diff options
Diffstat (limited to 'crypto/heimdal/lib/gssapi/gss_acquire_cred.3')
| -rw-r--r-- | crypto/heimdal/lib/gssapi/gss_acquire_cred.3 | 688 |
1 files changed, 0 insertions, 688 deletions
diff --git a/crypto/heimdal/lib/gssapi/gss_acquire_cred.3 b/crypto/heimdal/lib/gssapi/gss_acquire_cred.3 deleted file mode 100644 index d2a04d9..0000000 --- a/crypto/heimdal/lib/gssapi/gss_acquire_cred.3 +++ /dev/null @@ -1,688 +0,0 @@ -.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan -.\" (Royal Institute of Technology, Stockholm, Sweden). -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" 3. Neither the name of the Institute nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $Id: gss_acquire_cred.3 20235 2007-02-16 11:19:03Z lha $ -.\" -.Dd October 26, 2005 -.Dt GSS_ACQUIRE_CRED 3 -.Os HEIMDAL -.Sh NAME -.Nm gss_accept_sec_context , -.Nm gss_acquire_cred , -.Nm gss_add_cred , -.Nm gss_add_oid_set_member , -.Nm gss_canonicalize_name , -.Nm gss_compare_name , -.Nm gss_context_time , -.Nm gss_create_empty_oid_set , -.Nm gss_delete_sec_context , -.Nm gss_display_name , -.Nm gss_display_status , -.Nm gss_duplicate_name , -.Nm gss_export_name , -.Nm gss_export_sec_context , -.Nm gss_get_mic , -.Nm gss_import_name , -.Nm gss_import_sec_context , -.Nm gss_indicate_mechs , -.Nm gss_init_sec_context , -.Nm gss_inquire_context , -.Nm gss_inquire_cred , -.Nm gss_inquire_cred_by_mech , -.Nm gss_inquire_mechs_for_name , -.Nm gss_inquire_names_for_mech , -.Nm gss_krb5_ccache_name , -.Nm gss_krb5_compat_des3_mic , -.Nm gss_krb5_copy_ccache , -.Nm gss_krb5_import_cred -.Nm gsskrb5_extract_authz_data_from_sec_context , -.Nm gsskrb5_register_acceptor_identity , -.Nm gss_krb5_import_ccache , -.Nm gss_krb5_get_tkt_flags , -.Nm gss_process_context_token , -.Nm gss_release_buffer , -.Nm gss_release_cred , -.Nm gss_release_name , -.Nm gss_release_oid_set , -.Nm gss_seal , -.Nm gss_sign , -.Nm gss_test_oid_set_member , -.Nm gss_unseal , -.Nm gss_unwrap , -.Nm gss_verify , -.Nm gss_verify_mic , -.Nm gss_wrap , -.Nm gss_wrap_size_limit -.Nd Generic Security Service Application Program Interface library -.Sh LIBRARY -GSS-API library (libgssapi, -lgssapi) -.Sh SYNOPSIS -.In gssapi.h -.Pp -.Ft OM_uint32 -.Fo gss_accept_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t * context_handle" -.Fa "const gss_cred_id_t acceptor_cred_handle" -.Fa "const gss_buffer_t input_token_buffer" -.Fa "const gss_channel_bindings_t input_chan_bindings" -.Fa "gss_name_t * src_name" -.Fa "gss_OID * mech_type" -.Fa "gss_buffer_t output_token" -.Fa "OM_uint32 * ret_flags" -.Fa "OM_uint32 * time_rec" -.Fa "gss_cred_id_t * delegated_cred_handle" -.Fc -.Pp -.Ft OM_uint32 -.Fo gss_acquire_cred -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t desired_name" -.Fa "OM_uint32 time_req" -.Fa "const gss_OID_set desired_mechs" -.Fa "gss_cred_usage_t cred_usage" -.Fa "gss_cred_id_t * output_cred_handle" -.Fa "gss_OID_set * actual_mechs" -.Fa "OM_uint32 * time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_add_cred -.Fa "OM_uint32 *minor_status" -.Fa "const gss_cred_id_t input_cred_handle" -.Fa "const gss_name_t desired_name" -.Fa "const gss_OID desired_mech" -.Fa "gss_cred_usage_t cred_usage" -.Fa "OM_uint32 initiator_time_req" -.Fa "OM_uint32 acceptor_time_req" -.Fa "gss_cred_id_t *output_cred_handle" -.Fa "gss_OID_set *actual_mechs" -.Fa "OM_uint32 *initiator_time_rec" -.Fa "OM_uint32 *acceptor_time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_add_oid_set_member -.Fa "OM_uint32 * minor_status" -.Fa "const gss_OID member_oid" -.Fa "gss_OID_set * oid_set" -.Fc -.Ft OM_uint32 -.Fo gss_canonicalize_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "const gss_OID mech_type" -.Fa "gss_name_t * output_name" -.Fc -.Ft OM_uint32 -.Fo gss_compare_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t name1" -.Fa "const gss_name_t name2" -.Fa "int * name_equal" -.Fc -.Ft OM_uint32 -.Fo gss_context_time -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "OM_uint32 * time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_create_empty_oid_set -.Fa "OM_uint32 * minor_status" -.Fa "gss_OID_set * oid_set" -.Fc -.Ft OM_uint32 -.Fo gss_delete_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t * context_handle" -.Fa "gss_buffer_t output_token" -.Fc -.Ft OM_uint32 -.Fo gss_display_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "gss_buffer_t output_name_buffer" -.Fa "gss_OID * output_name_type" -.Fc -.Ft OM_uint32 -.Fo gss_display_status -.Fa "OM_uint32 *minor_status" -.Fa "OM_uint32 status_value" -.Fa "int status_type" -.Fa "const gss_OID mech_type" -.Fa "OM_uint32 *message_context" -.Fa "gss_buffer_t status_string" -.Fc -.Ft OM_uint32 -.Fo gss_duplicate_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t src_name" -.Fa "gss_name_t * dest_name" -.Fc -.Ft OM_uint32 -.Fo gss_export_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "gss_buffer_t exported_name" -.Fc -.Ft OM_uint32 -.Fo gss_export_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t * context_handle" -.Fa "gss_buffer_t interprocess_token" -.Fc -.Ft OM_uint32 -.Fo gss_get_mic -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "gss_qop_t qop_req" -.Fa "const gss_buffer_t message_buffer" -.Fa "gss_buffer_t message_token" -.Fc -.Ft OM_uint32 -.Fo gss_import_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_buffer_t input_name_buffer" -.Fa "const gss_OID input_name_type" -.Fa "gss_name_t * output_name" -.Fc -.Ft OM_uint32 -.Fo gss_import_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "const gss_buffer_t interprocess_token" -.Fa "gss_ctx_id_t * context_handle" -.Fc -.Ft OM_uint32 -.Fo gss_indicate_mechs -.Fa "OM_uint32 * minor_status" -.Fa "gss_OID_set * mech_set" -.Fc -.Ft OM_uint32 -.Fo gss_init_sec_context -.Fa "OM_uint32 * minor_status" -.Fa "const gss_cred_id_t initiator_cred_handle" -.Fa "gss_ctx_id_t * context_handle" -.Fa "const gss_name_t target_name" -.Fa "const gss_OID mech_type" -.Fa "OM_uint32 req_flags" -.Fa "OM_uint32 time_req" -.Fa "const gss_channel_bindings_t input_chan_bindings" -.Fa "const gss_buffer_t input_token" -.Fa "gss_OID * actual_mech_type" -.Fa "gss_buffer_t output_token" -.Fa "OM_uint32 * ret_flags" -.Fa "OM_uint32 * time_rec" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_context -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "gss_name_t * src_name" -.Fa "gss_name_t * targ_name" -.Fa "OM_uint32 * lifetime_rec" -.Fa "gss_OID * mech_type" -.Fa "OM_uint32 * ctx_flags" -.Fa "int * locally_initiated" -.Fa "int * open_context" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_cred -.Fa "OM_uint32 * minor_status" -.Fa "const gss_cred_id_t cred_handle" -.Fa "gss_name_t * name" -.Fa "OM_uint32 * lifetime" -.Fa "gss_cred_usage_t * cred_usage" -.Fa "gss_OID_set * mechanisms" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_cred_by_mech -.Fa "OM_uint32 * minor_status" -.Fa "const gss_cred_id_t cred_handle" -.Fa "const gss_OID mech_type" -.Fa "gss_name_t * name" -.Fa "OM_uint32 * initiator_lifetime" -.Fa "OM_uint32 * acceptor_lifetime" -.Fa "gss_cred_usage_t * cred_usage" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_mechs_for_name -.Fa "OM_uint32 * minor_status" -.Fa "const gss_name_t input_name" -.Fa "gss_OID_set * mech_types" -.Fc -.Ft OM_uint32 -.Fo gss_inquire_names_for_mech -.Fa "OM_uint32 * minor_status" -.Fa "const gss_OID mechanism" -.Fa "gss_OID_set * name_types" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_ccache_name -.Fa "OM_uint32 *minor" -.Fa "const char *name" -.Fa "const char **old_name" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_copy_ccache -.Fa "OM_uint32 *minor" -.Fa "gss_cred_id_t cred" -.Fa "krb5_ccache out" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_import_cred -.Fa "OM_uint32 *minor_status" -.Fa "krb5_ccache id" -.Fa "krb5_principal keytab_principal" -.Fa "krb5_keytab keytab" -.Fa "gss_cred_id_t *cred" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_compat_des3_mic -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int onoff" -.Fc -.Ft OM_uint32 -.Fo gsskrb5_extract_authz_data_from_sec_context -.Fa "OM_uint32 *minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int ad_type" -.Fa "gss_buffer_t ad_data" -.Fc -.Ft OM_uint32 -.Fo gsskrb5_register_acceptor_identity -.Fa "const char *identity" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_import_cache -.Fa "OM_uint32 *minor" -.Fa "krb5_ccache id" -.Fa "krb5_keytab keytab" -.Fa "gss_cred_id_t *cred" -.Fc -.Ft OM_uint32 -.Fo gss_krb5_get_tkt_flags -.Fa "OM_uint32 *minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "OM_uint32 *tkt_flags" -.Fc -.Ft OM_uint32 -.Fo gss_process_context_token -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "const gss_buffer_t token_buffer" -.Fc -.Ft OM_uint32 -.Fo gss_release_buffer -.Fa "OM_uint32 * minor_status" -.Fa "gss_buffer_t buffer" -.Fc -.Ft OM_uint32 -.Fo gss_release_cred -.Fa "OM_uint32 * minor_status" -.Fa "gss_cred_id_t * cred_handle" -.Fc -.Ft OM_uint32 -.Fo gss_release_name -.Fa "OM_uint32 * minor_status" -.Fa "gss_name_t * input_name" -.Fc -.Ft OM_uint32 -.Fo gss_release_oid_set -.Fa "OM_uint32 * minor_status" -.Fa "gss_OID_set * set" -.Fc -.Ft OM_uint32 -.Fo gss_seal -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int conf_req_flag" -.Fa "int qop_req" -.Fa "gss_buffer_t input_message_buffer" -.Fa "int * conf_state" -.Fa "gss_buffer_t output_message_buffer" -.Fc -.Ft OM_uint32 -.Fo gss_sign -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "int qop_req" -.Fa "gss_buffer_t message_buffer" -.Fa "gss_buffer_t message_token" -.Fc -.Ft OM_uint32 -.Fo gss_test_oid_set_member -.Fa "OM_uint32 * minor_status" -.Fa "const gss_OID member" -.Fa "const gss_OID_set set" -.Fa "int * present" -.Fc -.Ft OM_uint32 -.Fo gss_unseal -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "gss_buffer_t input_message_buffer" -.Fa "gss_buffer_t output_message_buffer" -.Fa "int * conf_state" -.Fa "int * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_unwrap -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "const gss_buffer_t input_message_buffer" -.Fa "gss_buffer_t output_message_buffer" -.Fa "int * conf_state" -.Fa "gss_qop_t * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_verify -.Fa "OM_uint32 * minor_status" -.Fa "gss_ctx_id_t context_handle" -.Fa "gss_buffer_t message_buffer" -.Fa "gss_buffer_t token_buffer" -.Fa "int * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_verify_mic -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "const gss_buffer_t message_buffer" -.Fa "const gss_buffer_t token_buffer" -.Fa "gss_qop_t * qop_state" -.Fc -.Ft OM_uint32 -.Fo gss_wrap -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "int conf_req_flag" -.Fa "gss_qop_t qop_req" -.Fa "const gss_buffer_t input_message_buffer" -.Fa "int * conf_state" -.Fa "gss_buffer_t output_message_buffer" -.Fc -.Ft OM_uint32 -.Fo gss_wrap_size_limit -.Fa "OM_uint32 * minor_status" -.Fa "const gss_ctx_id_t context_handle" -.Fa "int conf_req_flag" -.Fa "gss_qop_t qop_req" -.Fa "OM_uint32 req_output_size" -.Fa "OM_uint32 * max_input_size" -.Fc -.Sh DESCRIPTION -Generic Security Service API (GSS-API) version 2, and its C binding, -is described in -.Li RFC2743 -and -.Li RFC2744 . -Version 1 (deprecated) of the C binding is described in -.Li RFC1509 . -.Pp -Heimdals GSS-API implementation supports the following mechanisms -.Bl -bullet -.It -.Li GSS_KRB5_MECHANISM -.It -.Li GSS_SPNEGO_MECHANISM -.El -.Pp -GSS-API have generic name types that all mechanism are supposed to -implement (if possible): -.Bl -bullet -.It -.Li GSS_C_NT_USER_NAME -.It -.Li GSS_C_NT_MACHINE_UID_NAME -.It -.Li GSS_C_NT_STRING_UID_NAME -.It -.Li GSS_C_NT_HOSTBASED_SERVICE -.It -.Li GSS_C_NT_ANONYMOUS -.It -.Li GSS_C_NT_EXPORT_NAME -.El -.Pp -GSS-API implementations that supports Kerberos 5 have some additional -name types: -.Bl -bullet -.It -.Li GSS_KRB5_NT_PRINCIPAL_NAME -.It -.Li GSS_KRB5_NT_USER_NAME -.It -.Li GSS_KRB5_NT_MACHINE_UID_NAME -.It -.Li GSS_KRB5_NT_STRING_UID_NAME -.El -.Pp -In GSS-API, names have two forms, internal names and contiguous string -names. -.Bl -bullet -.It -.Li Internal name and mechanism name -.Pp -Internal names are implementation specific representation of -a GSS-API name. -.Li Mechanism names -special form of internal names corresponds to one and only one mechanism. -.Pp -In GSS-API an internal name is stored in a -.Dv gss_name_t . -.It -.Li Contiguous string name and exported name -.Pp -Contiguous string names are gssapi names stored in a -.Dv OCTET STRING -that together with a name type identifier (OID) uniquely specifies a -gss-name. -A special form of the contiguous string name is the exported name that -have a OID embedded in the string to make it unique. -Exported name have the nametype -.Dv GSS_C_NT_EXPORT_NAME . -.Pp -In GSS-API an contiguous string name is stored in a -.Dv gss_buffer_t . -.Pp -Exported names also have the property that they are specified by the -mechanism itself and compatible between diffrent GSS-API -implementations. -.El -.Sh ACCESS CONTROL -There are two ways of comparing GSS-API names, either comparing two -internal names with each other or two contiguous string names with -either other. -.Pp -To compare two internal names with each other, import (if needed) the -names with -.Fn gss_import_name -into the GSS-API implementation and the compare the imported name with -.Fn gss_compare_name . -.Pp -Importing names can be slow, so when its possible to store exported -names in the access control list, comparing contiguous string name -might be better. -.Pp -when comparing contiguous string name, first export them into a -.Dv GSS_C_NT_EXPORT_NAME -name with -.Fn gss_export_name -and then compare with -.Xr memcmp 3 . -.Pp -Note that there are might be a difference between the two methods of -comparing names. -The first (using -.Fn gss_compare_name ) -will compare to (unauthenticated) names are the same. -The second will compare if a mechanism will authenticate them as the -same principal. -.Pp -For example, if -.Fn gss_import_name -name was used with -.Dv GSS_C_NO_OID -the default syntax is used for all mechanism the GSS-API -implementation supports. -When compare the imported name of -.Dv GSS_C_NO_OID -it may match serveral mechanism names (MN). -.Pp -The resulting name from -.Fn gss_display_name -must not be used for acccess control. -.Sh FUNCTIONS -.Fn gss_display_name -takes the gss name in -.Fa input_name -and puts a printable form in -.Fa output_name_buffer . -.Fa output_name_buffer -should be freed when done using -.Fn gss_release_buffer . -.Fa output_name_type -can either be -.Dv NULL -or a pointer to a -.Li gss_OID -and will in the latter case contain the OID type of the name. -The name must only be used for printing. -If access control is needed, see section -.Sx ACCESS CONTROL . -.Pp -.Fn gss_inquire_context -returns information about the context. -Information is available even after the context have expired. -.Fa lifetime_rec -argument is set to -.Dv GSS_C_INDEFINITE -(dont expire) or the number of seconds that the context is still valid. -A value of 0 means that the context is expired. -.Fa mech_type -argument should be considered readonly and must not be released. -.Fa src_name -and -.Fn dest_name -are both mechanims names and must be released with -.Fn gss_release_name -when no longer used. -.Pp -.Nm gss_context_time -will return the amount of time (in seconds) of the context is still -valid. -If its expired -.Fa time_rec -will be set to 0 and -.Dv GSS_S_CONTEXT_EXPIRED -returned. -.Pp -.Fn gss_sign , -.Fn gss_verify , -.Fn gss_seal , -and -.Fn gss_unseal -are part of the GSS-API V1 interface and are obsolete. -The functions should not be used for new applications. -They are provided so that version 1 applications can link against the -library. -.Sh EXTENSIONS -.Fn gss_krb5_ccache_name -sets the internal kerberos 5 credential cache name to -.Fa name . -The old name is returned in -.Fa old_name , -and must not be freed. -The data allocated for -.Fa old_name -is free upon next call to -.Fn gss_krb5_ccache_name . -This function is not threadsafe if -.Fa old_name -argument is used. -.Pp -.Fn gss_krb5_copy_ccache -will extract the krb5 credentials that are transferred from the -initiator to the acceptor when using token delegation in the Kerberos -mechanism. -The acceptor receives the delegated token in the last argument to -.Fn gss_accept_sec_context . -.Pp -.Fn gss_krb5_import_cred -will import the krb5 credentials (both keytab and/or credential cache) -into gss credential so it can be used withing GSS-API. -The -.Fa ccache -is copied by reference and thus shared, so if the credential is destroyed -with -.Fa krb5_cc_destroy , -all users of thep -.Fa gss_cred_id_t -returned by -.Fn gss_krb5_import_ccache -will fail. -.Pp -.Fn gsskrb5_register_acceptor_identity -sets the Kerberos 5 filebased keytab that the acceptor will use. The -.Fa identifier -is the file name. -.Pp -.Fn gsskrb5_extract_authz_data_from_sec_context -extracts the Kerberos authorizationdata that may be stored within the -context. -Tha caller must free the returned buffer -.Fa ad_data -with -.Fn gss_release_buffer -upon success. -.Pp -.Fn gss_krb5_get_tkt_flags -return the ticket flags for the kerberos ticket receive when -authenticating the initiator. -Only valid on the acceptor context. -.Pp -.Fn gss_krb5_compat_des3_mic -turns on or off the compatibility with older version of Heimdal using -des3 get and verify mic, this is way to programmatically set the -[gssapi]broken_des3_mic and [gssapi]correct_des3_mic flags (see -COMPATIBILITY section in -.Xr gssapi 3 ) . -If the CPP symbol -.Dv GSS_C_KRB5_COMPAT_DES3_MIC -is present, -.Fn gss_krb5_compat_des3_mic -exists. -.Fn gss_krb5_compat_des3_mic -will be removed in a later version of the GSS-API library. -.Sh SEE ALSO -.Xr gssapi 3 , -.Xr krb5 3 , -.Xr krb5_ccache 3 , -.Xr kerberos 8 |
