5 The Kerberos 5 salt _�p_�w_�-_�s_�a_�l_�t
-
- v4 The Kerberos 4 salt _�d_�e_�s_�:_�p_�w_�-_�s_�a_�l_�t_�:
-
- use_v4_salt = _�B_�O_�O_�L
- When true, this is the same as
-
- _�d_�e_�f_�a_�u_�l_�t_�__�k_�e_�y_�s _�= _�d_�e_�s_�3_�:_�p_�w_�-_�s_�a_�l_�t _�v_�4
-
- and is only left for backwards compatibility.
-
- [password_quality]
- Check the Password quality assurance in the info documentation
- for more information.
-
- check_library = _�l_�i_�b_�r_�a_�r_�y_�-_�n_�a_�m_�e
- Library name that contains the password check_func-
- tion
-
- check_function = _�f_�u_�n_�c_�t_�i_�o_�n_�-_�n_�a_�m_�e
- Function name for checking passwords in
- check_library
-
- policy_libraries = _�l_�i_�b_�r_�a_�r_�y_�1 _�._�._�. _�l_�i_�b_�r_�a_�r_�y_�N
- List of libraries that can do password policy
- checks
-
- policies = _�p_�o_�l_�i_�c_�y_�1 _�._�._�. _�p_�o_�l_�i_�c_�y_�N
- List of policy names to apply to the password.
- Builtin policies are among other minimum-length,
- character-class, external-check.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- KRB5_CONFIG points to the configuration file to read.
-
-F�FI�IL�LE�ES�S
- /etc/krb5.conf configuration file for Kerberos 5.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- [libdefaults]
- default_realm = FOO.SE
- [domain_realm]
- .foo.se = FOO.SE
- .bar.se = FOO.SE
- [realms]
- FOO.SE = {
- kdc = kerberos.foo.se
- v4_name_convert = {
- rcmd = host
- }
- v4_instance_convert = {
- xyz = xyz.bar.se
- }
- default_domain = foo.se
- }
- [logging]
- kdc = FILE:/var/heimdal/kdc.log
- kdc = SYSLOG:INFO
- default = SYSLOG:INFO:USER
-
-D�DI�IA�AG�GN�NO�OS�ST�TI�IC�CS�S
- Since k�kr�rb�b5�5.�.c�co�on�nf�f is read and parsed by the krb5 library, there is not a
- lot of opportunities for programs to report parsing errors in any useful
- format. To help overcome this problem, there is a program
- v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f that reads k�kr�rb�b5�5.�.c�co�on�nf�f and tries to emit useful diagnos-
- tics from parsing errors. Note that this program does not have any way
- of knowing what options are actually used and thus cannot warn about
- unknown or misspelled ones.
-
-S�SE�EE�E A�AL�LS�SO�O
- kinit(1), krb5_425_conv_principal(3), krb5_openlog(3), strftime(3),
- verify_krb5_conf(8)
-
-HEIMDAL May 4, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb524_convert_creds_kdc.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,43 +0,0 @@
-
-KRB524_CONVERT_CREDS_... BSD Library Functions Manual KRB524_CONVERT_CREDS_...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c, k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c_�_c�cc�ca�ac�ch�he�e -- converts
- Kerberos 5 credentials to Kerberos 4 credentials
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d,
- _�s_�t_�r_�u_�c_�t _�c_�r_�e_�d_�e_�n_�t_�i_�a_�l_�s _�*_�v_�4_�c_�r_�e_�d_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c_�_c�cc�ca�ac�ch�he�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d, _�s_�t_�r_�u_�c_�t _�c_�r_�e_�d_�e_�n_�t_�i_�a_�l_�s _�*_�v_�4_�c_�r_�e_�d_�s);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Convert the Kerberos 5 credential to Kerberos 4 credential. This is done
- by sending them to the 524 service in the KDC.
-
- k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c() converts the Kerberos 5 credential in _�i_�n_�__�c_�r_�e_�d
- to Kerberos 4 credential that is stored in _�c_�r_�e_�d_�e_�n_�t_�i_�a_�l_�s.
-
- k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c_�_c�cc�ca�ac�ch�he�e() is different from
- k�kr�rb�b5�52�24�4_�_c�co�on�nv�ve�er�rt�t_�_c�cr�re�ed�ds�s_�_k�kd�dc�c() in that way that if _�i_�n_�__�c_�r_�e_�d doesn't contain a
- DES session key, then a new one is fetched from the KDC and stored in the
- cred cache _�c_�c_�a_�c_�h_�e, and then the KDC is queried to convert the credential.
-
- This interfaces are used to make the migration to Kerberos 5 from Ker-
- beros 4 easier. There are few services that still need Kerberos 4, and
- this is mainly for compatibility for those services. Some services, like
- AFS, really have Kerberos 5 supports, but still uses the 524 interface to
- make the migration easier.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5.conf(5)
-
-HEIMDAL March 20, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_425_conv_principal.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_425_conv_principal.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_425_conv_principal.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,141 +0,0 @@
-
-KRB5_425_CONV_PRINCIP... BSD Library Functions Manual KRB5_425_CONV_PRINCIP...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l, k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t,
- k�kr�rb�b5�5_�_5�52�24�4_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l -- converts to and from version 4 principals
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�n_�s_�t_�a_�n_�c_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�n_�s_�t_�a_�n_�c_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m,
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�(_�*_�f_�u_�n_�c_�)_�(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t_�, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l_�),
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�r_�e_�s_�o_�l_�v_�e, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_5�52�24�4_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�c_�h_�a_�r _�*_�n_�a_�m_�e, _�c_�h_�a_�r _�*_�i_�n_�s_�t_�a_�n_�c_�e,
- _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Converting between version 4 and version 5 principals can at best be
- described as a mess.
-
- A version 4 principal consists of a name, an instance, and a realm. A
- version 5 principal consists of one or more components, and a realm. In
- some cases also the first component/name will differ between version 4
- and version 5. Furthermore the second component of a host principal will
- be the fully qualified domain name of the host in question, while the
- instance of a version 4 principal will only contain the first part (short
- hostname). Because of these problems the conversion between principals
- will have to be site customized.
-
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t() will try to convert a version 4 principal,
- given by _�n_�a_�m_�e, _�i_�n_�s_�t_�a_�n_�c_�e, and _�r_�e_�a_�l_�m, to a version 5 principal. This can
- result in several possible principals, and if _�f_�u_�n_�c is non-NULL, it will
- be called for each candidate principal. _�f_�u_�n_�c should return true if the
- principal was ``good''. To accomplish this,
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t() will look up the name in _�k_�r_�b_�5_�._�c_�o_�n_�f. It
- first looks in the v4_name_convert/host subsection, which should contain
- a list of version 4 names whose instance should be treated as a hostname.
- This list can be specified for each realm (in the realms section), or in
- the libdefaults section. If the name is found the resulting name of the
- principal will be the value of this binding. The instance is then first
- looked up in v4_instance_convert for the specified realm. If found the
- resulting value will be used as instance (this can be used for special
- cases), no further attempts will be made to find a conversion if this
- fails (with _�f_�u_�n_�c). If the _�r_�e_�s_�o_�l_�v_�e parameter is true, the instance will
- be looked up with g�ge�et�th�ho�os�st�tb�by�yn�na�am�me�e(). This can be a time consuming, error
- prone, and unsafe operation. Next a list of hostnames will be created
- from the instance and the v4_domains variable, which should contain a
- list of possible domains for the specific realm.
-
- On the other hand, if the name is not found in a host section, it is
- looked up in a v4_name_convert/plain binding. If found here the name will
- be converted, but the instance will be untouched.
-
- This list of default host-type conversions is compiled-in:
-
- v4_name_convert = {
- host = {
- ftp = ftp
- hprop = hprop
- imap = imap
- pop = pop
- rcmd = host
- smtp = smtp
- }
- }
-
- It will only be used if there isn't an entry for these names in the con-
- fig file, so you can override these defaults.
-
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l() will call k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t() with
- NULL as _�f_�u_�n_�c, and the value of v4_instance_resolve (from the libdefaults
- section) as _�r_�e_�s_�o_�l_�v_�e.
-
- k�kr�rb�b5�5_�_5�52�24�4_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l() basically does the opposite of
- k�kr�rb�b5�5_�_4�42�25�5_�_c�co�on�nv�v_�_p�pr�ri�in�nc�ci�ip�pa�al�l(), it just doesn't have to look up any names, but
- will instead truncate instances found to belong to a host principal. The
- _�n_�a_�m_�e, _�i_�n_�s_�t_�a_�n_�c_�e, and _�r_�e_�a_�l_�m should be at least 40 characters long.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Since this is confusing an example is in place.
-
- Assume that we have the ``foo.com'', and ``bar.com'' domains that have
- shared a single version 4 realm, FOO.COM. The version 4 _�k_�r_�b_�._�r_�e_�a_�l_�m_�s file
- looked like:
-
- foo.com FOO.COM
- .foo.com FOO.COM
- .bar.com FOO.COM
-
- A _�k_�r_�b_�5_�._�c_�o_�n_�f file that covers this case might look like:
-
- [libdefaults]
- v4_instance_resolve = yes
- [realms]
- FOO.COM = {
- kdc = kerberos.foo.com
- v4_instance_convert = {
- foo = foo.com
- }
- v4_domains = foo.com
- }
-
- With this setup and the following host table:
-
- foo.com
- a-host.foo.com
- b-host.bar.com
- the following conversions will be made:
-
- rcmd.a-host -> host/a-host.foo.com
- ftp.b-host -> ftp/b-host.bar.com
- pop.foo -> pop/foo.com
- ftp.other -> ftp/other.foo.com
- other.a-host -> other/a-host
-
- The first three are what you expect. If you remove the ``v4_domains'',
- the fourth entry will result in an error (since the host ``other'' can't
- be found). Even if ``a-host'' is a valid host name, the last entry will
- not be converted, since the ``other'' name is not known to represent a
- host-type principal. If you turn off ``v4_instance_resolve'' the second
- example will result in ``ftp/b-host.foo.com'' (because of the default
- domain). And all of this is of course only valid if you have working name
- resolving.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_build_principal(3), krb5_free_principal(3), krb5_parse_name(3),
- krb5_sname_to_principal(3), krb5_unparse_name(3), krb5.conf(5)
-
-HEIMDAL September 3, 2003 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_acl_match_file.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_acl_match_file.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_acl_match_file.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,61 +0,0 @@
-
-KRB5_ACL_MATCH_FILE(3) BSD Library Functions Manual KRB5_ACL_MATCH_FILE(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_a�ac�cl�l_�_m�ma�at�tc�ch�h_�_f�fi�il�le�e, k�kr�rb�b5�5_�_a�ac�cl�l_�_m�ma�at�tc�ch�h_�_s�st�tr�ri�in�ng�g -- ACL matching functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ac�cl�l_�_m�ma�at�tc�ch�h_�_f�fi�il�le�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�i_�l_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�o_�r_�m_�a_�t, _�._�._�.);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ac�cl�l_�_m�ma�at�tc�ch�h_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�t_�r_�i_�n_�g,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�o_�r_�m_�a_�t, _�._�._�.);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_a�ac�cl�l_�_m�ma�at�tc�ch�h_�_f�fi�il�le�e matches ACL format against each line in a file.
- Lines starting with # are treated like comments and ignored.
-
- k�kr�rb�b5�5_�_a�ac�cl�l_�_m�ma�at�tc�ch�h_�_s�st�tr�ri�in�ng�g matches ACL format against a string.
-
- The ACL format has three format specifiers: s, f, and r. Each specifier
- will retrieve one argument from the variable arguments for either match-
- ing or storing data. The input string is split up using " " and "\t" as
- a delimiter; multiple " " and "\t" in a row are considered to be the
- same.
-
- s Matches a string using strcmp(3) (case sensitive).
-
- f Matches the string with fnmatch(3). The _�f_�l_�a_�g_�s argument (the
- last argument) passed to the fnmatch function is 0.
-
- r Returns a copy of the string in the char ** passed in; the
- copy must be freed with free(3). There is no need to free(3)
- the string on error: the function will clean up and set the
- pointer to NULL.
-
- All unknown format specifiers cause an error.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- char *s;
-
- ret = krb5_acl_match_string(context, "foo", "s", "foo");
- if (ret)
- krb5_errx(context, 1, "acl didn't match");
- ret = krb5_acl_match_string(context, "foo foo baz/kaka",
- "ss", "foo", &s, "foo/*");
- if (ret) {
- /* no need to free(s) on error */
- assert(s == NULL);
- krb5_errx(context, 1, "acl didn't match");
- }
- free(s);
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3)
-
-HEIMDAL May 12, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_aname_to_localname.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_aname_to_localname.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_aname_to_localname.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,39 +0,0 @@
-
-KRB5_ANAME_TO_LOCALNA... BSD Library Functions Manual KRB5_ANAME_TO_LOCALNA...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_a�an�na�am�me�e_�_t�to�o_�_l�lo�oc�ca�al�ln�na�am�me�e -- converts a principal to a system local name
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_a�an�na�am�me�e_�_t�to�o_�_l�lo�oc�ca�al�ln�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�n_�a_�m_�e,
- _�s_�i_�z_�e_�__�t _�l_�n_�s_�i_�z_�e, _�c_�h_�a_�r _�*_�l_�n_�a_�m_�e);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- This function takes a principal _�n_�a_�m_�e, verifies that it is in the local
- realm (using k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�ms�s()) and then returns the local name
- of the principal.
-
- If _�n_�a_�m_�e isn't in one of the local realms an error is returned.
-
- If the size (_�l_�n_�s_�i_�z_�e) of the local name (_�l_�n_�a_�m_�e) is too small, an error is
- returned.
-
- k�kr�rb�b5�5_�_a�an�na�am�me�e_�_t�to�o_�_l�lo�oc�ca�al�ln�na�am�me�e() should only be use by an application that
- implements protocols that don't transport the login name and thus needs
- to convert a principal to a local name.
-
- Protocols should be designed so that they authenticate using Kerberos,
- send over the login name and then verify the principal that is authenti-
- cated is allowed to login and the login name. A way to check if a user
- is allowed to login is using the function k�kr�rb�b5�5_�_k�ku�us�se�er�ro�ok�k().
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_get_default_realms(3), krb5_kuserok(3)
-
-HEIMDAL February 18, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_appdefault.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_appdefault.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_appdefault.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,57 +0,0 @@
-
-KRB5_APPDEFAULT(3) BSD Library Functions Manual KRB5_APPDEFAULT(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_a�ap�pp�pd�de�ef�fa�au�ul�lt�t_�_b�bo�oo�ol�le�ea�an�n, k�kr�rb�b5�5_�_a�ap�pp�pd�de�ef�fa�au�ul�lt�t_�_s�st�tr�ri�in�ng�g, k�kr�rb�b5�5_�_a�ap�pp�pd�de�ef�fa�au�ul�lt�t_�_t�ti�im�me�e --
- get application configuration value
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_a�ap�pp�pd�de�ef�fa�au�ul�lt�t_�_b�bo�oo�ol�le�ea�an�n(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�a_�p_�p_�n_�a_�m_�e,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�o_�p_�t_�i_�o_�n, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�d_�e_�f_�__�v_�a_�l,
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�*_�r_�e_�t_�__�v_�a_�l);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_a�ap�pp�pd�de�ef�fa�au�ul�lt�t_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�a_�p_�p_�n_�a_�m_�e,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�o_�p_�t_�i_�o_�n, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�d_�e_�f_�__�v_�a_�l,
- _�c_�h_�a_�r _�*_�*_�r_�e_�t_�__�v_�a_�l);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_a�ap�pp�pd�de�ef�fa�au�ul�lt�t_�_t�ti�im�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�a_�p_�p_�n_�a_�m_�e,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�o_�p_�t_�i_�o_�n, _�t_�i_�m_�e_�__�t _�d_�e_�f_�__�v_�a_�l,
- _�t_�i_�m_�e_�__�t _�*_�r_�e_�t_�__�v_�a_�l);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions get application defaults from the appdefaults section of
- the krb5.conf(5) configuration file. These defaults can be specified per
- application, and/or per realm.
-
- These values will be looked for in krb5.conf(5), in order of descending
- importance.
-
- [appdefaults]
- appname = {
- realm = {
- option = value
- }
- }
- appname = {
- option = value
- }
- realm = {
- option = value
- }
- option = value
- _�a_�p_�p_�n_�a_�m_�e is the name of the application, and _�r_�e_�a_�l_�m is the realm name. If
- the realm is omitted it will not be used for resolving values. _�d_�e_�f_�__�v_�a_�l
- is the value to return if no value is found in krb5.conf(5).
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_config(3), krb5.conf(5)
-
-HEIMDAL July 25, 2000 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_auth_context.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_auth_context.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_auth_context.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,221 +0,0 @@
-
-KRB5_AUTH_CONTEXT(3) BSD Library Functions Manual KRB5_AUTH_CONTEXT(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_a�ad�dd�df�fl�la�ag�gs�s, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_f�fr�re�ee�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�na�ad�dd�dr�rs�s,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�ne�er�ra�at�te�el�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tf�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�rc�ca�ac�ch�he�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tu�us�se�er�rk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�ti�iv�ve�ec�ct�to�or�r,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_r�re�em�mo�ov�ve�ef�fl�la�ag�gs�s, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ti�iv�ve�ec�ct�to�or�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�rc�ca�ac�ch�he�e,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y, k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t, k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tc�ck�ks�su�um�mt�ty�yp�pe�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tk�ke�ey�yt�ty�yp�pe�e,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tc�ck�ks�su�um�mt�ty�yp�pe�e, k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tk�ke�ey�yt�ty�yp�pe�e,
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r, k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r,
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r -- manage authentication on connection level
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tf�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�*_�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_a�ad�dd�df�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�a_�d_�d_�f_�l_�a_�g_�s, _�i_�n_�t_�3_�2_�__�t _�*_�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_r�re�em�mo�ov�ve�ef�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�r_�e_�m_�o_�v_�e_�l_�a_�g_�s, _�i_�n_�t_�3_�2_�__�t _�*_�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�l_�o_�c_�a_�l_�__�a_�d_�d_�r,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�*_�l_�o_�c_�a_�l_�__�a_�d_�d_�r,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s _�*_�*_�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�na�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t _�f_�d, _�i_�n_�t _�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�v_�o_�i_�d _�*_�p_�__�f_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y_�b_�l_�o_�c_�k);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y_�b_�l_�o_�c_�k);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y_�b_�l_�o_�c_�k);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�ne�er�ra�at�te�el�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k, _�*_�k_�e_�y_�");
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�ti�iv�ve�ec�ct�to�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ti�iv�ve�ec�ct�to�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�o_�i_�n_�t_�e_�r _�i_�v_�e_�c_�t_�o_�r);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r _�*_�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t structure holds all context related to an authenti-
- cated connection, in a similar way to k�kr�rb�b5�5_�_c�co�on�nt�te�ex�xt�t that holds the context
- for the thread or process. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t is used by various func-
- tions that are directly related to authentication between the
- server/client. Example of data that this structure contains are various
- flags, addresses of client and server, port numbers, keyblocks (and sub-
- keys), sequence numbers, replay cache, and checksum-type.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t() allocates and initializes the k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t
- structure. Default values can be changed with
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tc�ck�ks�su�um�mt�ty�yp�pe�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s(). The
- a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t structure must be freed by k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_f�fr�re�ee�e().
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tf�fl�la�ag�gs�s(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tf�fl�la�ag�gs�s(),
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_a�ad�dd�df�fl�la�ag�gs�s() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_r�re�em�mo�ov�ve�ef�fl�la�ag�gs�s() gets and modi-
- fies the flags for a k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t structure. Possible flags to set
- are:
-
- KRB5_AUTH_CONTEXT_DO_SEQUENCE
- Generate and check sequence-number on each packet.
-
- KRB5_AUTH_CONTEXT_DO_TIME
- Check timestamp on incoming packets.
-
- KRB5_AUTH_CONTEXT_RET_SEQUENCE, KRB5_AUTH_CONTEXT_RET_TIME
- Return sequence numbers and time stamps in the outdata parame-
- ters.
-
- KRB5_AUTH_CONTEXT_CLEAR_FORWARDED_CRED
- will force k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s() and k�kr�rb�b5�5_�_f�fw�wd�d_�_t�tg�gt�t_�_c�cr�re�ed�ds�s() to
- create unencrypted ) ENCTYPE_NULL) credentials. This is for use
- with old MIT server and JAVA based servers as they can't handle
- encrypted KRB-CRED. Note that sending such KRB-CRED is clear
- exposes crypto keys and tickets and is insecure, make sure the
- packet is encrypted in the protocol. krb5_rd_cred(3),
- krb5_rd_priv(3), krb5_rd_safe(3), krb5_mk_priv(3) and
- krb5_mk_safe(3). Setting this flag requires that parameter to be
- passed to these functions.
-
- The flags KRB5_AUTH_CONTEXT_DO_TIME also modifies the behavior
- the function k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s() by removing the timestamp
- in the forward credential message, this have backward compatibil-
- ity problems since not all versions of the heimdal supports time-
- less credentional messages. Is very useful since it always the
- sender of the message to cache forward message and thus avoiding
- a round trip to the KDC for each time a credential is forwarded.
- The same functionality can be obtained by using address-less
- tickets.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d() and
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s() gets and sets the addresses that are checked
- when a packet is received. It is mandatory to set an address for the
- remote host. If the local address is not set, it iss deduced from the
- underlaying operating system. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�ad�dd�dr�rs�s() will call
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�ad�dd�dr�re�es�ss�s() on any address that is passed in _�l_�o_�c_�a_�l_�__�a_�d_�d_�r or
- _�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�r() allows passing in a NULL pointer as
- _�l_�o_�c_�a_�l_�__�a_�d_�d_�r and _�r_�e_�m_�o_�t_�e_�__�a_�d_�d_�r, in that case it will just not set that
- address.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ta�ad�dd�dr�rs�s_�_f�fr�ro�om�m_�_f�fd�d() fetches the addresses from a file
- descriptor.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�na�ad�dd�dr�rs�s() fetches the address information from the given
- file descriptor _�f_�d depending on the bitmap argument _�f_�l_�a_�g_�s.
-
- Possible values on _�f_�l_�a_�g_�s are:
-
- _�K_�R_�B_�5_�__�A_�U_�T_�H_�__�C_�O_�N_�T_�E_�X_�T_�__�G_�E_�N_�E_�R_�A_�T_�E_�__�L_�O_�C_�A_�L_�__�A_�D_�D_�R
- fetches the local address from _�f_�d.
-
- _�K_�R_�B_�5_�__�A_�U_�T_�H_�__�C_�O_�N_�T_�E_�X_�T_�__�G_�E_�N_�E_�R_�A_�T_�E_�__�R_�E_�M_�O_�T_�E_�__�A_�D_�D_�R
- fetches the remote address from _�f_�d.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y() and
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y() gets and sets the key used for this auth context.
- The keyblock returned by k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tk�ke�ey�y() should be freed with
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�ke�ey�yb�bl�lo�oc�ck�k(). The keyblock send into k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y() is
- copied into the k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t, and thus no special handling is
- needed. NULL is not a valid keyblock to k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y().
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y() is only useful when doing user to user authen-
- tication. k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tk�ke�ey�y() is equivalent to
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tu�us�se�er�rk�ke�ey�y().
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(), k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y(),
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y() gets
- and sets the keyblock for the local and remote subkey. The keyblock
- returned by k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tl�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y() and
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�re�em�mo�ot�te�es�su�ub�bk�ke�ey�y() must be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�ke�ey�yb�bl�lo�oc�ck�k().
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tc�ck�ks�su�um�mt�ty�yp�pe�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tc�ck�ks�su�um�mt�ty�yp�pe�e() sets and gets the
- checksum type that should be used for this connection.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�en�ne�er�ra�at�te�el�lo�oc�ca�al�ls�su�ub�bk�ke�ey�y() generates a local subkey that have
- the same encryption type as _�k_�e_�y.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r() k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tr�re�em�mo�ot�te�es�se�eq�qn�nu�um�mb�be�er�r(),
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tl�lo�oc�ca�al�ls�se�eq�qn�nu�um�mb�be�er�r() gets and
- sets the sequence-number for the local and remote sequence-number
- counter.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_s�se�et�tk�ke�ey�yt�ty�yp�pe�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_g�ge�et�tk�ke�ey�yt�ty�yp�pe�e() gets and gets the key-
- type of the keyblock in k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�nt�te�ex�xt�t.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�ta�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r() Retrieves the authenticator that was
- used during mutual authentication. The authenticator returned should be
- freed by calling k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r().
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_g�ge�et�tr�rc�ca�ac�ch�he�e() and k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�tr�rc�ca�ac�ch�he�e() gets and sets the
- replay-cache.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�ti�iv�ve�ec�ct�to�or�r() allocates memory for and zeros the initial
- vector in the _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t keyblock.
-
- k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_s�se�et�ti�iv�ve�ec�ct�to�or�r() sets the i_vector portion of _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t to
- _�i_�v_�e_�c_�t_�o_�r.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�to�or�r() free the content of _�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r and
- _�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r itself.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_context(3), kerberos(8)
-
-HEIMDAL May 17, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_c_make_checksum.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_c_make_checksum.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_c_make_checksum.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,142 +0,0 @@
-
-KRB5_C_MAKE_CHECKSUM(3) BSD Library Functions Manual KRB5_C_MAKE_CHECKSUM(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�c_�_b�bl�lo�oc�ck�k_�_s�si�iz�ze�e, k�kr�rb�b5�5_�_c�c_�_d�de�ec�cr�ry�yp�pt�t, k�kr�rb�b5�5_�_c�c_�_e�en�nc�cr�ry�yp�pt�t, k�kr�rb�b5�5_�_c�c_�_e�en�nc�cr�ry�yp�pt�t_�_l�le�en�ng�gt�th�h,
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�ct�ty�yp�pe�e_�_c�co�om�mp�pa�ar�re�e, k�kr�rb�b5�5_�_c�c_�_g�ge�et�t_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�c_�_i�is�s_�_c�co�ol�ll�l_�_p�pr�ro�oo�of�f_�_c�ck�ks�su�um�m,
- k�kr�rb�b5�5_�_c�c_�_i�is�s_�_k�ke�ey�ye�ed�d_�_c�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�c_�_k�ke�ey�yl�le�en�ng�gt�th�h, k�kr�rb�b5�5_�_c�c_�_m�ma�ak�ke�e_�_c�ch�he�ec�ck�ks�su�um�m,
- k�kr�rb�b5�5_�_c�c_�_m�ma�ak�ke�e_�_r�ra�an�nd�do�om�m_�_k�ke�ey�y, k�kr�rb�b5�5_�_c�c_�_s�se�et�t_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�c_�_v�va�al�li�id�d_�_c�ck�ks�su�um�mt�ty�yp�pe�e,
- k�kr�rb�b5�5_�_c�c_�_v�va�al�li�id�d_�_e�en�nc�ct�ty�yp�pe�e, k�kr�rb�b5�5_�_c�c_�_v�ve�er�ri�if�fy�y_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�c_�_c�ch�he�ec�ck�ks�su�um�m_�_l�le�en�ng�gt�th�h --
- Kerberos 5 crypto API
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_b�bl�lo�oc�ck�k_�_s�si�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�s_�i_�z_�e_�__�t _�*_�b_�l_�o_�c_�k_�s_�i_�z_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_d�de�ec�cr�ry�yp�pt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�k_�e_�y,
- _�k_�r_�b_�5_�__�k_�e_�y_�u_�s_�a_�g_�e _�u_�s_�a_�g_�e, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�v_�e_�c, _�k_�r_�b_�5_�__�e_�n_�c_�__�d_�a_�t_�a _�*_�i_�n_�p_�u_�t,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�p_�u_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�cr�ry�yp�pt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y,
- _�k_�r_�b_�5_�__�k_�e_�y_�u_�s_�a_�g_�e _�u_�s_�a_�g_�e, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�v_�e_�c, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�p_�u_�t,
- _�k_�r_�b_�5_�__�e_�n_�c_�__�d_�a_�t_�a _�*_�o_�u_�t_�p_�u_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�cr�ry�yp�pt�t_�_l�le�en�ng�gt�th�h(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�s_�i_�z_�e_�__�t _�i_�n_�p_�u_�t_�l_�e_�n, _�s_�i_�z_�e_�__�t _�*_�l_�e_�n_�g_�t_�h);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�ct�ty�yp�pe�e_�_c�co�om�mp�pa�ar�re�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�1,
- _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�2, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�*_�s_�i_�m_�i_�l_�a_�r);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_m�ma�ak�ke�e_�_r�ra�an�nd�do�om�m_�_k�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�r_�a_�n_�d_�o_�m_�__�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_m�ma�ak�ke�e_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�k_�s_�u_�m_�t_�y_�p_�e,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y, _�k_�r_�b_�5_�__�k_�e_�y_�u_�s_�a_�g_�e _�u_�s_�a_�g_�e,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�p_�u_�t, _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_v�ve�er�ri�if�fy�y_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y,
- _�k_�r_�b_�5_�__�k_�e_�y_�u_�s_�a_�g_�e _�u_�s_�a_�g_�e, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�d_�a_�t_�a,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�*_�v_�a_�l_�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_c�ch�he�ec�ck�ks�su�um�m_�_l�le�en�ng�gt�th�h(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�k_�s_�u_�m_�t_�y_�p_�e,
- _�s_�i_�z_�e_�__�t _�*_�l_�e_�n_�g_�t_�h);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_g�ge�et�t_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m,
- _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�*_�t_�y_�p_�e, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�*_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_s�se�et�t_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m,
- _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�t_�y_�p_�e, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_c�c_�_v�va�al�li�id�d_�_e�en�nc�ct�ty�yp�pe�e(_�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e, _�e_�t_�y_�p_�e_�");
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_c�c_�_v�va�al�li�id�d_�_c�ck�ks�su�um�mt�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_c�c_�_i�is�s_�_c�co�ol�ll�l_�_p�pr�ro�oo�of�f_�_c�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_c�c_�_i�is�s_�_k�ke�ey�ye�ed�d_�_c�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�c_�_k�ke�ey�yl�le�en�ng�gt�th�hs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�s_�i_�z_�e_�__�t _�*_�i_�n_�l_�e_�n_�g_�t_�h, _�s_�i_�z_�e_�__�t _�*_�k_�e_�y_�l_�e_�n_�g_�t_�h);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The functions starting with krb5_c are compat functions with MIT ker-
- beros.
-
- The krb5_enc_data structure holds and encrypted data. There are two pub-
- lic accessable members of krb5_enc_data. enctype that holds the encryp-
- tion type of the data encrypted and ciphertext that is a _�k_�r_�b_�5_�__�d_�a_�t_�a that
- might contain the encrypted data.
-
- k�kr�rb�b5�5_�_c�c_�_b�bl�lo�oc�ck�k_�_s�si�iz�ze�e() returns the blocksize of the encryption type.
-
- k�kr�rb�b5�5_�_c�c_�_d�de�ec�cr�ry�yp�pt�t() decrypts _�i_�n_�p_�u_�t and store the data in _�o_�u_�t_�p_�u_�t_�. If _�i_�v_�e_�c is
- NULL the default initialization vector for that encryption type will be
- used.
-
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�cr�ry�yp�pt�t() encrypts the plaintext in _�i_�n_�p_�u_�t and store the ciphertext
- in _�o_�u_�t_�p_�u_�t.
-
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�cr�ry�yp�pt�t_�_l�le�en�ng�gt�th�h() returns the length the encrypted data given the
- plaintext length.
-
- k�kr�rb�b5�5_�_c�c_�_e�en�nc�ct�ty�yp�pe�e_�_c�co�om�mp�pa�ar�re�e() compares to encryption types and returns if they
- use compatible encryption key types.
-
- k�kr�rb�b5�5_�_c�c_�_m�ma�ak�ke�e_�_c�ch�he�ec�ck�ks�su�um�m() creates a checksum _�c_�k_�s_�u_�m with the checksum type
- _�c_�k_�s_�u_�m_�t_�y_�p_�e of the data in _�d_�a_�t_�a. _�k_�e_�y and _�u_�s_�a_�g_�e are used if the checksum is
- a keyed checksum type. Returns 0 or an error code.
-
- k�kr�rb�b5�5_�_c�c_�_v�ve�er�ri�if�fy�y_�_c�ch�he�ec�ck�ks�su�um�m() verifies the checksum of _�d_�a_�t_�a in _�c_�k_�s_�u_�m that was
- created with _�k_�e_�y using the key usage _�u_�s_�a_�g_�e. _�v_�e_�r_�i_�f_�y is set to non-zero if
- the checksum verifies correctly and zero if not. Returns 0 or an error
- code.
-
- k�kr�rb�b5�5_�_c�c_�_c�ch�he�ec�ck�ks�su�um�m_�_l�le�en�ng�gt�th�h() returns the length of the checksum.
-
- k�kr�rb�b5�5_�_c�c_�_s�se�et�t_�_c�ch�he�ec�ck�ks�su�um�m() sets the krb5_checksum structure given _�t_�y_�p_�e and
- _�d_�a_�t_�a. The content of _�c_�k_�s_�u_�m should be freeed with
- k�kr�rb�b5�5_�_c�c_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m_�_c�co�on�nt�te�en�nt�ts�s().
-
- k�kr�rb�b5�5_�_c�c_�_g�ge�et�t_�_c�ch�he�ec�ck�ks�su�um�m() retrieves the components of the krb5_checksum.
- structure. _�d_�a_�t_�a should be free with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_d�da�at�ta�a(). If some either of
- _�d_�a_�t_�a or _�c_�h_�e_�c_�k_�s_�u_�m is not needed for the application, NULL can be passed
- in.
-
- k�kr�rb�b5�5_�_c�c_�_v�va�al�li�id�d_�_e�en�nc�ct�ty�yp�pe�e() returns true if _�e_�t_�y_�p_�e is a valid encryption type.
-
- k�kr�rb�b5�5_�_c�c_�_v�va�al�li�id�d_�_c�ck�ks�su�um�mt�ty�yp�pe�e() returns true if _�c_�t_�y_�p_�e is a valid checksum type.
-
- k�kr�rb�b5�5_�_c�c_�_i�is�s_�_k�ke�ey�ye�ed�d_�_c�ck�ks�su�um�m() return true if _�c_�t_�y_�p_�e is a keyed checksum type.
-
- k�kr�rb�b5�5_�_c�c_�_i�is�s_�_c�co�ol�ll�l_�_p�pr�ro�oo�of�f_�_c�ck�ks�su�um�m() returns true if _�c_�t_�y_�p_�e is a collision proof
- checksum type.
-
- k�kr�rb�b5�5_�_c�c_�_k�ke�ey�yl�le�en�ng�gt�th�hs�s() return the minimum length (_�i_�n_�l_�e_�n_�g_�t_�h) bytes needed to
- create a key and the length (_�k_�e_�y_�l_�e_�n_�g_�t_�h) of the resulting key for the
- _�e_�n_�c_�t_�y_�p_�e.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_create_checksum(3), krb5_free_data(3), kerberos(8)
-
-HEIMDAL Nov 17, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_check_transited.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_check_transited.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_check_transited.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,49 +0,0 @@
-
-KRB5_CHECK_TRANSITED(3) BSD Library Functions Manual KRB5_CHECK_TRANSITED(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d, k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d_�_r�re�ea�al�lm�ms�s,
- k�kr�rb�b5�5_�_d�do�om�ma�ai�in�n_�_x�x5�50�00�0_�_d�de�ec�co�od�de�e, k�kr�rb�b5�5_�_d�do�om�ma�ai�in�n_�_x�x5�50�00�0_�_e�en�nc�co�od�de�e -- realm transit verifi-
- cation and encoding/decoding functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�c_�l_�i_�e_�n_�t_�__�r_�e_�a_�l_�m,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�s_�e_�r_�v_�e_�r_�__�r_�e_�a_�l_�m, _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m_�s, _�i_�n_�t _�n_�u_�m_�__�r_�e_�a_�l_�m_�s,
- _�i_�n_�t _�*_�b_�a_�d_�__�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d_�_r�re�ea�al�lm�ms�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�c_�o_�n_�s_�t _�*_�r_�e_�a_�l_�m_�s, _�i_�n_�t _�n_�u_�m_�__�r_�e_�a_�l_�m_�s, _�i_�n_�t _�*_�b_�a_�d_�__�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�do�om�ma�ai�in�n_�_x�x5�50�00�0_�_d�de�ec�co�od�de�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�a_�t_�a _�t_�r,
- _�c_�h_�a_�r _�*_�*_�*_�r_�e_�a_�l_�m_�s, _�i_�n_�t _�*_�n_�u_�m_�__�r_�e_�a_�l_�m_�s, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�c_�l_�i_�e_�n_�t_�__�r_�e_�a_�l_�m,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�e_�r_�v_�e_�r_�__�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�do�om�ma�ai�in�n_�_x�x5�50�00�0_�_e�en�nc�co�od�de�e(_�c_�h_�a_�r _�*_�*_�r_�e_�a_�l_�m_�s, _�i_�n_�t _�n_�u_�m_�__�r_�e_�a_�l_�m_�s,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�e_�n_�c_�o_�d_�i_�n_�g);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d() checks the path from _�c_�l_�i_�e_�n_�t_�__�r_�e_�a_�l_�m to _�s_�e_�r_�v_�e_�r_�__�r_�e_�a_�l_�m
- where _�r_�e_�a_�l_�m_�s and _�n_�u_�m_�__�r_�e_�a_�l_�m_�s is the realms between them. If the function
- returns an error value, _�b_�a_�d_�__�r_�e_�a_�l_�m will be set to the realm in the list
- causing the error. k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d() is used internally by the KDC
- and libkrb5 and should not be called by client applications.
-
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�k_�_t�tr�ra�an�ns�si�it�te�ed�d_�_r�re�ea�al�lm�ms�s() is deprecated.
-
- k�kr�rb�b5�5_�_d�do�om�ma�ai�in�n_�_x�x5�50�00�0_�_e�en�nc�co�od�de�e() and k�kr�rb�b5�5_�_d�do�om�ma�ai�in�n_�_x�x5�50�00�0_�_d�de�ec�co�od�de�e() encodes and
- decodes the realm names in the X500 format that Kerberos uses to describe
- the transited realms in krbtgts.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5.conf(5)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_create_checksum.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_create_checksum.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_create_checksum.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,113 +0,0 @@
-
-NAME(3) BSD Library Functions Manual NAME(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_d�di�is�sa�ab�bl�le�e, k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_i�is�s_�_c�co�ol�ll�li�is�si�io�on�n_�_p�pr�ro�oo�of�f,
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_i�is�s_�_k�ke�ey�ye�ed�d, k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�ms�si�iz�ze�e, k�kr�rb�b5�5_�_c�ck�ks�su�um�mt�ty�yp�pe�e_�_v�va�al�li�id�d,
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�cr�re�ea�at�te�e_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�t_�_c�ch�he�ec�ck�ks�su�um�m_�_t�ty�yp�pe�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m_�_c�co�on�nt�te�en�nt�ts�s, k�kr�rb�b5�5_�_h�hm�ma�ac�c,
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_c�ch�he�ec�ck�ks�su�um�m -- creates, handles and verifies checksums
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- typedef Checksum krb5_checksum;
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_d�di�is�sa�ab�bl�le�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_i�is�s_�_c�co�ol�ll�li�is�si�io�on�n_�_p�pr�ro�oo�of�f(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_i�is�s_�_k�ke�ey�ye�ed�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�ck�ks�su�um�mt�ty�yp�pe�e_�_v�va�al�li�id�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�ms�si�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�t_�y_�p_�e,
- _�s_�i_�z_�e_�__�t _�*_�s_�i_�z_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�re�ea�at�te�e_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�k_�r_�b_�5_�__�k_�e_�y_�__�u_�s_�a_�g_�e _�u_�s_�a_�g_�e, _�i_�n_�t _�t_�y_�p_�e, _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n,
- _�C_�h_�e_�c_�k_�s_�u_�m _�*_�r_�e_�s_�u_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�k_�r_�b_�5_�__�k_�e_�y_�__�u_�s_�a_�g_�e _�u_�s_�a_�g_�e, _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n, _�C_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�t_�_c�ch�he�ec�ck�ks�su�um�m_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�*_�t_�y_�p_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m_�_c�co�on�nt�te�en�nt�ts�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�c_�k_�s_�u_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_h�hm�ma�ac�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�k_�s_�u_�m_�t_�y_�p_�e _�c_�k_�t_�y_�p_�e, _�c_�o_�n_�s_�t _�v_�o_�i_�d _�*_�d_�a_�t_�a,
- _�s_�i_�z_�e_�__�t _�l_�e_�n, _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y, _�C_�h_�e_�c_�k_�s_�u_�m _�*_�r_�e_�s_�u_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�ch�he�ec�ck�ks�su�um�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�o_�l_�d,
- _�k_�r_�b_�5_�__�c_�h_�e_�c_�k_�s_�u_�m _�*_�*_�n_�e_�w);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The krb5_checksum structure holds a Kerberos checksum. There is no com-
- ponent inside krb5_checksum that is directly referable.
-
- The functions are used to create and verify checksums.
- k�kr�rb�b5�5_�_c�cr�re�ea�at�te�e_�_c�ch�he�ec�ck�ks�su�um�m() creates a checksum of the specified data, and puts
- it in _�r_�e_�s_�u_�l_�t. If _�c_�r_�y_�p_�t_�o is NULL, _�u_�s_�a_�g_�e_�__�o_�r_�__�t_�y_�p_�e specifies the checksum
- type to use; it must not be keyed. Otherwise _�c_�r_�y_�p_�t_�o is an encryption con-
- text created by k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_i�in�ni�it�t(), and _�u_�s_�a_�g_�e_�__�o_�r_�__�t_�y_�p_�e specifies a key-
- usage.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_c�ch�he�ec�ck�ks�su�um�m() verifies the _�c_�h_�e_�c_�k_�s_�u_�m against the provided data.
-
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_i�is�s_�_c�co�ol�ll�li�is�si�io�on�n_�_p�pr�ro�oo�of�f() returns true is the specified checksum
- is collision proof (that it's very unlikely that two strings has the same
- hash value, and that it's hard to find two strings that has the same
- hash). Examples of collision proof checksums are MD5, and SHA1, while
- CRC32 is not.
-
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_i�is�s_�_k�ke�ey�ye�ed�d() returns true if the specified checksum type is
- keyed (that the hash value is a function of both the data, and a separate
- key). Examples of keyed hash algorithms are HMAC-SHA1-DES3, and RSA-
- MD5-DES. The ``plain'' hash functions MD5, and SHA1 are not keyed.
-
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�t_�_c�ch�he�ec�ck�ks�su�um�m_�_t�ty�yp�pe�e() returns the checksum type that will be
- used when creating a checksum for the given _�c_�r_�y_�p_�t_�o context. This func-
- tion is useful in combination with k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�ms�si�iz�ze�e() when you want to
- know the size a checksum will use when you create it.
-
- k�kr�rb�b5�5_�_c�ck�ks�su�um�mt�ty�yp�pe�e_�_v�va�al�li�id�d() returns 0 or an error if the checksumtype is
- implemented and not currently disabled in this kerberos library.
-
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�ms�si�iz�ze�e() returns the size of the outdata of checksum function.
-
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�ch�he�ec�ck�ks�su�um�m() returns a copy of the checksum k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m()
- should use used to free the _�n_�e_�w checksum.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m() free the checksum and the content of the checksum.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�ch�he�ec�ck�ks�su�um�m_�_c�co�on�nt�te�en�nt�ts�s() frees the content of checksum in _�c_�k_�s_�u_�m.
-
- k�kr�rb�b5�5_�_h�hm�ma�ac�c() calculates the HMAC over _�d_�a_�t_�a (with length _�l_�e_�n) using the
- keyusage _�u_�s_�a_�g_�e and keyblock _�k_�e_�y. Note that keyusage is not always used
- in checksums.
-
- k�kr�rb�b5�5_�_c�ch�he�ec�ck�ks�su�um�m_�_d�di�is�sa�ab�bl�le�e globally disables the checksum type.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_crypto_init(3), krb5_c_encrypt(3), krb5_encrypt(3)
-
-HEIMDAL August 12, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_creds.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_creds.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_creds.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,58 +0,0 @@
-
-KRB5_CREDS(3) BSD Library Functions Manual KRB5_CREDS(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�cr�re�ed�ds�s, k�kr�rb�b5�5_�_c�co�op�py�y_�_c�cr�re�ed�ds�s, k�kr�rb�b5�5_�_c�co�op�py�y_�_c�cr�re�ed�ds�s_�_c�co�on�nt�te�en�nt�ts�s, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s,
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�d_�_c�co�on�nt�te�en�nt�ts�s -- Kerberos 5 credential handling functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�c_�r_�e_�d,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�*_�o_�u_�t_�c_�r_�e_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�cr�re�ed�ds�s_�_c�co�on�nt�te�en�nt�ts�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�c_�r_�e_�d,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�o_�u_�t_�c_�r_�e_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�o_�u_�t_�c_�r_�e_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�d_�_c�co�on�nt�te�en�nt�ts�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s holds Kerberos credentials:
-
- typedef struct krb5_creds {
- krb5_principal client;
- krb5_principal server;
- krb5_keyblock session;
- krb5_times times;
- krb5_data ticket;
- krb5_data second_ticket;
- krb5_authdata authdata;
- krb5_addresses addresses;
- krb5_ticket_flags flags;
- } krb5_creds;
-
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�cr�re�ed�ds�s() makes a copy of _�i_�n_�c_�r_�e_�d to _�o_�u_�t_�c_�r_�e_�d. _�o_�u_�t_�c_�r_�e_�d should be
- freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s() by the caller.
-
- k�kr�rb�b5�5_�_c�co�op�py�y_�_c�cr�re�ed�ds�s_�_c�co�on�nt�te�en�nt�ts�s() makes a copy of the content of _�i_�n_�c_�r_�e_�d to
- _�o_�u_�t_�c_�r_�e_�d_�s. _�o_�u_�t_�c_�r_�e_�d_�s should be freed by the called with
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s_�_c�co�on�nt�te�en�nt�ts�s().
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s() frees the content of the _�c_�r_�e_�d structure and the struc-
- ture itself.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�d_�_c�co�on�nt�te�en�nt�ts�s() frees the content of the _�c_�r_�e_�d structure.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_compare_creds(3), krb5_get_init_creds(3), kerberos(8)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_digest.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_digest.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_digest.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,146 +0,0 @@
-
-KRB5_DIGEST(3) BSD Library Functions Manual KRB5_DIGEST(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_a�al�ll�lo�oc�c, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_f�fr�re�ee�e,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_s�se�er�rv�ve�er�r_�_c�cb�b, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_t�ty�yp�pe�e,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_h�ho�os�st�tn�na�am�me�e, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_s�se�er�rv�ve�er�r_�_n�no�on�nc�ce�e,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_s�se�er�rv�ve�er�r_�_n�no�on�nc�ce�e, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_o�op�pa�aq�qu�ue�e,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_o�op�pa�aq�qu�ue�e, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_i�id�de�en�nt�ti�if�fi�ie�er�r,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_i�id�de�en�nt�ti�if�fi�ie�er�r, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_i�in�ni�it�t_�_r�re�eq�qu�ue�es�st�t,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_c�cl�li�ie�en�nt�t_�_n�no�on�nc�ce�e, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_d�di�ig�ge�es�st�t,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_u�us�se�er�rn�na�am�me�e, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_a�au�ut�th�hi�id�d,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�ti�io�on�n_�_u�us�se�er�r, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_r�re�ea�al�lm�m,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_m�me�et�th�ho�od�d, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_u�ur�ri�i, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_n�no�on�nc�ce�eC�Co�ou�un�nt�t,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_q�qo�op�p, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_r�re�eq�qu�ue�es�st�t, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_r�re�es�sp�po�on�ns�se�eD�Da�at�ta�a,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_r�rs�sp�p, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_t�ti�ic�ck�ke�et�ts�s,
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_c�cl�li�ie�en�nt�t_�_b�bi�in�nd�di�in�ng�g, k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_a�a1�1_�_h�ha�as�sh�h -- remote digest
- (HTTP-DIGEST, SASL, CHAP) suppport
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- typedef struct krb5_digest *krb5_digest;
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_a�al�ll�lo�oc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�*_�d_�i_�g_�e_�s_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_s�se�er�rv�ve�er�r_�_c�cb�b(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�t_�y_�p_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�b_�i_�n_�d_�i_�n_�g);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_h�ho�os�st�tn�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_s�se�er�rv�ve�er�r_�_n�no�on�nc�ce�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_s�se�er�rv�ve�er�r_�_n�no�on�nc�ce�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�o_�n_�c_�e);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_o�op�pa�aq�qu�ue�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_o�op�pa�aq�qu�ue�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�o_�p_�a_�q_�u_�e);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_i�id�de�en�nt�ti�if�fi�ie�er�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_i�id�de�en�nt�ti�if�fi�ie�er�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_i�in�ni�it�t_�_r�re�eq�qu�ue�es�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_c�cl�li�ie�en�nt�t_�_n�no�on�nc�ce�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�o_�n_�c_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_d�di�ig�ge�es�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�d_�g_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_u�us�se�er�rn�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�u_�s_�e_�r_�n_�a_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_a�au�ut�th�hi�id�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�a_�u_�t_�h_�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_a�au�ut�th�he�en�nt�ti�ic�ca�at�ti�io�on�n_�_u�us�se�er�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�i_�o_�n_�__�u_�s_�e_�r);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_m�me�et�th�ho�od�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�m_�e_�t_�h_�o_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_u�ur�ri�i(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�u_�r_�i);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_n�no�on�nc�ce�eC�Co�ou�un�nt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�o_�n_�c_�e_�__�c_�o_�u_�n_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_s�se�et�t_�_q�qo�op�p(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�q_�o_�p);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_r�re�eq�qu�ue�es�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_r�re�es�sp�po�on�ns�se�eD�Da�at�ta�a(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_r�rs�sp�p(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_t�ti�ic�ck�ke�et�ts�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�T_�i_�c_�k_�e_�t _�*_�*_�t_�i_�c_�k_�e_�t_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_c�cl�li�ie�en�nt�t_�_b�bi�in�nd�di�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�c_�h_�a_�r _�*_�*_�t_�y_�p_�e, _�c_�h_�a_�r _�*_�*_�b_�i_�n_�d_�i_�n_�g);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_g�ge�et�t_�_a�a1�1_�_h�ha�as�sh�h(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�d_�i_�g_�e_�s_�t _�d_�i_�g_�e_�s_�t,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�d_�a_�t_�a);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_a�al�ll�lo�oc�c() function allocatates the _�d_�i_�g_�e_�s_�t structure. The
- structure should be freed with k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_f�fr�re�ee�e() when it is no longer
- being used.
-
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_a�al�ll�lo�oc�c() returns 0 to indicate success. Otherwise an kerberos
- code is returned and the pointer that _�d_�i_�g_�e_�s_�t points to is set to NULL.
-
- k�kr�rb�b5�5_�_d�di�ig�ge�es�st�t_�_f�fr�re�ee�e() free the structure _�d_�i_�g_�e_�s_�t.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), kerberos(8)
-
-HEIMDAL February 18, 2007 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_eai_to_heim_errno.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,29 +0,0 @@
-
-KRB5_EAI_TO_HEIM_ERRN... BSD Library Functions Manual KRB5_EAI_TO_HEIM_ERRN...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_e�ea�ai�i_�_t�to�o_�_h�he�ei�im�m_�_e�er�rr�rn�no�o, k�kr�rb�b5�5_�_h�h_�_e�er�rr�rn�no�o_�_t�to�o_�_h�he�ei�im�m_�_e�er�rr�rn�no�o -- convert resolver
- error code to com_err error codes
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�ea�ai�i_�_t�to�o_�_h�he�ei�im�m_�_e�er�rr�rn�no�o(_�i_�n_�t _�e_�a_�i_�__�e_�r_�r_�n_�o, _�i_�n_�t _�s_�y_�s_�t_�e_�m_�__�e_�r_�r_�o_�r);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_h�h_�_e�er�rr�rn�no�o_�_t�to�o_�_h�he�ei�im�m_�_e�er�rr�rn�no�o(_�i_�n_�t _�e_�a_�i_�__�e_�r_�r_�n_�o);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_e�ea�ai�i_�_t�to�o_�_h�he�ei�im�m_�_e�er�rr�rn�no�o() and k�kr�rb�b5�5_�_h�h_�_e�er�rr�rn�no�o_�_t�to�o_�_h�he�ei�im�m_�_e�er�rr�rn�no�o() convert
- getaddrinfo(3), getnameinfo(3), and h_errno(3) to com_err error code that
- are used by Heimdal, this is useful for for function returning kerberos
- errors and needs to communicate failures from resolver function.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), kerberos(8)
-
-HEIMDAL April 13, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_encrypt.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_encrypt.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_encrypt.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,138 +0,0 @@
-
-KRB5_ENCRYPT(3) BSD Library Functions Manual KRB5_ENCRYPT(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tb�bl�lo�oc�ck�ks�si�iz�ze�e, k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tc�co�on�nf�fo�ou�un�nd�de�er�rs�si�iz�ze�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�te�en�nc�ct�ty�yp�pe�e, k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tp�pa�ad�ds�si�iz�ze�e, k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_o�ov�ve�er�rh�he�ea�ad�d,
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t, k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_E�En�nc�cr�ry�yp�pt�te�ed�dD�Da�at�ta�a, k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_i�iv�ve�ec�c,
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_t�ti�ic�ck�ke�et�t, k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t, k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_E�En�nc�cr�ry�yp�pt�te�ed�dD�Da�at�ta�a,
- k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_i�iv�ve�ec�c, k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_d�di�is�sa�ab�bl�le�e, k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_k�ke�ey�ys�si�iz�ze�e,
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_t�to�o_�_s�st�tr�ri�in�ng�g, k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_v�va�al�li�id�d, k�kr�rb�b5�5_�_g�ge�et�t_�_w�wr�ra�ap�pp�pe�ed�d_�_l�le�en�ng�gt�th�h,
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_e�en�nc�ct�ty�yp�pe�e -- encrypt and decrypt data, set and get encryp-
- tion type parameters
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o, _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e,
- _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_E�En�nc�cr�ry�yp�pt�te�ed�dD�Da�at�ta�a(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e, _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n, _�i_�n_�t _�k_�v_�n_�o,
- _�E_�n_�c_�r_�y_�p_�t_�e_�d_�D_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_i�iv�ve�ec�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e, _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t,
- _�v_�o_�i_�d _�*_�i_�v_�e_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o, _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e,
- _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_E�En�nc�cr�ry�yp�pt�te�ed�dD�Da�at�ta�a(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e, _�E_�n_�c_�r_�y_�p_�t_�e_�d_�D_�a_�t_�a _�*_�e, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_i�iv�ve�ec�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�u_�n_�s_�i_�g_�n_�e_�d _�u_�s_�a_�g_�e, _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�s_�i_�z_�e_�__�t _�l_�e_�n, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t,
- _�v_�o_�i_�d _�*_�i_�v_�e_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_t�ti�ic�ck�ke�et�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�T_�i_�c_�k_�e_�t _�*_�t_�i_�c_�k_�e_�t,
- _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y, _�E_�n_�c_�T_�i_�c_�k_�e_�t_�P_�a_�r_�t _�*_�o_�u_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tb�bl�lo�oc�ck�ks�si�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�s_�i_�z_�e_�__�t _�*_�b_�l_�o_�c_�k_�s_�i_�z_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�te�en�nc�ct�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�n_�c_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tp�pa�ad�ds�si�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�s_�i_�z_�e_�__�t, _�*_�p_�a_�d_�s_�i_�z_�e_�");
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tc�co�on�nf�fo�ou�un�nd�de�er�rs�si�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�s_�i_�z_�e_�__�t, _�*_�c_�o_�n_�f_�o_�u_�n_�d_�e_�r_�s_�i_�z_�e_�");
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_k�ke�ey�ys�si�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�t_�y_�p_�e,
- _�s_�i_�z_�e_�__�t _�*_�k_�e_�y_�s_�i_�z_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_o�ov�ve�er�rh�he�ea�ad�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�s_�i_�z_�e_�__�t, _�*_�p_�a_�d_�s_�i_�z_�e_�");
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_e�en�nc�ct�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�t_�r_�i_�n_�g,
- _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_t�to�o_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�t_�y_�p_�e,
- _�c_�h_�a_�r _�*_�*_�s_�t_�r_�i_�n_�g);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_v�va�al�li�id�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�t_�y_�p_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_d�di�is�sa�ab�bl�le�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�t_�y_�p_�e);
-
- _�s_�i_�z_�e_�__�t
- k�kr�rb�b5�5_�_g�ge�et�t_�_w�wr�ra�ap�pp�pe�ed�d_�_l�le�en�ng�gt�th�h(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�y_�p_�t_�o _�c_�r_�y_�p_�t_�o,
- _�s_�i_�z_�e_�__�t _�d_�a_�t_�a_�__�l_�e_�n);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions are used to encrypt and decrypt data.
-
- k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_i�iv�ve�ec�c() puts the encrypted version of _�d_�a_�t_�a (of size _�l_�e_�n) in
- _�r_�e_�s_�u_�l_�t. If the encryption type supports using derived keys, _�u_�s_�a_�g_�e should
- be the appropriate key-usage. _�i_�v_�e_�c is a pointer to a initial IV, it is
- modified to the end IV at the end of the round. Ivec should be the size
- of If NULL is passed in, the default IV is used. k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t() does the
- same as k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_i�iv�ve�ec�c() but with _�i_�v_�e_�c being NULL.
- k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t_�_E�En�nc�cr�ry�yp�pt�te�ed�dD�Da�at�ta�a() does the same as k�kr�rb�b5�5_�_e�en�nc�cr�ry�yp�pt�t(), but it puts
- the encrypted data in a _�E_�n_�c_�r_�y_�p_�t_�e_�d_�D_�a_�t_�a structure instead. If _�k_�v_�n_�o is not
- zero, it will be put in the (optional) _�k_�v_�n_�o field in the _�E_�n_�c_�r_�y_�p_�t_�e_�d_�D_�a_�t_�a.
-
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_i�iv�ve�ec�c(), k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t(), and k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_E�En�nc�cr�ry�yp�pt�te�ed�dD�Da�at�ta�a()
- works similarly.
-
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_t�ti�ic�ck�ke�et�t() decrypts the encrypted part of _�t_�i_�c_�k_�e_�t with _�k_�e_�y.
- k�kr�rb�b5�5_�_d�de�ec�cr�ry�yp�pt�t_�_t�ti�ic�ck�ke�et�t() also verifies the timestamp in the ticket, invalid
- flag and if the KDC haven't verified the transited path, the transit
- path.
-
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_k�ke�ey�ys�si�iz�ze�e(), k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tc�co�on�nf�fo�ou�un�nd�de�er�rs�si�iz�ze�e(),
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tb�bl�lo�oc�ck�ks�si�iz�ze�e(), k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�te�en�nc�ct�ty�yp�pe�e(),
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_g�ge�et�tp�pa�ad�ds�si�iz�ze�e(), k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_o�ov�ve�er�rh�he�ea�ad�d() all returns various
- (sometimes) useful information from a crypto context.
- k�kr�rb�b5�5_�_c�cr�ry�yp�pt�to�o_�_o�ov�ve�er�rh�he�ea�ad�d() is the combination of krb5_crypto_getconfounder-
- size, krb5_crypto_getblocksize and krb5_crypto_getpadsize and return the
- maximum overhead size.
-
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_t�to�o_�_s�st�tr�ri�in�ng�g() converts a encryption type number to a string
- that can be printable and stored. The strings returned should be freed
- with free(3).
-
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_e�en�nc�ct�ty�yp�pe�e() converts a encryption type strings to a encryp-
- tion type number that can use used for other Kerberos crypto functions.
-
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_v�va�al�li�id�d() returns 0 if the encrypt is supported and not dis-
- abled, otherwise and error code is returned.
-
- k�kr�rb�b5�5_�_e�en�nc�ct�ty�yp�pe�e_�_d�di�is�sa�ab�bl�le�e() (globally, for all contextes) disables the
- _�e_�n_�c_�t_�y_�p_�e.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_w�wr�ra�ap�pp�pe�ed�d_�_l�le�en�ng�gt�th�h() returns the size of an encrypted packet by
- _�c_�r_�y_�p_�t_�o of length _�d_�a_�t_�a_�__�l_�e_�n.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_create_checksum(3), krb5_crypto_init(3)
-
-HEIMDAL March 20, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_find_padata.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_find_padata.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_find_padata.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,33 +0,0 @@
-
-KRB5_FIND_PADATA(3) BSD Library Functions Manual KRB5_FIND_PADATA(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_f�fi�in�nd�d_�_p�pa�ad�da�at�ta�a, k�kr�rb�b5�5_�_p�pa�ad�da�at�ta�a_�_a�ad�dd�d -- Kerberos 5 pre-authentication data
- handling functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�P_�A_�__�D_�A_�T_�A _�*
- k�kr�rb�b5�5_�_f�fi�in�nd�d_�_p�pa�ad�da�at�ta�a(_�P_�A_�__�D_�A_�T_�A _�*_�v_�a_�l, _�u_�n_�s_�i_�g_�n_�e_�d _�l_�e_�n, _�i_�n_�t _�t_�y_�p_�e, _�i_�n_�t _�*_�i_�n_�d_�e_�x);
-
- _�i_�n_�t
- k�kr�rb�b5�5_�_p�pa�ad�da�at�ta�a_�_a�ad�dd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�M_�E_�T_�H_�O_�D_�__�D_�A_�T_�A _�*_�m_�d, _�i_�n_�t _�t_�y_�p_�e,
- _�v_�o_�i_�d _�*_�b_�u_�f, _�s_�i_�z_�e_�__�t _�l_�e_�n);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_f�fi�in�nd�d_�_p�pa�ad�da�at�ta�a() tries to find the pre-authentication data entry of
- type _�t_�y_�p_�e in the array _�v_�a_�l of length _�l_�e_�n. The search is started at entry
- pointed out by _�*_�i_�n_�d_�e_�x (zero based indexing). If the type isn't found,
- NULL is returned.
-
- k�kr�rb�b5�5_�_p�pa�ad�da�at�ta�a_�_a�ad�dd�d() adds a pre-authentication data entry of type _�t_�y_�p_�e
- pointed out by _�b_�u_�f and _�l_�e_�n to _�m_�d.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), kerberos(8)
-
-HEIMDAL March 21, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_generate_random_block.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_generate_random_block.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_generate_random_block.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,23 +0,0 @@
-
-KRB5_GENERATE_RANDOM_... BSD Library Functions Manual KRB5_GENERATE_RANDOM_...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�en�ne�er�ra�at�te�e_�_r�ra�an�nd�do�om�m_�_b�bl�lo�oc�ck�k -- Kerberos 5 random functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�en�ne�er�ra�at�te�e_�_r�ra�an�nd�do�om�m_�_b�bl�lo�oc�ck�k(_�v_�o_�i_�d _�*_�b_�u_�f, _�s_�i_�z_�e_�__�t _�l_�e_�n);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_g�ge�en�ne�er�ra�at�te�e_�_r�ra�an�nd�do�om�m_�_b�bl�lo�oc�ck�k() generates a cryptographically strong pseudo-
- random block into the buffer _�b_�u_�f of length _�l_�e_�n.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5.conf(5)
-
-HEIMDAL March 21, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_all_client_addrs.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,39 +0,0 @@
-
-KRB5_GET_ADDRS(3) BSD Library Functions Manual KRB5_GET_ADDRS(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_a�al�ll�l_�_c�cl�li�ie�en�nt�t_�_a�ad�dd�dr�rs�s, k�kr�rb�b5�5_�_g�ge�et�t_�_a�al�ll�l_�_s�se�er�rv�ve�er�r_�_a�ad�dd�dr�rs�s -- return local
- addresses
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_a�al�ll�l_�_c�cl�li�ie�en�nt�t_�_a�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_a�al�ll�l_�_s�se�er�rv�ve�er�r_�_a�ad�dd�dr�rs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions return in _�a_�d_�d_�r_�s a list of addresses associated with the
- local host.
-
- The server variant returns all configured interface addresses (if possi-
- ble), including loop-back addresses. This is useful if you want to create
- sockets to listen to.
-
- The client version will also scan local interfaces (can be turned off by
- setting libdefaults/scan_interfaces to false in _�k_�r_�b_�5_�._�c_�o_�n_�f), but will not
- include loop-back addresses, unless there are no other addresses found.
- It will remove all addresses included in libdefaults/ignore_addresses but
- will unconditionally include addresses in libdefaults/extra_addresses.
-
- The returned addresses should be freed by calling k�kr�rb�b5�5_�_f�fr�re�ee�e_�_a�ad�dd�dr�re�es�ss�se�es�s().
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_free_addresses(3)
-
-HEIMDAL July 1, 2001 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_credentials.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_credentials.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_credentials.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,97 +0,0 @@
-
-KRB5_GET_CREDENTIALS(3) BSD Library Functions Manual KRB5_GET_CREDENTIALS(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s, k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s_�_w�wi�it�th�h_�_f�fl�la�ag�gs�s, k�kr�rb�b5�5_�_g�ge�et�t_�_k�kd�dc�c_�_c�cr�re�ed�d,
- k�kr�rb�b5�5_�_g�ge�et�t_�_r�re�en�ne�ew�we�ed�d_�_c�cr�re�ed�ds�s -- get credentials from the KDC using krbtgt
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�*_�o_�u_�t_�__�c_�r_�e_�d_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s_�_w�wi�it�th�h_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�k_�d_�c_�__�f_�l_�a_�g_�s _�f_�l_�a_�g_�s, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d_�s,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�*_�o_�u_�t_�__�c_�r_�e_�d_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kd�dc�c_�_c�cr�re�ed�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�i_�d,
- _�k_�r_�b_�5_�__�k_�d_�c_�__�f_�l_�a_�g_�s _�f_�l_�a_�g_�s, _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s,
- _�T_�i_�c_�k_�e_�t _�*_�s_�e_�c_�o_�n_�d_�__�t_�i_�c_�k_�e_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�*_�o_�u_�t_�__�c_�r_�e_�d_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_r�re�en�ne�ew�we�ed�d_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�c_�l_�i_�e_�n_�t, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�n_�__�t_�k_�t_�__�s_�e_�r_�v_�i_�c_�e);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s_�_w�wi�it�th�h_�_f�fl�la�ag�gs�s() get credentials specified by
- _�i_�n_�__�c_�r_�e_�d_�s_�-_�>_�s_�e_�r_�v_�e_�r and _�i_�n_�__�c_�r_�e_�d_�s_�-_�>_�c_�l_�i_�e_�n_�t (the rest of the _�i_�n_�__�c_�r_�e_�d_�s structure
- is ignored) by first looking in the _�c_�c_�a_�c_�h_�e and if doesn't exists or is
- expired, fetch the credential from the KDC using the krbtgt in _�c_�c_�a_�c_�h_�e.
- The credential is returned in _�o_�u_�t_�__�c_�r_�e_�d_�s and should be freed using the
- function k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s().
-
- Valid flags to pass into _�o_�p_�t_�i_�o_�n_�s argument are:
-
- KRB5_GC_CACHED Only check the _�c_�c_�a_�c_�h_�e, don't got out on network to
- fetch credential.
- KRB5_GC_USER_USER Request a user to user ticket. This option doesn't
- store the resulting user to user credential in the
- _�c_�c_�a_�c_�h_�e.
- KRB5_GC_EXPIRED_OK returns the credential even if it is expired, default
- behavior is trying to refetch the credential from the
- KDC.
-
- _�F_�l_�a_�g_�s are KDCOptions, note the caller must fill in the bit-field and not
- use the integer associated structure.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s() works the same way as
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�de�en�nt�ti�ia�al�ls�s_�_w�wi�it�th�h_�_f�fl�la�ag�gs�s() except that the _�f_�l_�a_�g_�s field is missing.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kd�dc�c_�_c�cr�re�ed�d() does the same as the functions above, but the caller
- must fill in all the information andits closer to the wire protocol.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_r�re�en�ne�ew�we�ed�d_�_c�cr�re�ed�ds�s() renews a credential given by _�i_�n_�__�t_�k_�t_�__�s_�e_�r_�v_�i_�c_�e (if
- NULL the default krbtgt) using the credential cache _�c_�c_�a_�c_�h_�e. The result
- is stored in _�c_�r_�e_�d_�s and should be freed using _�k_�r_�b_�5_�__�f_�r_�e_�e_�__�c_�r_�e_�d_�s.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Here is a example function that get a credential from a credential cache
- _�i_�d or the KDC and returns it to the caller.
-
- #include <krb5.h>
-
- int
- getcred(krb5_context context, krb5_ccache id, krb5_creds **creds)
- {
- krb5_error_code ret;
- krb5_creds in;
-
- ret = krb5_parse_name(context, "client at EXAMPLE.COM",
- &in.client);
- if (ret)
- krb5_err(context, 1, ret, "krb5_parse_name");
-
- ret = krb5_parse_name(context, "host/server.example.com at EXAMPLE.COM",
- &in.server);
- if (ret)
- krb5_err(context, 1, ret, "krb5_parse_name");
-
- ret = krb5_get_credentials(context, 0, id, &in, creds);
- if (ret)
- krb5_err(context, 1, ret, "krb5_get_credentials");
-
- return 0;
- }
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_get_forwarded_creds(3), krb5.conf(5)
-
-HEIMDAL July 26, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_creds.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_creds.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_creds.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,92 +0,0 @@
-
-KRB5_GET_CREDS(3) BSD Library Functions Manual KRB5_GET_CREDS(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s, k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�ad�dd�d_�_o�op�pt�ti�io�on�ns�s, k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c,
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_f�fr�re�ee�e, k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_e�en�nc�ct�ty�yp�pe�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_i�im�mp�pe�er�rs�so�on�na�at�te�e, k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_o�op�pt�ti�io�on�ns�s,
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_t�ti�ic�ck�ke�et�t -- get credentials from the KDC
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�i_�n_�p_�r_�i_�n_�c,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�*_�o_�u_�t_�__�c_�r_�e_�d_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�ad�dd�d_�_o�op�pt�ti�io�on�ns�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_e�en�nc�ct�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_i�im�mp�pe�er�rs�so�on�na�at�te�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�s_�e_�l_�f);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_o�op�pt�ti�io�on�ns�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_t�ti�ic�ck�ke�et�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�o_�p_�t, _�c_�o_�n_�s_�t _�T_�i_�c_�k_�e_�t _�*_�t_�i_�c_�k_�e_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s() fetches credentials specified by _�o_�p_�t by first looking in
- the _�c_�c_�a_�c_�h_�e, and then it doesn't exists, fetch the credential from the KDC
- using the krbtgts in _�c_�c_�a_�c_�h_�e. The credential is returned in _�o_�u_�t_�__�c_�r_�e_�d_�s and
- should be freed using the function k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�cr�re�ed�ds�s().
-
- The structure krb5_get_creds_opt controls the behavior of
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s(). The structure is opaque to consumers that can set the
- content of the structure with accessors functions. All accessor functions
- make copies of the data that is passed into accessor functions, so exter-
- nal consumers free the memory before calling k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s().
-
- The structure krb5_get_creds_opt is allocated with
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c() and freed with k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_f�fr�re�ee�e(). The
- free function also frees the content of the structure set by the accessor
- functions.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�ad�dd�d_�_o�op�pt�ti�io�on�ns�s() and k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_o�op�pt�ti�io�on�ns�s()
- adds and sets options to the structure . The possible options to set are
- KRB5_GC_CACHED Only check the _�c_�c_�a_�c_�h_�e, don't got out on network to
- fetch credential.
- KRB5_GC_USER_USER request a user to user ticket. This options doesn't
- store the resulting user to user credential in the
- _�c_�c_�a_�c_�h_�e.
- KRB5_GC_EXPIRED_OK
- returns the credential even if it is expired, default
- behavior is trying to refetch the credential from the
- KDC.
- KRB5_GC_NO_STORE Do not store the resulting credentials in the _�c_�c_�a_�c_�h_�e.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_e�en�nc�ct�ty�yp�pe�e() sets the preferred encryption type of
- the application. Don't set this unless you have to since if there is no
- match in the KDC, the function call will fail.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_i�im�mp�pe�er�rs�so�on�na�at�te�e() sets the principal to impersonate.,
- Returns a ticket that have the impersonation principal as a client and
- the requestor as the service. Note that the requested principal have to
- be the same as the client principal in the krbtgt.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_t�ti�ic�ck�ke�et�t() sets the extra ticket used in user-to-
- user or contrained delegation use case.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_get_credentials(3), krb5.conf(5)
-
-HEIMDAL June 15, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_forwarded_creds.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,33 +0,0 @@
-
-KRB5_GET_FORWARDED_CR... BSD Library Functions Manual KRB5_GET_FORWARDED_CR...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s, k�kr�rb�b5�5_�_f�fw�wd�d_�_t�tg�gt�t_�_c�cr�re�ed�ds�s -- get forwarded credentials
- from the KDC
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�f_�l_�a_�g_�s,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�__�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fw�wd�d_�_t�tg�gt�t_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�c_�l_�i_�e_�n_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�s_�e_�r_�v_�e_�r,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�i_�n_�t _�f_�o_�r_�w_�a_�r_�d_�a_�b_�l_�e, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�__�d_�a_�t_�a);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_g�ge�et�t_�_f�fo�or�rw�wa�ar�rd�de�ed�d_�_c�cr�re�ed�ds�s() and k�kr�rb�b5�5_�_f�fw�wd�d_�_t�tg�gt�t_�_c�cr�re�ed�ds�s() get tickets forwarded
- to _�h_�o_�s_�t_�n_�a_�m_�e_�. If the tickets that are forwarded are address-less, the for-
- warded tickets will also be address-less, otherwise _�h_�o_�s_�t_�n_�a_�m_�e will be used
- for figure out the address to forward the ticket too.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_get_credentials(3), krb5.conf(5)
-
-HEIMDAL July 26, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_in_cred.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_in_cred.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_in_cred.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,132 +0,0 @@
-
-KRB5_GET_IN_TKT(3) BSD Library Functions Manual KRB5_GET_IN_TKT(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_p�pa�as�ss�sw�wo�or�rd�d,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_k�ke�ey�yt�ta�ab�b, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_s�sk�ke�ey�y,
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kd�dc�c_�_r�re�ep�p, k�kr�rb�b5�5_�_p�pa�as�ss�sw�wo�or�rd�d_�_k�ke�ey�y_�_p�pr�ro�oc�c -- deprecated initial authenti-
- cation functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�t_�y_�p_�e _�*_�p_�t_�y_�p_�e_�s, _�k_�r_�b_�5_�__�k_�e_�y_�__�p_�r_�o_�c _�k_�e_�y_�__�p_�r_�o_�c,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�o_�i_�n_�t_�e_�r _�k_�e_�y_�s_�e_�e_�d, _�k_�r_�b_�5_�__�d_�e_�c_�r_�y_�p_�t_�__�p_�r_�o_�c _�d_�e_�c_�r_�y_�p_�t_�__�p_�r_�o_�c,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�o_�i_�n_�t_�e_�r _�d_�e_�c_�r_�y_�p_�t_�a_�r_�g, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e,
- _�k_�r_�b_�5_�__�k_�d_�c_�__�r_�e_�p _�*_�r_�e_�t_�__�a_�s_�__�r_�e_�p_�l_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�t_�y_�p_�e _�*_�p_�t_�y_�p_�e_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�d_�a_�t_�a _�*_�p_�r_�e_�a_�u_�t_�h,
- _�k_�r_�b_�5_�__�k_�e_�y_�__�p_�r_�o_�c _�k_�e_�y_�__�p_�r_�o_�c, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�o_�i_�n_�t_�e_�r _�k_�e_�y_�s_�e_�e_�d,
- _�k_�r_�b_�5_�__�d_�e_�c_�r_�y_�p_�t_�__�p_�r_�o_�c _�d_�e_�c_�r_�y_�p_�t_�__�p_�r_�o_�c, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�o_�i_�n_�t_�e_�r _�d_�e_�c_�r_�y_�p_�t_�a_�r_�g,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�k_�d_�c_�__�r_�e_�p _�*_�r_�e_�t_�__�a_�s_�__�r_�e_�p_�l_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_p�pa�as�ss�sw�wo�or�rd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�t_�y_�p_�e _�*_�p_�r_�e_�__�a_�u_�t_�h_�__�t_�y_�p_�e_�s, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�k_�d_�c_�__�r_�e_�p _�*_�r_�e_�t_�__�a_�s_�__�r_�e_�p_�l_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_k�ke�ey�yt�ta�ab�b(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�t_�y_�p_�e _�*_�p_�r_�e_�__�a_�u_�t_�h_�__�t_�y_�p_�e_�s, _�k_�r_�b_�5_�__�k_�e_�y_�t_�a_�b _�k_�e_�y_�t_�a_�b,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�k_�d_�c_�__�r_�e_�p _�*_�r_�e_�t_�__�a_�s_�__�r_�e_�p_�l_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_s�sk�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e_�s,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�t_�y_�p_�e _�*_�p_�r_�e_�__�a_�u_�t_�h_�__�t_�y_�p_�e_�s, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�k_�d_�c_�__�r_�e_�p _�*_�r_�e_�t_�__�a_�s_�__�r_�e_�p_�l_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kd�dc�c_�_r�re�ep�p(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�d_�c_�__�r_�e_�p _�*_�r_�e_�p);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pa�as�ss�sw�wo�or�rd�d_�_k�ke�ey�y_�_p�pr�ro�oc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�t_�y_�p_�e,
- _�k_�r_�b_�5_�__�s_�a_�l_�t _�s_�a_�l_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�o_�i_�n_�t_�e_�r _�k_�e_�y_�s_�e_�e_�d, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�*_�k_�e_�y);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- _�A_�l_�l _�t_�h_�e _�f_�u_�n_�c_�t_�i_�o_�n_�s _�i_�n _�t_�h_�i_�s _�m_�a_�n_�u_�a_�l _�p_�a_�g_�e _�a_�r_�e _�d_�e_�p_�r_�e_�c_�a_�t_�e_�d _�i_�n _�t_�h_�e _�M_�I_�T _�i_�m_�p_�l_�e_�m_�e_�n_�-
- _�t_�a_�t_�i_�o_�n_�, _�a_�n_�d _�w_�i_�l_�l _�s_�o_�o_�n _�b_�e _�d_�e_�p_�r_�e_�c_�a_�t_�e_�d _�i_�n _�H_�e_�i_�m_�d_�a_�l _�t_�o_�o_�, _�d_�o_�n_�'_�t _�u_�s_�e _�t_�h_�e_�m_�.
-
- Getting initial credential ticket for a principal. k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d is
- the function all other krb5_get_in function uses to fetch tickets. The
- other krb5_get_in function are more specialized and therefor somewhat
- easier to use.
-
- If your need is only to verify a user and password, consider using
- krb5_verify_user(3) instead, it have a much simpler interface.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t and k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d fetches initial credential, queries
- after key using the _�k_�e_�y_�__�p_�r_�o_�c argument. The differences between the two
- function is that k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t stores the credential in a krb5_creds
- while k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d stores the credential in a krb5_ccache.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_p�pa�as�ss�sw�wo�or�rd�d, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_k�ke�ey�yt�ta�ab�b, and
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_s�sk�ke�ey�y does the same work as k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d but are
- more specialized.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_p�pa�as�ss�sw�wo�or�rd�d uses the clients password to authenticate.
- If the password argument is NULL the user user queried with the default
- password query function.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_k�ke�ey�yt�ta�ab�b searches the given keytab for a service entry
- for the client principal. If the keytab is NULL the default keytab is
- used.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t_�_w�wi�it�th�h_�_s�sk�ke�ey�y uses a key to get the initial credential.
-
- There are some common arguments to the krb5_get_in functions, these are:
-
- _�o_�p_�t_�i_�o_�n_�s are the KDC_OPT flags.
-
- _�e_�t_�y_�p_�e_�s is a NULL terminated array of encryption types that the client
- approves.
-
- _�a_�d_�d_�r_�s a list of the addresses that the initial ticket. If it is NULL the
- list will be generated by the library.
-
- _�p_�r_�e_�__�a_�u_�t_�h_�__�t_�y_�p_�e_�s a NULL terminated array of pre-authentication types. If
- _�p_�r_�e_�__�a_�u_�t_�h_�__�t_�y_�p_�e_�s is NULL the function will try without pre-authentication
- and return those pre-authentication that the KDC returned.
-
- _�r_�e_�t_�__�a_�s_�__�r_�e_�p_�l_�y will (if not NULL) be filled in with the response of the KDC
- and should be free with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kd�dc�c_�_r�re�ep�p().
-
- _�k_�e_�y_�__�p_�r_�o_�c is a pointer to a function that should return a key salted
- appropriately. Using NULL will use the default password query function.
-
- _�d_�e_�c_�r_�y_�p_�t_�__�p_�r_�o_�c Using NULL will use the default decryption function.
-
- _�d_�e_�c_�r_�y_�p_�t_�a_�r_�g will be passed to the decryption function _�d_�e_�c_�r_�y_�p_�t_�__�p_�r_�o_�c.
-
- _�c_�r_�e_�d_�s creds should be filled in with the template for a credential that
- should be requested. The client and server elements of the creds struc-
- ture must be filled in. Upon return of the function it will be contain
- the content of the requested credential (_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�__�c_�r_�e_�d), or it will be
- freed with krb5_free_creds(3) (all the other krb5_get_in functions).
-
- _�c_�c_�a_�c_�h_�e will store the credential in the credential cache _�c_�c_�a_�c_�h_�e. The
- credential cache will not be initialized, thats up the the caller.
-
- k�kr�rb�b5�5_�_p�pa�as�ss�sw�wo�or�rd�d_�_k�ke�ey�y_�_p�pr�ro�oc�c is a library function that is suitable using as
- the _�k_�r_�b_�5_�__�k_�e_�y_�__�p_�r_�o_�c argument to k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_c�cr�re�ed�d or k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�n_�_t�tk�kt�t.
- _�k_�e_�y_�s_�e_�e_�d should be a pointer to a NUL terminated string or NULL.
- k�kr�rb�b5�5_�_p�pa�as�ss�sw�wo�or�rd�d_�_k�ke�ey�y_�_p�pr�ro�oc�c will query the user for the pass on the console if
- the password isn't given as the argument _�k_�e_�y_�s_�e_�e_�d.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kd�dc�c_�_r�re�ep�p() frees the content of _�r_�e_�p.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_verify_user(3), krb5.conf(5), kerberos(8)
-
-HEIMDAL May 31, 2003 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_init_creds.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_init_creds.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_init_creds.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,245 +0,0 @@
-
-KRB5_GET_INIT_CREDS(3) BSD Library Functions Manual KRB5_GET_INIT_CREDS(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_k�ke�ey�yt�ta�ab�b, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_f�fr�re�ee�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_i�in�ni�it�t, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�s_�_l�li�is�st�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�sl�le�es�ss�s,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�an�no�on�ny�ym�mo�ou�us�s,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_d�de�ef�fa�au�ul�lt�t_�_f�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_e�et�ty�yp�pe�e_�_l�li�is�st�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pa�a_�_p�pa�as�ss�sw�wo�or�rd�d,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pa�aq�q_�_r�re�eq�qu�ue�es�st�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pr�re�ea�au�ut�th�h_�_l�li�is�st�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pr�ro�ox�xi�ia�ab�bl�le�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_r�re�en�ne�ew�w_�_l�li�if�fe�e, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_s�sa�al�lt�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_t�tk�kt�t_�_l�li�if�fe�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_c�ca�an�no�on�ni�ic�ca�al�li�iz�ze�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_w�wi�in�n2�2k�k, k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_p�pa�as�ss�sw�wo�or�rd�d,
- k�kr�rb�b5�5_�_p�pr�ro�om�mp�pt�t, k�kr�rb�b5�5_�_p�pr�ro�om�mp�pt�te�er�r_�_p�po�os�si�ix�x -- Kerberos 5 initial authentication
- functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t_�;
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_i�in�ni�it�t(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�s_�_l�li�is�st�t(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�sl�le�es�ss�s(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�a_�d_�d_�r_�e_�s_�s_�l_�e_�s_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�an�no�on�ny�ym�mo�ou�us�s(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�i_�n_�t _�a_�n_�o_�n_�y_�m_�o_�u_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_d�de�ef�fa�au�ul�lt�t_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�a_�p_�p_�n_�a_�m_�e, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_e�et�ty�yp�pe�e_�_l�li�is�st�t(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�*_�e_�t_�y_�p_�e_�__�l_�i_�s_�t, _�i_�n_�t _�e_�t_�y_�p_�e_�__�l_�i_�s_�t_�__�l_�e_�n_�g_�t_�h);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�i_�n_�t _�f_�o_�r_�w_�a_�r_�d_�a_�b_�l_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pa�a_�_p�pa�as�ss�sw�wo�or�rd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d,
- _�k_�r_�b_�5_�__�s_�2_�k_�__�p_�r_�o_�c _�k_�e_�y_�__�p_�r_�o_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pa�aq�q_�_r�re�eq�qu�ue�es�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�r_�e_�q_�__�p_�a_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pk�ki�in�ni�it�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�c_�e_�r_�t_�__�f_�i_�l_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�k_�e_�y_�__�f_�i_�l_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�x_�5_�0_�9_�__�a_�n_�c_�h_�o_�r_�s, _�i_�n_�t _�f_�l_�a_�g_�s,
- _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pr�re�ea�au�ut�th�h_�_l�li�is�st�t(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�p_�r_�e_�a_�u_�t_�h_�t_�y_�p_�e _�*_�p_�r_�e_�a_�u_�t_�h_�__�l_�i_�s_�t, _�i_�n_�t _�p_�r_�e_�a_�u_�t_�h_�__�l_�i_�s_�t_�__�l_�e_�n_�g_�t_�h);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pr�ro�ox�xi�ia�ab�bl�le�e(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�i_�n_�t _�p_�r_�o_�x_�i_�a_�b_�l_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_r�re�en�ne�ew�w_�_l�li�if�fe�e(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�r_�e_�n_�e_�w_�__�l_�i_�f_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_s�sa�al�lt�t(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�s_�a_�l_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_t�tk�kt�t_�_l�li�if�fe�e(_�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t,
- _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�t_�k_�t_�__�l_�i_�f_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_c�ca�an�no�on�ni�ic�ca�al�li�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�r_�e_�q);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_w�wi�in�n2�2k�k(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�r_�e_�q);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�c_�l_�i_�e_�n_�t, _�k_�r_�b_�5_�__�p_�r_�o_�m_�p_�t_�e_�r_�__�f_�c_�t _�p_�r_�o_�m_�p_�t_�e_�r,
- _�v_�o_�i_�d _�*_�p_�r_�o_�m_�p_�t_�e_�r_�__�d_�a_�t_�a, _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�s_�t_�a_�r_�t_�__�t_�i_�m_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�n_�__�t_�k_�t_�__�s_�e_�r_�v_�i_�c_�e, _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t_�i_�o_�n_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_p�pa�as�ss�sw�wo�or�rd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�c_�l_�i_�e_�n_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d,
- _�k_�r_�b_�5_�__�p_�r_�o_�m_�p_�t_�e_�r_�__�f_�c_�t _�p_�r_�o_�m_�p_�t_�e_�r, _�v_�o_�i_�d _�*_�p_�r_�o_�m_�p_�t_�e_�r_�__�d_�a_�t_�a,
- _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�s_�t_�a_�r_�t_�__�t_�i_�m_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�n_�__�t_�k_�t_�__�s_�e_�r_�v_�i_�c_�e,
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�i_�n_�__�o_�p_�t_�i_�o_�n_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_k�ke�ey�yt�ta�ab�b(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�c_�l_�i_�e_�n_�t, _�k_�r_�b_�5_�__�k_�e_�y_�t_�a_�b _�k_�e_�y_�t_�a_�b, _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�s_�t_�a_�r_�t_�__�t_�i_�m_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�i_�n_�__�t_�k_�t_�__�s_�e_�r_�v_�i_�c_�e, _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t_�i_�o_�n_�s);
-
- _�i_�n_�t
- k�kr�rb�b5�5_�_p�pr�ro�om�mp�pt�te�er�r_�_p�po�os�si�ix�x(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�v_�o_�i_�d _�*_�d_�a_�t_�a, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�b_�a_�n_�n_�e_�r, _�i_�n_�t _�n_�u_�m_�__�p_�r_�o_�m_�p_�t_�s, _�k_�r_�b_�5_�__�p_�r_�o_�m_�p_�t _�p_�r_�o_�m_�p_�t_�s_�[_�]);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Getting initial credential ticket for a principal. That may include
- changing an expired password, and doing preauthentication. This inter-
- face that replaces the deprecated _�k_�r_�b_�5_�__�i_�n_�__�t_�k_�t and _�k_�r_�b_�5_�__�i_�n_�__�c_�r_�e_�d functions.
-
- If you only want to verify a username and password, consider using
- krb5_verify_user(3) instead, since it also verifies that initial creden-
- tials with using a keytab to make sure the response was from the KDC.
-
- First a krb5_get_init_creds_opt structure is initialized with
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c() or k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_i�in�ni�it�t().
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_a�al�ll�lo�oc�c() allocates a extendible structures that
- needs to be freed with k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_f�fr�re�ee�e(). The structure may
- be modified by any of the k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t() functions to
- change request parameters and authentication information.
-
- If the caller want to use the default options, NULL can be passed
- instead.
-
- The the actual request to the KDC is done by any of the
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s(), k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_p�pa�as�ss�sw�wo�or�rd�d(), or
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_k�ke�ey�yt�ta�ab�b() functions. k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s() is the
- least specialized function and can, with the right in data, behave like
- the latter two. The latter two are there for compatibility with older
- releases and they are slightly easier to use.
-
- krb5_prompt is a structure containing the following elements:
-
- typedef struct {
- const char *prompt;
- int hidden;
- krb5_data *reply;
- krb5_prompt_type type
- } krb5_prompt;
-
- _�p_�r_�o_�m_�p_�t is the prompt that should shown to the user If _�h_�i_�d_�d_�e_�n is set, the
- prompter function shouldn't echo the output to the display device. _�r_�e_�p_�l_�y
- must be preallocated; it will not be allocated by the prompter function.
- Possible values for the _�t_�y_�p_�e element are:
-
- KRB5_PROMPT_TYPE_PASSWORD
- KRB5_PROMPT_TYPE_NEW_PASSWORD
- KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN
- KRB5_PROMPT_TYPE_PREAUTH
- KRB5_PROMPT_TYPE_INFO
-
- k�kr�rb�b5�5_�_p�pr�ro�om�mp�pt�te�er�r_�_p�po�os�si�ix�x() is the default prompter function in a POSIX envi-
- ronment. It matches the _�k_�r_�b_�5_�__�p_�r_�o_�m_�p_�t_�e_�r_�__�f_�c_�t and can be used in the
- _�k_�r_�b_�5_�__�g_�e_�t_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s functions. k�kr�rb�b5�5_�_p�pr�ro�om�mp�pt�te�er�r_�_p�po�os�si�ix�x() doesn't require
- _�p_�r_�o_�m_�p_�t_�e_�r_�__�d_�a_�t_�a_�.
-
- If the _�s_�t_�a_�r_�t_�__�t_�i_�m_�e is zero, then the requested ticket will be valid begin-
- ning immediately. Otherwise, the _�s_�t_�a_�r_�t_�__�t_�i_�m_�e indicates how far in the
- future the ticket should be postdated.
-
- If the _�i_�n_�__�t_�k_�t_�__�s_�e_�r_�v_�i_�c_�e name is non-NULL, that principal name will be used
- as the server name for the initial ticket request. The realm of the name
- specified will be ignored and will be set to the realm of the client
- name. If no in_tkt_service name is specified, krbtgt/CLIENT-
- REALM at CLIENT-REALM will be used.
-
- For the rest of arguments, a configuration or library default will be
- used if no value is specified in the options structure.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�s_�_l�li�is�st�t() sets the list of _�a_�d_�d_�r_�e_�s_�s_�e_�s
- that is should be stored in the ticket.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�sl�le�es�ss�s() controls if the ticket is
- requested with addresses or not,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ad�dd�dr�re�es�ss�s_�_l�li�is�st�t() overrides this option.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�an�no�on�ny�ym�mo�ou�us�s() make the request anonymous if the
- _�a_�n_�o_�n_�y_�m_�o_�u_�s parameter is non-zero.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_d�de�ef�fa�au�ul�lt�t_�_f�fl�la�ag�gs�s() sets the default flags using
- the configuration file.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_e�et�ty�yp�pe�e_�_l�li�is�st�t() set a list of enctypes that the
- client is willing to support in the request.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e() request a forwardable ticket.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pa�a_�_p�pa�as�ss�sw�wo�or�rd�d() set the _�p_�a_�s_�s_�w_�o_�r_�d and _�k_�e_�y_�__�p_�r_�o_�c
- that is going to be used to get a new ticket. _�p_�a_�s_�s_�w_�o_�r_�d or _�k_�e_�y_�__�p_�r_�o_�c can
- be NULL if the caller wants to use the default values. If the _�p_�a_�s_�s_�w_�o_�r_�d
- is unset and needed, the user will be prompted for it.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pa�aq�q_�_r�re�eq�qu�ue�es�st�t() sets the password that is going
- to be used to get a new ticket.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pr�re�ea�au�ut�th�h_�_l�li�is�st�t() sets the list of client-sup-
- ported preauth types.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_p�pr�ro�ox�xi�ia�ab�bl�le�e() makes the request proxiable.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_r�re�en�ne�ew�w_�_l�li�if�fe�e() sets the requested renewable
- lifetime.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_s�sa�al�lt�t() sets the salt that is going to be used
- in the request.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_t�tk�kt�t_�_l�li�if�fe�e() sets requested ticket lifetime.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_c�ca�an�no�on�ni�ic�ca�al�li�iz�ze�e() requests that the KDC canoni-
- calize the client pricipal if possible.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_w�wi�in�n2�2k�k() turns on compatibility with Windows
- 2000.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_creds(3), krb5_verify_user(3), krb5.conf(5), kerberos(8)
-
-HEIMDAL Sep 16, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_get_krbhst.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_get_krbhst.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_get_krbhst.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,56 +0,0 @@
-
-KRB5_GET_KRBHST(3) BSD Library Functions Manual KRB5_GET_KRBHST(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�bh�hs�st�t, k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�b_�_a�ad�dm�mi�in�n_�_h�hs�st�t, k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�b_�_c�ch�ha�an�ng�ge�ep�pw�w_�_h�hs�st�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�b5�52�24�4h�hs�st�t, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kr�rb�bh�hs�st�t -- lookup Kerberos KDC hosts
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�bh�hs�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m,
- _�c_�h_�a_�r _�*_�*_�*_�h_�o_�s_�t_�l_�i_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�b_�_a�ad�dm�mi�in�n_�_h�hs�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m,
- _�c_�h_�a_�r _�*_�*_�*_�h_�o_�s_�t_�l_�i_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�b_�_c�ch�ha�an�ng�ge�ep�pw�w_�_h�hs�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m,
- _�c_�h_�a_�r _�*_�*_�*_�h_�o_�s_�t_�l_�i_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kr�rb�b5�52�24�4h�hs�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m,
- _�c_�h_�a_�r _�*_�*_�*_�h_�o_�s_�t_�l_�i_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kr�rb�bh�hs�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�h_�a_�r _�*_�*_�h_�o_�s_�t_�l_�i_�s_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions implement the old API to get a list of Kerberos hosts,
- and are thus similar to the k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t() functions. However, since
- these functions returns _�a_�l_�l hosts in one go, they potentially have to do
- more lookups than necessary. These functions remain for compatibility
- reasons.
-
- After a call to one of these functions, _�h_�o_�s_�t_�l_�i_�s_�t is a NULL terminated
- list of strings, pointing to the requested Kerberos hosts. These should
- be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�kr�rb�bh�hs�st�t() when done with.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- The following code will print the KDCs of the realm ``MY.REALM''.
-
- char **hosts, **p;
- krb5_get_krbhst(context, "MY.REALM", &hosts);
- for(p = hosts; *p; p++)
- printf("%s\n", *p);
- krb5_free_krbhst(context, hosts);
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_krbhst_init(3)
-
-HEIMDAL April 24, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_getportbyname.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_getportbyname.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_getportbyname.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,29 +0,0 @@
-
-NAME(3) BSD Library Functions Manual NAME(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�tp�po�or�rt�tb�by�yn�na�am�me�e -- get port number by name
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�i_�n_�t
- k�kr�rb�b5�5_�_g�ge�et�tp�po�or�rt�tb�by�yn�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�e_�r_�v_�i_�c_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�r_�o_�t_�o, _�i_�n_�t _�d_�e_�f_�a_�u_�l_�t_�__�p_�o_�r_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_g�ge�et�tp�po�or�rt�tb�by�yn�na�am�me�e() gets the port number for _�s_�e_�r_�v_�i_�c_�e _�/ _�p_�r_�o_�t_�o pair from
- the global service table for and returns it in network order. If it
- isn't found in the global table, the _�d_�e_�f_�a_�u_�l_�t_�__�p_�o_�r_�t (given in host order)
- is returned.
-
-E�EX�XA�AM�MP�PL�LE�E
- int port = krb5_getportbyname(context, "kerberos", "tcp", 88);
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3)
-
-HEIMDAL August 15, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_init_context.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_init_context.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_init_context.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,185 +0,0 @@
-
-KRB5_CONTEXT(3) BSD Library Functions Manual KRB5_CONTEXT(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_a�ad�dd�d_�_e�et�t_�_l�li�is�st�t, k�kr�rb�b5�5_�_a�ad�dd�d_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s, k�kr�rb�b5�5_�_a�ad�dd�d_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s,
- k�kr�rb�b5�5_�_c�co�on�nt�te�ex�xt�t, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nt�te�ex�xt�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s, k�kr�rb�b5�5_�_g�ge�et�t_�_d�dn�ns�s_�_c�ca�an�no�on�ni�iz�ze�e_�_h�ho�os�st�tn�na�am�me�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s, k�kr�rb�b5�5_�_g�ge�et�t_�_f�fc�ca�ac�ch�he�e_�_v�ve�er�rs�si�io�on�n,
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s, k�kr�rb�b5�5_�_g�ge�et�t_�_k�kd�dc�c_�_s�se�ec�c_�_o�of�ff�fs�se�et�t,
- k�kr�rb�b5�5_�_g�ge�et�t_�_m�ma�ax�x_�_t�ti�im�me�e_�_s�sk�ke�ew�w, k�kr�rb�b5�5_�_g�ge�et�t_�_u�us�se�e_�_a�ad�dm�mi�in�n_�_k�kd�dc�c k�kr�rb�b5�5_�_i�in�ni�it�t_�_c�co�on�nt�te�ex�xt�t,
- k�kr�rb�b5�5_�_i�in�ni�it�t_�_e�et�ts�s, k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s,
- k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s_�_d�de�ef�fa�au�ul�lt�t, k�kr�rb�b5�5_�_s�se�et�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s,
- k�kr�rb�b5�5_�_s�se�et�t_�_d�dn�ns�s_�_c�ca�an�no�on�ni�iz�ze�e_�_h�ho�os�st�tn�na�am�me�e, k�kr�rb�b5�5_�_s�se�et�t_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s,
- k�kr�rb�b5�5_�_s�se�et�t_�_f�fc�ca�ac�ch�he�e_�_v�ve�er�rs�si�io�on�n, k�kr�rb�b5�5_�_s�se�et�t_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s,
- k�kr�rb�b5�5_�_s�se�et�t_�_m�ma�ax�x_�_t�ti�im�me�e_�_s�sk�ke�ew�w, k�kr�rb�b5�5_�_s�se�et�t_�_u�us�se�e_�_a�ad�dm�mi�in�n_�_k�kd�dc�c, -- create, modify and
- delete krb5_context structures
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- struct krb5_context;
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_i�in�ni�it�t_�_c�co�on�nt�te�ex�xt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�*_�c_�o_�n_�t_�e_�x_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nt�te�ex�xt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_i�in�ni�it�t_�_e�et�ts�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ad�dd�d_�_e�et�t_�_l�li�is�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�v_�o_�i_�d _�(_�*_�f_�u_�n_�c_�)_�(_�s_�t_�r_�u_�c_�t _�e_�t_�__�l_�i_�s_�t _�*_�*_�));
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ad�dd�d_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ad�dd�d_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�d_�d_�r_�e_�s_�s_�e_�s _�*_�a_�d_�d_�r_�e_�s_�s_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_f�fc�ca�ac�ch�he�e_�_v�ve�er�rs�si�io�on�n(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t _�v_�e_�r_�s_�i_�o_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_f�fc�ca�ac�ch�he�e_�_v�ve�er�rs�si�io�on�n(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t _�*_�v_�e_�r_�s_�i_�o_�n);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_s�se�et�t_�_d�dn�ns�s_�_c�ca�an�no�on�ni�iz�ze�e_�_h�ho�os�st�tn�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�f_�l_�a_�g);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�dn�ns�s_�_c�ca�an�no�on�ni�iz�ze�e_�_h�ho�os�st�tn�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kd�dc�c_�_s�se�ec�c_�_o�of�ff�fs�se�et�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t_�3_�2_�__�t _�*_�s_�e_�c,
- _�i_�n_�t_�3_�2_�__�t _�*_�u_�s_�e_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�h_�a_�r _�*_�*_�f_�i_�l_�e_�n_�a_�m_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s(_�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�i_�l_�e_�l_�i_�s_�t, _�c_�h_�a_�r _�*_�*_�p_�q,
- _�c_�h_�a_�r _�*_�*_�*_�r_�e_�t_�__�p_�p);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s_�_d�de�ef�fa�au�ul�lt�t(_�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�i_�l_�e_�l_�i_�s_�t,
- _�c_�h_�a_�r _�*_�*_�*_�p_�f_�i_�l_�e_�n_�a_�m_�e_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s(_�c_�h_�a_�r _�*_�*_�*_�p_�f_�i_�l_�e_�n_�a_�m_�e_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s(_�c_�h_�a_�r _�*_�*_�f_�i_�l_�e_�n_�a_�m_�e_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_s�se�et�t_�_u�us�se�e_�_a�ad�dm�mi�in�n_�_k�kd�dc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�f_�l_�a_�g);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_g�ge�et�t_�_u�us�se�e_�_a�ad�dm�mi�in�n_�_k�kd�dc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�t_�i_�m_�e_�__�t
- k�kr�rb�b5�5_�_g�ge�et�t_�_m�ma�ax�x_�_t�ti�im�me�e_�_s�sk�ke�ew�w(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_m�ma�ax�x_�_t�ti�im�me�e_�_s�sk�ke�ew�w(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�t_�i_�m_�e_�__�t _�t_�i_�m_�e);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kr�rb�b5�5_�_i�in�ni�it�t_�_c�co�on�nt�te�ex�xt�t() function initializes the _�c_�o_�n_�t_�e_�x_�t structure and
- reads the configuration file _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�c_�o_�n_�f.
-
- The structure should be freed by calling k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nt�te�ex�xt�t() when it is
- no longer being used.
-
- k�kr�rb�b5�5_�_i�in�ni�it�t_�_c�co�on�nt�te�ex�xt�t() returns 0 to indicate success. Otherwise an errno
- code is returned. Failure means either that something bad happened dur-
- ing initialization (typically [ENOMEM]) or that Kerberos should not be
- used [ENXIO].
-
- k�kr�rb�b5�5_�_i�in�ni�it�t_�_e�et�ts�s() adds all com_err(3) libs to _�c_�o_�n_�t_�e_�x_�t. This is done by
- k�kr�rb�b5�5_�_i�in�ni�it�t_�_c�co�on�nt�te�ex�xt�t().
-
- k�kr�rb�b5�5_�_a�ad�dd�d_�_e�et�t_�_l�li�is�st�t() adds a com_err(3) error-code handler _�f_�u_�n_�c to the spec-
- ified _�c_�o_�n_�t_�e_�x_�t. The error handler must generated by the the re-rentrant
- version of the compile_et(1) program. k�kr�rb�b5�5_�_a�ad�dd�d_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s() add a
- list of addresses that should be added when requesting tickets.
-
- k�kr�rb�b5�5_�_a�ad�dd�d_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s() add a list of addresses that should be
- ignored when requesting tickets.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s() get the list of addresses that should be added
- when requesting tickets.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s() get the list of addresses that should be
- ignored when requesting tickets.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_i�ig�gn�no�or�re�e_�_a�ad�dd�dr�re�es�ss�se�es�s() set the list of addresses that should be
- ignored when requesting tickets.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_e�ex�xt�tr�ra�a_�_a�ad�dd�dr�re�es�ss�se�es�s() set the list of addresses that should be added
- when requesting tickets.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_f�fc�ca�ac�ch�he�e_�_v�ve�er�rs�si�io�on�n() sets the version of file credentials caches
- that should be used.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_f�fc�ca�ac�ch�he�e_�_v�ve�er�rs�si�io�on�n() gets the version of file credentials caches
- that should be used.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_d�dn�ns�s_�_c�ca�an�no�on�ni�iz�ze�e_�_h�ho�os�st�tn�na�am�me�e() sets if the context is configured to
- canonicalize hostnames using DNS.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�dn�ns�s_�_c�ca�an�no�on�ni�iz�ze�e_�_h�ho�os�st�tn�na�am�me�e() returns if the context is configured to
- canonicalize hostnames using DNS.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_k�kd�dc�c_�_s�se�ec�c_�_o�of�ff�fs�se�et�t() returns the offset between the localtime and
- the KDC's time. _�s_�e_�c and _�u_�s_�e_�c are both optional argument and NULL can be
- passed in.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s() set the list of configuration files to use and
- re-initialize the configuration from the files.
-
- k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s() parse the _�f_�i_�l_�e_�l_�i_�s_�t and prepend the result to
- the already existing list _�p_�q The result is returned in _�r_�e_�t_�__�p_�p and should
- be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s().
-
- k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s_�_d�de�ef�fa�au�ul�lt�t() parse the _�f_�i_�l_�e_�l_�i_�s_�t and append that to
- the default list of configuration files.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s() get a list of default configuration
- files.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s() free a list of configuration files returned by
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s(), k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s_�_d�de�ef�fa�au�ul�lt�t(), or
- k�kr�rb�b5�5_�_p�pr�re�ep�pe�en�nd�d_�_c�co�on�nf�fi�ig�g_�_f�fi�il�le�es�s().
-
- k�kr�rb�b5�5_�_s�se�et�t_�_u�us�se�e_�_a�ad�dm�mi�in�n_�_k�kd�dc�c() sets if all KDC requests should go admin KDC.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_u�us�se�e_�_a�ad�dm�mi�in�n_�_k�kd�dc�c() gets if all KDC requests should go admin KDC.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_m�ma�ax�x_�_t�ti�im�me�e_�_s�sk�ke�ew�w() and k�kr�rb�b5�5_�_s�se�et�t_�_m�ma�ax�x_�_t�ti�im�me�e_�_s�sk�ke�ew�w() get and sets the
- maximum allowed time skew between client and server.
-
-S�SE�EE�E A�AL�LS�SO�O
- errno(2), krb5(3), krb5_config(3), krb5_context(3), kerberos(8)
-
-HEIMDAL December 8, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_is_thread_safe.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_is_thread_safe.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_is_thread_safe.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,26 +0,0 @@
-
-KRB5_IS_THREAD_SAFE(3) BSD Library Functions Manual KRB5_IS_THREAD_SAFE(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_i�is�s_�_t�th�hr�re�ea�ad�d_�_s�sa�af�fe�e -- is the Kerberos library compiled with multithread
- support
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_i�is�s_�_t�th�hr�re�ea�ad�d_�_s�sa�af�fe�e(_�v_�o_�i_�d);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_i�is�s_�_t�th�hr�re�ea�ad�d_�_s�sa�af�fe�e returns TRUE if the library was compiled with with
- multithread support. If the library isn't compiled, the consumer have to
- use a global lock to make sure Kerboros functions are not called at the
- same time by different threads.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_create_checksum(3), krb5_encrypt(3)
-
-HEIMDAL May 5, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_krbhst_init.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_krbhst_init.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_krbhst_init.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,119 +0,0 @@
-
-KRB5_KRBHST_INIT(3) BSD Library Functions Manual KRB5_KRBHST_INIT(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t_�_f�fl�la�ag�gs�s, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t,
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t_�_a�as�s_�_s�st�tr�ri�in�ng�g, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_r�re�es�se�et�t, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_f�fr�re�ee�e,
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_f�fo�or�rm�ma�at�t_�_s�st�tr�ri�in�ng�g, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_g�ge�et�t_�_a�ad�dd�dr�ri�in�nf�fo�o -- lookup Kerberos
- KDC hosts
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m,
- _�u_�n_�s_�i_�g_�n_�e_�d _�i_�n_�t _�t_�y_�p_�e, _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�h_�a_�n_�d_�l_�e _�*_�h_�a_�n_�d_�l_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m,
- _�u_�n_�s_�i_�g_�n_�e_�d _�i_�n_�t _�t_�y_�p_�e, _�i_�n_�t _�f_�l_�a_�g_�s, _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�h_�a_�n_�d_�l_�e _�*_�h_�a_�n_�d_�l_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�h_�a_�n_�d_�l_�e _�h_�a_�n_�d_�l_�e,
- _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�i_�n_�f_�o _�*_�*_�h_�o_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t_�_a�as�s_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�h_�a_�n_�d_�l_�e _�h_�a_�n_�d_�l_�e, _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e, _�s_�i_�z_�e_�__�t _�h_�o_�s_�t_�l_�e_�n);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_r�re�es�se�et�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�h_�a_�n_�d_�l_�e _�h_�a_�n_�d_�l_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�h_�a_�n_�d_�l_�e _�h_�a_�n_�d_�l_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_f�fo�or�rm�ma�at�t_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�i_�n_�f_�o _�*_�h_�o_�s_�t, _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e, _�s_�i_�z_�e_�__�t _�h_�o_�s_�t_�l_�e_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_g�ge�et�t_�_a�ad�dd�dr�ri�in�nf�fo�o(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�i_�n_�f_�o _�*_�h_�o_�s_�t,
- _�s_�t_�r_�u_�c_�t _�a_�d_�d_�r_�i_�n_�f_�o _�*_�*_�a_�i);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions are used to sequence through all Kerberos hosts of a par-
- ticular realm and service. The service type can be the KDCs, the adminis-
- trative servers, the password changing servers, or the servers for Ker-
- beros 4 ticket conversion.
-
- First a handle to a particular service is obtained by calling
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t() (or k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t_�_f�fl�la�ag�gs�s()) with the _�r_�e_�a_�l_�m of inter-
- est and the type of service to lookup. The _�t_�y_�p_�e can be one of:
-
- KRB5_KRBHST_KDC
- KRB5_KRBHST_ADMIN
- KRB5_KRBHST_CHANGEPW
- KRB5_KRBHST_KRB524
-
- The _�h_�a_�n_�d_�l_�e is returned to the caller, and should be passed to the other
- functions.
-
- The _�f_�l_�a_�g argument to k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_i�in�ni�it�t_�_f�fl�la�ag�gs�s is the same flags as
- k�kr�rb�b5�5_�_s�se�en�nd�d_�_t�to�o_�_k�kd�dc�c_�_f�fl�la�ag�gs�s() uses. Possible values are:
-
- KRB5_KRBHST_FLAGS_MASTER only talk to master (readwrite) KDC
- KRB5_KRBHST_FLAGS_LARGE_MSG this is a large message, so use trans-
- port that can handle that.
-
- For each call to k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t() information on a new host is
- returned. The former function returns in _�h_�o_�s_�t a pointer to a structure
- containing information about the host, such as protocol, hostname, and
- port:
-
- typedef struct krb5_krbhst_info {
- enum { KRB5_KRBHST_UDP,
- KRB5_KRBHST_TCP,
- KRB5_KRBHST_HTTP } proto;
- unsigned short port;
- struct addrinfo *ai;
- struct krb5_krbhst_info *next;
- char hostname[1];
- } krb5_krbhst_info;
-
- The related function, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t_�_a�as�s_�_s�st�tr�ri�in�ng�g(), return the same
- information as a URL-like string.
-
- When there are no more hosts, these functions return KRB5_KDC_UNREACH.
-
- To re-iterate over all hosts, call k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_r�re�es�se�et�t() and the next call
- to k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_n�ne�ex�xt�t() will return the first host.
-
- When done with the handle, k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_f�fr�re�ee�e() should be called.
-
- To use a _�k_�r_�b_�5_�__�k_�r_�b_�h_�s_�t_�__�i_�n_�f_�o, there are two functions:
- k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_f�fo�or�rm�ma�at�t_�_s�st�tr�ri�in�ng�g() that will return a printable representation
- of that struct and k�kr�rb�b5�5_�_k�kr�rb�bh�hs�st�t_�_g�ge�et�t_�_a�ad�dd�dr�ri�in�nf�fo�o() that will return a _�s_�t_�r_�u_�c_�t
- _�a_�d_�d_�r_�i_�n_�f_�o that can then be used for communicating with the server men-
- tioned.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- The following code will print the KDCs of the realm ``MY.REALM'':
-
- krb5_krbhst_handle handle;
- char host[MAXHOSTNAMELEN];
- krb5_krbhst_init(context, "MY.REALM", KRB5_KRBHST_KDC, &handle);
- while(krb5_krbhst_next_as_string(context, handle,
- host, sizeof(host)) == 0)
- printf("%s\n", host);
- krb5_krbhst_free(context, handle);
-
-S�SE�EE�E A�AL�LS�SO�O
- getaddrinfo(3), krb5_get_krbhst(3), krb5_send_to_kdc_flags(3)
-
-H�HI�IS�ST�TO�OR�RY�Y
- These functions first appeared in Heimdal 0.3g.
-
-HEIMDAL May 10, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_mk_req.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_mk_req.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_mk_req.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,89 +0,0 @@
-
-KRB5_MK_REQ(3) BSD Library Functions Manual KRB5_MK_REQ(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q, k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q_�_e�ex�xa�ac�ct�t, k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q_�_e�ex�xt�te�en�nd�de�ed�d, k�kr�rb�b5�5_�_r�rd�d_�_r�re�eq�q,
- k�kr�rb�b5�5_�_r�rd�d_�_r�re�eq�q_�_w�wi�it�th�h_�_k�ke�ey�yb�bl�lo�oc�ck�k, k�kr�rb�b5�5_�_m�mk�k_�_r�re�ep�p, k�kr�rb�b5�5_�_m�mk�k_�_r�re�ep�p_�_e�ex�xa�ac�ct�t,
- k�kr�rb�b5�5_�_m�mk�k_�_r�re�ep�p_�_e�ex�xt�te�en�nd�de�ed�d, k�kr�rb�b5�5_�_r�rd�d_�_r�re�ep�p, k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_a�ap�p_�_r�re�eq�q, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_a�ap�p_�_r�re�eq�q
- -- create and read application authentication request
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�a_�p_�__�r_�e_�q_�__�o_�p_�t_�i_�o_�n_�s, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�e_�r_�v_�i_�c_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�__�d_�a_�t_�a, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�b_�u_�f);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q_�_e�ex�xt�te�en�nd�de�ed�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�a_�p_�__�r_�e_�q_�__�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�__�d_�a_�t_�a, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�i_�n_�__�c_�r_�e_�d_�s, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�b_�u_�f);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rd�d_�_r�re�eq�q(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�b_�u_�f, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�s_�e_�r_�v_�e_�r,
- _�k_�r_�b_�5_�__�k_�e_�y_�t_�a_�b _�k_�e_�y_�t_�a_�b, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�*_�a_�p_�__�r_�e_�q_�__�o_�p_�t_�i_�o_�n_�s,
- _�k_�r_�b_�5_�__�t_�i_�c_�k_�e_�t _�*_�*_�t_�i_�c_�k_�e_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_a�ap�p_�_r�re�eq�q(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�a_�p_�__�o_�p_�t_�i_�o_�n_�s, _�k_�r_�b_�5_�__�d_�a_�t_�a _�a_�u_�t_�h_�e_�n_�t_�i_�c_�a_�t_�o_�r,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�t_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_a�ap�p_�_r�re�eq�q(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�*_�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�a_�p_�__�r_�e_�q _�*_�a_�p_�__�r_�e_�q, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�s_�e_�r_�v_�e_�r,
- _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y_�b_�l_�o_�c_�k, _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�f_�l_�a_�g_�s,
- _�k_�r_�b_�5_�__�f_�l_�a_�g_�s _�*_�a_�p_�__�r_�e_�q_�__�o_�p_�t_�i_�o_�n_�s, _�k_�r_�b_�5_�__�t_�i_�c_�k_�e_�t _�*_�*_�t_�i_�c_�k_�e_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The functions documented in this manual page document the functions that
- facilitates the exchange between a Kerberos client and server. They are
- the core functions used in the authentication exchange between the client
- and the server.
-
- The k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q and k�kr�rb�b5�5_�_m�mk�k_�_r�re�eq�q_�_e�ex�xt�te�en�nd�de�ed�d creates the Kerberos message
- KRB_AP_REQ that is sent from the client to the server as the first packet
- in a client/server exchange. The result that should be sent to server is
- stored in _�o_�u_�t_�b_�u_�f.
-
- _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t should be allocated with k�kr�rb�b5�5_�_a�au�ut�th�h_�_c�co�on�n_�_i�in�ni�it�t() or NULL passed
- in, in that case, it will be allocated and freed internally.
-
- The input data _�i_�n_�__�d_�a_�t_�a will have a checksum calculated over it and check-
- sum will be transported in the message to the server.
-
- _�a_�p_�__�r_�e_�q_�__�o_�p_�t_�i_�o_�n_�s can be set to one or more of the following flags:
-
- AP_OPTS_USE_SESSION_KEY
- Use the session key when creating the request, used for user to
- user authentication.
-
- AP_OPTS_MUTUAL_REQUIRED
- Mark the request as mutual authenticate required so that the
- receiver returns a mutual authentication packet.
-
- The k�kr�rb�b5�5_�_r�rd�d_�_r�re�eq�q read the AP_REQ in _�i_�n_�b_�u_�f and verify and extract the con-
- tent. If _�s_�e_�r_�v_�e_�r is specified, that server will be fetched from the
- _�k_�e_�y_�t_�a_�b and used unconditionally. If _�s_�e_�r_�v_�e_�r is NULL, the _�k_�e_�y_�t_�a_�b will be
- search for a matching principal.
-
- The _�k_�e_�y_�t_�a_�b argument specifies what keytab to search for receiving princi-
- pals. The arguments _�a_�p_�__�r_�e_�q_�__�o_�p_�t_�i_�o_�n_�s and _�t_�i_�c_�k_�e_�t returns the content.
-
- When the AS-REQ is a user to user request, neither of _�k_�e_�y_�t_�a_�b or _�p_�r_�i_�n_�c_�i_�p_�a_�l
- are used, instead k�kr�rb�b5�5_�_r�rd�d_�_r�re�eq�q() expects the session key to be set in
- _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t.
-
- The k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_a�ap�p_�_r�re�eq�q and k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_a�ap�p_�_r�re�eq�q both constructs and verify
- the AP_REQ message, should not be used by external code.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5.conf(5)
-
-HEIMDAL August 27, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_mk_safe.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_mk_safe.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_mk_safe.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-
-KRB5_MK_SAFE(3) BSD Library Functions Manual KRB5_MK_SAFE(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_m�mk�k_�_s�sa�af�fe�e, k�kr�rb�b5�5_�_m�mk�k_�_p�pr�ri�iv�v -- generates integrity protected and/or
- encrypted messages
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_m�mk�k_�_p�pr�ri�iv�v(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�u_�s_�e_�r_�d_�a_�t_�a, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�b_�u_�f,
- _�k_�r_�b_�5_�__�r_�e_�p_�l_�a_�y_�__�d_�a_�t_�a _�*_�o_�u_�t_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_m�mk�k_�_s�sa�af�fe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�u_�s_�e_�r_�d_�a_�t_�a, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�b_�u_�f,
- _�k_�r_�b_�5_�__�r_�e_�p_�l_�a_�y_�__�d_�a_�t_�a _�*_�o_�u_�t_�d_�a_�t_�a);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_m�mk�k_�_s�sa�af�fe�e() and k�kr�rb�b5�5_�_m�mk�k_�_p�pr�ri�iv�v() formats KRB-SAFE (integrity protected)
- and KRB-PRIV (also encrypted) messages into _�o_�u_�t_�b_�u_�f. The actual message
- data is taken from _�u_�s_�e_�r_�d_�a_�t_�a. If the KRB5_AUTH_CONTEXT_DO_SEQUENCE or
- KRB5_AUTH_CONTEXT_DO_TIME flags are set in the _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t, sequence
- numbers and time stamps are generated. If the
- KRB5_AUTH_CONTEXT_RET_SEQUENCE or KRB5_AUTH_CONTEXT_RET_TIME flags are
- set they are also returned in the _�o_�u_�t_�d_�a_�t_�a parameter.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_auth_con_init(3), krb5_rd_priv(3), krb5_rd_safe(3)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_openlog.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_openlog.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_openlog.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,159 +0,0 @@
-
-KRB5_OPENLOG(3) BSD Library Functions Manual KRB5_OPENLOG(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_i�in�ni�it�tl�lo�og�g, k�kr�rb�b5�5_�_o�op�pe�en�nl�lo�og�g, k�kr�rb�b5�5_�_c�cl�lo�os�se�el�lo�og�g, k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_d�de�es�st�t,
- k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_f�fu�un�nc�c, k�kr�rb�b5�5_�_l�lo�og�g, k�kr�rb�b5�5_�_v�vl�lo�og�g, k�kr�rb�b5�5_�_l�lo�og�g_�_m�ms�sg�g, k�kr�rb�b5�5_�_v�vl�lo�og�g_�_m�ms�sg�g --
- Heimdal logging functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�t_�y_�p_�e_�d_�e_�f _�v_�o_�i_�d
- (*�*k�kr�rb�b5�5_�_l�lo�og�g_�_l�lo�og�g_�_f�fu�un�nc�c_�_t�t)(_�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�t_�i_�m_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�m_�e_�s_�s_�a_�g_�e,
- _�v_�o_�i_�d _�*_�d_�a_�t_�a);
-
- _�t_�y_�p_�e_�d_�e_�f _�v_�o_�i_�d
- (*�*k�kr�rb�b5�5_�_l�lo�og�g_�_c�cl�lo�os�se�e_�_f�fu�un�nc�c_�_t�t)(_�v_�o_�i_�d _�*_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_d�de�es�st�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�d_�e_�s_�t_�i_�n_�a_�t_�i_�o_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_f�fu�un�nc�c(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y,
- _�i_�n_�t _�m_�i_�n, _�i_�n_�t _�m_�a_�x, _�k_�r_�b_�5_�__�l_�o_�g_�__�l_�o_�g_�__�f_�u_�n_�c_�__�t _�l_�o_�g,
- _�k_�r_�b_�5_�__�l_�o_�g_�__�c_�l_�o_�s_�e_�__�f_�u_�n_�c_�__�t _�c_�l_�o_�s_�e, _�v_�o_�i_�d _�*_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�cl�lo�os�se�el�lo�og�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_i�in�ni�it�tl�lo�og�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�r_�o_�g_�r_�a_�m,
- _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�*_�f_�a_�c_�i_�l_�i_�t_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_l�lo�og�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y, _�i_�n_�t _�l_�e_�v_�e_�l,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�o_�r_�m_�a_�t, _�._�._�.);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_l�lo�og�g_�_m�ms�sg�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y,
- _�c_�h_�a_�r _�*_�*_�r_�e_�p_�l_�y, _�i_�n_�t _�l_�e_�v_�e_�l, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�o_�r_�m_�a_�t, _�._�._�.);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_o�op�pe�en�nl�lo�og�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�r_�o_�g_�r_�a_�m,
- _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�*_�f_�a_�c_�i_�l_�i_�t_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�vl�lo�og�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y, _�i_�n_�t _�l_�e_�v_�e_�l,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�o_�r_�m_�a_�t, _�v_�a_�__�l_�i_�s_�t _�a_�r_�g_�l_�i_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�vl�lo�og�g_�_m�ms�sg�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�l_�o_�g_�__�f_�a_�c_�i_�l_�i_�t_�y _�*_�f_�a_�c_�i_�l_�i_�t_�y,
- _�c_�h_�a_�r _�*_�*_�r_�e_�p_�l_�y, _�i_�n_�t _�l_�e_�v_�e_�l, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�f_�o_�r_�m_�a_�t, _�v_�a_�__�l_�i_�s_�t _�a_�r_�g_�l_�i_�s_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions logs messages to one or more destinations.
-
- The k�kr�rb�b5�5_�_o�op�pe�en�nl�lo�og�g() function creates a logging _�f_�a_�c_�i_�l_�i_�t_�y, that is used to
- log messages. A facility consists of one or more destinations (which can
- be files or syslog or some other device). The _�p_�r_�o_�g_�r_�a_�m parameter should be
- the generic name of the program that is doing the logging. This name is
- used to lookup which destinations to use. This information is contained
- in the logging section of the _�k_�r_�b_�5_�._�c_�o_�n_�f configuration file. If no entry
- is found for _�p_�r_�o_�g_�r_�a_�m, the entry for default is used, or if that is miss-
- ing too, SYSLOG will be used as destination.
-
- To close a logging facility, use the k�kr�rb�b5�5_�_c�cl�lo�os�se�el�lo�og�g() function.
-
- To log a message to a facility use one of the functions k�kr�rb�b5�5_�_l�lo�og�g(),
- k�kr�rb�b5�5_�_l�lo�og�g_�_m�ms�sg�g(), k�kr�rb�b5�5_�_v�vl�lo�og�g(), or k�kr�rb�b5�5_�_v�vl�lo�og�g_�_m�ms�sg�g(). The functions ending in
- _msg return in _�r_�e_�p_�l_�y a pointer to the message that just got logged. This
- string is allocated, and should be freed with f�fr�re�ee�e(). The _�f_�o_�r_�m_�a_�t is a
- standard p�pr�ri�in�nt�tf�f() style format string (but see the BUGS section).
-
- If you want better control of where things gets logged, you can instead
- of using k�kr�rb�b5�5_�_o�op�pe�en�nl�lo�og�g() call k�kr�rb�b5�5_�_i�in�ni�it�tl�lo�og�g(), which just initializes a
- facility, but doesn't define any actual logging destinations. You can
- then add destinations with the k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_d�de�es�st�t() and k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_f�fu�un�nc�c()
- functions. The first of these takes a string specifying a logging desti-
- nation, and adds this to the facility. If you want to do some non-stan-
- dard logging you can use the k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_f�fu�un�nc�c() function, which takes a
- function to use when logging. The _�l_�o_�g function is called for each mes-
- sage with _�t_�i_�m_�e being a string specifying the current time, and _�m_�e_�s_�s_�a_�g_�e
- the message to log. _�c_�l_�o_�s_�e is called when the facility is closed. You can
- pass application specific data in the _�d_�a_�t_�a parameter. The _�m_�i_�n and _�m_�a_�x
- parameter are the same as in a destination (defined below). To specify a
- max of infinity, pass -1.
-
- k�kr�rb�b5�5_�_o�op�pe�en�nl�lo�og�g() calls k�kr�rb�b5�5_�_i�in�ni�it�tl�lo�og�g() and then calls k�kr�rb�b5�5_�_a�ad�dd�dl�lo�og�g_�_d�de�es�st�t() for
- each destination found.
-
- D�De�es�st�ti�in�na�at�ti�io�on�ns�s
- The defined destinations (as specified in _�k_�r_�b_�5_�._�c_�o_�n_�f) follows:
-
- STDERR
- This logs to the program's stderr.
-
- FILE:_�/_�f_�i_�l_�e
-
- FILE=_�/_�f_�i_�l_�e
- Log to the specified file. The form using a colon appends to
- the file, the form with an equal truncates the file. The trun-
- cating form keeps the file open, while the appending form
- closes it after each log message (which makes it possible to
- rotate logs). The truncating form is mainly for compatibility
- with the MIT libkrb5.
-
- DEVICE=_�/_�d_�e_�v_�i_�c_�e
- This logs to the specified device, at present this is the same
- as FILE:/device.
-
- CONSOLE
- Log to the console, this is the same as DEVICE=/dev/console.
-
- SYSLOG[:priority[:facility]]
- Send messages to the syslog system, using priority, and facil-
- ity. To get the name for one of these, you take the name of
- the macro passed to syslog(3), and remove the leading LOG_
- (LOG_NOTICE becomes NOTICE). The default values (as well as
- the values used for unrecognised values), are ERR, and AUTH,
- respectively. See syslog(3) for a list of priorities and
- facilities.
-
- Each destination may optionally be prepended with a range of logging lev-
- els, specified as min-max/. If the _�l_�e_�v_�e_�l parameter to k�kr�rb�b5�5_�_l�lo�og�g() is
- within this range (inclusive) the message gets logged to this destina-
- tion, otherwise not. Either of the min and max valued may be omitted, in
- this case min is assumed to be zero, and max is assumed to be infinity.
- If you don't include a dash, both min and max gets set to the specified
- value. If no range is specified, all messages gets logged.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- [logging]
- kdc = 0/FILE:/var/log/kdc.log
- kdc = 1-/SYSLOG:INFO:USER
- default = STDERR
-
- This will log all messages from the k�kd�dc�c program with level 0 to
- _�/_�v_�a_�r_�/_�l_�o_�g_�/_�k_�d_�c_�._�l_�o_�g, other messages will be logged to syslog with priority
- LOG_INFO, and facility LOG_USER. All other programs will log all mes-
- sages to their stderr.
-
-S�SE�EE�E A�AL�LS�SO�O
- syslog(3), krb5.conf(5)
-
-B�BU�UG�GS�S
- These functions use a�as�sp�pr�ri�in�nt�tf�f() to format the message. If your operating
- system does not have a working a�as�sp�pr�ri�in�nt�tf�f(), a replacement will be used. At
- present this replacement does not handle some correct conversion specifi-
- cations (like floating point numbers). Until this is fixed, the use of
- these conversions should be avoided.
-
- If logging is done to the syslog facility, these functions might not be
- thread-safe, depending on the implementation of o�op�pe�en�nl�lo�og�g(), and s�sy�ys�sl�lo�og�g().
-
-HEIMDAL August 6, 1997 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_parse_name.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_parse_name.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_parse_name.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,31 +0,0 @@
-
-KRB5_PARSE_NAME(3) BSD Library Functions Manual KRB5_PARSE_NAME(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e -- string to principal conversion
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e() converts a string representation of a principal name to
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l. The _�p_�r_�i_�n_�c_�i_�p_�a_�l will point to allocated data that should
- be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l().
-
- The string should consist of one or more name components separated with
- slashes (``/''), optionally followed with an ``@'' and a realm name. A
- slash or @ may be contained in a name component by quoting it with a
- backslash (``\''). A realm should not contain slashes or colons.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_425_conv_principal(3), krb5_build_principal(3),
- krb5_free_principal(3), krb5_sname_to_principal(3), krb5_unparse_name(3)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_principal.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_principal.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_principal.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,260 +0,0 @@
-
-KRB5_PRINCIPAL(3) BSD Library Functions Manual KRB5_PRINCIPAL(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_p�pr�ri�in�nc�ci�ip�pa�al�l, k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l, k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l,
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t, k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_v�va�a,
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_v�va�a_�_e�ex�xt�t, k�kr�rb�b5�5_�_c�co�op�py�y_�_p�pr�ri�in�nc�ci�ip�pa�al�l, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l,
- k�kr�rb�b5�5_�_m�ma�ak�ke�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l, k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e, k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�et�ty�yp�pe�e, k�kr�rb�b5�5_�_p�pr�ri�in�nc�c_�_s�se�et�t_�_r�re�ea�al�lm�m, k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e,
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e_�_a�an�ny�y_�_r�re�ea�al�lm�m, k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_c�co�om�mp�p_�_s�st�tr�ri�in�ng�g,
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_r�re�ea�al�lm�m, k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_t�ty�yp�pe�e, k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_m�ma�at�tc�ch�h,
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_s�se�et�t_�_t�ty�yp�pe�e, k�kr�rb�b5�5_�_r�re�ea�al�lm�m_�_c�co�om�mp�pa�ar�re�e, k�kr�rb�b5�5_�_s�sn�na�am�me�e_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l,
- k�kr�rb�b5�5_�_s�so�oc�ck�k_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l, k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e, k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d, k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d_�_f�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d_�_s�sh�ho�or�rt�t, k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_s�sh�ho�or�rt�t -- Kerberos 5
- principal handling functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- krb5_principal;
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e, _�i_�n_�t _�f_�l_�a_�g_�s,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�c_�h_�a_�r _�*_�*_�n_�a_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�i_�n_�t _�f_�l_�a_�g_�s, _�c_�h_�a_�r _�*_�*_�n_�a_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�c_�h_�a_�r _�*_�n_�a_�m_�e, _�s_�i_�z_�e_�__�t _�l_�e_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�i_�n_�t _�f_�l_�a_�g_�s, _�c_�h_�a_�r _�*_�n_�a_�m_�e, _�s_�i_�z_�e_�__�t _�l_�e_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_s�sh�ho�or�rt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�c_�h_�a_�r _�*_�*_�n_�a_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d_�_s�sh�ho�or�rt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�c_�h_�a_�r _�*_�n_�a_�m_�e, _�s_�i_�z_�e_�__�t _�l_�e_�n);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�c_�_s�se�et�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�i_�n_�t _�r_�l_�e_�n, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�._�._�.);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_v�va�a(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�i_�n_�t _�r_�l_�e_�n, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�v_�a_�__�l_�i_�s_�t _�a_�p);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�i_�n_�t _�r_�l_�e_�n, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�._�._�.);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_v�va�a_�_e�ex�xt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l, _�i_�n_�t _�r_�l_�e_�n, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m,
- _�v_�a_�__�l_�i_�s_�t _�a_�p);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_m�ma�ak�ke�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�r_�e_�a_�l_�m _�r_�e_�a_�l_�m, _�._�._�.);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�co�op�py�y_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�i_�n_�p_�r_�i_�n_�c,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�o_�u_�t_�p_�r_�i_�n_�c);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�1,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�2);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e_�_a�an�ny�y_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�1, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�2);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_c�co�om�mp�p_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�u_�n_�s_�i_�g_�n_�e_�d _�i_�n_�t _�c_�o_�m_�p_�o_�n_�e_�n_�t);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�i_�n_�t
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_m�ma�at�tc�ch�h(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�a_�t_�t_�e_�r_�n);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_s�se�et�t_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�i_�n_�t _�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n
- k�kr�rb�b5�5_�_r�re�ea�al�lm�m_�_c�co�om�mp�pa�ar�re�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�1,
- _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�2);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�sn�na�am�me�e_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�h_�o_�s_�t_�n_�a_�m_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�n_�a_�m_�e, _�i_�n_�t_�3_�2_�__�t _�t_�y_�p_�e, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�r_�e_�t_�__�p_�r_�i_�n_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�so�oc�ck�k_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t _�s_�o_�c_�k_�e_�t,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�n_�a_�m_�e, _�i_�n_�t_�3_�2_�__�t _�t_�y_�p_�e, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c_�i_�p_�a_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_p�pr�ri�in�nc�ci�ip�pa�al�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�*_�p_�r_�i_�n_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�et�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�t_�r,
- _�i_�n_�t_�3_�2_�__�t _�*_�t_�y_�p_�e);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- krb5_principal holds the name of a user or service in Kerberos.
-
- A principal has two parts, a PrincipalName and a realm. The Principal-
- Name consists of one or more components. In printed form, the components
- are separated by /. The PrincipalName also has a name-type.
-
- Examples of a principal are nisse/root at EXAMPLE.COM and
- host/datan.kth.se at KTH.SE. k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e() and k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s()
- passes a principal name in _�n_�a_�m_�e to the kerberos principal structure.
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s() takes an extra _�f_�l_�a_�g_�s argument the following flags
- can be passed in
-
- KRB5_PRINCIPAL_PARSE_NO_REALM
- requires the input string to be without a realm, and no realm is
- stored in the _�p_�r_�i_�n_�c_�i_�p_�a_�l return argument.
-
- KRB5_PRINCIPAL_PARSE_REQUIRE_REALM
- requires the input string to with a realm.
-
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e() and k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fl�la�ag�gs�s() prints the principal
- _�p_�r_�i_�n_�c to the string _�n_�a_�m_�e. _�n_�a_�m_�e should be freed with free(3). To the
- _�f_�l_�a_�g_�s argument the following flags can be passed in
-
- KRB5_PRINCIPAL_UNPARSE_SHORT
- no realm if the realm is one of the local realms.
-
- KRB5_PRINCIPAL_UNPARSE_NO_REALM
- never include any realm in the principal name.
-
- KRB5_PRINCIPAL_UNPARSE_DISPLAY
- don't quote
- On failure _�n_�a_�m_�e is set to NULL. k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d() and
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d_�_f�fl�la�ag�gs�s() behaves just like k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e(), but
- instead unparses the principal into a fixed size buffer.
-
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_s�sh�ho�or�rt�t() just returns the principal without the realm if
- the principal is in the default realm. If the principal isn't, the full
- name is returned. k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_f�fi�ix�xe�ed�d_�_s�sh�ho�or�rt�t() works just like
- k�kr�rb�b5�5_�_u�un�np�pa�ar�rs�se�e_�_n�na�am�me�e_�_s�sh�ho�or�rt�t() but on a fixed size buffer.
-
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l() builds a principal from the realm _�r_�e_�a_�l_�m that has
- the length _�r_�l_�e_�n. The following arguments form the components of the
- principal. The list of components is terminated with NULL.
-
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_v�va�a() works like k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l() using vargs.
-
- k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_e�ex�xt�t() and k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_v�va�a_�_e�ex�xt�t() take a list
- of length-value pairs, the list is terminated with a zero length.
-
- k�kr�rb�b5�5_�_m�ma�ak�ke�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l() works the same way as k�kr�rb�b5�5_�_b�bu�ui�il�ld�d_�_p�pr�ri�in�nc�ci�ip�pa�al�l(),
- except it figures out the length of the realm itself.
-
- k�kr�rb�b5�5_�_c�co�op�py�y_�_p�pr�ri�in�nc�ci�ip�pa�al�l() makes a copy of a principal. The copy needs to be
- freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_p�pr�ri�in�nc�ci�ip�pa�al�l().
-
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e() compares the two principals, including realm of
- the principals and returns TRUE if they are the same and FALSE if not.
-
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e_�_a�an�ny�y_�_r�re�ea�al�lm�m() works the same way as
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_c�co�om�mp�pa�ar�re�e() but doesn't compare the realm component of the
- principal.
-
- k�kr�rb�b5�5_�_r�re�ea�al�lm�m_�_c�co�om�mp�pa�ar�re�e() compares the realms of the two principals and
- returns TRUE is they are the same, and FALSE if not.
-
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_m�ma�at�tc�ch�h() matches a _�p_�r_�i_�n_�c_�i_�p_�a_�l against a _�p_�a_�t_�t_�e_�r_�n. The pat-
- tern is a globbing expression, where each component (separated by /) is
- matched against the corresponding component of the principal.
-
- The k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_r�re�ea�al�lm�m() and k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_c�co�om�mp�p_�_s�st�tr�ri�in�ng�g() func-
- tions return parts of the _�p_�r_�i_�n_�c_�i_�p_�a_�l, either the realm or a specific com-
- ponent. Both functions return string pointers to data inside the princi-
- pal, so they are valid only as long as the principal exists.
-
- The _�c_�o_�m_�p_�o_�n_�e_�n_�t argument to k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_c�co�om�mp�p_�_s�st�tr�ri�in�ng�g() is the index
- of the component to return, from zero to the total number of components
- minus one. If the index is out of range NULL is returned.
-
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_r�re�ea�al�lm�m() and k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_c�co�om�mp�p_�_s�st�tr�ri�in�ng�g() are
- replacements for k�kr�rb�b5�5_�_p�pr�ri�in�nc�c_�_c�co�om�mp�po�on�ne�en�nt�t() and related macros, described as
- internal in the MIT API specification. Unlike the macros, these func-
- tions return strings, not krb5_data. A reason to return krb5_data was
- that it was believed that principal components could contain binary data,
- but this belief was unfounded, and it has been decided that principal
- components are infact UTF8, so it's safe to use zero terminated strings.
-
- It's generally not necessary to look at the components of a principal.
-
- k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_g�ge�et�t_�_t�ty�yp�pe�e() and k�kr�rb�b5�5_�_p�pr�ri�in�nc�ci�ip�pa�al�l_�_s�se�et�t_�_t�ty�yp�pe�e() get and sets the
- name type for a principal. Name type handling is tricky and not often
- needed, don't use this unless you know what you do.
-
- k�kr�rb�b5�5_�_s�sn�na�am�me�e_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l() and k�kr�rb�b5�5_�_s�so�oc�ck�k_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l() are for easy cre-
- ation of ``service'' principals that can, for instance, be used to lookup
- a key in a keytab. For both functions the _�s_�n_�a_�m_�e parameter will be used
- for the first component of the created principal. If _�s_�n_�a_�m_�e is NULL,
- ``host'' will be used instead.
-
- k�kr�rb�b5�5_�_s�sn�na�am�me�e_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l() will use the passed _�h_�o_�s_�t_�n_�a_�m_�e for the second
- component. If _�t_�y_�p_�e is KRB5_NT_SRV_HST this name will be looked up with
- g�ge�et�th�ho�os�st�tb�by�yn�na�am�me�e(). If _�h_�o_�s_�t_�n_�a_�m_�e is NULL, the local hostname will be used.
-
- k�kr�rb�b5�5_�_s�so�oc�ck�k_�_t�to�o_�_p�pr�ri�in�nc�ci�ip�pa�al�l() will use the ``sockname'' of the passed _�s_�o_�c_�k_�e_�t,
- which should be a bound AF_INET or AF_INET6 socket. There must be a map-
- ping between the address and ``sockname''. The function may try to
- resolve the name in DNS.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_p�pr�ri�in�nc�ci�ip�pa�al�l() tries to find out what's a reasonable
- default principal by looking at the environment it is running in.
-
- k�kr�rb�b5�5_�_p�pa�ar�rs�se�e_�_n�na�am�me�et�ty�yp�pe�e() parses and returns the name type integer value in
- _�t_�y_�p_�e. On failure the function returns an error code and set the error
- string.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_425_conv_principal(3), krb5_config(3), krb5.conf(5)
-
-B�BU�UG�GS�S
- You can not have a NUL in a component in some of the variable argument
- functions above. Until someone can give a good example of where it would
- be a good idea to have NUL's in a component, this will not be fixed.
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_rcache.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_rcache.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_rcache.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,84 +0,0 @@
-
-KRB5_RCACHE(3) BSD Library Functions Manual KRB5_RCACHE(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_r�rc�ca�ac�ch�he�e, k�kr�rb�b5�5_�_r�rc�c_�_c�cl�lo�os�se�e, k�kr�rb�b5�5_�_r�rc�c_�_d�de�ef�fa�au�ul�lt�t, k�kr�rb�b5�5_�_r�rc�c_�_d�de�ef�fa�au�ul�lt�t_�_n�na�am�me�e,
- k�kr�rb�b5�5_�_r�rc�c_�_d�de�ef�fa�au�ul�lt�t_�_t�ty�yp�pe�e, k�kr�rb�b5�5_�_r�rc�c_�_d�de�es�st�tr�ro�oy�y, k�kr�rb�b5�5_�_r�rc�c_�_e�ex�xp�pu�un�ng�ge�e,
- k�kr�rb�b5�5_�_r�rc�c_�_g�ge�et�t_�_l�li�if�fe�es�sp�pa�an�n, k�kr�rb�b5�5_�_r�rc�c_�_g�ge�et�t_�_n�na�am�me�e, k�kr�rb�b5�5_�_r�rc�c_�_g�ge�et�t_�_t�ty�yp�pe�e,
- k�kr�rb�b5�5_�_r�rc�c_�_i�in�ni�it�ti�ia�al�li�iz�ze�e, k�kr�rb�b5�5_�_r�rc�c_�_r�re�ec�co�ov�ve�er�r, k�kr�rb�b5�5_�_r�rc�c_�_r�re�es�so�ol�lv�ve�e,
- k�kr�rb�b5�5_�_r�rc�c_�_r�re�es�so�ol�lv�ve�e_�_f�fu�ul�ll�l, k�kr�rb�b5�5_�_r�rc�c_�_r�re�es�so�ol�lv�ve�e_�_t�ty�yp�pe�e, k�kr�rb�b5�5_�_r�rc�c_�_s�st�to�or�re�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_s�se�er�rv�ve�er�r_�_r�rc�ca�ac�ch�he�e -- Kerberos 5 replay cache
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- struct krb5_rcache;
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_c�cl�lo�os�se�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_d�de�ef�fa�au�ul�lt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�*_�i_�d);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_r�rc�c_�_d�de�ef�fa�au�ul�lt�t_�_n�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_r�rc�c_�_d�de�ef�fa�au�ul�lt�t_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_d�de�es�st�tr�ro�oy�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_e�ex�xp�pu�un�ng�ge�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_g�ge�et�t_�_l�li�if�fe�es�sp�pa�an�n(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d,
- _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�*_�a_�u_�t_�h_�__�l_�i_�f_�e_�s_�p_�a_�n);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r_�*
- k�kr�rb�b5�5_�_r�rc�c_�_g�ge�et�t_�_n�na�am�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r_�*
- k�kr�rb�b5�5_�_r�rc�c_�_g�ge�et�t_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_i�in�ni�it�ti�ia�al�li�iz�ze�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d,
- _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�a_�u_�t_�h_�__�l_�i_�f_�e_�s_�p_�a_�n);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_r�re�ec�co�ov�ve�er�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_r�re�es�so�ol�lv�ve�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�n_�a_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_r�re�es�so�ol�lv�ve�e_�_f�fu�ul�ll�l(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�*_�i_�d,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�t_�r_�i_�n_�g_�__�n_�a_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_r�re�es�so�ol�lv�ve�e_�_t�ty�yp�pe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�*_�i_�d,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�t_�y_�p_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rc�c_�_s�st�to�or�re�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�i_�d,
- _�k_�r_�b_�5_�__�d_�o_�n_�o_�t_�__�r_�e_�p_�l_�a_�y _�*_�r_�e_�p);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_s�se�er�rv�ve�er�r_�_r�rc�ca�ac�ch�he�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�p_�i_�e_�c_�e,
- _�k_�r_�b_�5_�__�r_�c_�a_�c_�h_�e _�*_�i_�d);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The krb5_rcache structure holds a storage element that is used for data
- manipulation. The structure contains no public accessible elements.
-
- k�kr�rb�b5�5_�_r�rc�c_�_i�in�ni�it�ti�ia�al�li�iz�ze�e() Creates the reply cache _�i_�d and sets it lifespan to
- _�a_�u_�t_�h_�__�l_�i_�f_�e_�s_�p_�a_�n. If the cache already exists, the content is destroyed.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_data(3), kerberos(8)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_rd_error.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_rd_error.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_rd_error.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,52 +0,0 @@
-
-KRB5_RD_ERROR(3) BSD Library Functions Manual KRB5_RD_ERROR(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_r�rd�d_�_e�er�rr�ro�or�r, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r_�_c�co�on�nt�te�en�nt�ts�s,
- k�kr�rb�b5�5_�_e�er�rr�ro�or�r_�_f�fr�ro�om�m_�_r�rd�d_�_e�er�rr�ro�or�r -- parse, free and read error from KRB-ERROR
- message
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rd�d_�_e�er�rr�ro�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�m_�s_�g,
- _�K_�R_�B_�__�E_�R_�R_�O_�R _�*_�r_�e_�s_�u_�l_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�r_�r_�o_�r _�*_�e_�r_�r_�o_�r);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r_�_c�co�on�nt�te�en�nt�ts�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�r_�r_�o_�r _�*_�e_�r_�r_�o_�r);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_e�er�rr�ro�or�r_�_f�fr�ro�om�m_�_r�rd�d_�_e�er�rr�ro�or�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�e_�r_�r_�o_�r _�*_�e_�r_�r_�o_�r,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Usually applications never needs to parse and understand Kerberos error
- messages since higher level functions will parse and push up the error in
- the krb5_context. These functions are described for completeness.
-
- k�kr�rb�b5�5_�_r�rd�d_�_e�er�rr�ro�or�r() parses and returns the kerboeros error message, the
- structure should be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r_�_c�co�on�nt�te�en�nt�ts�s() when the caller
- is done with the structure.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r() frees the content and the memory region holding the
- structure iself.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r_�_c�co�on�nt�te�en�nt�ts�s() free the content of the KRB-ERROR message.
-
- k�kr�rb�b5�5_�_e�er�rr�ro�or�r_�_f�fr�ro�om�m_�_r�rd�d_�_e�er�rr�ro�or�r() will parse the error message and set the error
- buffer in krb5_context to the error string passed back or the matching
- error code in the KRB-ERROR message. Caller should pick up the message
- with k�kr�rb�b5�5_�_g�ge�et�t_�_e�er�rr�ro�or�r_�_s�st�tr�ri�in�ng�g(_�3) (don't forget to free the returned string
- with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_e�er�rr�ro�or�r_�_s�st�tr�ri�in�ng�g()).
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_set_error_string(3), krb5_get_error_string(3), krb5.conf(5)
-
-HEIMDAL July 26, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_rd_safe.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_rd_safe.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_rd_safe.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,35 +0,0 @@
-
-KRB5_RD_SAFE(3) BSD Library Functions Manual KRB5_RD_SAFE(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_r�rd�d_�_s�sa�af�fe�e, k�kr�rb�b5�5_�_r�rd�d_�_p�pr�ri�iv�v -- verifies authenticity of messages
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rd�d_�_p�pr�ri�iv�v(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�b_�u_�f, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�b_�u_�f,
- _�k_�r_�b_�5_�__�r_�e_�p_�l_�a_�y_�__�d_�a_�t_�a _�*_�o_�u_�t_�d_�a_�t_�a);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_r�rd�d_�_s�sa�af�fe�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t,
- _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�i_�n_�b_�u_�f, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�o_�u_�t_�b_�u_�f,
- _�k_�r_�b_�5_�__�r_�e_�p_�l_�a_�y_�__�d_�a_�t_�a _�*_�o_�u_�t_�d_�a_�t_�a);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_r�rd�d_�_s�sa�af�fe�e() and k�kr�rb�b5�5_�_r�rd�d_�_p�pr�ri�iv�v() parses KRB-SAFE and KRB-PRIV messages
- (as generated by krb5_mk_safe(3) and krb5_mk_priv(3)) from _�i_�n_�b_�u_�f and ver-
- ifies its integrity. The user data part of the message in put in _�o_�u_�t_�b_�u_�f.
- The encryption state, including keyblocks and addresses, is taken from
- _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t. If the KRB5_AUTH_CONTEXT_RET_SEQUENCE or
- KRB5_AUTH_CONTEXT_RET_TIME flags are set in the _�a_�u_�t_�h_�__�c_�o_�n_�t_�e_�x_�t the sequence
- number and time are returned in the _�o_�u_�t_�d_�a_�t_�a parameter.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_auth_con_init(3), krb5_mk_priv(3), krb5_mk_safe(3)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_set_default_realm.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_set_default_realm.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_set_default_realm.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,70 +0,0 @@
-
-KRB5_SET_DEFAULT_REAL... BSD Library Functions Manual KRB5_SET_DEFAULT_REAL...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�co�op�py�y_�_h�ho�os�st�t_�_r�re�ea�al�lm�m, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_h�ho�os�st�t_�_r�re�ea�al�lm�m, k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�m,
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�ms�s, k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m, k�kr�rb�b5�5_�_s�se�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�m --
- default and host realm read and manipulation routines
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�co�op�py�y_�_h�ho�os�st�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�f_�r_�o_�m,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�*_�t_�o);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_h�ho�os�st�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m_�l_�i_�s_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�ms�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�*_�r_�e_�a_�l_�m);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�h_�o_�s_�t,
- _�k_�r_�b_�5_�__�r_�e_�a_�l_�m _�*_�*_�r_�e_�a_�l_�m_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�r_�e_�a_�l_�m);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_c�co�op�py�y_�_h�ho�os�st�t_�_r�re�ea�al�lm�m() copies the list of realms from _�f_�r_�o_�m to _�t_�o. _�t_�o
- should be freed by the caller using _�k_�r_�b_�5_�__�f_�r_�e_�e_�__�h_�o_�s_�t_�__�r_�e_�a_�l_�m.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_h�ho�os�st�t_�_r�re�ea�al�lm�m() frees all memory allocated by _�r_�e_�a_�l_�m_�l_�i_�s_�t.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�m() returns the first default realm for this host.
- The realm returned should be freed with f�fr�re�ee�e().
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�ms�s() returns a NULL terminated list of default
- realms for this context. Realms returned by k�kr�rb�b5�5_�_g�ge�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�ms�s()
- should be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_h�ho�os�st�t_�_r�re�ea�al�lm�m().
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m() returns a NULL terminated list of realms for _�h_�o_�s_�t
- by looking up the information in the [domain_realm] in _�k_�r_�b_�5_�._�c_�o_�n_�f or in
- DNS. If the mapping in [domain_realm] results in the string dns_locate,
- DNS is used to lookup the realm.
-
- When using DNS to a resolve the domain for the host a.b.c,
- k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m() looks for a TXT resource record named
- _kerberos.a.b.c, and if not found, it strips off the first component and
- tries a again (_kerberos.b.c) until it reaches the root.
-
- If there is no configuration or DNS information found,
- k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m() assumes it can use the domain part of the _�h_�o_�s_�t to
- form a realm. Caller must free _�r_�e_�a_�l_�m_�l_�i_�s_�t with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_h�ho�os�st�t_�_r�re�ea�al�lm�m().
-
- k�kr�rb�b5�5_�_s�se�et�t_�_d�de�ef�fa�au�ul�lt�t_�_r�re�ea�al�lm�m() sets the default realm for the _�c_�o_�n_�t_�e_�x_�t. If NULL
- is used as a _�r_�e_�a_�l_�m, the [libdefaults]default_realm stanza in _�k_�r_�b_�5_�._�c_�o_�n_�f is
- used. If there is no such stanza in the configuration file, the
- k�kr�rb�b5�5_�_g�ge�et�t_�_h�ho�os�st�t_�_r�re�ea�al�lm�m() function is used to form a default realm.
-
-S�SE�EE�E A�AL�LS�SO�O
- free(3), krb5.conf(5)
-
-HEIMDAL April 24, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_set_password.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_set_password.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_set_password.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,66 +0,0 @@
-
-KRB5_SET_PASSWORD(3) BSD Library Functions Manual KRB5_SET_PASSWORD(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_c�ch�ha�an�ng�ge�e_�_p�pa�as�ss�sw�wo�or�rd�d, k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d, k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d_�_u�us�si�in�ng�g_�_c�cc�ca�ac�ch�he�e,
- k�kr�rb�b5�5_�_p�pa�as�ss�sw�wd�d_�_r�re�es�su�ul�lt�t_�_t�to�o_�_s�st�tr�ri�in�ng�g -- change password functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_c�ch�ha�an�ng�ge�e_�_p�pa�as�ss�sw�wo�or�rd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s,
- _�c_�h_�a_�r _�*_�n_�e_�w_�p_�w, _�i_�n_�t _�*_�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e_�__�s_�t_�r_�i_�n_�g,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t_�__�s_�t_�r_�i_�n_�g);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s, _�c_�h_�a_�r _�*_�n_�e_�w_�p_�w,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�t_�a_�r_�g_�p_�r_�i_�n_�c, _�i_�n_�t _�*_�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e_�__�s_�t_�r_�i_�n_�g, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t_�__�s_�t_�r_�i_�n_�g);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d_�_u�us�si�in�ng�g_�_c�cc�ca�ac�ch�he�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e,
- _�c_�h_�a_�r _�*_�n_�e_�w_�p_�w, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�t_�a_�r_�g_�p_�r_�i_�n_�c, _�i_�n_�t _�*_�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e_�__�s_�t_�r_�i_�n_�g, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�r_�e_�s_�u_�l_�t_�__�s_�t_�r_�i_�n_�g);
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*
- k�kr�rb�b5�5_�_p�pa�as�ss�sw�wd�d_�_r�re�es�su�ul�lt�t_�_t�to�o_�_s�st�tr�ri�in�ng�g(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�i_�n_�t _�r_�e_�s_�u_�l_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- These functions change the password for a given principal.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d() and k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d_�_u�us�si�in�ng�g_�_c�cc�ca�ac�ch�he�e() are the newer of
- the three functions, and use a newer version of the protocol (and also
- fall back to the older set-password protocol if the newer protocol
- doesn't work).
-
- k�kr�rb�b5�5_�_c�ch�ha�an�ng�ge�e_�_p�pa�as�ss�sw�wo�or�rd�d() sets the password _�n_�e_�w_�p_�a_�s_�s_�w_�d for the client princi-
- pal in _�c_�r_�e_�d_�s. The server principal of creds must be kadmin/changepw.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d() and k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d_�_u�us�si�in�ng�g_�_c�cc�ca�ac�ch�he�e() change the pass-
- word for the principal _�t_�a_�r_�g_�p_�r_�i_�n_�c.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d() requires that the credential for
- kadmin/changepw at REALM is in _�c_�r_�e_�d_�s. If the user caller isn't an adminis-
- trator, this credential needs to be an initial credential, see
- krb5_get_init_creds(3) how to get such credentials.
-
- k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d_�_u�us�si�in�ng�g_�_c�cc�ca�ac�ch�he�e() will get the credential from _�c_�c_�a_�c_�h_�e.
-
- If _�t_�a_�r_�g_�p_�r_�i_�n_�c is NULL, k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d_�_u�us�si�in�ng�g_�_c�cc�ca�ac�ch�he�e() uses the the
- default principal in _�c_�c_�a_�c_�h_�e and k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d() uses the global the
- default principal.
-
- All three functions return an error in _�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e and maybe an error
- string to print in _�r_�e_�s_�u_�l_�t_�__�s_�t_�r_�i_�n_�g.
-
- k�kr�rb�b5�5_�_p�pa�as�ss�sw�wd�d_�_r�re�es�su�ul�lt�t_�_t�to�o_�_s�st�tr�ri�in�ng�g() returns an human readable string describ-
- ing the error code in _�r_�e_�s_�u_�l_�t_�__�c_�o_�d_�e from the k�kr�rb�b5�5_�_s�se�et�t_�_p�pa�as�ss�sw�wo�or�rd�d() functions.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_ccache(3), krb5_init_context(3)
-
-HEIMDAL July 15, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_string_to_key.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_string_to_key.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_string_to_key.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,74 +0,0 @@
-
-KRB5_STRING_TO_KEY(3) BSD Library Functions Manual KRB5_STRING_TO_KEY(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y, k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a,
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t, k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e,
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_s�sa�al�lt�t, k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e,
- k�kr�rb�b5�5_�_g�ge�et�t_�_p�pw�w_�_s�sa�al�lt�t, k�kr�rb�b5�5_�_f�fr�re�ee�e_�_s�sa�al�lt�t -- turns a string to a Kerberos key
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�s_�a_�l_�t _�s_�a_�l_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e, _�k_�r_�b_�5_�__�d_�a_�t_�a _�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�s_�a_�l_�t _�s_�a_�l_�t,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�o_�p_�a_�q_�u_�e, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_s�sa�al�lt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�s_�a_�l_�t _�s_�a_�l_�t, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t,
- _�k_�r_�b_�5_�__�e_�n_�c_�t_�y_�p_�e _�e_�n_�c_�t_�y_�p_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�s_�a_�l_�t _�s_�a_�l_�t,
- _�k_�r_�b_�5_�__�d_�a_�t_�a _�o_�p_�a_�q_�u_�e, _�k_�r_�b_�5_�__�k_�e_�y_�b_�l_�o_�c_�k _�*_�k_�e_�y);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_g�ge�et�t_�_p�pw�w_�_s�sa�al�lt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�o_�n_�s_�t_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�k_�r_�b_�5_�__�s_�a_�l_�t _�*_�s_�a_�l_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_s�sa�al�lt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�s_�a_�l_�t _�s_�a_�l_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The string to key functions convert a string to a kerberos key.
-
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e() is the function that does all the
- work, the rest of the functions are just wrappers around
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e() that calls it with default values.
-
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_k�ke�ey�y_�_d�da�at�ta�a_�_s�sa�al�lt�t_�_o�op�pa�aq�qu�ue�e() transforms the _�p_�a_�s_�s_�w_�o_�r_�d with the
- given salt-string _�s_�a_�l_�t and the opaque, encryption type specific parameter
- _�o_�p_�a_�q_�u_�e to a encryption key _�k_�e_�y according to the string to key function
- associated with _�e_�n_�c_�t_�y_�p_�e.
-
- The _�k_�e_�y should be freed with k�kr�rb�b5�5_�_f�fr�re�ee�e_�_k�ke�ey�yb�bl�lo�oc�ck�k_�_c�co�on�nt�te�en�nt�ts�s().
-
- If one of the functions that doesn't take a krb5_salt as it argument
- k�kr�rb�b5�5_�_g�ge�et�t_�_p�pw�w_�_s�sa�al�lt�t() is used to get the salt value.
-
- k�kr�rb�b5�5_�_g�ge�et�t_�_p�pw�w_�_s�sa�al�lt�t() get the default password salt for a principal, use
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_s�sa�al�lt�t() to free the salt when done.
-
- k�kr�rb�b5�5_�_f�fr�re�ee�e_�_s�sa�al�lt�t() frees the content of _�s_�a_�l_�t.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_data(3), krb5_keyblock(3), kerberos(8)
-
-HEIMDAL July 10, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_timeofday.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_timeofday.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_timeofday.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,55 +0,0 @@
-
-KRB5_TIMEOFDAY(3) BSD Library Functions Manual KRB5_TIMEOFDAY(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_t�ti�im�me�eo�of�fd�da�ay�y, k�kr�rb�b5�5_�_s�se�et�t_�_r�re�ea�al�l_�_t�ti�im�me�e, k�kr�rb�b5�5_�_u�us�s_�_t�ti�im�me�eo�of�fd�da�ay�y, k�kr�rb�b5�5_�_f�fo�or�rm�ma�at�t_�_t�ti�im�me�e,
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_d�de�el�lt�ta�at�t -- Kerberos 5 time handling functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- krb5_timestamp;
-
- krb5_deltat;
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�se�et�t_�_r�re�ea�al�l_�_t�ti�im�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�t_�i_�m_�e_�s_�t_�a_�m_�p _�s_�e_�c,
- _�i_�n_�t_�3_�2_�__�t _�u_�s_�e_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_t�ti�im�me�eo�of�fd�da�ay�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�t_�i_�m_�e_�s_�t_�a_�m_�p _�*_�t_�i_�m_�e_�r_�e_�t);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_u�us�s_�_t�ti�im�me�eo�of�fd�da�ay�y(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�t_�i_�m_�e_�s_�t_�a_�m_�p _�*_�s_�e_�c,
- _�i_�n_�t_�3_�2_�__�t _�*_�u_�s_�e_�c);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_f�fo�or�rm�ma�at�t_�_t�ti�im�me�e(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�t_�i_�m_�e_�__�t _�t, _�c_�h_�a_�r _�*_�s, _�s_�i_�z_�e_�__�t _�l_�e_�n,
- _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�i_�n_�c_�l_�u_�d_�e_�__�t_�i_�m_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_d�de�el�lt�ta�at�t(_�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�t_�r_�i_�n_�g, _�k_�r_�b_�5_�__�d_�e_�l_�t_�a_�t _�*_�d_�e_�l_�t_�a_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5_�_s�se�et�t_�_r�re�ea�al�l_�_t�ti�im�me�e sets the absolute time that the caller knows the KDC
- has. With this the Kerberos library can calculate the relative differ-
- ence between the KDC time and the local system time and store it in the
- _�c_�o_�n_�t_�e_�x_�t. With this information the Kerberos library can adjust all time
- stamps in Kerberos packages.
-
- k�kr�rb�b5�5_�_t�ti�im�me�eo�of�fd�da�ay�y() returns the current time, but adjusted with the time
- difference between the local host and the KDC. k�kr�rb�b5�5_�_u�us�s_�_t�ti�im�me�eo�of�fd�da�ay�y() also
- returns microseconds.
-
- k�kr�rb�b5�5_�_f�fo�or�rm�ma�at�t_�_t�ti�im�me�e formats the time _�t into the string _�s of length _�l_�e_�n. If
- _�i_�n_�c_�l_�u_�d_�e_�__�t_�i_�m_�e is set, the time is set include_time.
-
- k�kr�rb�b5�5_�_s�st�tr�ri�in�ng�g_�_t�to�o_�_d�de�el�lt�ta�at�t parses delta time _�s_�t_�r_�i_�n_�g into _�d_�e_�l_�t_�a_�t.
-
-S�SE�EE�E A�AL�LS�SO�O
- gettimeofday(2), krb5(3)
-
-HEIMDAL Sepember 16, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_verify_init_creds.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_verify_init_creds.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_verify_init_creds.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,52 +0,0 @@
-
-KRB5_VERIFY_INIT_CRED... BSD Library Functions Manual KRB5_VERIFY_INIT_CRED...
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_i�in�ni�it�t,
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ap�p_�_r�re�eq�q_�_n�no�of�fa�ai�il�l, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s --
- verifies a credential cache is correct by using a local keytab
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- struct krb5_verify_init_creds_opt;
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_i�in�ni�it�t(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t_�i_�o_�n_�s);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ap�p_�_r�re�eq�q_�_n�no�of�fa�ai�il�l(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t_�i_�o_�n_�s,
- _�i_�n_�t _�a_�p_�__�r_�e_�q_�__�n_�o_�f_�a_�i_�l);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�c_�r_�e_�d_�s _�*_�c_�r_�e_�d_�s,
- _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�a_�p_�__�r_�e_�q_�__�s_�e_�r_�v_�e_�r, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�*_�c_�c_�a_�c_�h_�e,
- _�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�i_�n_�i_�t_�__�c_�r_�e_�d_�s_�__�o_�p_�t _�*_�o_�p_�t_�i_�o_�n_�s);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s function verifies the initial tickets with the
- local keytab to make sure the response of the KDC was spoof-ed.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s will use principal _�a_�p_�__�r_�e_�q_�__�s_�e_�r_�v_�e_�r from the local
- keytab, if NULL is passed in, the code will guess the local hostname and
- use that to form host/hostname/GUESSED-REALM-FOR-HOSTNAME. _�c_�r_�e_�d_�s is the
- credential that k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s should verify. If _�c_�c_�a_�c_�h_�e is given
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s() stores all credentials it fetched from the KDC
- there, otherwise it will use a memory credential cache that is destroyed
- when done.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_i�in�ni�it�t() cleans the the structure, must be used
- before trying to pass it in to k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s().
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_i�in�ni�it�t_�_c�cr�re�ed�ds�s_�_o�op�pt�t_�_s�se�et�t_�_a�ap�p_�_r�re�eq�q_�_n�no�of�fa�ai�il�l() controls controls the
- behavior if _�a_�p_�__�r_�e_�q_�__�s_�e_�r_�v_�e_�r doesn't exists in the local keytab or in the
- KDC's database, if it's true, the error will be ignored. Note that this
- use is possible insecure.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5(3), krb5_get_init_creds(3), krb5_verify_user(3), krb5.conf(5)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/krb5_verify_user.cat3
===================================================================
--- trunk/crypto/heimdal/lib/krb5/krb5_verify_user.cat3 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/krb5_verify_user.cat3 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,141 +0,0 @@
-
-KRB5_VERIFY_USER(3) BSD Library Functions Manual KRB5_VERIFY_USER(3)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_l�lr�re�ea�al�lm�m, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_o�op�pt�t,
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_i�in�ni�it�t, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_a�al�ll�lo�oc�c, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_f�fr�re�ee�e,
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_c�cc�ca�ac�ch�he�e, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_f�fl�la�ag�gs�s,
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_s�se�er�rv�vi�ic�ce�e, k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_s�se�ec�cu�ur�re�e,
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_k�ke�ey�yt�ta�ab�b -- Heimdal password verifying functions
-
-L�LI�IB�BR�RA�AR�RY�Y
- Kerberos 5 Library (libkrb5, -lkrb5)
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- #�#i�in�nc�cl�lu�ud�de�e <�<k�kr�rb�b5�5.�.h�h>�>
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�s_�e_�c_�u_�r_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�e_�r_�v_�i_�c_�e);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_l�lr�re�ea�al�lm�m(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�s_�e_�c_�u_�r_�e,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�e_�r_�v_�i_�c_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_i�in�ni�it�t(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_a�al�ll�lo�oc�c(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_f�fr�re�ee�e(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_c�cc�ca�ac�ch�he�e(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t, _�k_�r_�b_�5_�__�c_�c_�a_�c_�h_�e _�c_�c_�a_�c_�h_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_k�ke�ey�yt�ta�ab�b(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t, _�k_�r_�b_�5_�__�k_�e_�y_�t_�a_�b _�k_�e_�y_�t_�a_�b);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_s�se�ec�cu�ur�re�e(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t, _�k_�r_�b_�5_�__�b_�o_�o_�l_�e_�a_�n _�s_�e_�c_�u_�r_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_s�se�er�rv�vi�ic�ce�e(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t, _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�s_�e_�r_�v_�i_�c_�e);
-
- _�v_�o_�i_�d
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_f�fl�la�ag�gs�s(_�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t, _�u_�n_�s_�i_�g_�n_�e_�d _�i_�n_�t _�f_�l_�a_�g_�s);
-
- _�k_�r_�b_�5_�__�e_�r_�r_�o_�r_�__�c_�o_�d_�e
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_o�op�pt�t(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�r_�i_�n_�c_�i_�p_�a_�l,
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�*_�p_�a_�s_�s_�w_�o_�r_�d, _�k_�r_�b_�5_�__�v_�e_�r_�i_�f_�y_�__�o_�p_�t _�*_�o_�p_�t);
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r function verifies the password supplied by a user.
- The principal whose password will be verified is specified in _�p_�r_�i_�n_�c_�i_�p_�a_�l.
- New tickets will be obtained as a side-effect and stored in _�c_�c_�a_�c_�h_�e (if
- NULL, the default ccache is used). k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r() will call
- k�kr�rb�b5�5_�_c�cc�c_�_i�in�ni�it�ti�ia�al�li�iz�ze�e() on the given _�c_�c_�a_�c_�h_�e, so _�c_�c_�a_�c_�h_�e must only initialized
- with k�kr�rb�b5�5_�_c�cc�c_�_r�re�es�so�ol�lv�ve�e() or k�kr�rb�b5�5_�_c�cc�c_�_g�ge�en�n_�_n�ne�ew�w(). If the password is not sup-
- plied in _�p_�a_�s_�s_�w_�o_�r_�d (and is given as NULL) the user will be prompted for
- it. If _�s_�e_�c_�u_�r_�e the ticket will be verified against the locally stored
- service key _�s_�e_�r_�v_�i_�c_�e (by default `host' if given as NULL ).
-
- The k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_l�lr�re�ea�al�lm�m() function does the same, except that it
- ignores the realm in _�p_�r_�i_�n_�c_�i_�p_�a_�l and tries all the local realms (see
- krb5.conf(5)). After a successful return, the principal is set to the
- authenticated realm. If the call fails, the principal will not be mean-
- ingful, and should only be freed with krb5_free_principal(3).
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_a�al�ll�lo�oc�c() and k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_f�fr�re�ee�e() allocates and frees a
- krb5_verify_opt. You should use the the alloc and free function instead
- of allocation the structure yourself, this is because in a future release
- the structure wont be exported.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_i�in�ni�it�t() resets all opt to default values.
-
- None of the krb5_verify_opt_set function makes a copy of the data struc-
- ture that they are called with. It's up the caller to free them after the
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_o�op�pt�t() is called.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_c�cc�ca�ac�ch�he�e() sets the _�c_�c_�a_�c_�h_�e that user of _�o_�p_�t will use.
- If not set, the default credential cache will be used.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_k�ke�ey�yt�ta�ab�b() sets the _�k_�e_�y_�t_�a_�b that user of _�o_�p_�t will use.
- If not set, the default keytab will be used.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_s�se�ec�cu�ur�re�e() if _�s_�e_�c_�u_�r_�e if true, the password verification
- will require that the ticket will be verified against the locally stored
- service key. If not set, default value is true.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_s�se�er�rv�vi�ic�ce�e() sets the _�s_�e_�r_�v_�i_�c_�e principal that user of _�o_�p_�t
- will use. If not set, the `host' service will be used.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_o�op�pt�t_�_s�se�et�t_�_f�fl�la�ag�gs�s() sets _�f_�l_�a_�g_�s that user of _�o_�p_�t will use. If the
- flag KRB5_VERIFY_LREALMS is used, the _�p_�r_�i_�n_�c_�i_�p_�a_�l will be modified like
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_l�lr�re�ea�al�lm�m() modifies it.
-
- k�kr�rb�b5�5_�_v�ve�er�ri�if�fy�y_�_u�us�se�er�r_�_o�op�pt�t() function verifies the _�p_�a_�s_�s_�w_�o_�r_�d supplied by a user.
- The principal whose password will be verified is specified in _�p_�r_�i_�n_�c_�i_�p_�a_�l.
- Options the to the verification process is pass in in _�o_�p_�t.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- Here is a example program that verifies a password. it uses the
- `host/`hostname`' service principal in _�k_�r_�b_�5_�._�k_�e_�y_�t_�a_�b.
-
- #include <krb5.h>
-
- int
- main(int argc, char **argv)
- {
- char *user;
- krb5_error_code error;
- krb5_principal princ;
- krb5_context context;
-
- if (argc != 2)
- errx(1, "usage: verify_passwd <principal-name>");
-
- user = argv[1];
-
- if (krb5_init_context(&context) < 0)
- errx(1, "krb5_init_context");
-
- if ((error = krb5_parse_name(context, user, &princ)) != 0)
- krb5_err(context, 1, error, "krb5_parse_name");
-
- error = krb5_verify_user(context, princ, NULL, NULL, TRUE, NULL);
- if (error)
- krb5_err(context, 1, error, "krb5_verify_user");
-
- return 0;
- }
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5_cc_gen_new(3), krb5_cc_initialize(3), krb5_cc_resolve(3),
- krb5_err(3), krb5_free_principal(3), krb5_init_context(3),
- krb5_kt_default(3), krb5.conf(5)
-
-HEIMDAL May 1, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/lib/krb5/name-45-test.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/name-45-test.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/name-45-test.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,294 +0,0 @@
-/*
- * Copyright (c) 2002 - 2003 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "krb5_locl.h"
-#include <err.h>
-
-RCSID("$Id: name-45-test.c,v 1.1.1.3 2012-07-21 15:09:08 laffer1 Exp $");
-
-enum { MAX_COMPONENTS = 3 };
-
-static struct testcase {
- const char *v4_name;
- const char *v4_inst;
- const char *v4_realm;
-
- krb5_realm v5_realm;
- unsigned ncomponents;
- char *comp_val[MAX_COMPONENTS];
-
- const char *config_file;
- krb5_error_code ret; /* expected error code from 524 */
-
- krb5_error_code ret2; /* expected error code from 425 */
-} tests[] = {
- {"", "", "", "", 1, {""}, NULL, 0, 0},
- {"a", "", "", "", 1, {"a"}, NULL, 0, 0},
- {"a", "b", "", "", 2, {"a", "b"}, NULL, 0, 0},
- {"a", "b", "c", "c", 2, {"a", "b"}, NULL, 0, 0},
-
- {"krbtgt", "FOO.SE", "FOO.SE", "FOO.SE", 2,
- {"krbtgt", "FOO.SE"}, NULL, 0, 0},
-
- {"foo", "bar2", "BAZ", "BAZ", 2,
- {"foo", "bar2"}, NULL, 0, 0},
- {"foo", "bar2", "BAZ", "BAZ", 2,
- {"foo", "bar2"},
- "[libdefaults]\n"
- " v4_name_convert = {\n"
- " host = {\n"
- " foo = foo5\n"
- " }\n"
- "}\n",
- HEIM_ERR_V4_PRINC_NO_CONV, 0},
- {"foo", "bar2", "BAZ", "BAZ", 2,
- {"foo5", "bar2.baz"},
- "[realms]\n"
- " BAZ = {\n"
- " v4_name_convert = {\n"
- " host = {\n"
- " foo = foo5\n"
- " }\n"
- " }\n"
- " v4_instance_convert = {\n"
- " bar2 = bar2.baz\n"
- " }\n"
- " }\n",
- 0, 0},
-
- {"rcmd", "foo", "realm", "realm", 2, {"host", "foo"}, NULL,
- HEIM_ERR_V4_PRINC_NO_CONV, 0},
- {"rcmd", "foo", "realm", "realm", 2, {"host", "foo.realm"},
- "[realms]\n"
- " realm = {\n"
- " v4_instance_convert = {\n"
- " foo = foo.realm\n"
- " }\n"
- " }\n",
- 0, 0},
-
- {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
- {"pop", "mail0.nada.kth.se"}, "", HEIM_ERR_V4_PRINC_NO_CONV, 0},
- {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
- {"pop", "mail0.nada.kth.se"},
- "[realms]\n"
- " NADA.KTH.SE = {\n"
- " default_domain = nada.kth.se\n"
- " }\n",
- 0, 0},
- {"pop", "mail0", "NADA.KTH.SE", "NADA.KTH.SE", 2,
- {"pop", "mail0.nada.kth.se"},
- "[libdefaults]\n"
- " v4_instance_resolve = true\n",
- HEIM_ERR_V4_PRINC_NO_CONV, 0},
-
- {"rcmd", "hokkigai", "NADA.KTH.SE", "NADA.KTH.SE", 2,
- {"host", "hokkigai.pdc.kth.se"}, "", HEIM_ERR_V4_PRINC_NO_CONV, 0},
- {"rcmd", "hokkigai", "NADA.KTH.SE", "NADA.KTH.SE", 2,
- {"host", "hokkigai.pdc.kth.se"},
- "[libdefaults]\n"
- " v4_instance_resolve = true\n"
- "[realms]\n"
- " NADA.KTH.SE = {\n"
- " v4_name_convert = {\n"
- " host = {\n"
- " rcmd = host\n"
- " }\n"
- " }\n"
- " default_domain = pdc.kth.se\n"
- " }\n",
- 0, 0},
-
- {"0123456789012345678901234567890123456789",
- "0123456789012345678901234567890123456789",
- "0123456789012345678901234567890123456789",
- "0123456789012345678901234567890123456789",
- 2, {"0123456789012345678901234567890123456789",
- "0123456789012345678901234567890123456789"}, NULL,
- 0, KRB5_PARSE_MALFORMED},
-
- {"012345678901234567890123456789012345678",
- "012345678901234567890123456789012345678",
- "012345678901234567890123456789012345678",
- "012345678901234567890123456789012345678",
- 2, {"012345678901234567890123456789012345678",
- "012345678901234567890123456789012345678"}, NULL,
- 0, 0},
-
- {NULL, NULL, NULL, NULL, 0, {NULL}, NULL, 0}
-};
-
-int
-main(int argc, char **argv)
-{
- struct testcase *t;
- krb5_context context;
- krb5_error_code ret;
- char hostname[1024];
- int val = 0;
-
- setprogname(argv[0]);
-
- gethostname(hostname, sizeof(hostname));
- if (!(strstr(hostname, "kth.se") != NULL || strstr(hostname, "su.se") != NULL))
- return 0;
-
- for (t = tests; t->v4_name; ++t) {
- krb5_principal princ;
- int i;
- char name[40], inst[40], realm[40];
- char printable_princ[256];
-
- ret = krb5_init_context (&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
-
- if (t->config_file != NULL) {
- char template[] = "/tmp/krb5-conf-XXXXXX";
- int fd = mkstemp(template);
- char *files[2];
-
- if (fd < 0)
- krb5_err (context, 1, errno, "mkstemp %s", template);
-
- if (write (fd, t->config_file, strlen(t->config_file))
- != strlen(t->config_file))
- krb5_err (context, 1, errno, "write %s", template);
- close (fd);
- files[0] = template;
- files[1] = NULL;
-
- ret = krb5_set_config_files (context, files);
- unlink (template);
- if (ret)
- krb5_err (context, 1, ret, "krb5_set_config_files");
- }
-
- ret = krb5_425_conv_principal (context,
- t->v4_name,
- t->v4_inst,
- t->v4_realm,
- &princ);
- if (ret) {
- if (ret != t->ret) {
- krb5_warn (context, ret,
- "krb5_425_conv_principal %s.%s@%s",
- t->v4_name, t->v4_inst, t->v4_realm);
- val = 1;
- }
- } else {
- if (t->ret) {
- char *s;
- krb5_unparse_name(context, princ, &s);
- krb5_warnx (context,
- "krb5_425_conv_principal %s.%s@%s "
- "passed unexpected: %s",
- t->v4_name, t->v4_inst, t->v4_realm, s);
- free(s);
- val = 1;
- krb5_free_context(context);
- continue;
- }
- }
-
- if (ret) {
- krb5_free_context(context);
- continue;
- }
-
- if (strcmp (t->v5_realm, princ->realm) != 0) {
- printf ("wrong realm (\"%s\" should be \"%s\")"
- " for \"%s.%s@%s\"\n",
- princ->realm, t->v5_realm,
- t->v4_name,
- t->v4_inst,
- t->v4_realm);
- val = 1;
- }
-
- if (t->ncomponents != princ->name.name_string.len) {
- printf ("wrong number of components (%u should be %u)"
- " for \"%s.%s@%s\"\n",
- princ->name.name_string.len, t->ncomponents,
- t->v4_name,
- t->v4_inst,
- t->v4_realm);
- val = 1;
- } else {
- for (i = 0; i < t->ncomponents; ++i) {
- if (strcmp(t->comp_val[i],
- princ->name.name_string.val[i]) != 0) {
- printf ("bad component %d (\"%s\" should be \"%s\")"
- " for \"%s.%s@%s\"\n",
- i,
- princ->name.name_string.val[i],
- t->comp_val[i],
- t->v4_name,
- t->v4_inst,
- t->v4_realm);
- val = 1;
- }
- }
- }
- ret = krb5_524_conv_principal (context, princ,
- name, inst, realm);
- if (krb5_unparse_name_fixed(context, princ,
- printable_princ, sizeof(printable_princ)))
- strlcpy(printable_princ, "unknown principal",
- sizeof(printable_princ));
- if (ret) {
- if (ret != t->ret2) {
- krb5_warn (context, ret,
- "krb5_524_conv_principal %s", printable_princ);
- val = 1;
- }
- } else {
- if (t->ret2) {
- krb5_warnx (context,
- "krb5_524_conv_principal %s "
- "passed unexpected", printable_princ);
- val = 1;
- krb5_free_context(context);
- continue;
- }
- }
- if (ret) {
- krb5_free_principal (context, princ);
- krb5_free_context(context);
- continue;
- }
-
- krb5_free_principal (context, princ);
- krb5_free_context(context);
- }
- return val;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/test_ap-req.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_ap-req.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_ap-req.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,227 +0,0 @@
-/*
- * Copyright (c) 2006 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include <config.h>
-
-#include <sys/types.h>
-#include <stdio.h>
-#include <krb5.h>
-#include <err.h>
-#include <getarg.h>
-#include <roken.h>
-
-static int verify_pac = 0;
-static int server_any = 0;
-static int version_flag = 0;
-static int help_flag = 0;
-
-static struct getargs args[] = {
- {"verify-pac",0, arg_flag, &verify_pac,
- "verify the PAC", NULL },
- {"server-any",0, arg_flag, &server_any,
- "let server pick the principal", NULL },
- {"version", 0, arg_flag, &version_flag,
- "print version", NULL },
- {"help", 0, arg_flag, &help_flag,
- NULL, NULL }
-};
-
-static void
-usage (int ret)
-{
- arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "...");
- exit (ret);
-}
-
-
-static void
-test_ap(krb5_context context,
- krb5_principal target,
- krb5_principal server,
- krb5_keytab keytab,
- krb5_ccache ccache,
- const krb5_flags client_flags)
-{
- krb5_error_code ret;
- krb5_auth_context client_ac = NULL, server_ac = NULL;
- krb5_data data;
- krb5_flags server_flags;
- krb5_ticket *ticket = NULL;
- int32_t server_seq, client_seq;
-
- ret = krb5_mk_req_exact(context,
- &client_ac,
- client_flags,
- target,
- NULL,
- ccache,
- &data);
- if (ret)
- krb5_err(context, 1, ret, "krb5_mk_req_exact");
-
- ret = krb5_rd_req(context,
- &server_ac,
- &data,
- server,
- keytab,
- &server_flags,
- &ticket);
- if (ret)
- krb5_err(context, 1, ret, "krb5_rd_req");
-
-
- if (server_flags & AP_OPTS_MUTUAL_REQUIRED) {
- krb5_ap_rep_enc_part *repl;
-
- krb5_data_free(&data);
-
- if ((client_flags & AP_OPTS_MUTUAL_REQUIRED) == 0)
- krb5_errx(context, 1, "client flag missing mutual req");
-
- ret = krb5_mk_rep (context, server_ac, &data);
- if (ret)
- krb5_err(context, 1, ret, "krb5_mk_rep");
-
- ret = krb5_rd_rep (context,
- client_ac,
- &data,
- &repl);
- if (ret)
- krb5_err(context, 1, ret, "krb5_rd_rep");
-
- krb5_free_ap_rep_enc_part (context, repl);
- } else {
- if (client_flags & AP_OPTS_MUTUAL_REQUIRED)
- krb5_errx(context, 1, "server flag missing mutual req");
- }
-
- krb5_auth_con_getremoteseqnumber(context, server_ac, &server_seq);
- krb5_auth_con_getremoteseqnumber(context, client_ac, &client_seq);
- if (server_seq != client_seq)
- krb5_errx(context, 1, "seq num differ");
-
- krb5_auth_con_getlocalseqnumber(context, server_ac, &server_seq);
- krb5_auth_con_getlocalseqnumber(context, client_ac, &client_seq);
- if (server_seq != client_seq)
- krb5_errx(context, 1, "seq num differ");
-
- krb5_data_free(&data);
- krb5_auth_con_free(context, client_ac);
- krb5_auth_con_free(context, server_ac);
-
- if (verify_pac) {
- krb5_pac pac;
-
- ret = krb5_ticket_get_authorization_data_type(context,
- ticket,
- KRB5_AUTHDATA_WIN2K_PAC,
- &data);
- if (ret)
- krb5_err(context, 1, ret, "get pac");
-
- ret = krb5_pac_parse(context, data.data, data.length, &pac);
- if (ret)
- krb5_err(context, 1, ret, "pac parse");
-
- krb5_pac_free(context, pac);
- }
-
- krb5_free_ticket(context, ticket);
-}
-
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_error_code ret;
- int optidx = 0;
- const char *principal, *keytab, *ccache;
- krb5_ccache id;
- krb5_keytab kt;
- krb5_principal sprincipal, server;
-
- setprogname(argv[0]);
-
- if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
- usage(1);
-
- if (help_flag)
- usage (0);
-
- if(version_flag){
- print_version(NULL);
- exit(0);
- }
-
- argc -= optidx;
- argv += optidx;
-
- if (argc < 3)
- usage(1);
-
- principal = argv[0];
- keytab = argv[1];
- ccache = argv[2];
-
- ret = krb5_init_context(&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
-
- ret = krb5_cc_resolve(context, ccache, &id);
- if (ret)
- krb5_err(context, 1, ret, "krb5_cc_resolve");
-
- ret = krb5_parse_name(context, principal, &sprincipal);
- if (ret)
- krb5_err(context, 1, ret, "krb5_parse_name");
-
- ret = krb5_kt_resolve(context, keytab, &kt);
- if (ret)
- krb5_err(context, 1, ret, "krb5_kt_resolve");
-
- if (server_any)
- server = NULL;
- else
- server = sprincipal;
-
- test_ap(context, sprincipal, server, kt, id, 0);
- test_ap(context, sprincipal, server, kt, id, AP_OPTS_MUTUAL_REQUIRED);
-
- krb5_cc_close(context, id);
- krb5_kt_close(context, kt);
- krb5_free_principal(context, sprincipal);
-
- krb5_free_context(context);
-
- return ret;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/test_config_strings.cfg
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_config_strings.cfg 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_config_strings.cfg 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,12 +0,0 @@
-[escapes]
- foo = A B C D
- bar = A B "C D"
- baz = A B ""
- quux = "A B;C: D"
- questionable="""" "" """"
- mismatch1 = A"BQd
- mismatch2 = efgh" ABC
- internal1 = "SnapeKills\" "Dumbledore"
- internal2 = "TownOf Sandwich: Massachusetts"Oldest Town In "Cape Cod"
- internal3 = "Begins and"ends In One String
- longer_strings = "Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:" "1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer." "2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution." "3. Neither the name of the Institute nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission." "THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE." "Why do we test with such long strings? Because some people have config files" That look "Like this."
Deleted: trunk/crypto/heimdal/lib/krb5/test_fx.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_fx.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_fx.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,210 +0,0 @@
-/*
- * Copyright (c) 2009 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "krb5_locl.h"
-#include <err.h>
-#include <getarg.h>
-
-struct {
- char *p1;
- char *pepper1;
- krb5_enctype e1;
- char *p2;
- char *pepper2;
- krb5_enctype e2;
- krb5_enctype e3;
- char *key;
- size_t len;
-} cf2[] = {
- {
- "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96,
- "key2", "b", ETYPE_AES128_CTS_HMAC_SHA1_96,
- ETYPE_AES128_CTS_HMAC_SHA1_96,
- "\x97\xdf\x97\xe4\xb7\x98\xb2\x9e\xb3\x1e\xd7\x28\x02\x87\xa9\x2a",
- 16
- },
- {
- "key1", "a", ETYPE_AES256_CTS_HMAC_SHA1_96,
- "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96,
- ETYPE_AES256_CTS_HMAC_SHA1_96,
- "\x4d\x6c\xa4\xe6\x29\x78\x5c\x1f\x01\xba\xf5\x5e\x2e\x54\x85\x66"
- "\xb9\x61\x7a\xe3\xa9\x68\x68\xc3\x37\xcb\x93\xb5\xe7\x2b\x1c\x7b",
- 32
- },
- {
- "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96,
- "key2", "b", ETYPE_AES128_CTS_HMAC_SHA1_96,
- ETYPE_AES256_CTS_HMAC_SHA1_96,
- "\x97\xdf\x97\xe4\xb7\x98\xb2\x9e\xb3\x1e\xd7\x28\x2\x87\xa9\x2a"
- "\x1\x96\xfa\xf2\x44\xf8\x11\x20\xc2\x1c\x51\x17\xb3\xe6\xeb\x98",
- 32
- },
- {
- "key1", "a", ETYPE_AES256_CTS_HMAC_SHA1_96,
- "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96,
- ETYPE_AES128_CTS_HMAC_SHA1_96,
- "\x4d\x6c\xa4\xe6\x29\x78\x5c\x1f\x01\xba\xf5\x5e\x2e\x54\x85\x66",
- 16
- },
- {
- "key1", "a", ETYPE_AES128_CTS_HMAC_SHA1_96,
- "key2", "b", ETYPE_AES256_CTS_HMAC_SHA1_96,
- ETYPE_AES256_CTS_HMAC_SHA1_96,
- "\x88\xbd\xb2\xa9\xf\x3e\x52\x5a\xb0\x5f\x68\xc5\x43\x9a\x4d\x5e"
- "\x9c\x2b\xfd\x2b\x02\x24\xde\x39\xb5\x82\xf4\xbb\x05\xfe\x2\x2e",
- 32
- }
-};
-
-
-static void
-test_cf2(krb5_context context)
-{
- krb5_error_code ret;
- krb5_data pw, p1, p2;
- krb5_salt salt;
- krb5_keyblock k1, k2, k3;
- krb5_crypto c1, c2;
- unsigned int i;
-
- for (i = 0; i < sizeof(cf2)/sizeof(cf2[0]); i++) {
- pw.data = cf2[i].p1;
- pw.length = strlen(cf2[i].p1);
- salt.salttype = (krb5_salttype)KRB5_PADATA_PW_SALT;
- salt.saltvalue.data = cf2[i].p1;
- salt.saltvalue.length = strlen(cf2[i].p1);
-
- ret = krb5_string_to_key_data_salt(context,
- cf2[i].e1,
- pw,
- salt,
- &k1);
- if (ret)
- krb5_err(context, 1, ret, "krb5_string_to_key_data_salt");
-
- ret = krb5_crypto_init(context, &k1, 0, &c1);
- if (ret)
- krb5_err(context, 1, ret, "krb5_crypto_init");
-
- pw.data = cf2[i].p2;
- pw.length = strlen(cf2[i].p2);
- salt.saltvalue.data = cf2[i].p2;
- salt.saltvalue.length = strlen(cf2[i].p2);
-
- ret = krb5_string_to_key_data_salt(context,
- cf2[i].e2,
- pw,
- salt,
- &k2);
- if (ret)
- krb5_err(context, 1, ret, "krb5_string_to_key_data_salt");
-
- ret = krb5_crypto_init(context, &k2, 0, &c2);
- if (ret)
- krb5_err(context, 1, ret, "krb5_crypto_init");
-
-
- p1.data = cf2[i].pepper1;
- p1.length = strlen(cf2[i].pepper1);
-
- p2.data = cf2[i].pepper2;
- p2.length = strlen(cf2[i].pepper2);
-
- ret = krb5_crypto_fx_cf2(context, c1, c2, &p1, &p2, cf2[i].e3, &k3);
- if (ret)
- krb5_err(context, 1, ret, "krb5_crypto_fx_cf2");
-
- if (k3.keytype != cf2[i].e3)
- krb5_errx(context, 1, "length not right");
- if (k3.keyvalue.length != cf2[i].len ||
- memcmp(k3.keyvalue.data, cf2[i].key, cf2[i].len) != 0)
- krb5_errx(context, 1, "key not same");
-
- krb5_crypto_destroy(context, c1);
- krb5_crypto_destroy(context, c2);
-
- krb5_free_keyblock_contents(context, &k1);
- krb5_free_keyblock_contents(context, &k2);
- krb5_free_keyblock_contents(context, &k3);
- }
-}
-
-static int version_flag = 0;
-static int help_flag = 0;
-
-static struct getargs args[] = {
- {"version", 0, arg_flag, &version_flag,
- "print version", NULL },
- {"help", 0, arg_flag, &help_flag,
- NULL, NULL }
-};
-
-static void
-usage (int ret)
-{
- arg_printusage (args,
- sizeof(args)/sizeof(*args),
- NULL,
- "");
- exit (ret);
-}
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_error_code ret;
- int optidx = 0;
-
- setprogname(argv[0]);
-
- if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
- usage(1);
-
- if (help_flag)
- usage (0);
-
- if(version_flag){
- print_version(NULL);
- exit(0);
- }
-
- ret = krb5_init_context(&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
-
- test_cf2(context);
-
- krb5_free_context(context);
-
- return 0;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/test_gic.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_gic.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_gic.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,148 +0,0 @@
-/*
- * Copyright (c) 2009 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "krb5_locl.h"
-#include <err.h>
-#include <getarg.h>
-
-static char *password_str;
-
-static krb5_error_code
-lr_proc(krb5_context context, krb5_last_req_entry **e, void *ctx)
-{
- while (e && *e) {
- printf("e type: %d value: %d\n", (*e)->lr_type, (int)(*e)->value);
- e++;
- }
- return 0;
-}
-
-static void
-test_get_init_creds(krb5_context context,
- krb5_principal client)
-{
- krb5_error_code ret;
- krb5_get_init_creds_opt *opt;
- krb5_creds cred;
-
- ret = krb5_get_init_creds_opt_alloc(context, &opt);
- if (ret)
- krb5_err(context, 1, ret, "krb5_get_init_creds_opt_alloc");
-
-
- ret = krb5_get_init_creds_opt_set_process_last_req(context,
- opt,
- lr_proc,
- NULL);
- if (ret)
- krb5_err(context, 1, ret,
- "krb5_get_init_creds_opt_set_process_last_req");
-
- ret = krb5_get_init_creds_password(context,
- &cred,
- client,
- password_str,
- krb5_prompter_posix,
- NULL,
- 0,
- NULL,
- opt);
- if (ret)
- krb5_err(context, 1, ret, "krb5_get_init_creds_password");
-
- krb5_get_init_creds_opt_free(context, opt);
-}
-
-static char *client_str = NULL;
-static int debug_flag = 0;
-static int version_flag = 0;
-static int help_flag = 0;
-
-static struct getargs args[] = {
- {"client", 0, arg_string, &client_str,
- "client principal to use", NULL },
- {"password",0, arg_string, &password_str,
- "password", NULL },
- {"debug", 'd', arg_flag, &debug_flag,
- "turn on debuggin", NULL },
- {"version", 0, arg_flag, &version_flag,
- "print version", NULL },
- {"help", 0, arg_flag, &help_flag,
- NULL, NULL }
-};
-
-static void
-usage (int ret)
-{
- arg_printusage (args, sizeof(args)/sizeof(*args), NULL, "hostname ...");
- exit (ret);
-}
-
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_error_code ret;
- int optidx = 0, errors = 0;
- krb5_principal client;
-
- setprogname(argv[0]);
-
- if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
- usage(1);
-
- if (help_flag)
- usage (0);
-
- if(version_flag){
- print_version(NULL);
- exit(0);
- }
-
- if(client_str == NULL)
- errx(1, "client is not set");
-
- ret = krb5_init_context(&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
-
- ret = krb5_parse_name(context, client_str, &client);
- if (ret)
- krb5_err(context, 1, ret, "krb5_parse_name: %d", ret);
-
- test_get_init_creds(context, client);
-
- krb5_free_context(context);
-
- return errors;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/test_pknistkdf.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_pknistkdf.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_pknistkdf.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,365 +0,0 @@
-/*
- * Copyright (c) 2008 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "krb5_locl.h"
-#include <pkinit_asn1.h>
-#include <err.h>
-#include <getarg.h>
-#include <hex.h>
-
-static int verbose_flag = 0;
-
-struct testcase {
- const heim_oid *oid;
- krb5_data Z;
- const char *client;
- const char *server;
- krb5_enctype enctype;
- krb5_data as_req;
- krb5_data pk_as_rep;
- krb5_data ticket;
-
- krb5_data key;
-} tests[] = {
- /* 0 */
- {
- NULL, /* AlgorithmIdentifier */
- { /* Z */
- 256,
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- },
- "lha at SU.SE", /* client, partyUInfo */
- "krbtgt/SU.SE at SU.SE", /* server, partyVInfo */
- ETYPE_AES256_CTS_HMAC_SHA1_96, /* enctype */
- { /* as_req */
- 10,
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- },
- { /* pk_as_rep */
- 9,
- "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"
- },
- { /* ticket */
- 55,
- "\x61\x35\x30\x33\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05\x53\x55\x2e"
- "\x53\x45\xa2\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b"
- "\x03\x6c\x68\x61\xa3\x11\x30\x0f\xa0\x03\x02\x01\x12\xa2\x08\x04"
- "\x06\x68\x65\x6a\x68\x65\x6a"
- },
- { /* key */
- 32,
- "\xc7\x62\x89\xec\x4b\x28\xa6\x91\xff\xce\x80\xbb\xb7\xec\x82\x41"
- "\x52\x3f\x99\xb1\x90\xcf\x2d\x34\x8f\x54\xa8\x65\x81\x2c\x32\x73"
- }
- },
- /* 1 */
- {
- NULL, /* AlgorithmIdentifier */
- { /* Z */
- 256,
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- },
- "lha at SU.SE", /* client, partyUInfo */
- "krbtgt/SU.SE at SU.SE", /* server, partyVInfo */
- ETYPE_AES256_CTS_HMAC_SHA1_96, /* enctype */
- { /* as_req */
- 10,
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- },
- { /* pk_as_rep */
- 9,
- "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"
- },
- { /* ticket */
- 55,
- "\x61\x35\x30\x33\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05\x53\x55\x2e"
- "\x53\x45\xa2\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b"
- "\x03\x6c\x68\x61\xa3\x11\x30\x0f\xa0\x03\x02\x01\x12\xa2\x08\x04"
- "\x06\x68\x65\x6a\x68\x65\x6a"
- },
- { /* key */
- 32,
- "\x59\xf3\xca\x77\x5b\x20\x17\xe9\xad\x36\x3f\x47\xca\xbd\x43\xb8"
- "\x8c\xb8\x90\x35\x8d\xc6\x0d\x52\x0d\x11\x9f\xb0\xdc\x24\x0b\x61"
- }
- },
- /* 2 */
- {
- NULL, /* AlgorithmIdentifier */
- { /* Z */
- 256,
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
- },
- "lha at SU.SE", /* client, partyUInfo */
- "krbtgt/SU.SE at SU.SE", /* server, partyVInfo */
- ETYPE_AES256_CTS_HMAC_SHA1_96, /* enctype */
- { /* as_req */
- 10,
- "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
- },
- { /* pk_as_rep */
- 9,
- "\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB\xBB"
- },
- { /* ticket */
- 55,
- "\x61\x35\x30\x33\xa0\x03\x02\x01\x05\xa1\x07\x1b\x05\x53\x55\x2e"
- "\x53\x45\xa2\x10\x30\x0e\xa0\x03\x02\x01\x01\xa1\x07\x30\x05\x1b"
- "\x03\x6c\x68\x61\xa3\x11\x30\x0f\xa0\x03\x02\x01\x12\xa2\x08\x04"
- "\x06\x68\x65\x6a\x68\x65\x6a"
- },
- { /* key */
- 32,
- "\x8a\x9a\xc5\x5f\x45\xda\x1a\x73\xd9\x1e\xe9\x88\x1f\xa9\x48\x81"
- "\xce\xac\x66\x2d\xb1\xd3\xb9\x0a\x9d\x0e\x52\x83\xdf\xe1\x84\x3d"
- }
- }
-};
-
-#ifdef MAKETICKET
-static void
-fooTicket(void)
-{
- krb5_error_code ret;
- krb5_data data;
- size_t size;
- Ticket t;
-
- t.tkt_vno = 5;
- t.realm = "SU.SE";
- t.sname.name_type = KRB5_NT_PRINCIPAL;
- t.sname.name_string.len = 1;
- t.sname.name_string.val = ecalloc(1, sizeof(t.sname.name_string.val[0]));
- t.sname.name_string.val[0] = estrdup("lha");
- t.enc_part.etype = ETYPE_AES256_CTS_HMAC_SHA1_96;
- t.enc_part.kvno = NULL;
- t.enc_part.cipher.length = 6;
- t.enc_part.cipher.data = "hejhej";
-
- ASN1_MALLOC_ENCODE(Ticket, data.data, data.length, &t, &size, ret);
- if (ret)
- errx(1, "ASN1_MALLOC_ENCODE(Ticket)");
-
- rk_dumpdata("foo", data.data, data.length);
- free(data.data);
-}
-#endif
-
-static void
-test_dh2key(krb5_context context, int i, struct testcase *c)
-{
- krb5_error_code ret;
- krb5_keyblock key;
- krb5_principal client, server;
- Ticket ticket;
- AlgorithmIdentifier ai;
- size_t size;
-
- memset(&ticket, 0, sizeof(&ticket));
-
- ai.algorithm = *c->oid;
- ai.parameters = NULL;
-
- ret = decode_Ticket(c->ticket.data, c->ticket.length, &ticket, &size);
- if (ret)
- krb5_errx(context, 1, "decode ticket: %d", ret);
-
- ret = krb5_parse_name(context, c->client, &client);
- if (ret)
- krb5_err(context, 1, ret, "parse_name: %s", c->client);
- ret = krb5_parse_name(context, c->server, &server);
- if (ret)
- krb5_err(context, 1, ret, "parse_name: %s", c->server);
-
- if (verbose_flag) {
- char *str;
- hex_encode(c->Z.data, c->Z.length, &str);
- printf("Z: %s\n", str);
- free(str);
- printf("client: %s\n", c->client);
- printf("server: %s\n", c->server);
- printf("enctype: %d\n", (int)c->enctype);
- hex_encode(c->as_req.data, c->as_req.length, &str);
- printf("as-req: %s\n", str);
- free(str);
- hex_encode(c->pk_as_rep.data, c->pk_as_rep.length, &str);
- printf("pk-as-rep: %s\n", str);
- free(str);
- hex_encode(c->ticket.data, c->ticket.length, &str);
- printf("ticket: %s\n", str);
- free(str);
- }
-
- ret = _krb5_pk_kdf(context,
- &ai,
- c->Z.data,
- c->Z.length,
- client,
- server,
- c->enctype,
- &c->as_req,
- &c->pk_as_rep,
- &ticket,
- &key);
- krb5_free_principal(context, client);
- krb5_free_principal(context, server);
- if (ret)
- krb5_err(context, 1, ret, "_krb5_pk_kdf: %d", i);
-
- if (verbose_flag) {
- char *str;
- hex_encode(key.keyvalue.data, key.keyvalue.length, &str);
- printf("key: %s\n", str);
- free(str);
- }
-
- if (key.keyvalue.length != c->key.length ||
- memcmp(key.keyvalue.data, c->key.data, c->key.length) != 0)
- krb5_errx(context, 1, "resulting key wrong: %d", i);
-
- krb5_free_keyblock_contents(context, &key);
- free_Ticket(&ticket);
-}
-
-
-
-
-static int version_flag = 0;
-static int help_flag = 0;
-
-static struct getargs args[] = {
- {"verbose", 0, arg_flag, &verbose_flag,
- "verbose output", NULL },
- {"version", 0, arg_flag, &version_flag,
- "print version", NULL },
- {"help", 0, arg_flag, &help_flag,
- NULL, NULL }
-};
-
-static void
-usage (int ret)
-{
- arg_printusage (args,
- sizeof(args)/sizeof(*args),
- NULL,
- "");
- exit (ret);
-}
-
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_error_code ret;
- int i, optidx = 0;
-
- setprogname(argv[0]);
-
- if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
- usage(1);
-
- if (help_flag)
- usage (0);
-
- if(version_flag){
- print_version(NULL);
- exit(0);
- }
-
- argc -= optidx;
- argv += optidx;
-
-#ifdef MAKETICKET
- fooTicket();
-#endif
-
- ret = krb5_init_context(&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
-
- tests[0].oid = &asn1_oid_id_pkinit_kdf_ah_sha1;
- tests[1].oid = &asn1_oid_id_pkinit_kdf_ah_sha256;
- tests[2].oid = &asn1_oid_id_pkinit_kdf_ah_sha512;
-
- for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++)
- test_dh2key(context, i, &tests[i]);
-
- krb5_free_context(context);
-
- return 0;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/test_rfc3961.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_rfc3961.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_rfc3961.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,212 +0,0 @@
-/*
- * Copyright (c) 2003-2005 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "krb5_locl.h"
-#include <err.h>
-#include <getarg.h>
-
-static void
-time_encryption(krb5_context context, size_t size,
- krb5_enctype etype, int iterations)
-{
- struct timeval tv1, tv2;
- krb5_error_code ret;
- krb5_keyblock key;
- krb5_crypto crypto;
- krb5_data data;
- char *etype_name;
- void *buf;
- int i;
-
- ret = krb5_generate_random_keyblock(context, etype, &key);
- if (ret)
- krb5_err(context, 1, ret, "krb5_generate_random_keyblock");
-
- ret = krb5_enctype_to_string(context, etype, &etype_name);
- if (ret)
- krb5_err(context, 1, ret, "krb5_enctype_to_string");
-
- buf = malloc(size);
- if (buf == NULL)
- krb5_errx(context, 1, "out of memory");
- memset(buf, 0, size);
-
- ret = krb5_crypto_init(context, &key, 0, &crypto);
- if (ret)
- krb5_err(context, 1, ret, "krb5_crypto_init");
-
- gettimeofday(&tv1, NULL);
-
- for (i = 0; i < iterations; i++) {
- ret = krb5_encrypt(context, crypto, 0, buf, size, &data);
- if (ret)
- krb5_err(context, 1, ret, "encrypt: %d", i);
- krb5_data_free(&data);
- }
-
- gettimeofday(&tv2, NULL);
-
- timevalsub(&tv2, &tv1);
-
- printf("%s size: %7lu iterations: %d time: %3ld.%06ld\n",
- etype_name, (unsigned long)size, iterations,
- (long)tv2.tv_sec, (long)tv2.tv_usec);
-
- free(buf);
- free(etype_name);
- krb5_crypto_destroy(context, crypto);
- krb5_free_keyblock_contents(context, &key);
-}
-
-static void
-time_s2k(krb5_context context,
- krb5_enctype etype,
- const char *password,
- krb5_salt salt,
- int iterations)
-{
- struct timeval tv1, tv2;
- krb5_error_code ret;
- krb5_keyblock key;
- krb5_data opaque;
- char *etype_name;
- int i;
-
- ret = krb5_enctype_to_string(context, etype, &etype_name);
- if (ret)
- krb5_err(context, 1, ret, "krb5_enctype_to_string");
-
- opaque.data = NULL;
- opaque.length = 0;
-
- gettimeofday(&tv1, NULL);
-
- for (i = 0; i < iterations; i++) {
- ret = krb5_string_to_key_salt_opaque(context, etype, password, salt,
- opaque, &key);
- if (ret)
- krb5_err(context, 1, ret, "krb5_string_to_key_data_salt_opaque");
- krb5_free_keyblock_contents(context, &key);
- }
-
- gettimeofday(&tv2, NULL);
-
- timevalsub(&tv2, &tv1);
-
- printf("%s string2key %d iterations time: %3ld.%06ld\n",
- etype_name, iterations, (long)tv2.tv_sec, (long)tv2.tv_usec);
- free(etype_name);
-
-}
-
-static int version_flag = 0;
-static int help_flag = 0;
-
-static struct getargs args[] = {
- {"version", 0, arg_flag, &version_flag,
- "print version", NULL },
- {"help", 0, arg_flag, &help_flag,
- NULL, NULL }
-};
-
-static void
-usage (int ret)
-{
- arg_printusage (args,
- sizeof(args)/sizeof(*args),
- NULL,
- "");
- exit (ret);
-}
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_error_code ret;
- int i, enciter, s2kiter;
- int optidx = 0;
- krb5_salt salt;
-
- krb5_enctype enctypes[] = {
- ETYPE_DES_CBC_CRC,
- ETYPE_DES3_CBC_SHA1,
- ETYPE_ARCFOUR_HMAC_MD5,
- ETYPE_AES128_CTS_HMAC_SHA1_96,
- ETYPE_AES256_CTS_HMAC_SHA1_96
- };
-
- setprogname(argv[0]);
-
- if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
- usage(1);
-
- if (help_flag)
- usage (0);
-
- if(version_flag){
- print_version(NULL);
- exit(0);
- }
-
- salt.salttype = KRB5_PW_SALT;
- salt.saltvalue.data = NULL;
- salt.saltvalue.length = 0;
-
- ret = krb5_init_context(&context);
- if (ret)
- errx (1, "krb5_init_context failed: %d", ret);
-
- enciter = 1000;
- s2kiter = 100;
-
- for (i = 0; i < sizeof(enctypes)/sizeof(enctypes[0]); i++) {
-
- krb5_enctype_enable(context, enctypes[i]);
-
- time_encryption(context, 16, enctypes[i], enciter);
- time_encryption(context, 32, enctypes[i], enciter);
- time_encryption(context, 512, enctypes[i], enciter);
- time_encryption(context, 1024, enctypes[i], enciter);
- time_encryption(context, 2048, enctypes[i], enciter);
- time_encryption(context, 4096, enctypes[i], enciter);
- time_encryption(context, 8192, enctypes[i], enciter);
- time_encryption(context, 16384, enctypes[i], enciter);
- time_encryption(context, 32768, enctypes[i], enciter);
-
- time_s2k(context, enctypes[i], "mYsecreitPassword", salt, s2kiter);
- }
-
- krb5_free_context(context);
-
- return 0;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/test_x500.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/test_x500.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/test_x500.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,110 +0,0 @@
-/*
- * Copyright (c) 2011 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include "krb5_locl.h"
-#include <err.h>
-
-/*
- *
- */
-
-static void
-check_linear(krb5_context context,
- const char *client_realm,
- const char *server_realm,
- const char *realm,
- ...)
-{
- unsigned int num_inrealms = 0, num_realms = 0, n;
- char **inrealms = NULL;
- char **realms = NULL;
- krb5_error_code ret;
- krb5_data tr;
- va_list va;
-
- krb5_data_zero(&tr);
-
- va_start(va, realm);
-
- while (realm) {
- inrealms = erealloc(inrealms, (num_inrealms + 2) * sizeof(inrealms[0]));
- inrealms[num_inrealms] = rk_UNCONST(realm);
- num_inrealms++;
- realm = va_arg(va, const char *);
- }
- if (inrealms)
- inrealms[num_inrealms] = NULL;
-
- ret = krb5_domain_x500_encode(inrealms, num_inrealms, &tr);
- if (ret)
- krb5_err(context, 1, ret, "krb5_domain_x500_encode");
-
- ret = krb5_domain_x500_decode(context, tr,
- &realms, &num_realms,
- client_realm, server_realm);
- if (ret)
- krb5_err(context, 1, ret, "krb5_domain_x500_decode");
-
- krb5_data_free(&tr);
-
- if (num_inrealms != num_realms)
- errx(1, "num_inrealms != num_realms");
-
- for(n = 0; n < num_realms; n++)
- free(realms[n]);
- free(realms);
-
- free(inrealms);
-}
-
-
-int
-main(int argc, char **argv)
-{
- krb5_context context;
- krb5_error_code ret;
-
- setprogname(argv[0]);
-
- ret = krb5_init_context(&context);
- if (ret)
- errx(1, "krb5_init_context");
-
-
- check_linear(context, "KTH1.SE", "KTH1.SE", NULL);
- check_linear(context, "KTH1.SE", "KTH2.SE", NULL);
- check_linear(context, "KTH1.SE", "KTH3.SE", "KTH2.SE", NULL);
- check_linear(context, "KTH1.SE", "KTH4.SE", "KTH3.SE", "KTH2.SE", NULL);
- check_linear(context, "KTH1.SE", "KTH5.SE", "KTH4.SE", "KTH3.SE", "KTH2.SE", NULL);
-
- return 0;
-}
Deleted: trunk/crypto/heimdal/lib/krb5/v4_glue.c
===================================================================
--- trunk/crypto/heimdal/lib/krb5/v4_glue.c 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/v4_glue.c 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,939 +0,0 @@
-/*
- * Copyright (c) 1997 - 2005 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "krb5_locl.h"
-RCSID("$Id: v4_glue.c,v 1.1.1.1 2012-07-21 15:09:07 laffer1 Exp $");
-
-#include "krb5-v4compat.h"
-
-/*
- *
- */
-
-#define RCHECK(r,func,label) \
- do { (r) = func ; if (r) goto label; } while(0);
-
-
-/* include this here, to avoid dependencies on libkrb */
-
-static const int _tkt_lifetimes[TKTLIFENUMFIXED] = {
- 38400, 41055, 43894, 46929, 50174, 53643, 57352, 61318,
- 65558, 70091, 74937, 80119, 85658, 91581, 97914, 104684,
- 111922, 119661, 127935, 136781, 146239, 156350, 167161, 178720,
- 191077, 204289, 218415, 233517, 249664, 266926, 285383, 305116,
- 326213, 348769, 372885, 398668, 426234, 455705, 487215, 520904,
- 556921, 595430, 636601, 680618, 727680, 777995, 831789, 889303,
- 950794, 1016537, 1086825, 1161973, 1242318, 1328218, 1420057, 1518247,
- 1623226, 1735464, 1855462, 1983758, 2120925, 2267576, 2424367, 2592000
-};
-
-int KRB5_LIB_FUNCTION
-_krb5_krb_time_to_life(time_t start, time_t end)
-{
- int i;
- time_t life = end - start;
-
- if (life > MAXTKTLIFETIME || life <= 0)
- return 0;
-#if 0
- if (krb_no_long_lifetimes)
- return (life + 5*60 - 1)/(5*60);
-#endif
-
- if (end >= NEVERDATE)
- return TKTLIFENOEXPIRE;
- if (life < _tkt_lifetimes[0])
- return (life + 5*60 - 1)/(5*60);
- for (i=0; i<TKTLIFENUMFIXED; i++)
- if (life <= _tkt_lifetimes[i])
- return i + TKTLIFEMINFIXED;
- return 0;
-
-}
-
-time_t KRB5_LIB_FUNCTION
-_krb5_krb_life_to_time(int start, int life_)
-{
- unsigned char life = (unsigned char) life_;
-
-#if 0
- if (krb_no_long_lifetimes)
- return start + life*5*60;
-#endif
-
- if (life == TKTLIFENOEXPIRE)
- return NEVERDATE;
- if (life < TKTLIFEMINFIXED)
- return start + life*5*60;
- if (life > TKTLIFEMAXFIXED)
- return start + MAXTKTLIFETIME;
- return start + _tkt_lifetimes[life - TKTLIFEMINFIXED];
-}
-
-/*
- * Get the name of the krb4 credentials cache, will use `tkfile' as
- * the name if that is passed in. `cc' must be free()ed by caller,
- */
-
-static krb5_error_code
-get_krb4_cc_name(const char *tkfile, char **cc)
-{
-
- *cc = NULL;
- if(tkfile == NULL) {
- char *path;
- if(!issuid()) {
- path = getenv("KRBTKFILE");
- if (path)
- *cc = strdup(path);
- }
- if(*cc == NULL)
- if (asprintf(cc, "%s%u", TKT_ROOT, (unsigned)getuid()) < 0)
- return errno;
- } else {
- *cc = strdup(tkfile);
- if (*cc == NULL)
- return ENOMEM;
- }
- return 0;
-}
-
-/*
- * Write a Kerberos 4 ticket file
- */
-
-#define KRB5_TF_LCK_RETRY_COUNT 50
-#define KRB5_TF_LCK_RETRY 1
-
-static krb5_error_code
-write_v4_cc(krb5_context context, const char *tkfile,
- krb5_storage *sp, int append)
-{
- krb5_error_code ret;
- struct stat sb;
- krb5_data data;
- char *path;
- int fd, i;
-
- ret = get_krb4_cc_name(tkfile, &path);
- if (ret) {
- krb5_set_error_string(context,
- "krb5_krb_tf_setup: failed getting "
- "the krb4 credentials cache name");
- return ret;
- }
-
- fd = open(path, O_WRONLY|O_CREAT, 0600);
- if (fd < 0) {
- ret = errno;
- krb5_set_error_string(context,
- "krb5_krb_tf_setup: error opening file %s",
- path);
- free(path);
- return ret;
- }
-
- if (fstat(fd, &sb) != 0 || !S_ISREG(sb.st_mode)) {
- krb5_set_error_string(context,
- "krb5_krb_tf_setup: tktfile %s is not a file",
- path);
- free(path);
- close(fd);
- return KRB5_FCC_PERM;
- }
-
- for (i = 0; i < KRB5_TF_LCK_RETRY_COUNT; i++) {
- if (flock(fd, LOCK_EX | LOCK_NB) < 0) {
- sleep(KRB5_TF_LCK_RETRY);
- } else
- break;
- }
- if (i == KRB5_TF_LCK_RETRY_COUNT) {
- krb5_set_error_string(context,
- "krb5_krb_tf_setup: failed to lock %s",
- path);
- free(path);
- close(fd);
- return KRB5_FCC_PERM;
- }
-
- if (!append) {
- ret = ftruncate(fd, 0);
- if (ret < 0) {
- flock(fd, LOCK_UN);
- krb5_set_error_string(context,
- "krb5_krb_tf_setup: failed to truncate %s",
- path);
- free(path);
- close(fd);
- return KRB5_FCC_PERM;
- }
- }
- ret = lseek(fd, 0L, SEEK_END);
- if (ret < 0) {
- ret = errno;
- flock(fd, LOCK_UN);
- free(path);
- close(fd);
- return ret;
- }
-
- krb5_storage_to_data(sp, &data);
-
- ret = write(fd, data.data, data.length);
- if (ret != data.length)
- ret = KRB5_CC_IO;
-
- krb5_free_data_contents(context, &data);
-
- flock(fd, LOCK_UN);
- free(path);
- close(fd);
-
- return 0;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_tf_setup(krb5_context context,
- struct credentials *v4creds,
- const char *tkfile,
- int append)
-{
- krb5_error_code ret;
- krb5_storage *sp;
-
- sp = krb5_storage_emem();
- if (sp == NULL)
- return ENOMEM;
-
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_HOST);
- krb5_storage_set_eof_code(sp, KRB5_CC_IO);
-
- krb5_clear_error_string(context);
-
- if (!append) {
- RCHECK(ret, krb5_store_stringz(sp, v4creds->pname), error);
- RCHECK(ret, krb5_store_stringz(sp, v4creds->pinst), error);
- }
-
- /* cred */
- RCHECK(ret, krb5_store_stringz(sp, v4creds->service), error);
- RCHECK(ret, krb5_store_stringz(sp, v4creds->instance), error);
- RCHECK(ret, krb5_store_stringz(sp, v4creds->realm), error);
- ret = krb5_storage_write(sp, v4creds->session, 8);
- if (ret != 8) {
- ret = KRB5_CC_IO;
- goto error;
- }
- RCHECK(ret, krb5_store_int32(sp, v4creds->lifetime), error);
- RCHECK(ret, krb5_store_int32(sp, v4creds->kvno), error);
- RCHECK(ret, krb5_store_int32(sp, v4creds->ticket_st.length), error);
-
- ret = krb5_storage_write(sp, v4creds->ticket_st.dat,
- v4creds->ticket_st.length);
- if (ret != v4creds->ticket_st.length) {
- ret = KRB5_CC_IO;
- goto error;
- }
- RCHECK(ret, krb5_store_int32(sp, v4creds->issue_date), error);
-
- ret = write_v4_cc(context, tkfile, sp, append);
-
- error:
- krb5_storage_free(sp);
-
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_dest_tkt(krb5_context context, const char *tkfile)
-{
- krb5_error_code ret;
- char *path;
-
- ret = get_krb4_cc_name(tkfile, &path);
- if (ret) {
- krb5_set_error_string(context,
- "krb5_krb_tf_setup: failed getting "
- "the krb4 credentials cache name");
- return ret;
- }
-
- if (unlink(path) < 0) {
- ret = errno;
- krb5_set_error_string(context,
- "krb5_krb_dest_tkt failed removing the cache "
- "with error %s", strerror(ret));
- }
- free(path);
-
- return ret;
-}
-
-/*
- *
- */
-
-static krb5_error_code
-decrypt_etext(krb5_context context, const krb5_keyblock *key,
- const krb5_data *cdata, krb5_data *data)
-{
- krb5_error_code ret;
- krb5_crypto crypto;
-
- ret = krb5_crypto_init(context, key, ETYPE_DES_PCBC_NONE, &crypto);
- if (ret)
- return ret;
-
- ret = krb5_decrypt(context, crypto, 0, cdata->data, cdata->length, data);
- krb5_crypto_destroy(context, crypto);
-
- return ret;
-}
-
-
-/*
- *
- */
-
-static const char eightzeros[8] = "\x00\x00\x00\x00\x00\x00\x00\x00";
-
-static krb5_error_code
-storage_to_etext(krb5_context context,
- krb5_storage *sp,
- const krb5_keyblock *key,
- krb5_data *enc_data)
-{
- krb5_error_code ret;
- krb5_crypto crypto;
- krb5_ssize_t size;
- krb5_data data;
-
- /* multiple of eight bytes */
-
- size = krb5_storage_seek(sp, 0, SEEK_END);
- if (size < 0)
- return KRB4ET_RD_AP_UNDEC;
- size = 8 - (size & 7);
-
- ret = krb5_storage_write(sp, eightzeros, size);
- if (ret != size)
- return KRB4ET_RD_AP_UNDEC;
-
- ret = krb5_storage_to_data(sp, &data);
- if (ret)
- return ret;
-
- ret = krb5_crypto_init(context, key, ETYPE_DES_PCBC_NONE, &crypto);
- if (ret) {
- krb5_data_free(&data);
- return ret;
- }
-
- ret = krb5_encrypt(context, crypto, 0, data.data, data.length, enc_data);
-
- krb5_data_free(&data);
- krb5_crypto_destroy(context, crypto);
-
- return ret;
-}
-
-/*
- *
- */
-
-static krb5_error_code
-put_nir(krb5_storage *sp, const char *name,
- const char *instance, const char *realm)
-{
- krb5_error_code ret;
-
- RCHECK(ret, krb5_store_stringz(sp, name), error);
- RCHECK(ret, krb5_store_stringz(sp, instance), error);
- if (realm) {
- RCHECK(ret, krb5_store_stringz(sp, realm), error);
- }
- error:
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_create_ticket(krb5_context context,
- unsigned char flags,
- const char *pname,
- const char *pinstance,
- const char *prealm,
- int32_t paddress,
- const krb5_keyblock *session,
- int16_t life,
- int32_t life_sec,
- const char *sname,
- const char *sinstance,
- const krb5_keyblock *key,
- krb5_data *enc_data)
-{
- krb5_error_code ret;
- krb5_storage *sp;
-
- krb5_data_zero(enc_data);
-
- sp = krb5_storage_emem();
- if (sp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
-
- RCHECK(ret, krb5_store_int8(sp, flags), error);
- RCHECK(ret, put_nir(sp, pname, pinstance, prealm), error);
- RCHECK(ret, krb5_store_int32(sp, ntohl(paddress)), error);
-
- /* session key */
- ret = krb5_storage_write(sp,
- session->keyvalue.data,
- session->keyvalue.length);
- if (ret != session->keyvalue.length) {
- ret = KRB4ET_INTK_PROT;
- goto error;
- }
-
- RCHECK(ret, krb5_store_int8(sp, life), error);
- RCHECK(ret, krb5_store_int32(sp, life_sec), error);
- RCHECK(ret, put_nir(sp, sname, sinstance, NULL), error);
-
- ret = storage_to_etext(context, sp, key, enc_data);
-
- error:
- krb5_storage_free(sp);
- if (ret)
- krb5_set_error_string(context, "Failed to encode kerberos 4 ticket");
-
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_create_ciph(krb5_context context,
- const krb5_keyblock *session,
- const char *service,
- const char *instance,
- const char *realm,
- uint32_t life,
- unsigned char kvno,
- const krb5_data *ticket,
- uint32_t kdc_time,
- const krb5_keyblock *key,
- krb5_data *enc_data)
-{
- krb5_error_code ret;
- krb5_storage *sp;
-
- krb5_data_zero(enc_data);
-
- sp = krb5_storage_emem();
- if (sp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
-
- /* session key */
- ret = krb5_storage_write(sp,
- session->keyvalue.data,
- session->keyvalue.length);
- if (ret != session->keyvalue.length) {
- ret = KRB4ET_INTK_PROT;
- goto error;
- }
-
- RCHECK(ret, put_nir(sp, service, instance, realm), error);
- RCHECK(ret, krb5_store_int8(sp, life), error);
- RCHECK(ret, krb5_store_int8(sp, kvno), error);
- RCHECK(ret, krb5_store_int8(sp, ticket->length), error);
- ret = krb5_storage_write(sp, ticket->data, ticket->length);
- if (ret != ticket->length) {
- ret = KRB4ET_INTK_PROT;
- goto error;
- }
- RCHECK(ret, krb5_store_int32(sp, kdc_time), error);
-
- ret = storage_to_etext(context, sp, key, enc_data);
-
- error:
- krb5_storage_free(sp);
- if (ret)
- krb5_set_error_string(context, "Failed to encode kerberos 4 ticket");
-
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_create_auth_reply(krb5_context context,
- const char *pname,
- const char *pinst,
- const char *prealm,
- int32_t time_ws,
- int n,
- uint32_t x_date,
- unsigned char kvno,
- const krb5_data *cipher,
- krb5_data *data)
-{
- krb5_error_code ret;
- krb5_storage *sp;
-
- krb5_data_zero(data);
-
- sp = krb5_storage_emem();
- if (sp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
-
- RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error);
- RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_KDC_REPLY), error);
- RCHECK(ret, put_nir(sp, pname, pinst, prealm), error);
- RCHECK(ret, krb5_store_int32(sp, time_ws), error);
- RCHECK(ret, krb5_store_int8(sp, n), error);
- RCHECK(ret, krb5_store_int32(sp, x_date), error);
- RCHECK(ret, krb5_store_int8(sp, kvno), error);
- RCHECK(ret, krb5_store_int16(sp, cipher->length), error);
- ret = krb5_storage_write(sp, cipher->data, cipher->length);
- if (ret != cipher->length) {
- ret = KRB4ET_INTK_PROT;
- goto error;
- }
-
- ret = krb5_storage_to_data(sp, data);
-
- error:
- krb5_storage_free(sp);
- if (ret)
- krb5_set_error_string(context, "Failed to encode kerberos 4 ticket");
-
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_cr_err_reply(krb5_context context,
- const char *name,
- const char *inst,
- const char *realm,
- uint32_t time_ws,
- uint32_t e,
- const char *e_string,
- krb5_data *data)
-{
- krb5_error_code ret;
- krb5_storage *sp;
-
- krb5_data_zero(data);
-
- if (name == NULL) name = "";
- if (inst == NULL) inst = "";
- if (realm == NULL) realm = "";
- if (e_string == NULL) e_string = "";
-
- sp = krb5_storage_emem();
- if (sp == NULL) {
- krb5_set_error_string(context, "malloc: out of memory");
- return ENOMEM;
- }
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
-
- RCHECK(ret, krb5_store_int8(sp, KRB_PROT_VERSION), error);
- RCHECK(ret, krb5_store_int8(sp, AUTH_MSG_ERR_REPLY), error);
- RCHECK(ret, put_nir(sp, name, inst, realm), error);
- RCHECK(ret, krb5_store_int32(sp, time_ws), error);
- /* If it is a Kerberos 4 error-code, remove the et BASE */
- if (e >= ERROR_TABLE_BASE_krb && e <= ERROR_TABLE_BASE_krb + 255)
- e -= ERROR_TABLE_BASE_krb;
- RCHECK(ret, krb5_store_int32(sp, e), error);
- RCHECK(ret, krb5_store_stringz(sp, e_string), error);
-
- ret = krb5_storage_to_data(sp, data);
-
- error:
- krb5_storage_free(sp);
- if (ret)
- krb5_set_error_string(context, "Failed to encode kerberos 4 error");
-
- return 0;
-}
-
-static krb5_error_code
-get_v4_stringz(krb5_storage *sp, char **str, size_t max_len)
-{
- krb5_error_code ret;
-
- ret = krb5_ret_stringz(sp, str);
- if (ret)
- return ret;
- if (strlen(*str) > max_len) {
- free(*str);
- *str = NULL;
- return KRB4ET_INTK_PROT;
- }
- return 0;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_decomp_ticket(krb5_context context,
- const krb5_data *enc_ticket,
- const krb5_keyblock *key,
- const char *local_realm,
- char **sname,
- char **sinstance,
- struct _krb5_krb_auth_data *ad)
-{
- krb5_error_code ret;
- krb5_ssize_t size;
- krb5_storage *sp = NULL;
- krb5_data ticket;
- unsigned char des_key[8];
-
- memset(ad, 0, sizeof(*ad));
- krb5_data_zero(&ticket);
-
- *sname = NULL;
- *sinstance = NULL;
-
- RCHECK(ret, decrypt_etext(context, key, enc_ticket, &ticket), error);
-
- sp = krb5_storage_from_data(&ticket);
- if (sp == NULL) {
- krb5_data_free(&ticket);
- krb5_set_error_string(context, "alloc: out of memory");
- return ENOMEM;
- }
-
- krb5_storage_set_eof_code(sp, KRB4ET_INTK_PROT);
-
- RCHECK(ret, krb5_ret_int8(sp, &ad->k_flags), error);
- RCHECK(ret, get_v4_stringz(sp, &ad->pname, ANAME_SZ), error);
- RCHECK(ret, get_v4_stringz(sp, &ad->pinst, INST_SZ), error);
- RCHECK(ret, get_v4_stringz(sp, &ad->prealm, REALM_SZ), error);
- RCHECK(ret, krb5_ret_uint32(sp, &ad->address), error);
-
- size = krb5_storage_read(sp, des_key, sizeof(des_key));
- if (size != sizeof(des_key)) {
- ret = KRB4ET_INTK_PROT;
- goto error;
- }
-
- RCHECK(ret, krb5_ret_uint8(sp, &ad->life), error);
-
- if (ad->k_flags & 1)
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
- else
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
-
- RCHECK(ret, krb5_ret_uint32(sp, &ad->time_sec), error);
-
- RCHECK(ret, get_v4_stringz(sp, sname, ANAME_SZ), error);
- RCHECK(ret, get_v4_stringz(sp, sinstance, INST_SZ), error);
-
- ret = krb5_keyblock_init(context, ETYPE_DES_PCBC_NONE,
- des_key, sizeof(des_key), &ad->session);
- if (ret)
- goto error;
-
- if (strlen(ad->prealm) == 0) {
- free(ad->prealm);
- ad->prealm = strdup(local_realm);
- if (ad->prealm == NULL) {
- ret = ENOMEM;
- goto error;
- }
- }
-
- error:
- memset(des_key, 0, sizeof(des_key));
- if (sp)
- krb5_storage_free(sp);
- krb5_data_free(&ticket);
- if (ret) {
- if (*sname) {
- free(*sname);
- *sname = NULL;
- }
- if (*sinstance) {
- free(*sinstance);
- *sinstance = NULL;
- }
- _krb5_krb_free_auth_data(context, ad);
- krb5_set_error_string(context, "Failed to decode v4 ticket");
- }
- return ret;
-}
-
-/*
- *
- */
-
-krb5_error_code KRB5_LIB_FUNCTION
-_krb5_krb_rd_req(krb5_context context,
- krb5_data *authent,
- const char *service,
- const char *instance,
- const char *local_realm,
- int32_t from_addr,
- const krb5_keyblock *key,
- struct _krb5_krb_auth_data *ad)
-{
- krb5_error_code ret;
- krb5_storage *sp;
- krb5_data ticket, eaut, aut;
- krb5_ssize_t size;
- int little_endian;
- int8_t pvno;
- int8_t type;
- int8_t s_kvno;
- uint8_t ticket_length;
- uint8_t eaut_length;
- uint8_t time_5ms;
- char *realm = NULL;
- char *sname = NULL;
- char *sinstance = NULL;
- char *r_realm = NULL;
- char *r_name = NULL;
- char *r_instance = NULL;
-
- uint32_t r_time_sec; /* Coarse time from authenticator */
- unsigned long delta_t; /* Time in authenticator - local time */
- long tkt_age; /* Age of ticket */
-
- struct timeval tv;
-
- krb5_data_zero(&ticket);
- krb5_data_zero(&eaut);
- krb5_data_zero(&aut);
-
- sp = krb5_storage_from_data(authent);
- if (sp == NULL) {
- krb5_set_error_string(context, "alloc: out of memory");
- return ENOMEM;
- }
-
- krb5_storage_set_eof_code(sp, KRB4ET_INTK_PROT);
-
- ret = krb5_ret_int8(sp, &pvno);
- if (ret) {
- krb5_set_error_string(context, "Failed reading v4 pvno");
- goto error;
- }
-
- if (pvno != KRB_PROT_VERSION) {
- ret = KRB4ET_RD_AP_VERSION;
- krb5_set_error_string(context, "Failed v4 pvno not 4");
- goto error;
- }
-
- ret = krb5_ret_int8(sp, &type);
- if (ret) {
- krb5_set_error_string(context, "Failed readin v4 type");
- goto error;
- }
-
- little_endian = type & 1;
- type &= ~1;
-
- if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL) {
- ret = KRB4ET_RD_AP_MSG_TYPE;
- krb5_set_error_string(context, "Not a valid v4 request type");
- goto error;
- }
-
- RCHECK(ret, krb5_ret_int8(sp, &s_kvno), error);
- RCHECK(ret, get_v4_stringz(sp, &realm, REALM_SZ), error);
- RCHECK(ret, krb5_ret_uint8(sp, &ticket_length), error);
- RCHECK(ret, krb5_ret_uint8(sp, &eaut_length), error);
- RCHECK(ret, krb5_data_alloc(&ticket, ticket_length), error);
-
- size = krb5_storage_read(sp, ticket.data, ticket.length);
- if (size != ticket.length) {
- ret = KRB4ET_INTK_PROT;
- krb5_set_error_string(context, "Failed reading v4 ticket");
- goto error;
- }
-
- /* Decrypt and take apart ticket */
- ret = _krb5_krb_decomp_ticket(context, &ticket, key, local_realm,
- &sname, &sinstance, ad);
- if (ret)
- goto error;
-
- RCHECK(ret, krb5_data_alloc(&eaut, eaut_length), error);
-
- size = krb5_storage_read(sp, eaut.data, eaut.length);
- if (size != eaut.length) {
- ret = KRB4ET_INTK_PROT;
- krb5_set_error_string(context, "Failed reading v4 authenticator");
- goto error;
- }
-
- krb5_storage_free(sp);
- sp = NULL;
-
- ret = decrypt_etext(context, &ad->session, &eaut, &aut);
- if (ret)
- goto error;
-
- sp = krb5_storage_from_data(&aut);
- if (sp == NULL) {
- ret = ENOMEM;
- krb5_set_error_string(context, "alloc: out of memory");
- goto error;
- }
-
- if (little_endian)
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_LE);
- else
- krb5_storage_set_byteorder(sp, KRB5_STORAGE_BYTEORDER_BE);
-
- RCHECK(ret, get_v4_stringz(sp, &r_name, ANAME_SZ), error);
- RCHECK(ret, get_v4_stringz(sp, &r_instance, INST_SZ), error);
- RCHECK(ret, get_v4_stringz(sp, &r_realm, REALM_SZ), error);
-
- RCHECK(ret, krb5_ret_uint32(sp, &ad->checksum), error);
- RCHECK(ret, krb5_ret_uint8(sp, &time_5ms), error);
- RCHECK(ret, krb5_ret_uint32(sp, &r_time_sec), error);
-
- if (strcmp(ad->pname, r_name) != 0 ||
- strcmp(ad->pinst, r_instance) != 0 ||
- strcmp(ad->prealm, r_realm) != 0) {
- krb5_set_error_string(context, "v4 principal mismatch");
- ret = KRB4ET_RD_AP_INCON;
- goto error;
- }
-
- if (from_addr && ad->address && from_addr != ad->address) {
- krb5_set_error_string(context, "v4 bad address in ticket");
- ret = KRB4ET_RD_AP_BADD;
- goto error;
- }
-
- gettimeofday(&tv, NULL);
- delta_t = abs((int)(tv.tv_sec - r_time_sec));
- if (delta_t > CLOCK_SKEW) {
- ret = KRB4ET_RD_AP_TIME;
- krb5_set_error_string(context, "v4 clock skew");
- goto error;
- }
-
- /* Now check for expiration of ticket */
-
- tkt_age = tv.tv_sec - ad->time_sec;
-
- if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW)) {
- ret = KRB4ET_RD_AP_NYV;
- krb5_set_error_string(context, "v4 clock skew for expiration");
- goto error;
- }
-
- if (tv.tv_sec > _krb5_krb_life_to_time(ad->time_sec, ad->life)) {
- ret = KRB4ET_RD_AP_EXP;
- krb5_set_error_string(context, "v4 ticket expired");
- goto error;
- }
-
- ret = 0;
- error:
- krb5_data_free(&ticket);
- krb5_data_free(&eaut);
- krb5_data_free(&aut);
- if (realm)
- free(realm);
- if (sname)
- free(sname);
- if (sinstance)
- free(sinstance);
- if (r_name)
- free(r_name);
- if (r_instance)
- free(r_instance);
- if (r_realm)
- free(r_realm);
- if (sp)
- krb5_storage_free(sp);
-
- if (ret)
- krb5_clear_error_string(context);
-
- return ret;
-}
-
-/*
- *
- */
-
-void KRB5_LIB_FUNCTION
-_krb5_krb_free_auth_data(krb5_context context, struct _krb5_krb_auth_data *ad)
-{
- if (ad->pname)
- free(ad->pname);
- if (ad->pinst)
- free(ad->pinst);
- if (ad->prealm)
- free(ad->prealm);
- krb5_free_keyblock_contents(context, &ad->session);
- memset(ad, 0, sizeof(*ad));
-}
Deleted: trunk/crypto/heimdal/lib/krb5/verify_krb5_conf-version.rc
===================================================================
--- trunk/crypto/heimdal/lib/krb5/verify_krb5_conf-version.rc 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/verify_krb5_conf-version.rc 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Krb5.conf Verification Tool"
-#define RC_FILE_ORIG_0409 "verify_krb5_conf.exe"
-
-#include "../../windows/version.rc"
Deleted: trunk/crypto/heimdal/lib/krb5/verify_krb5_conf.cat8
===================================================================
--- trunk/crypto/heimdal/lib/krb5/verify_krb5_conf.cat8 2015-07-28 01:15:21 UTC (rev 7183)
+++ trunk/crypto/heimdal/lib/krb5/verify_krb5_conf.cat8 2015-07-28 01:26:28 UTC (rev 7184)
@@ -1,57 +0,0 @@
-
-VERIFY_KRB5_CONF(8) BSD System Manager's Manual VERIFY_KRB5_CONF(8)
-
-N�NA�AM�ME�E
- v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f -- checks krb5.conf for obvious errors
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f _�[_�c_�o_�n_�f_�i_�g_�-_�f_�i_�l_�e_�]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f reads the configuration file _�k_�r_�b_�5_�._�c_�o_�n_�f, or the file
- given on the command line, parses it, checking verifying that the syntax
- is not correctly wrong.
-
- If the file is syntactically correct, v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f tries to verify
- that the contents of the file is of relevant nature.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- KRB5_CONFIG points to the configuration file to read.
-
-F�FI�IL�LE�ES�S
- /etc/krb5.conf Kerberos 5 configuration file
-
-D�DI�IA�AG�GN�NO�OS�ST�TI�IC�CS�S
- Possible output from v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f include:
-
- <path>: failed to parse <something> as size/time/number/boolean
- Usually means that <something> is misspelled, or that it contains
- weird characters. The parsing done by v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f is more
- strict than the one performed by libkrb5, so strings that work in
- real life might be reported as bad.
-
- <path>: host not found (<hostname>)
- Means that <path> is supposed to point to a host, but it can't be
- recognised as one.
-
- <path>: unknown or wrong type
- Means that <path> is either a string when it should be a list,
- vice versa, or just that v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f is confused.
-
- <path>: unknown entry
- Means that <string> is not known by v�ve�er�ri�if�fy�y_�_k�kr�rb�b5�5_�_c�co�on�nf�f.
-
-S�SE�EE�E A�AL�LS�SO�O
- krb5.conf(5)
-
-B�BU�UG�GS�S
- Since each application can put almost anything in the config file, it's
- hard to come up with a watertight verification process. Most of the
- default settings are sanity checked, but this does not mean that every
- problem is discovered, or that everything that is reported as a possible
- problem actually is one. This tool should thus be used with some care.
-
- It should warn about obsolete data, or bad practice, but currently
- doesn't.
-
-HEIMDAL December 8, 2004 HEIMDAL
More information about the Midnightbsd-cvs
mailing list