diff options
Diffstat (limited to 'crypto/kerberosIV/man')
32 files changed, 3390 insertions, 0 deletions
diff --git a/crypto/kerberosIV/man/Makefile.in b/crypto/kerberosIV/man/Makefile.in new file mode 100644 index 0000000..a1b6e74 --- /dev/null +++ b/crypto/kerberosIV/man/Makefile.in @@ -0,0 +1,95 @@ +# Makefile.in,v 1.2 1994/05/13 05:02:46 assar Exp + +srcdir = @srcdir@ +VPATH = @srcdir@ + +SHELL = /bin/sh + +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +MKINSTALLDIRS = @top_srcdir@/mkinstalldirs + +prefix = @prefix@ +mandir = @mandir@ +transform=@program_transform_name@ +EXECSUFFIX=@EXECSUFFIX@ + +MANRX = .*\.\([0-9]\) +CATRX = \(.*\)\.cat\([0-9]\) +CATSUFFIX=@CATSUFFIX@ + +MAN1 = afslog.1 kauth.1 ftp.1 kdestroy.1 kinit.1 kpasswd.1 \ + login.1 rlogin.1 su.1 kerberos.1 klist.1 ksrvtgt.1 pagsh.1 \ + rcp.1 rsh.1 telnet.1 kx.1 rxterm.1 rxtelnet.1 tenletxr.1 \ + des.1 movemail.1 \ + otp.1 otpprint.1 + +CAT1 = afslog.cat1 kauth.cat1 ftp.cat1 login.cat1 \ + pagsh.cat1 rcp.cat1 rlogin.cat1 rsh.cat1 su.cat1 telnet.cat1 kx.cat1 \ + rxterm.cat1 rxtelnet.cat1 tenletxr.cat1 movemail.cat1 \ + otp.cat1 otpprint.cat1 + +MAN3 = acl_check.3 kafs.3 kerberos.3 krb_set_tkt_string.3 des_crypt.3 \ + krb_realmofhost.3 kuserok.3 getusershell.3 krb_sendauth.3 \ + tf_util.3 + +CAT3 = getusershell.cat3 kafs.cat3 + +MAN5 = krb.conf.5 krb.realms.5 krb.equiv.5 login.access.5 ftpusers.5 + +CAT5 = login.access.cat5 krb.equiv.cat5 ftpusers.cat5 + +MAN8 = ext_srvtab.8 kdb_destroy.8 kdb_util.8 ksrvutil.8 telnetd.8 rlogind.8 \ + kadmin.8 kdb_edit.8 kstash.8 kadmind.8 kdb_init.8 rshd.8 kauthd.8 \ + popper.8 kxd.8 kerberos.8 + +CAT8 = ftpd.cat8 rshd.cat8 telnetd.cat8 ksrvutil.cat8 rlogind.cat8 \ + kauthd.cat8 kprop.cat8 kpropd.cat8 kxd.cat8 kerberos.cat8 + +all: + +cat: $(CAT1) $(CAT3) $(CAT5) $(CAT8) + +%.cat1: %.1 + `grog -Tascii $<` > $@ +%.cat3: %.3 + `grog -Tascii $<` > $@ +%.cat5: %.5 + `grog -Tascii $<` > $@ +%.cat8: %.8 + `grog -Tascii $<` > $@ + + +Wall: + +install: all + for x in man1 man3 man5 man8 cat1 cat3 cat5 cat8; do \ + $(MKINSTALLDIRS) $(mandir)/$$x; done + (cd $(srcdir); \ + for x in $(MAN1) $(MAN3) $(MAN5) $(MAN8); do \ + s=`echo $$x | sed 's!$(MANRX)!\1!'` ; \ + $(INSTALL_DATA) $$x $(mandir)/man$$s; done ;\ + for x in $(CAT1) $(CAT3) $(CAT5) $(CAT8); do \ + s=`echo $$x | sed 's!$(CATRX)!\2!'`; \ + b=`echo $$x | sed 's!$(CATRX)!\1!'`; \ + $(INSTALL_DATA) $$x $(mandir)/cat$$s/$$b.$(CATSUFFIX);\ + done ) + +uninstall: + for x in $(MAN1) $(MAN3) $(MAN5) $(MAN8); do \ + s=`echo $$x | sed 's!$(MANRX)!\1!'` ; \ + rm -f $(mandir)/man$$s/$$x; done + for x in $(CAT1) $(CAT3) $(CAT5) $(CAT8); do \ + s=`echo $$x | sed 's!$(CATRX)!\2!'`; \ + b=`echo $$x | sed 's!$(CATRX)!\1!'`; \ + rm -f $(mandir)/cat$$s/$$b.$(CATSUFFIX); done + +clean: + +mostlyclean: clean + +distclean: + rm -f Makefile *~ + +realclean: + diff --git a/crypto/kerberosIV/man/acl_check.3 b/crypto/kerberosIV/man/acl_check.3 new file mode 100644 index 0000000..53bb7c8 --- /dev/null +++ b/crypto/kerberosIV/man/acl_check.3 @@ -0,0 +1,182 @@ +.\" $Id: acl_check.3,v 1.2 1996/06/12 21:29:08 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH ACL_CHECK 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +acl_canonicalize_principal, acl_check, acl_exact_match, acl_add, +acl_delete, acl_initialize \- Access control list routines +.SH SYNOPSIS +.nf +.nj +.ft B +cc <files> \-lacl \-lkrb +.PP +.ft B +#include <krb.h> +.PP +.ft B +acl_canonicalize_principal(principal, buf) +char *principal; +char *buf; +.PP +.ft B +acl_check(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_exact_match(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_add(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_delete(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_initialize(acl_file, mode) +char *acl_file; +int mode; +.fi +.ft R +.SH DESCRIPTION +.SS Introduction +.PP +An access control list (ACL) is a list of principals, where each +principal is represented by a text string which cannot contain +whitespace. The library allows application programs to refer to named +access control lists to test membership and to atomically add and +delete principals using a natural and intuitive interface. At +present, the names of access control lists are required to be Unix +filenames, and refer to human-readable Unix files; in the future, when +a networked ACL server is implemented, the names may refer to a +different namespace specific to the ACL service. +.PP +.SS Principal Names +.PP +Principal names have the form +.nf +.in +5n +<name>[.<instance>][@<realm>] +.in -5n +e.g.: +.in +5n +asp +asp.root +asp@ATHENA.MIT.EDU +asp.@ATHENA.MIT.EDU +asp.root@ATHENA.MIT.EDU +.in -5n +.fi +It is possible for principals to be underspecified. If an instance is +missing, it is assumed to be "". If realm is missing, it is assumed +to be the local realm as determined by +.IR krb_get_lrealm (3). +The canonical form contains all of name, instance, +and realm; the acl_add and acl_delete routines will always +leave the file in that form. Note that the canonical form of +asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU. +.SS Routines +.PP +.I acl_canonicalize_principal +stores the canonical form of +.I principal +in +.IR buf . +.I Buf +must contain enough +space to store a principal, given the limits on the sizes of name, +instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ, +respectively, in +.IR /usr/include/krb.h . +.PP +.I acl_check +returns nonzero if +.I principal +appears in +.IR acl . +Returns 0 if principal +does not appear in acl, or if an error occurs. Canonicalizes +principal before checking, and allows the ACL to contain wildcards. The +only supported wildcards are entries of the form +name.*@realm, *.*@realm, and *.*@*. An asterisk matches any value for the +its component field. For example, "jtkohl.*@*" would match principal +jtkohl, with any instance and any realm. +.PP +.I acl_exact_match +performs like +.IR acl_check , +but does no canonicalization or wildcard matching. +.PP +.I acl_add +atomically adds +.I principal +to +.IR acl . +Returns 0 if successful, nonzero otherwise. It is considered a failure +if +.I principal +is already in +.IR acl . +This routine will canonicalize +.IR principal , +but will treat wildcards literally. +.PP +.I acl_delete +atomically deletes +.I principal +from +.IR acl . +Returns 0 if successful, +nonzero otherwise. It is considered a failure if +.I principal +is not +already in +.IR acl . +This routine will canonicalize +.IR principal , +but will treat wildcards literally. +.PP +.I acl_initialize +initializes +.IR acl_file . +If the file +.I acl_file +does not exist, +.I acl_initialize +creates it with mode +.IR mode . +If the file +.I acl_file +exists, +.I acl_initialize +removes all members. Returns 0 if successful, +nonzero otherwise. WARNING: Mode argument is likely to change with +the eventual introduction of an ACL service. +.SH NOTES +In the presence of concurrency, there is a very small chance that +.I acl_add +or +.I acl_delete +could report success even though it would have +had no effect. This is a necessary side effect of using lock files +for concurrency control rather than flock(2), which is not supported +by NFS. +.PP +The current implementation caches ACLs in memory in a hash-table +format for increased efficiency in checking membership; one effect of +the caching scheme is that one file descriptor will be kept open for +each ACL cached, up to a maximum of 8. +.SH SEE ALSO +kerberos(3), krb_get_lrealm(3) +.SH AUTHOR +James Aspnes (MIT Project Athena) diff --git a/crypto/kerberosIV/man/ext_srvtab.8 b/crypto/kerberosIV/man/ext_srvtab.8 new file mode 100644 index 0000000..4f2c120 --- /dev/null +++ b/crypto/kerberosIV/man/ext_srvtab.8 @@ -0,0 +1,62 @@ +.\" $Id: ext_srvtab.8,v 1.3 1997/04/02 21:09:51 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH EXT_SRVTAB 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +ext_srvtab \- extract service key files from Kerberos key distribution center database +.SH SYNOPSIS +ext_srvtab [ +.B \-n +] [ +.B \-r realm +] [ +.B hostname ... +] +.SH DESCRIPTION +.I ext_srvtab +extracts service key files from the Kerberos key distribution center +(KDC) database. +.PP +Upon execution, it prompts the user to enter the master key string for +the database. If the +.B \-n +option is specified, the master key is instead fetched from the master +key cache file. +.PP +For each +.I hostname +specified on the command line, +.I ext_srvtab +creates the service key file +.IR hostname -new-srvtab, +containing all the entries in the database with an instance field of +.I hostname. +This new file contains all the keys registered for Kerberos-mediated +service providing programs which use the +.IR krb_get_phost (3) +principal and instance conventions to run on the host +.IR hostname . +If the +.B \-r +option is specified, the realm fields in the extracted file will +match the given realm rather than the local realm. +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.SH FILES +.TP 20n +.IR hostname -new-srvtab +Service key file generated for +.I hostname +.TP +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.TP +/.k +Master key cache file. +.SH SEE ALSO +read_service_key(3), krb_get_phost(3) diff --git a/crypto/kerberosIV/man/getusershell.3 b/crypto/kerberosIV/man/getusershell.3 new file mode 100644 index 0000000..84dc3ad --- /dev/null +++ b/crypto/kerberosIV/man/getusershell.3 @@ -0,0 +1,99 @@ +.\" $NetBSD: getusershell.3,v 1.3 1995/02/27 04:13:24 cgd Exp $ +.\" +.\" Copyright (c) 1985, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)getusershell.3 8.1 (Berkeley) 6/4/93 +.\" +.Dd June 4, 1993 +.Dt GETUSERSHELL 3 +.Os BSD 4.3 +.Sh NAME +.Nm getusershell , +.Nm setusershell , +.Nm endusershell +.Nd get legal user shells +.Sh SYNOPSIS +.Ft char * +.Fn getusershell void +.Ft void +.Fn setusershell void +.Ft void +.Fn endusershell void +.Sh DESCRIPTION +The +.Fn getusershell +function +returns a pointer to a legal user shell as defined by the +system manager in the file +.Pa /etc/shells . +If +.Pa /etc/shells +is unreadable or does not exist, +.Fn getusershell +behaves as if +.Pa /bin/sh +and +.Pa /bin/csh +were listed in the file. +.Pp +The +.Fn getusershell +function +reads the next +line (opening the file if necessary); +.Fn setusershell +rewinds the file; +.Fn endusershell +closes it. +.Sh FILES +.Bl -tag -width /etc/shells -compact +.It Pa /etc/shells +.El +.Sh DIAGNOSTICS +The routine +.Fn getusershell +returns a null pointer (0) on +.Dv EOF . +.Sh SEE ALSO +.Xr shells 5 +.Sh HISTORY +The +.Fn getusershell +function appeared in +.Bx 4.3 . +.Sh BUGS +The +.Fn getusershell +function leaves its result in an internal static object and returns +a pointer to that object. Subsequent calls to +.Fn getusershell +will modify the same object. diff --git a/crypto/kerberosIV/man/kadmin.8 b/crypto/kerberosIV/man/kadmin.8 new file mode 100644 index 0000000..3139b25 --- /dev/null +++ b/crypto/kerberosIV/man/kadmin.8 @@ -0,0 +1,176 @@ +.\" $Id: kadmin.8,v 1.4 1997/04/02 21:09:53 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KADMIN 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kadmin \- network utility for Kerberos database administration +.SH SYNOPSIS +.B kadmin [-u user] [-r default_realm] [-m] [-t] +.SH DESCRIPTION +This utility provides a unified administration interface to +the +Kerberos +master database. +Kerberos +administrators +use +.I kadmin +to register new users and services to the master database, +and to change information about existing database entries. +For instance, an administrator can use +.I kadmin +to change a user's +Kerberos +password. +A Kerberos administrator is a user with an ``admin'' instance +whose name appears on one of the Kerberos administration access control +lists. If the \-u option is used, +.I user +will be used as the administrator instead of the local user. +If the \-r option is used, +.I default_realm +will be used as the default realm for transactions. Otherwise, +the local realm will be used by default. +If the \-m option is used, multiple requests will be permitted +on only one entry of the admin password. Some sites won't +support this option. The \-t option is used to tell kadmin to use the +existing ticket file instead of creating a new one. + +The +.I kadmin +program communicates over the network with the +.I kadmind +program, which runs on the machine housing the Kerberos master +database. +The +.I kadmind +creates new entries and makes modifications to the database. + +When you enter the +.I kadmin +command, +the program displays a message that welcomes you and explains +how to ask for help. +Then +.I kadmin +waits for you to enter commands (which are described below). +It then asks you for your +.I admin +password before accessing the database. + +All commands can be abbreviated as long as they are unique. Some +short versions of the commands are also recognized for backwards +compatibility. + +Use the +.I add_new_key +(or +.I ank +for short) +command to register a new principal +with the master database. +The command requires one argument, +the principal's name. The name +given can be fully qualified using +the standard +.I name.instance@realm +convention. +You are asked to enter your +.I admin +password, +then prompted twice to enter the principal's +new password. If no realm is specified, +the local realm is used unless another was +given on the commandline with the \-r flag. +If no instance is +specified, a null instance is used. If +a realm other than the default realm is specified, +you will need to supply your admin password for +the other realm. + +Use the +.I change_password (cpw) +to change a principal's +Kerberos +password. +The command requires one argument, +the principal's +name. +You are asked to enter your +.I admin +password, +then prompted twice to enter the principal's new password. +The name +given can be fully qualified using +the standard +.I name.instance@realm +convention. + +Use the +.I change_key (ckey) +if you have a need to change the raw key of a particular principal. +In other words, if you do not want to input a DES key instead of a +password that will get converted into a DES key. + +Use the +.I change_admin_password (cap) +to change your +.I admin +instance password. +This command requires no arguments. +It prompts you for your old +.I admin +password, then prompts you twice to enter the new +.I admin +password. If this is your first command, +the default realm is used. Otherwise, the realm +used in the last command is used. + +Use the +.I del_entry (del) +to remove an entry from the kerberos database. + +Use the +.I mod_entry (mod) +to modify a particular entry, for example to change the expire date. + +Use the +.I destroy_tickets (dest) +command to destroy your admin tickets explicitly. + +Use the +.I list_requests (lr) +command to get a list of possible commands. + +Use the +.I help +command to display +.IR kadmin's +various help messages. +If entered without an argument, +.I help +displays a general help message. +You can get detailed information on specific +.I kadmin +commands +by entering +.I help +.IR command_name . + +To quit the program, type +.IR quit . + +.SH BUGS +The user interface is primitive, and the command names could be better. + +.SH "SEE ALSO" +kerberos(1), kadmind(8), kpasswd(1), ksrvutil(8) +.br +``A Subsystem Utilities Package for UNIX'' by Ken Raeburn +.SH AUTHORS +Jeffrey I. Schiller, MIT Project Athena +.br +Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/crypto/kerberosIV/man/kadmind.8 b/crypto/kerberosIV/man/kadmind.8 new file mode 100644 index 0000000..477511b --- /dev/null +++ b/crypto/kerberosIV/man/kadmind.8 @@ -0,0 +1,125 @@ +.\" $Id: kadmind.8,v 1.4 1997/04/02 21:09:53 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KADMIND 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kadmind \- network daemon for Kerberos database administration +.SH SYNOPSIS +.B kadmind +[ +.B \-n +] [ +.B \-m +] [ +.B \-h +] [ +.B \-r realm +] [ +.B \-f filename +] [ +.B \-d dbname +] [ +.B \-a acldir +] +.SH DESCRIPTION +.I kadmind +is the network database server for the Kerberos password-changing and +administration tools. +.PP +Upon execution, it fetches the master key from the key cache file. +.PP +If the +.B \-m +option is specified, it instead prompts the user to enter the master +key string for the database. +.PP +The +.B \-n +option is a no-op and is left for compatibility reasons. +.PP +If the +.B \-r +.I realm +option is specified, the admin server will pretend that its +local realm is +.I realm +instead of the actual local realm of the host it is running on. +This makes it possible to run a server for a foreign kerberos +realm. +.PP +If the +.B \-f +.I filename +option is specified, then that file is used to hold the log information +instead of the default. +.PP +If the +.B \-d +.I dbname +option is specified, then that file is used as the database name instead +of the default. +.PP +If the +.B \-a +.I acldir +option is specified, then +.I acldir +is used as the directory in which to search for access control lists +instead of the default. +.PP +If the +.B \-h +option is specified, +.I kadmind +prints out a short summary of the permissible control arguments, and +then exits. +.PP +When performing requests on behalf of clients, +.I kadmind +checks access control lists (ACLs) to determine the authorization of the client +to perform the requested action. +Currently four distinct access types are supported: +.TP 1i +Addition +(.add ACL file). If a principal is on this list, it may add new +principals to the database. +.TP +Retrieval +(.get ACL file). If a principal is on this list, it may retrieve +database entries. NOTE: A principal's private key is never returned by +the get functions. +.TP +Modification +(.mod ACL file). If a principal is on this list, it may modify entries +in the database. +.TP +Deletions +(.del ACL file). If a principal is on this list, if may delete +entries from the database. +.PP +A principal is always granted authorization to change its own password. +.SH FILES +.TP 20n +/kerberos/admin_server.syslog +Default log file. +.TP +/kerberos +Default access control list directory. +.TP +admin_acl.{add,get,mod} +Access control list files (within the directory) +.TP +/kerberos/principal.pag, /kerberos/principal.dir +Default DBM files containing database +.TP +/.k +Master key cache file. +.SH "SEE ALSO" +kerberos(1), kpasswd(1), kadmin(8), acl_check(3) +.SH AUTHORS +Douglas A. Church, MIT Project Athena +.br +John T. Kohl, Project Athena/Digital Equipment Corporation diff --git a/crypto/kerberosIV/man/kafs.3 b/crypto/kerberosIV/man/kafs.3 new file mode 100644 index 0000000..041fd23 --- /dev/null +++ b/crypto/kerberosIV/man/kafs.3 @@ -0,0 +1,122 @@ +.\" $Id: kafs.3,v 1.1 1997/05/07 21:49:02 joda Exp $ +.\" +.Dd May 7, 1997 +.Os KTH-KRB +.Dt KAFS 3 +.Sh NAME +.Nm k_hasafs , +.Nm k_afsklog , +.Nm k_afsklog_uid , +.Nm k_pioctl , +.Nm k_unlog , +.Nm k_setpag , +.Nm k_afs_cell_of_file +.Nd AFS library +.Sh SYNOPSIS +.Fd #include <kafs.h> +.Ft int +.Fn k_afsklog "char *cell" "char *realm" +.Ft int +.Fn k_afsklog_uid "char *cell" "char *realm" "uid_t uid" +.Ft int +.Fn k_afs_cell_of_file "const char *path" "char *cell" "int len" +.Ft int +.Fn k_hasafs +.Ft int +.Fn k_pioctl "char *a_path" "int o_opcode" "struct ViceIoctl *a_paramsP" "int a_followSymlinks" +.Ft int +.Fn k_setpag +.Ft int +.Fn k_unlog +.Sh DESCRIPTION +.Fn k_hasafs +initializes some library internal structures, and tests for the +presense of AFS in the kernel, none of the other functions should be +called before +.Fn k_hasafs +is called, or if it fails. + +.Fn k_afsklog , +and +.Fn k_afsklog_uid +obtains new tokens (and possibly tickets) for the specified +.Fa cell +and +.Fa realm . +If +.Fa cell +is +.Dv NULL , +the local cell is used. If +.Fa realm +is +.Dv NULL , +the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass +.Dv NULL . +.Fn k_afsklog +will use the real user-id for the +.Dv ViceId +field in the token, +.Fn k_afsklog_uid +will use +.Fa uid . + +.Fn k_afs_cell_of_file +will in +.Fa cell +return the cell of a specified file, no more than +.Fa len +characters is put in +.Fa cell . + +.Fn k_pioctl +does a +.Fn pioctl +syscall with the specified arguments. This function is equivalent to +.Fn lpioctl . + +.Fn k_setpag +initializes a new PAG. + +.Fn k_unlog +removes destroys all tokens in the current PAG. + +.Sh RETURN VALUES +.Fn k_hasafs +returns 1 if AFS is present in the kernel, 0 otherwise. +.Fn k_afsklog +and +.Fn k_afsklog_uid +returns 0 on success, or a kerberos error number on failure. +.Fn k_afs_cell_of_file , +.Fn k_pioctl , +.Fn k_setpag , +and +.Fn k_unlog +all return the value of the underlaying system call, 0 on success. +.Sh EXAMPLES +The following code from +.Nm login +will obtain a new PAG and tokens for the local cell and the cell of +the users home directory. +.Bd -literal +if (k_hasafs()) { + char cell[64]; + k_setpag(); + if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) + k_afsklog(cell, 0); + k_afsklog(0, 0); +} +.Ed +.Sh ERRORS +If any of these functions (appart from +.Fn k_hasafs ) +is called without AFS beeing present in the kernel, the process will +usually (depending on the operating system) receive a SIGSYS signal. +.Sh SEE ALSO +.Rs +.%A Transarc Corporation +.%J AFS-3 Programmer's Reference +.%T File Server/Cache Manager Interface +.%D 1991 +.Re
\ No newline at end of file diff --git a/crypto/kerberosIV/man/kauth.1 b/crypto/kerberosIV/man/kauth.1 new file mode 100644 index 0000000..cc71b29 --- /dev/null +++ b/crypto/kerberosIV/man/kauth.1 @@ -0,0 +1,65 @@ +.\" $Id: kauth.1,v 1.1 1996/05/04 01:49:34 d91-jda Exp $ +.\" +.Dd May 4, 1996 +.Dt KAUTH 1 +.Os KTH-KRB +.Sh NAME +.Nm kauth +.Nd +overworked Kerberos login program +.Sh SYNOPSIS +.Nm +.Op Fl n Ar name +.Op Fl r Ar remote user +.Op Fl t Pa remote ticket file +.Op Fl h Ar hosts... +.Op Fl l Ar lifetime +.Op Fl f Pa srvtab +.Op Fl c Ar cell +.Op Ar command ... +.Sh DESCRIPTION +The +.Nm +command obtains ticket granting tickets as well as AFS ticket and +tokens. It also does a whole lot of other stuff. +.Pp +The following flags are supported: +.Bl -tag -width xxxx +.It Fl n +Principal to get tickets for. If no other arguments are present this +can be given without the +.Fl n +flag. +.It Fl h +Remote hosts to obtain tickets for. This works similar to the MIT +Athena Kerberos 4 patchlevel 10 command +.Xr rkinit 1 , +however not in a compatible way. It requires that the remote host runs +the +.Xr kauthd 8 , +server. The +.Fl r +and +.Fl t +flags are useful only with this option. +.It Fl r +User on the remote host that should own the ticket file. +.It Fl t +Ticket file on remote host. +.It Fl l +Lifetime of tickets i minutes +.It Fl f +Srvtab to get service keys from. Default is +.Pa /etc/srvtab . +This is mainly used with batch services that need to run +authenticated. If any command is given, it will be executed in an +authenticated fashion and when the program exits the tickets are +destroyed. For long running jobs the tickets will be renewed. +.It Fl c +AFS cell to get tokens for, default is your local cell. +.El +.Sh SEE ALSO +.Xr kinit 1 , +.Xr kauthd 8 +.Sh BUGS +There is no help-switch. diff --git a/crypto/kerberosIV/man/kauthd.8 b/crypto/kerberosIV/man/kauthd.8 new file mode 100644 index 0000000..4978ff2 --- /dev/null +++ b/crypto/kerberosIV/man/kauthd.8 @@ -0,0 +1,27 @@ +.\" $Id: kauthd.8,v 1.2 1996/09/28 22:04:48 assar Exp $ +.\" +.Dd September 27, 1996 +.Dt KAUTHD 8 +.Os KTH-KRB +.Sh NAME +.Nm kauthd +.Nd +remote Kerberos login daemon +.Sh SYNOPSIS +.Nm +.Sh DESCRIPTION +Daemon for the +.Xr kauth 1 +command. +.Pp +Options supported by +.Nm kauthd : +.Bl -tag -width Ds +.It Fl i +Interactive. Do not expect to be started by +.Nm inetd, +but allocate and listen to the socket yourself. Handy for testing +and debugging. +.El +.Sh SEE ALSO +.Xr kauth 1 diff --git a/crypto/kerberosIV/man/kdb_destroy.8 b/crypto/kerberosIV/man/kdb_destroy.8 new file mode 100644 index 0000000..c6e4739 --- /dev/null +++ b/crypto/kerberosIV/man/kdb_destroy.8 @@ -0,0 +1,32 @@ +.\" $Id: kdb_destroy.8,v 1.3 1997/04/02 21:09:54 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_DESTROY 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_destroy \- destroy Kerberos key distribution center database +.SH SYNOPSIS +kdb_destroy +.SH DESCRIPTION +.I kdb_destroy +deletes a Kerberos key distribution center database. +.PP +The user is prompted to verify that the database should be destroyed. A +response beginning with `y' or `Y' confirms deletion. +Any other response aborts deletion. +.SH DIAGNOSTICS +.TP 20n +"Database cannot be deleted at /var/kerberos/principal" +The attempt to delete the database failed (probably due to a system or +access permission error). +.TP +"Database not deleted." +The user aborted the deletion. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.SH SEE ALSO +kdb_init(8) diff --git a/crypto/kerberosIV/man/kdb_edit.8 b/crypto/kerberosIV/man/kdb_edit.8 new file mode 100644 index 0000000..14f7e92 --- /dev/null +++ b/crypto/kerberosIV/man/kdb_edit.8 @@ -0,0 +1,54 @@ +.\" $Id: kdb_edit.8,v 1.3 1997/04/02 21:09:54 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_EDIT 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_edit \- Kerberos key distribution center database editing utility +.SH SYNOPSIS +kdb_edit [ +.B \-n +] +.SH DESCRIPTION +.I kdb_edit +is used to create or change principals stored in the Kerberos key +distribution center (KDC) database. +.PP +When executed, +.I kdb_edit +prompts for the master key string and verifies that it matches the +master key stored in the database. +If the +.B \-n +option is specified, the master key is instead fetched from the master +key cache file. +.PP +Once the master key has been verified, +.I kdb_edit +begins a prompt loop. The user is prompted for the principal and +instance to be modified. If the entry is not found the user may create +it. +Once an entry is found or created, the user may set the password, +expiration date, maximum ticket lifetime, and attributes. +Default expiration dates, maximum ticket lifetimes, and attributes are +presented in brackets; if the user presses return the default is selected. +There is no default password. +The password RANDOM is interpreted specially, and if entered +the user may have the program select a random DES key for the +principal. +.PP +Upon successfully creating or changing the entry, ``Edit O.K.'' is +printed. +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.TP +/.k +Master key cache file. diff --git a/crypto/kerberosIV/man/kdb_init.8 b/crypto/kerberosIV/man/kdb_init.8 new file mode 100644 index 0000000..f019dd4 --- /dev/null +++ b/crypto/kerberosIV/man/kdb_init.8 @@ -0,0 +1,37 @@ +.\" $Id: kdb_init.8,v 1.3 1997/04/02 21:09:54 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_INIT 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_init \- Initialize Kerberos key distribution center database +.SH SYNOPSIS +kdb_init [ +.B realm +] +.SH DESCRIPTION +.I kdb_init +initializes a Kerberos key distribution center database, creating the +necessary principals. +.PP +If the optional +.I realm +argument is not present, +.I kdb_init +prompts for a realm name. +After determining the realm to be created, it prompts for +a master key password. The master key password is used to encrypt +every encryption key stored in the database. +.SH DIAGNOSTICS +.TP 20n +"/var/kerberos/principal: File exists" +An attempt was made to create a database on a machine which already had +an existing database. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.SH SEE ALSO +kdb_destroy(8) diff --git a/crypto/kerberosIV/man/kdb_util.8 b/crypto/kerberosIV/man/kdb_util.8 new file mode 100644 index 0000000..0e3c201 --- /dev/null +++ b/crypto/kerberosIV/man/kdb_util.8 @@ -0,0 +1,68 @@ +.\" $Id: kdb_util.8,v 1.3 1997/04/02 20:45:38 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_UTIL 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_util \- Kerberos key distribution center database utility +.SH SYNOPSIS +kdb_util +.B operation filename +.SH DESCRIPTION +.I kdb_util +allows the Kerberos key distribution center (KDC) database administrator to +perform utility functions on the database. +.PP +.I Operation +must be one of the following: +.TP 10n +.I load +initializes the KDC database with the records described by the +text contained in the file +.IR filename . +Any existing database is overwritten. +.TP +.I dump +dumps the KDC database into a text representation in the file +.IR filename . +.TP +.I slave_dump +performs a database dump like the +.I dump +operation, and additionally creates a semaphore file signalling the +propagation software that an update is available for distribution to +slave KDC databases. +.TP +.I merge +merges in the entries from +.IR filename +into the database. +.TP +.I new_master_key +prompts for the old and new master key strings, and then dumps the KDC +database into a text representation in the file +.IR filename . +The keys in the text representation are encrypted in the new master key. +.TP +.I convert_old_db +prompts for the master key string, and then dumps the KDC database into +a text representation in the file +.IR filename . +The existing database is assumed to be encrypted using the old format +(encrypted by the key schedule of the master key); the dumped database +is encrypted using the new format (encrypted directly with master key). +.PP +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.SH FILES +.TP 20n +/kerberos/principal.pag, /kerberos/principal.dir +DBM files containing database +.TP +.IR filename .ok +semaphore file created by +.IR slave_dump. diff --git a/crypto/kerberosIV/man/kdestroy.1 b/crypto/kerberosIV/man/kdestroy.1 new file mode 100644 index 0000000..66ffd39 --- /dev/null +++ b/crypto/kerberosIV/man/kdestroy.1 @@ -0,0 +1,88 @@ +.\" $Id: kdestroy.1,v 1.3 1996/06/12 21:29:16 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDESTROY 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdestroy \- destroy Kerberos tickets +.SH SYNOPSIS +.B kdestroy +[ +.B \-f +] +[ +.B \-q +] +[ +.B \-t +] +.SH DESCRIPTION +The +.I kdestroy +utility destroys the user's active +Kerberos +authorization tickets by writing zeros to the file that contains them. +If the ticket file does not exist, +.I kdestroy +displays a message to that effect. +.PP +After overwriting the file, +.I kdestroy +removes the file from the system. +The utility +displays a message indicating the success or failure of the +operation. +If +.I kdestroy +is unable to destroy the ticket file, +the utility will warn you by making your terminal beep. +.PP +In the Athena workstation environment, +the +.I toehold +service automatically destroys your tickets when you +end a workstation session. +If your site does not provide a similar ticket-destroying mechanism, +you can place the +.I kdestroy +command in your +.I .logout +file so that your tickets are destroyed automatically +when you logout. +.PP +The options to +.I kdestroy +are as follows: +.TP 7 +.B \-f +.I kdestroy +runs without displaying the status message. +.TP +.B \-q +.I kdestroy +will not make your terminal beep if it fails to destroy the tickets. +.TP +.B \-t +.I kdestroy +will not remove any afs-tokens. Without this flag the tokens +associated with the current PAG is destroyed. +.SH FILES +KRBTKFILE environment variable if set, otherwise +.br +/tmp/tkt[uid] +.SH SEE ALSO +kerberos(1), kinit(1), klist(1) +.SH BUGS +.PP +Only the tickets in the user's current ticket file are destroyed. +Separate ticket files are used to hold root instance and password +changing tickets. These files should probably be destroyed too, or +all of a user's tickets kept in a single ticket file. +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.br +Clifford Neuman, MIT Project Athena +.br +Bill Sommerfeld, MIT Project Athena diff --git a/crypto/kerberosIV/man/kerberos.1 b/crypto/kerberosIV/man/kerberos.1 new file mode 100644 index 0000000..aced5a5 --- /dev/null +++ b/crypto/kerberosIV/man/kerberos.1 @@ -0,0 +1,258 @@ +.\" $Id: kerberos.1,v 1.2 1996/06/12 21:29:16 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KERBEROS 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kerberos \- introduction to the Kerberos system + +.SH DESCRIPTION +The +Kerberos +system authenticates +individual users in a network environment. +After authenticating yourself to +Kerberos, +you can use network utilities such as +.IR rlogin , +.IR rcp , +and +.IR rsh +without +having to present passwords to remote hosts and without having to bother +with +.I \.rhosts +files. +Note that these utilities will work without passwords only if +the remote machines you deal with +support the +Kerberos +system. +All Athena timesharing machines and public workstations support +Kerberos. +.PP +Before you can use +Kerberos, +you must register as an Athena user, +and you must make sure you have been added to +the +Kerberos +database. +You can use the +.I kinit +command to find out. +This command +tries to log you into the +Kerberos +system. +.I kinit +will prompt you for a username and password. +Enter your username and password. +If the utility lets you login without giving you a message, +you have already been registered. +.PP +If you enter your username and +.I kinit +responds with this message: +.nf + +Principal unknown (kerberos) + +.fi +you haven't been registered as a +Kerberos +user. +See your system administrator. +.PP +A Kerberos name contains three parts. +The first is the +.I principal name, +which is usually a user's or service's name. +The second is the +.I instance, +which in the case of a user is usually null. +Some users may have privileged instances, however, +such as ``root'' or ``admin''. +In the case of a service, the instance is the +name of the machine on which it runs; i.e. there +can be an +.I rlogin +service running on the machine ABC, which +is different from the rlogin service running on +the machine XYZ. +The third part of a Kerberos name +is the +.I realm. +The realm corresponds to the Kerberos service providing +authentication for the principal. +For example, at MIT there is a Kerberos running at the +Laboratory for Computer Science and one running at +Project Athena. +.PP +When writing a Kerberos name, the principal name is +separated from the instance (if not null) by a period, +and the realm (if not the local realm) follows, preceded by +an ``@'' sign. +The following are examples of valid Kerberos names: +.sp +.nf +.in +8 +billb +jis.admin +srz@lcs.mit.edu +treese.root@athena.mit.edu +.in -8 +.fi +.PP +When you authenticate yourself with +Kerberos, +through either the workstation +.I toehold +system or the +.I kinit +command, +Kerberos +gives you an initial +Kerberos +.IR ticket . +(A +Kerberos +ticket +is an encrypted protocol message that provides authentication.) +Kerberos +uses this ticket for network utilities +such as +.I rlogin +and +.IR rcp . +The ticket transactions are done transparently, +so you don't have to worry about their management. +.PP +Note, however, that tickets expire. +Privileged tickets, such as root instance tickets, +expire in a few minutes, while tickets that carry more ordinary +privileges may be good for several hours or a day, depending on the +installation's policy. +If your login session extends beyond the time limit, +you will have to re-authenticate yourself to +Kerberos +to get new tickets. +Use the +.IR kinit +command to re-authenticate yourself. +.PP +If you use the +.I kinit +command to get your tickets, +make sure you use the +.I kdestroy +command +to destroy your tickets before you end your login session. +You should probably put the +.I kdestroy +command in your +.I \.logout +file so that your tickets will be destroyed automatically when you logout. +For more information about the +.I kinit +and +.I kdestroy +commands, +see the +.I kinit(1) +and +.I kdestroy(1) +manual pages. +.PP +Currently, +Kerberos +supports the following network services: +.IR rlogin , +.IR rsh , +and +.IR rcp . +Other services are being worked on, +such as the +.IR pop +mail system and NFS (network file system), +but are not yet available. + +.SH "SEE ALSO" +kdestroy(1), kinit(1), klist(1), kpasswd(1), des_crypt(3), kerberos(3), +kadmin(8) +.SH BUGS +Kerberos +will not do authentication forwarding. +In other words, +if you use +.I rlogin +to login to a remote host, +you cannot use +Kerberos +services from that host +until you authenticate yourself explicitly on that host. +Although you may need to authenticate yourself on the remote +host, +be aware that when you do so, +.I rlogin +sends your password across the network in clear text. + +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.br +Clifford Neuman, MIT Project Athena + +The following people helped out on various aspects of the system: + +Jeff Schiller designed and wrote the administration server and its +user interface, kadmin. +He also wrote the dbm version of the database management system. + +Mark Colan developed the +Kerberos +versions of +.IR rlogin , +.IR rsh , +and +.IR rcp , +as well as contributing work on the servers. + +John Ostlund developed the +Kerberos +versions of +.I passwd +and +.IR userreg . + +Stan Zanarotti pioneered Kerberos in a foreign realm (LCS), +and made many contributions based on that experience. + +Many people contributed code and/or useful ideas, including +Jim Aspnes, +Bob Baldwin, +John Barba, +Richard Basch, +Jim Bloom, +Bill Bryant, +Rob French, +Dan Geer, +David Jedlinsky, +John Kohl, +John Kubiatowicz, +Bob McKie, +Brian Murphy, +Ken Raeburn, +Chris Reed, +Jon Rochlis, +Mike Shanzer, +Bill Sommerfeld, +Jennifer Steiner, +Ted Ts'o, +and +Win Treese. + +.SH RESTRICTIONS + +COPYRIGHT 1985,1986 Massachusetts Institute of Technology diff --git a/crypto/kerberosIV/man/kerberos.3 b/crypto/kerberosIV/man/kerberos.3 new file mode 100644 index 0000000..71da54d --- /dev/null +++ b/crypto/kerberosIV/man/kerberos.3 @@ -0,0 +1,460 @@ +.\" $Id: kerberos.3,v 1.2 1996/06/12 21:29:18 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred, +krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err, +krb_rd_err, krb_ck_repl \- Kerberos authentication library +.SH SYNOPSIS +.nf +.nj +.ft B +#include <des.h> +#include <krb.h> +.PP +.ft B +extern char *krb_err_txt[]; +.PP +.ft B +int krb_mk_req(authent,service,instance,realm,checksum) +KTEXT authent; +char *service; +char *instance; +char *realm; +u_long checksum; +.PP +.ft B +int krb_rd_req(authent,service,instance,from_addr,ad,fn) +KTEXT authent; +char *service; +char *instance; +u_long from_addr; +AUTH_DAT *ad; +char *fn; +.PP +.ft B +int krb_kntoln(ad,lname) +AUTH_DAT *ad; +char *lname; +.PP +.ft B +int krb_set_key(key,cvt) +char *key; +int cvt; +.PP +.ft B +int krb_get_cred(service,instance,realm,c) +char *service; +char *instance; +char *realm; +CREDENTIALS *c; +.PP +.ft B +long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver) +u_char *in; +u_char *out; +u_long in_length; +des_cblock key; +des_key_schedule schedule; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +.PP +.ft B +long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data) +u_char *in; +u_long in_length; +Key_schedule schedule; +des_cblock key; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +MSG_DAT *msg_data; +.PP +.ft B +long krb_mk_safe(in,out,in_length,key,sender,receiver) +u_char *in; +u_char *out; +u_long in_length; +des_cblock key; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +.PP +.ft B +long krb_rd_safe(in,length,key,sender,receiver,msg_data) +u_char *in; +u_long length; +des_cblock key; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +MSG_DAT *msg_data; +.PP +.ft B +long krb_mk_err(out,code,string) +u_char *out; +long code; +char *string; +.PP +.ft B +long krb_rd_err(in,length,code,msg_data) +u_char *in; +u_long length; +long code; +MSG_DAT *msg_data; +.fi +.ft R +.SH DESCRIPTION +This library supports network authentication and various related +operations. The library contains many routines beyond those described +in this man page, but they are not intended to be used directly. +Instead, they are called by the routines that are described, the +authentication server and the login program. +.PP +.I krb_err_txt[] +contains text string descriptions of various Kerberos error codes returned +by some of the routines below. +.PP +.I krb_mk_req +takes a pointer to a text structure in which an authenticator is to be +built. It also takes the name, instance, and realm of the service to be +used and an optional checksum. It is up to the application to decide +how to generate the checksum. +.I krb_mk_req +then retrieves a ticket for the desired service and creates an +authenticator. The authenticator is built in +.I authent +and is accessible +to the calling procedure. +.PP +It is up to the application to get the authenticator to the service +where it will be read by +.I krb_rd_req. +Unless an attacker posesses the session key contained in the ticket, it +will be unable to modify the authenticator. Thus, the checksum can be +used to verify the authenticity of the other data that will pass through +a connection. +.PP +.I krb_rd_req +takes an authenticator of type +.B KTEXT, +a service name, an instance, the address of the +host originating the request, and a pointer to a structure of type +.B AUTH_DAT +which is filled in with information obtained from the authenticator. +It also optionally takes the name of the file in which it will find the +secret key(s) for the service. +If the supplied +.I instance +contains "*", then the first service key with the same service name +found in the service key file will be used, and the +.I instance +argument will be filled in with the chosen instance. This means that +the caller must provide space for such an instance name. +.PP +It is used to find out information about the principal when a request +has been made to a service. It is up to the application protocol to get +the authenticator from the client to the service. The authenticator is +then passed to +.I krb_rd_req +to extract the desired information. +.PP +.I krb_rd_req +returns zero (RD_AP_OK) upon successful authentication. If a packet was +forged, modified, or replayed, authentication will fail. If the +authentication fails, a non-zero value is returned indicating the +particular problem encountered. See +.I krb.h +for the list of error codes. +.PP +If the last argument is the null string (""), krb_rd_req will use the +file /etc/srvtab to find its keys. If the last argument is NULL, it +will assume that the key has been set by +.I krb_set_key +and will not bother looking further. +.PP +.I krb_kntoln +converts a Kerberos name to a local name. It takes a structure +of type AUTH_DAT and uses the name and instance to look in the database +/etc/aname to find the corresponding local name. The local name is +returned and can be used by an application to change uids, directories, +or other parameters. It is not an integral part of Kerberos, but is +instead provided to support the use of Kerberos in existing utilities. +.PP +.I krb_set_key +takes as an argument a des key. It then creates +a key schedule from it and saves the original key to be used as an +initialization vector. +It is used to set the server's key which +must be used to decrypt tickets. +.PP +If called with a non-zero second argument, +.I krb_set_key +will first convert the input from a string of arbitrary length to a DES +key by encrypting it with a one-way function. +.PP +In most cases it should not be necessary to call +.I krb_set_key. +The necessary keys will usually be obtained and set inside +.I krb_rd_req. krb_set_key +is provided for those applications that do not wish to place the +application keys on disk. +.PP +.I krb_get_cred +searches the caller's ticket file for a ticket for the given service, instance, +and realm; and, if a ticket is found, fills in the given CREDENTIALS structure +with the ticket information. +.PP +If the ticket was found, +.I krb_get_cred +returns GC_OK. +If the ticket file can't be found, can't be read, doesn't belong to +the user (other than root), isn't a regular file, or is in the wrong +mode, the error GC_TKFIL is returned. +.PP +.I krb_mk_priv +creates an encrypted, authenticated +message from any arbitrary application data, pointed to by +.I in +and +.I in_length +bytes long. +The private session key, pointed to by +.I key +and the key schedule, +.I schedule, +are used to encrypt the data and some header information using +.I pcbc_encrypt. +.I sender +and +.I receiver +point to the Internet address of the two parties. +In addition to providing privacy, this protocol message protects +against modifications, insertions or replays. The encapsulated message and +header are placed in the area pointed to by +.I out +and the routine returns the length of the output, or -1 indicating +an error. +.PP +.I krb_rd_priv +decrypts and authenticates a received +.I krb_mk_priv +message. +.I in +points to the beginning of the received message, whose length +is specified in +.I in_length. +The private session key, pointed to by +.I key, +and the key schedule, +.I schedule, +are used to decrypt and verify the received message. +.I msg_data +is a pointer to a +.I MSG_DAT +struct, defined in +.I krb.h. +The routine fills in the +.I app_data +field with a pointer to the decrypted application data, +.I app_length +with the length of the +.I app_data +field, +.I time_sec +and +.I time_5ms +with the timestamps in the message, and +.I swap +with a 1 if the byte order of the receiver is different than that of +the sender. (The application must still determine if it is appropriate +to byte-swap application data; the Kerberos protocol fields are already taken +care of). The +.I hash +field returns a value useful as input to the +.I krb_ck_repl +routine. + +The routine returns zero if ok, or a Kerberos error code. Modified messages +and old messages cause errors, but it is up to the caller to +check the time sequence of messages, and to check against recently replayed +messages using +.I krb_ck_repl +if so desired. +.PP +.I krb_mk_safe +creates an authenticated, but unencrypted message from any arbitrary +application data, +pointed to by +.I in +and +.I in_length +bytes long. +The private session key, pointed to by +.I key, +is used to seed the +.I quad_cksum() +checksum algorithm used as part of the authentication. +.I sender +and +.I receiver +point to the Internet address of the two parties. +This message does not provide privacy, but does protect (via detection) +against modifications, insertions or replays. The encapsulated message and +header are placed in the area pointed to by +.I out +and the routine returns the length of the output, or -1 indicating +an error. +The authentication provided by this routine is not as strong as that +provided by +.I krb_mk_priv +or by computing the checksum using +.I cbc_cksum +instead, both of which authenticate via DES. +.PP + +.I krb_rd_safe +authenticates a received +.I krb_mk_safe +message. +.I in +points to the beginning of the received message, whose length +is specified in +.I in_length. +The private session key, pointed to by +.I key, +is used to seed the quad_cksum() routine as part of the authentication. +.I msg_data +is a pointer to a +.I MSG_DAT +struct, defined in +.I krb.h . +The routine fills in these +.I MSG_DAT +fields: +the +.I app_data +field with a pointer to the application data, +.I app_length +with the length of the +.I app_data +field, +.I time_sec +and +.I time_5ms +with the timestamps in the message, and +.I swap +with a 1 if the byte order of the receiver is different than that of +the sender. +(The application must still determine if it is appropriate +to byte-swap application data; the Kerberos protocol fields are already taken +care of). The +.I hash +field returns a value useful as input to the +.I krb_ck_repl +routine. + +The routine returns zero if ok, or a Kerberos error code. Modified messages +and old messages cause errors, but it is up to the caller to +check the time sequence of messages, and to check against recently replayed +messages using +.I krb_ck_repl +if so desired. +.PP +.I krb_mk_err +constructs an application level error message that may be used along +with +.I krb_mk_priv +or +.I krb_mk_safe. +.I out +is a pointer to the output buffer, +.I code +is an application specific error code, and +.I string +is an application specific error string. + +.PP +.I krb_rd_err +unpacks a received +.I krb_mk_err +message. +.I in +points to the beginning of the received message, whose length +is specified in +.I in_length. +.I code +is a pointer to a value to be filled in with the error +value provided by the application. +.I msg_data +is a pointer to a +.I MSG_DAT +struct, defined in +.I krb.h . +The routine fills in these +.I MSG_DAT +fields: the +.I app_data +field with a pointer to the application error text, +.I app_length +with the length of the +.I app_data +field, and +.I swap +with a 1 if the byte order of the receiver is different than that of +the sender. (The application must still determine if it is appropriate +to byte-swap application data; the Kerberos protocol fields are already taken +care of). + +The routine returns zero if the error message has been successfully received, +or a Kerberos error code. +.PP +The +.I KTEXT +structure is used to pass around text of varying lengths. It consists +of a buffer for the data, and a length. krb_rd_req takes an argument of this +type containing the authenticator, and krb_mk_req returns the +authenticator in a structure of this type. KTEXT itself is really a +pointer to the structure. The actual structure is of type KTEXT_ST. +.PP +The +.I AUTH_DAT +structure is filled in by krb_rd_req. It must be allocated before +calling krb_rd_req, and a pointer to it is passed. The structure is +filled in with data obtained from Kerberos. +.I MSG_DAT +structure is filled in by either krb_rd_priv, krb_rd_safe, or +krb_rd_err. It must be allocated before the call and a pointer to it +is passed. The structure is +filled in with data obtained from Kerberos. +.PP +.SH FILES +/usr/include/krb.h +.br +/usr/lib/libkrb.a +.br +/usr/include/des.h +.br +/usr/lib/libdes.a +.br +/etc/aname +.br +/etc/srvtab +.br +/tmp/tkt[uid] +.SH "SEE ALSO" +kerberos(1), des_crypt(3) +.SH DIAGNOSTICS +.SH BUGS +The caller of +.I krb_rd_req, krb_rd_priv, and krb_rd_safe +must check time order and for replay attempts. +.I krb_ck_repl +is not implemented yet. +.SH AUTHORS +Clifford Neuman, MIT Project Athena +.br +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.SH RESTRICTIONS +COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology diff --git a/crypto/kerberosIV/man/kerberos.8 b/crypto/kerberosIV/man/kerberos.8 new file mode 100644 index 0000000..6a64c57 --- /dev/null +++ b/crypto/kerberosIV/man/kerberos.8 @@ -0,0 +1,44 @@ +.\" $Id: kerberos.8,v 1.1 1996/11/14 22:14:55 assar Exp $ +.\" +.Dd November 14, 1996 +.Dt KERBEROS 8 +.Os KTH-KRB +.Sh NAME +.Nm kerberos +.Nd The kerberos daemon +.Sh SYNPOSIS +.Nm +.Op Fl snm +.Op Fl p Ar pause +.Op Fl a Ar max age +.Op Fl l Ar log +.Op Fl r Ar realm +.Ar database +.Sh DESCRIPTION +This is the +.Nm +daemon. +.Pp +Options: +.Bl -tag -width -ident +.It Fl s +Set slave parameters. This will enable check to see if data is +getting too stale relative to the master. +.It Fl n +Do not check max age. +.It Fl m +Run manually and prompt for master key. +.It Fl p +Pause for +.Ar pause +before dying. +.It Fl a +Set the +.Ar max age +before the database is considered stale. +.It Fl l +Write the log to +.Ar log +.It Fl r +Run as a server for realm +.Ar realm diff --git a/crypto/kerberosIV/man/kinit.1 b/crypto/kerberosIV/man/kinit.1 new file mode 100644 index 0000000..b70ce4b --- /dev/null +++ b/crypto/kerberosIV/man/kinit.1 @@ -0,0 +1,136 @@ +.\" $Id: kinit.1,v 1.3 1997/04/02 21:09:55 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kinit \- Kerberos login utility +.SH SYNOPSIS +.B kinit +[ +.B \-irvlp +] +.SH DESCRIPTION +The +.I kinit +command is used to login to the +Kerberos +authentication and authorization system. +Note that only registered +Kerberos +users can use the +Kerberos +system. +For information about registering as a +Kerberos +user, +see the +.I kerberos(1) +manual page. +.PP +If you are logged in to a workstation that is running the +.I toehold +service, +you do not have to use +.I kinit. +The +.I toehold +login procedure will log you into +Kerberos +automatically. +You will need to use +.I kinit +only in those situations in which +your original tickets have expired. +(Tickets expire in about a day.) +Note as well that +.I toehold +will automatically destroy your tickets when you logout from the workstation. +.PP +When you use +.I kinit +without options, +the utility +prompts for your username and Kerberos password, +and tries to authenticate your login with the local +Kerberos +server. +.PP +If +Kerberos +authenticates the login attempt, +.I kinit +retrieves your initial ticket and puts it in the ticket file specified by +your KRBTKFILE environment variable. +If this variable is undefined, +your ticket will be stored in the +.IR /tmp +directory, +in the file +.I tktuid , +where +.I uid +specifies your user identification number. +.PP +If you have logged in to +Kerberos +without the benefit of the workstation +.I toehold +system, +make sure you use the +.I kdestroy +command to destroy any active tickets before you end your login session. +You may want to put the +.I kdestroy +command in your +.I \.logout +file so that your tickets will be destroyed automatically when you logout. +.PP +The options to +.I kinit +are as follows: +.TP 7 +.B \-i +.I kinit +prompts you for a +Kerberos +instance. +.TP +.B \-r +.I kinit +prompts you for a +Kerberos +realm. +This option lets you authenticate yourself with a remote +Kerberos +server. +.TP +.B \-v +Verbose mode. +.I kinit +prints the name of the ticket file used, and +a status message indicating the success or failure of +your login attempt. +.TP +.B \-l +.I kinit +prompts you for a ticket lifetime in minutes. Due to protocol +restrictions in Kerberos Version 4, this value must be between 5 and +1275 minutes. +.TP +.B \-p +.I kinit +will acquires a ticket for chpass.kerberos. +.SH SEE ALSO +.PP +kerberos(1), kdestroy(1), klist(1), toehold(1) +.SH BUGS +The +.B \-r +option has not been fully implemented. +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.br +Clifford Neuman, MIT Project Athena diff --git a/crypto/kerberosIV/man/klist.1 b/crypto/kerberosIV/man/klist.1 new file mode 100644 index 0000000..76dec02 --- /dev/null +++ b/crypto/kerberosIV/man/klist.1 @@ -0,0 +1,83 @@ +.\" $Id: klist.1,v 1.2 1996/06/12 21:29:19 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KLIST 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +klist \- list currently held Kerberos tickets +.SH SYNOPSIS +.B klist +[ +\fB\-s \fR|\fB \-t\fR +] [ +.B \-file +name ] [ +.B \-srvtab +] +.br +.SH DESCRIPTION +.I klist +prints the name of the tickets file and the +identity of the principal the tickets are for (as listed in the +tickets file), and +lists the principal names of all Kerberos tickets currently held by +the user, along with the issue and expire time for each authenticator. +Principal names are listed in the form +.I name.instance@realm, +with the '.' omitted if the instance is null, +and the '@' omitted if the realm is null. + +If given the +.B \-s +option, +.I klist +does not print the issue and expire times, the name of the tickets file, +or the identity of the principal. + +If given the +.B \-t +option, +.B klist +checks for the existence of a non-expired ticket-granting-ticket in the +ticket file. If one is present, it exits with status 0, else it exits +with status 1. No output is generated when this option is specified. + +If given the +.B \-file +option, the following argument is used as the ticket file. +Otherwise, if the +.B KRBTKFILE +environment variable is set, it is used. +If this environment variable +is not set, the file +.B /tmp/tkt[uid] +is used, where +.B uid +is the current user-id of the user. + +If given the +.B \-srvtab +option, the file is treated as a service key file, and the names of the +keys contained therein are printed. If no file is +specified with a +.B \-file +option, the default is +.IR /etc/srvtab . +.SH FILES +.TP 2i +/etc/krb.conf +to get the name of the local realm +.TP +/tmp/tkt[uid] +as the default ticket file ([uid] is the decimal UID of the user). +.TP +/etc/srvtab +as the default service key file +.SH SEE ALSO +.PP +kerberos(1), kinit(1), kdestroy(1) +.SH BUGS +When reading a file as a service key file, very little sanity or error +checking is performed. diff --git a/crypto/kerberosIV/man/kprop.8 b/crypto/kerberosIV/man/kprop.8 new file mode 100644 index 0000000..376f715 --- /dev/null +++ b/crypto/kerberosIV/man/kprop.8 @@ -0,0 +1,58 @@ +.\" $Id: kprop.8,v 1.2 1996/06/15 17:03:22 assar Exp $ +.\" +.Dd June 7, 1996 +.Dt KPROP 8 +.Os KTH-KRB +.Sh NAME +.Nm kprop +.Nd +the kerberos slave server update client +.Sh SYNOPSIS +.Nm +.Op Fl force +.Op Fl realm Ar realm +.Op Ar dump-file +.Op Ar slave-file +.Sh DESCRIPTION +Changes to the database, such as changed passwords, are only made to +the master server through the +.Nm kadmind +service. To propagate these changes to the slave servers, +.Nm +should be run regularly on the master server. + +The following options are recognised. + +.Bl -tag -width -force +.It Fl force +Propagate even if there hasn't been an update to the dump file since +last time. +.It Fl realm +Realm if other than the default. +.It dump-file +is a file created with +.Ic kdb_util slave_dump , +default is +.Pa /var/kerberos/slave_dump . +.It slave-file +Contains the names of the slave servers. Default is +.Pa /var/kerberos/slaves . +.El + +.Nm +will use the principal +.Nm rcmd.kerberos +to authenticate to the master servers. This principal has to be added +to the database, and it should also be put into the service key file +on the master server. + +.Sh FILES +.Bl -tag -width indent -compact +.It Pa /var/kerberos/slave_dump +.It Pa /var/kerberos/slaves +.It Pa /etc/srvtab +.El +.Sh SEE ALSO +.Xr kpropd 8 , +.Xr kerberos 8 , +.Xr kadmind 8 diff --git a/crypto/kerberosIV/man/kpropd.8 b/crypto/kerberosIV/man/kpropd.8 new file mode 100644 index 0000000..d1dbd16 --- /dev/null +++ b/crypto/kerberosIV/man/kpropd.8 @@ -0,0 +1,63 @@ +.\" $Id: kpropd.8,v 1.2 1997/02/07 22:04:55 assar Exp $ +.\" +.Dd June 7, 1996 +.Dt KPROPD 8 +.Os KTH-KRB +.Sh NAME +.Nm kpropd +.Nd +the kerberos slave server update facility +.Sh SYNOPSIS +.Nm +.Op Fl i +.Op Fl d Ar database +.Op Fl l Ar logfile +.Op Fl m +.Op Fl p Ar kdb_util +.Op Fl r Ar realm +.Op Fl s Ar srvtab +.Sh DESCRIPTION +The +.Nm +responds to database update requests from the +.Nm kprop +command. It can either be started from +.Nm inetd +or as an ordinary program. + +The following options are recognised: + +.Bl -tag -width xxxx +.It Fl i +Run stand-alone. If this flag is not given, it is assumed to have +been started by +.Nm inetd . +.It Fl d +What database file to use, default is +.Pa /var/kerberos/principal . +.It Fl l +Logfile to use, default is +.Pa /var/log/kpropd.log . +.It Fl m +Treat data as changes to the database rather than a complete database. +.It Fl p +The path to +.Nm kdb_util , +default is +.Pa /usr/athena/sbin/kdb_util . +.It Fl r +Realm if other than the default realm. +.It Fl s +Srvtab if other than +.Pa /etc/srvtab . +.El +.Sh FILES +.Bl -tag -width indent -compact +.It Pa /var/kerberos/principal.{db,dir,pag} +.It Pa /var/log/kpropd.log +.It Pa /etc/srvtab +.El +.Sh SEE ALSO +.Xr kprop 8 , +.Xr kerberos 8 , +.Xr kadmind 8 diff --git a/crypto/kerberosIV/man/krb.conf.5 b/crypto/kerberosIV/man/krb.conf.5 new file mode 100644 index 0000000..b122b9c --- /dev/null +++ b/crypto/kerberosIV/man/krb.conf.5 @@ -0,0 +1,31 @@ +.\" $Id: krb.conf.5,v 1.2 1996/06/12 21:29:21 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB.CONF 5 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +/etc/krb.conf \- Kerberos configuration file +.SH DESCRIPTION +.I krb.conf +contains configuration information describing the Kerberos realm and the +Kerberos key distribution center (KDC) servers for known realms. +.PP +.I krb.conf +contains the name of the local realm in the first +line, followed by lines indicating realm/host +entries. The first token is a realm name, and the second is the hostname +of a host running a KDC for that realm. +The words "admin server" following the hostname indicate that +the host also provides an administrative database server. +For example: +.nf +.in +1i +ATHENA.MIT.EDU +ATHENA.MIT.EDU kerberos-1.mit.edu admin server +ATHENA.MIT.EDU kerberos-2.mit.edu +LCS.MIT.EDU kerberos.lcs.mit.edu admin server +.in -1i +.SH SEE ALSO +krb.realms(5), krb_get_krbhst(3), krb_get_lrealm(3) diff --git a/crypto/kerberosIV/man/krb.equiv.5 b/crypto/kerberosIV/man/krb.equiv.5 new file mode 100644 index 0000000..e38f94b --- /dev/null +++ b/crypto/kerberosIV/man/krb.equiv.5 @@ -0,0 +1,28 @@ +.\" $Id: krb.equiv.5,v 1.3 1996/06/18 16:26:20 joda Exp $ +.\" +.Dd June 18, 1996 +.Dt KRB.EQUIV 5 +.Os KTH-KRB +.Sh NAME +.Nm krb.equiv +.Nd +Kerberos equivalent hosts file +.Sh DESCRIPTION +.Nm +contains a list of IP addresses that is to be considered being the +same host for Kerberos purposes. Plain addresses match a single +host. Addresses followed by a slash (/) and a number is taken as a +sub-network that should be considered equal. +.Pp +Hash (#) starts a comment. Backslash (\\) is a continuation character. +.Sh EXAMPLES +.Bd -literal +# A machine with two interfaces. +130.237.232.113 130.237.221.42 # emma emma-ether +# A machine with *many* interfaces +193.10.156.0/24 193.10.157.0/24 # syk-* syk-*-hps +.Ed +.Sh SEE ALSO +.Xr krb_equiv 3 , +.Xr krb.conf 5 , +.Xr krb.realms 5 diff --git a/crypto/kerberosIV/man/krb.realms.5 b/crypto/kerberosIV/man/krb.realms.5 new file mode 100644 index 0000000..427c455 --- /dev/null +++ b/crypto/kerberosIV/man/krb.realms.5 @@ -0,0 +1,38 @@ +.\" $Id: krb.realms.5,v 1.2 1996/06/12 21:29:22 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB.REALMS 5 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +/etc/krb.realms \- host to Kerberos realm translation file +.SH DESCRIPTION +.I krb.realms +provides a translation from a hostname to the Kerberos realm name for +the services provided by that host. +.PP +Each line of the translation file is in one of the following forms +(domain_name should be of the form .XXX.YYY, e.g. .LCS.MIT.EDU): +.nf +.in +5n +host_name kerberos_realm +domain_name kerberos_realm +.in -5n +.fi +If a hostname exactly matches the +.I host_name +field in a line of the first +form, the corresponding realm is the realm of the host. +If a hostname does not match any +.I host_name +in the file, but its +domain exactly matches the +.I domain_name +field in a line of the second +form, the corresponding realm is the realm of the host. +.PP +If no translation entry applies, the host's realm is considered to be +the hostname's domain portion converted to upper case. +.SH SEE ALSO +krb_realmofhost(3) diff --git a/crypto/kerberosIV/man/krb_realmofhost.3 b/crypto/kerberosIV/man/krb_realmofhost.3 new file mode 100644 index 0000000..ddbda74 --- /dev/null +++ b/crypto/kerberosIV/man/krb_realmofhost.3 @@ -0,0 +1,160 @@ +.\" $Id: krb_realmofhost.3,v 1.2 1996/06/12 21:29:23 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB_REALMOFHOST 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_realmofhost, krb_get_phost, krb_get_krbhst, krb_get_admhst, +krb_get_lrealm \- additional Kerberos utility routines +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +#include <des.h> +#include <netinet/in.h> +.PP +.ft B +char *krb_realmofhost(host) +char *host; +.PP +.ft B +char *krb_get_phost(alias) +char *alias; +.PP +.ft B +krb_get_krbhst(host,realm,n) +char *host; +char *realm; +int n; +.PP +.ft B +krb_get_admhst(host,realm,n) +char *host; +char *realm; +int n; +.PP +.ft B +krb_get_lrealm(realm,n) +char *realm; +int n; +.fi +.ft R +.SH DESCRIPTION +.I krb_realmofhost +returns the Kerberos realm of the host +.IR host , +as determined by the translation table +.IR /etc/krb.realms . +.I host +should be the fully-qualified domain-style primary host name of the host +in question. In order to prevent certain security attacks, this routine +must either have +.I a priori +knowledge of a host's realm, or obtain such information securely. +.PP +The format of the translation file is described by +.IR krb.realms (5). +If +.I host +exactly matches a host_name line, the corresponding realm +is returned. +Otherwise, if the domain portion of +.I host +matches a domain_name line, the corresponding realm +is returned. +If +.I host +contains a domain, but no translation is found, +.IR host 's +domain is converted to upper-case and returned. +If +.I host +contains no discernable domain, or an error occurs, +the local realm name, as supplied by +.IR krb_get_lrealm (3), +is returned. +.PP +.I krb_get_phost +converts the hostname +.I alias +(which can be either an official name or an alias) into the instance +name to be used in obtaining Kerberos tickets for most services, +including the Berkeley rcmd suite (rlogin, rcp, rsh). +.br +The current convention is to return the first segment of the official +domain-style name after conversion to lower case. +.PP +.I krb_get_krbhst +fills in +.I host +with the hostname of the +.IR n th +host running a Kerberos key distribution center (KDC) +for realm +.IR realm , +as specified in the configuration file (\fI/etc/krb.conf\fR). +The configuration file is described by +.IR krb.conf (5). +If the host is successfully filled in, the routine +returns KSUCCESS. +If the file cannot be opened, and +.I n +equals 1, then the value of KRB_HOST as defined in +.I <krb.h> +is filled in, and KSUCCESS is returned. If there are fewer than +.I n +hosts running a Kerberos KDC for the requested realm, or the +configuration file is malformed, the routine +returns KFAILURE. +.PP +.I krb_get_admhst +fills in +.I host +with the hostname of the +.IR n th +host running a Kerberos KDC database administration server +for realm +.IR realm , +as specified in the configuration file (\fI/etc/krb.conf\fR). +If the file cannot be opened or is malformed, or there are fewer than +.I n +hosts running a Kerberos KDC database administration server, +the routine returns KFAILURE. +.PP +The character arrays used as return values for +.IR krb_get_krbhst , +.IR krb_get_admhst , +should be large enough to +hold any hostname (MAXHOSTNAMELEN from <sys/param.h>). +.PP +.I krb_get_lrealm +fills in +.I realm +with the +.IR n th +realm of the local host, as specified in the configuration file. +.I realm +should be at least REALM_SZ (from +.IR <krb.h>) characters long. +.PP +.SH SEE ALSO +kerberos(3), krb.conf(5), krb.realms(5) +.SH FILES +.TP 20n +/etc/krb.realms +translation file for host-to-realm mapping. +.TP +/etc/krb.conf +local realm-name and realm/server configuration file. +.SH BUGS +The current convention for instance names is too limited; the full +domain name should be used. +.PP +.I krb_get_lrealm +currently only supports +.I n += 1. It should really consult the user's ticket cache to determine the +user's current realm, rather than consulting a file on the host. diff --git a/crypto/kerberosIV/man/krb_sendauth.3 b/crypto/kerberosIV/man/krb_sendauth.3 new file mode 100644 index 0000000..208b6bc --- /dev/null +++ b/crypto/kerberosIV/man/krb_sendauth.3 @@ -0,0 +1,347 @@ +.\" $Id: krb_sendauth.3,v 1.2 1996/06/12 21:29:24 bg Exp $ +.\" Copyright 1988 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB_SENDAUTH 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_sendauth, krb_recvauth, krb_net_write, krb_net_read \- +Kerberos routines for sending authentication via network stream sockets +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +#include <des.h> +#include <netinet/in.h> +.PP +.fi +.HP 1i +.ft B +int krb_sendauth(options, fd, ktext, service, inst, realm, checksum, +msg_data, cred, schedule, laddr, faddr, version) +.nf +.RS 0 +.ft B +long options; +int fd; +KTEXT ktext; +char *service, *inst, *realm; +u_long checksum; +MSG_DAT *msg_data; +CREDENTIALS *cred; +Key_schedule schedule; +struct sockaddr_in *laddr, *faddr; +char *version; +.PP +.fi +.HP 1i +.ft B +int krb_recvauth(options, fd, ktext, service, inst, faddr, laddr, +auth_data, filename, schedule, version) +.nf +.RS 0 +.ft B +long options; +int fd; +KTEXT ktext; +char *service, *inst; +struct sockaddr_in *faddr, *laddr; +AUTH_DAT *auth_data; +char *filename; +Key_schedule schedule; +char *version; +.PP +.ft B +int krb_net_write(fd, buf, len) +int fd; +char *buf; +int len; +.PP +.ft B +int krb_net_read(fd, buf, len) +int fd; +char *buf; +int len; +.fi +.SH DESCRIPTION +.PP +These functions, +which are built on top of the core Kerberos library, +provide a convenient means for client and server +programs to send authentication messages +to one another through network connections. +The +.I krb_sendauth +function sends an authenticated ticket from the client program to +the server program by writing the ticket to a network socket. +The +.I krb_recvauth +function receives the ticket from the client by +reading from a network socket. + +.SH KRB_SENDAUTH +.PP +This function writes the ticket to +the network socket specified by the +file descriptor +.IR fd, +returning KSUCCESS if the write proceeds successfully, +and an error code if it does not. + +The +.I ktext +argument should point to an allocated KTEXT_ST structure. +The +.IR service, +.IR inst, +and +.IR realm +arguments specify the server program's Kerberos principal name, +instance, and realm. +If you are writing a client that uses the local realm exclusively, +you can set the +.I realm +argument to NULL. + +The +.I version +argument allows the client program to pass an application-specific +version string that the server program can then match against +its own version string. +The +.I version +string can be up to KSEND_VNO_LEN (see +.IR <krb.h> ) +characters in length. + +The +.I checksum +argument can be used to pass checksum information to the +server program. +The client program is responsible for specifying this information. +This checksum information is difficult to corrupt because +.I krb_sendauth +passes it over the network in encrypted form. +The +.I checksum +argument is passed as the checksum argument to +.IR krb_mk_req . + +You can set +.IR krb_sendauth's +other arguments to NULL unless you want the +client and server programs to mutually authenticate +themselves. +In the case of mutual authentication, +the client authenticates itself to the server program, +and demands that the server in turn authenticate itself to +the client. + +.SH KRB_SENDAUTH AND MUTUAL AUTHENTICATION +.PP +If you want mutual authentication, +make sure that you read all pending data from the local socket +before calling +.IR krb_sendauth. +Set +.IR krb_sendauth's +.I options +argument to +.BR KOPT_DO_MUTUAL +(this macro is defined in the +.IR krb.h +file); +make sure that the +.I laddr +argument points to +the address of the local socket, +and that +.I faddr +points to the foreign socket's network address. + +.I Krb_sendauth +fills in the other arguments-- +.IR msg_data , +.IR cred , +and +.IR schedule --before +sending the ticket to the server program. +You must, however, allocate space for these arguments +before calling the function. + +.I Krb_sendauth +supports two other options: +.BR KOPT_DONT_MK_REQ, +and +.BR KOPT_DONT_CANON. +If called with +.I options +set as KOPT_DONT_MK_REQ, +.I krb_sendauth +will not use the +.I krb_mk_req +function to retrieve the ticket from the Kerberos server. +The +.I ktext +argument must point to an existing ticket and authenticator (such as +would be created by +.IR krb_mk_req ), +and the +.IR service, +.IR inst, +and +.IR realm +arguments can be set to NULL. + +If called with +.I options +set as KOPT_DONT_CANON, +.I krb_sendauth +will not convert the service's instance to canonical form using +.IR krb_get_phost (3). + +If you want to call +.I krb_sendauth +with a multiple +.I options +specification, +construct +.I options +as a bitwise-OR of the options you want to specify. + +.SH KRB_RECVAUTH +.PP +The +.I krb_recvauth +function +reads a ticket/authenticator pair from the socket pointed to by the +.I fd +argument. +Set the +.I options +argument +as a bitwise-OR of the options desired. +Currently only KOPT_DO_MUTUAL is useful to the receiver. + +The +.I ktext +argument +should point to an allocated KTEXT_ST structure. +.I Krb_recvauth +fills +.I ktext +with the +ticket/authenticator pair read from +.IR fd , +then passes it to +.IR krb_rd_req . + +The +.I service +and +.I inst +arguments +specify the expected service and instance for which the ticket was +generated. They are also passed to +.IR krb_rd_req. +The +.I inst +argument may be set to "*" if the caller wishes +.I krb_mk_req +to fill in the instance used (note that there must be space in the +.I inst +argument to hold a full instance name, see +.IR krb_mk_req (3)). + +The +.I faddr +argument +should point to the address of the peer which is presenting the ticket. +It is also passed to +.IR krb_rd_req . + +If the client and server plan to mutually authenticate +one another, +the +.I laddr +argument +should point to the local address of the file descriptor. +Otherwise you can set this argument to NULL. + +The +.I auth_data +argument +should point to an allocated AUTH_DAT area. +It is passed to and filled in by +.IR krb_rd_req . +The checksum passed to the corresponding +.I krb_sendauth +is available as part of the filled-in AUTH_DAT area. + +The +.I filename +argument +specifies the filename +which the service program should use to obtain its service key. +.I Krb_recvauth +passes +.I filename +to the +.I krb_rd_req +function. +If you set this argument to "", +.I krb_rd_req +looks for the service key in the file +.IR /etc/srvtab. + +If the client and server are performing mutual authenication, +the +.I schedule +argument +should point to an allocated Key_schedule. +Otherwise it is ignored and may be NULL. + +The +.I version +argument should point to a character array of at least KSEND_VNO_LEN +characters. It is filled in with the version string passed by the client to +.IR krb_sendauth. +.PP +.SH KRB_NET_WRITE AND KRB_NET_READ +.PP +The +.I krb_net_write +function +emulates the write(2) system call, but guarantees that all data +specified is written to +.I fd +before returning, unless an error condition occurs. +.PP +The +.I krb_net_read +function +emulates the read(2) system call, but guarantees that the requested +amount of data is read from +.I fd +before returning, unless an error condition occurs. +.PP +.SH BUGS +.IR krb_sendauth, +.IR krb_recvauth, +.IR krb_net_write, +and +.IR krb_net_read +will not work properly on sockets set to non-blocking I/O mode. + +.SH SEE ALSO + +krb_mk_req(3), krb_rd_req(3), krb_get_phost(3) + +.SH AUTHOR +John T. Kohl, MIT Project Athena +.SH RESTRICTIONS +Copyright 1988, Massachusetts Instititute of Technology. +For copying and distribution information, +please see the file <mit-copyright.h>. diff --git a/crypto/kerberosIV/man/krb_set_tkt_string.3 b/crypto/kerberosIV/man/krb_set_tkt_string.3 new file mode 100644 index 0000000..9d94143 --- /dev/null +++ b/crypto/kerberosIV/man/krb_set_tkt_string.3 @@ -0,0 +1,42 @@ +.\" $Id: krb_set_tkt_string.3,v 1.2 1996/06/12 21:29:24 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB_SET_TKT_STRING 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_set_tkt_string \- set Kerberos ticket cache file name +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +.PP +.ft B +void krb_set_tkt_string(filename) +char *filename; +.fi +.ft R +.SH DESCRIPTION +.I krb_set_tkt_string +sets the name of the file that holds the user's +cache of Kerberos server tickets and associated session keys. +.PP +The string +.I filename +passed in is copied into local storage. +Only MAXPATHLEN-1 (see <sys/param.h>) characters of the filename are +copied in for use as the cache file name. +.PP +This routine should be called during initialization, before other +Kerberos routines are called; otherwise the routines which fetch the +ticket cache file name may be called and return an undesired ticket file +name until this routine is called. +.SH FILES +.TP 20n +/tmp/tkt[uid] +default ticket file name, unless the environment variable KRBTKFILE is set. +[uid] denotes the user's uid, in decimal. +.SH SEE ALSO +kerberos(3), setenv(3) diff --git a/crypto/kerberosIV/man/ksrvtgt.1 b/crypto/kerberosIV/man/ksrvtgt.1 new file mode 100644 index 0000000..ff8563c --- /dev/null +++ b/crypto/kerberosIV/man/ksrvtgt.1 @@ -0,0 +1,50 @@ +.\" $Id: ksrvtgt.1,v 1.2 1996/06/12 21:29:26 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KSRVTGT 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +ksrvtgt \- fetch and store Kerberos ticket-granting-ticket using a +service key +.SH SYNOPSIS +.B ksrvtgt +name instance [[realm] srvtab] +.SH DESCRIPTION +.I ksrvtgt +retrieves a ticket-granting ticket with a lifetime of five (5) minutes +for the principal +.I name.instance@realm +(or +.I name.instance@localrealm +if +.I realm +is not supplied on the command line), decrypts the response using +the service key found in +.I srvtab +(or in +.B /etc/srvtab +if +.I srvtab +is not specified on the command line), and stores the ticket in the +standard ticket cache. +.PP +This command is intended primarily for use in shell scripts and other +batch-type facilities. +.SH DIAGNOSTICS +"Generic kerberos failure (kfailure)" can indicate a whole range of +problems, the most common of which is the inability to read the service +key file. +.SH FILES +.TP 2i +/etc/krb.conf +to get the name of the local realm. +.TP +/tmp/tkt[uid] +The default ticket file. +.TP +/etc/srvtab +The default service key file. +.SH SEE ALSO +kerberos(1), kinit(1), kdestroy(1) diff --git a/crypto/kerberosIV/man/ksrvutil.8 b/crypto/kerberosIV/man/ksrvutil.8 new file mode 100644 index 0000000..fdc99e6 --- /dev/null +++ b/crypto/kerberosIV/man/ksrvutil.8 @@ -0,0 +1,104 @@ +.\" $Id: ksrvutil.8,v 1.3 1996/06/12 21:29:27 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.Dd May 4, 1996 +.Dt KSRVUTIL 8 +.Os KTH-KRB + +.Sh NAME +.Nm ksrvutil +host kerberos keyfile (srvtab) manipulation utility +.Sh SYNOPSIS +.Nm +.Op Fl f Pa keyfile +.Op Fl i +.Op Fl k +.Op Fl p Ar principal +.Op Fl r Ar realm +.Ar operation + +.Sh DESCRIPTION +.Nm +allows a system manager to list or change keys currently in his +keyfile or to add new keys to the keyfile. +.Pp +Operation must be one of the following: +.Bl -tag -width indent +.It list +lists the keys in a keyfile showing version number and principal name. +If the +.Fl k +option is given, keys will also be shown. +.It change +changes all the keys in the keyfile by using the regular admin +protocol. If the +.Fl i +flag is given, +.Nm ksrvutil +will prompt for yes or no before changing each key. If the +.Fl k +option is used, the old and new keys will be displayed. +.It add +allows the user to add a key. +add +prompts for name, instance, realm, and key version number, asks +for confirmation, and then asks for a password. +.Nm +then converts the password to a key and appends the keyfile with the +new information. If the +.Fl k +option is used, the key is displayed. +.It get +gets a service from the Kerberos server, possibly creating the +principal. Names, instances and realms for the service keys to get are +prompted for. The default principal used in the kadmin transcation is +your root instance. This can be changed with the +.Fl p +option. +.El +.Pp +In all cases, the default file used is KEY_FILE as defined in krb.h +unless this is overridden by the +.Fl f +option. +.Pp +A good use for +.Nm +would be for adding keys to a keyfile. A system manager could +ask a kerberos administrator to create a new service key with +.Xr kadmin 8 +and could supply an initial password. Then, he could use +.Nm +to add the key to the keyfile and then to change the key so that it +will be random and unknown to either the system manager or the +kerberos administrator. + +.Nm +always makes a backup copy of the keyfile before making any changes. + +.Sh DIAGNOSTICS +If +.Nm +should exit on an error condition at any time during a change or add, +a copy of the original keyfile can be found in +.Pa filename Ns .old +where +.Pa filename +is the name of the keyfile, and a copy of the file with all new +keys changed or added so far can be found in +.Pa filename Ns .work. +The original keyfile is left unmodified until the program exits at +which point it is removed and replaced it with the workfile. +Appending the workfile to the backup copy and replacing the keyfile +with the result should always give a usable keyfile, although the +resulting keyfile will have some out of date keys in it. + +.Sh SEE ALSO +.Xr kadmin 8 , +.Xr ksrvtgt 1 + +.Sh AUTHOR +Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/crypto/kerberosIV/man/kstash.8 b/crypto/kerberosIV/man/kstash.8 new file mode 100644 index 0000000..0197a3d --- /dev/null +++ b/crypto/kerberosIV/man/kstash.8 @@ -0,0 +1,40 @@ +.\" $Id: kstash.8,v 1.3 1997/04/02 21:09:56 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KSTASH 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kstash \- stash Kerberos key distribution center database master key +.SH SYNOPSIS +kstash +.SH DESCRIPTION +.I kstash +saves the Kerberos key distribution center (KDC) database master key in +the master key cache file. +.PP +The user is prompted to enter the key, to verify the authenticity of the +key and the authorization to store the key in the file. +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.TP +"kstash: Unable to open master key file" +The attempt to open the cache file for writing failed (probably due to a +system or access permission error). +.TP +"kstash: Write I/O error on master key file" +The +.BR write (2) +system call returned an error while +.I kstash +was attempting to write the key to the file. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.TP +/.k +Master key cache file. diff --git a/crypto/kerberosIV/man/kuserok.3 b/crypto/kerberosIV/man/kuserok.3 new file mode 100644 index 0000000..0987308 --- /dev/null +++ b/crypto/kerberosIV/man/kuserok.3 @@ -0,0 +1,66 @@ +.\" $Id: kuserok.3,v 1.3 1996/10/13 17:51:18 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KUSEROK 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kuserok \- Kerberos version of ruserok +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +.PP +.ft B +kuserok(kdata, localuser) +AUTH_DAT *auth_data; +char *localuser; +.fi +.ft R +.SH DESCRIPTION +.I kuserok +determines whether a Kerberos principal described by the structure +.I auth_data +is authorized to login as user +.I localuser +according to the authorization file +("~\fIlocaluser\fR/.klogin" by default). It returns 0 (zero) if authorized, +1 (one) if not authorized. +.PP +If there is no account for +.I localuser +on the local machine, authorization is not granted. +If there is no authorization file, and the Kerberos principal described +by +.I auth_data +translates to +.I localuser +(using +.IR krb_kntoln (3)), +authorization is granted. +If the authorization file +can't be accessed, or the file is not owned by +.IR localuser, +authorization is denied. Otherwise, the file is searched for +a matching principal name, instance, and realm. If a match is found, +authorization is granted, else authorization is denied. +.PP +The file entries are in the format: +.nf +.in +5n + name.instance@realm +.in -5n +.fi +with one entry per line. + +For convenience ~localuser@LOCALREALM is +always considered to be an entry in the file even when there is no +file or the file is unreadable. +.SH SEE ALSO +kerberos(3), ruserok(3), krb_kntoln(3) +.SH FILES +.TP 20n +~\fIlocaluser\fR/.klogin +authorization list diff --git a/crypto/kerberosIV/man/tf_util.3 b/crypto/kerberosIV/man/tf_util.3 new file mode 100644 index 0000000..3f98321 --- /dev/null +++ b/crypto/kerberosIV/man/tf_util.3 @@ -0,0 +1,150 @@ +.\" $Id: tf_util.3,v 1.2 1996/06/12 21:29:29 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH TF_UTIL 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \ +\- Routines for manipulating a Kerberos ticket file +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +.PP +.ft B +extern char *krb_err_txt[]; +.PP +.ft B +tf_init(tf_name, rw) +char *tf_name; +int rw; +.PP +.ft B +tf_get_pname(pname) +char *pname; +.PP +.ft B +tf_get_pinst(pinst) +char *pinst; +.PP +.ft B +tf_get_cred(c) +CREDENTIALS *c; +.PP +.ft B +tf_close() +.PP +.fi +.SH DESCRIPTION +This group of routines are provided to manipulate the Kerberos tickets +file. A ticket file has the following format: +.nf +.in +4 +.sp +principal's name (null-terminated string) +principal's instance (null-terminated string) +CREDENTIAL_1 +CREDENTIAL_2 + ... +CREDENTIAL_n +EOF +.sp +.in -4 +.LP +Where "CREDENTIAL_x" consists of the following fixed-length +fields from the CREDENTIALS structure (defined in <krb.h>): +.nf +.sp +.in +4 + char service[ANAME_SZ] + char instance[INST_SZ] + char realm[REALM_SZ] + des_cblock session + int lifetime + int kvno + KTEXT_ST ticket_st + long issue_date +.in -4 +.sp +.fi +.PP +.I tf_init +must be called before the other ticket file +routines. +It takes the name of the ticket file to use, +and a read/write flag as arguments. +It tries to open the ticket file, checks the mode and if +everything is okay, locks the file. If it's opened for +reading, the lock is shared. If it's opened for writing, +the lock is exclusive. +KSUCCESS is returned if all went well, otherwise one of the +following: +.nf +.sp +NO_TKT_FIL - file wasn't there +TKT_FIL_ACC - file was in wrong mode, etc. +TKT_FIL_LCK - couldn't lock the file, even after a retry +.sp +.fi +.PP +The +.I tf_get_pname +reads the principal's name from a ticket file. +It should only be called after tf_init has been called. The +principal's name is filled into the +.I pname +parameter. If all goes +well, KSUCCESS is returned. +If tf_init wasn't called, TKT_FIL_INI +is returned. +If the principal's name was null, or EOF was encountered, or the +name was longer than ANAME_SZ, TKT_FIL_FMT is returned. +.PP +The +.I tf_get_pinst +reads the principal's instance from a ticket file. +It should only be called after tf_init and tf_get_pname +have been called. +The principal's instance is filled into the +.I pinst +parameter. +If all goes +well, KSUCCESS is returned. +If tf_init wasn't called, TKT_FIL_INI +is returned. +If EOF was encountered, or the +name was longer than INST_SZ, TKT_FIL_FMT is returned. +Note that, unlike the principal name, the instance name may be null. +.PP +The +.I tf_get_cred +routine reads a CREDENTIALS record from a ticket file and +fills in the given structure. +It should only be called after +tf_init, tf_get_pname, and tf_get_pinst have been called. +If all goes well, KSUCCESS is returned. Possible error codes +are: +.nf +.sp +TKT_FIL_INI - tf_init wasn't called first +TKT_FIL_FMT - bad format +EOF - end of file encountered +.sp +.fi +.PP +.I tf_close +closes the ticket file and releases the lock on it. +.SH "SEE ALSO" +krb(3) +.SH DIAGNOSTICS +.SH BUGS +The ticket file routines have to be called in a certain order. +.SH AUTHORS +Jennifer Steiner, MIT Project Athena +.br +Bill Bryant, MIT Project Athena +.SH RESTRICTIONS +Copyright 1987 Massachusetts Institute of Technology |