From c3f352d4ad515968c54d216a0e53252eff8ab3ef Mon Sep 17 00:00:00 2001 From: peter Date: Sat, 30 Dec 1995 19:02:48 +0000 Subject: This commit was generated by cvs2svn to compensate for changes in r13122, which included commits to RCS files with non-trunk default branches. --- eBones/compile_et/Makefile | 15 -- eBones/compile_et/compile_et.c | 172 -------------- eBones/compile_et/error_message.c | 77 ------- eBones/compile_et/error_table.h | 17 -- eBones/compile_et/error_table.y | 205 ----------------- eBones/compile_et/et_lex.lex.l | 29 --- eBones/compile_et/et_name.c | 44 ---- eBones/compile_et/init_et.c | 67 ------ eBones/compile_et/perror.c | 76 ------ eBones/compile_et/test/test.c | 43 ---- eBones/compile_et/test/test1.et | 69 ------ eBones/compile_et/test/test2.et | 9 - eBones/des/include/des.h | 121 ---------- eBones/include/kadm.h | 138 ----------- eBones/include/mit-copyright.h | 20 -- eBones/kadmin/kadmin.8 | 158 ------------- eBones/kdb/krb_dbl.c | 1 - eBones/kdestroy/kdestroy.1 | 81 ------- eBones/kinit/kinit.1 | 133 ----------- eBones/ksrvutil/ksrvutil.8 | 93 -------- eBones/make_keypair/make_keypair.8 | 87 ------- eBones/man/des.point | 1 - eBones/man/kadmin.8 | 158 ------------- eBones/man/kdestroy.1 | 81 ------- eBones/man/kerberos.3 | 461 ------------------------------------- eBones/man/kerberos.point | 1 - eBones/man/kinit.1 | 133 ----------- eBones/man/klogind.8 | 122 ---------- eBones/man/kpasswd.1 | 86 ------- eBones/man/ksend.point | 1 - eBones/man/kshd.8 | 152 ------------ eBones/man/ksrvutil.8 | 93 -------- eBones/man/ksu.1 | 83 ------- eBones/man/rcp.1 | 129 ----------- eBones/man/realm.point | 1 - eBones/man/rlogin.1 | 199 ---------------- eBones/man/rsh.1 | 152 ------------ eBones/man/tcom.8 | 54 ----- eBones/man/tftp.1 | 66 ------ eBones/man/tftpd.8 | 39 ---- eBones/register/pathnames.h | 39 ---- eBones/register/register.1 | 63 ----- eBones/register/register_proto.h | 43 ---- eBones/registerd/registerd.8 | 69 ------ eBones/usr.bin/telnet/krb4-proto.h | 207 ----------------- 45 files changed, 4088 deletions(-) delete mode 100644 eBones/compile_et/Makefile delete mode 100644 eBones/compile_et/compile_et.c delete mode 100644 eBones/compile_et/error_message.c delete mode 100644 eBones/compile_et/error_table.h delete mode 100644 eBones/compile_et/error_table.y delete mode 100644 eBones/compile_et/et_lex.lex.l delete mode 100644 eBones/compile_et/et_name.c delete mode 100644 eBones/compile_et/init_et.c delete mode 100644 eBones/compile_et/perror.c delete mode 100644 eBones/compile_et/test/test.c delete mode 100644 eBones/compile_et/test/test1.et delete mode 100644 eBones/compile_et/test/test2.et delete mode 100644 eBones/des/include/des.h delete mode 100644 eBones/include/kadm.h delete mode 100644 eBones/include/mit-copyright.h delete mode 100644 eBones/kadmin/kadmin.8 delete mode 100644 eBones/kdb/krb_dbl.c delete mode 100644 eBones/kdestroy/kdestroy.1 delete mode 100644 eBones/kinit/kinit.1 delete mode 100644 eBones/ksrvutil/ksrvutil.8 delete mode 100644 eBones/make_keypair/make_keypair.8 delete mode 100644 eBones/man/des.point delete mode 100644 eBones/man/kadmin.8 delete mode 100644 eBones/man/kdestroy.1 delete mode 100644 eBones/man/kerberos.3 delete mode 100644 eBones/man/kerberos.point delete mode 100644 eBones/man/kinit.1 delete mode 100644 eBones/man/klogind.8 delete mode 100644 eBones/man/kpasswd.1 delete mode 100644 eBones/man/ksend.point delete mode 100644 eBones/man/kshd.8 delete mode 100644 eBones/man/ksrvutil.8 delete mode 100644 eBones/man/ksu.1 delete mode 100644 eBones/man/rcp.1 delete mode 100644 eBones/man/realm.point delete mode 100644 eBones/man/rlogin.1 delete mode 100644 eBones/man/rsh.1 delete mode 100644 eBones/man/tcom.8 delete mode 100644 eBones/man/tftp.1 delete mode 100644 eBones/man/tftpd.8 delete mode 100644 eBones/register/pathnames.h delete mode 100644 eBones/register/register.1 delete mode 100644 eBones/register/register_proto.h delete mode 100644 eBones/registerd/registerd.8 delete mode 100644 eBones/usr.bin/telnet/krb4-proto.h (limited to 'eBones') diff --git a/eBones/compile_et/Makefile b/eBones/compile_et/Makefile deleted file mode 100644 index 9b988267..0000000 --- a/eBones/compile_et/Makefile +++ /dev/null @@ -1,15 +0,0 @@ -# From: @(#)Makefile 5.1 (Berkeley) 6/25/90 -# $Id: Makefile,v 1.2 1994/07/19 19:21:23 g89r4222 Exp $ - -PROG= compile_et -CFLAGS+=-I. -I${.CURDIR} -SRCS= compile_et.c error_message.c et_name.c init_et.c perror.c -OBJS+= error_table.o -DPADD= ${LIBL} -LDADD= -ll -CLEANFILES=et_lex.lex.c y.tab.c y.tab.h error_table.c -NOMAN= noman - -error_table.c: et_lex.lex.c - -.include diff --git a/eBones/compile_et/compile_et.c b/eBones/compile_et/compile_et.c deleted file mode 100644 index 25be70b..0000000 --- a/eBones/compile_et/compile_et.c +++ /dev/null @@ -1,172 +0,0 @@ -/* - * - * Copyright 1986, 1987 by MIT Student Information Processing Board - * For copyright info, see "Copyright.SIPB". - * - * $Id: compile_et.c,v 1.2 1994/07/19 19:21:24 g89r4222 Exp $ - */ - -#include -#include -#include -#include - -static char copyright[] = "Copyright 1987 by MIT Student Information Processing Board"; - -extern char *gensym(); -extern char *current_token; -extern int table_number, current; -char buffer[BUFSIZ]; -char *table_name = (char *)NULL; -FILE *hfile, *cfile; - -/* C library */ -extern char *malloc(); -extern int errno; - -/* lex stuff */ -extern FILE *yyin; -extern int yylineno; - -/* pathnames */ -char c_file[MAXPATHLEN]; /* temporary file */ -char h_file[MAXPATHLEN]; /* output */ -char o_file[MAXPATHLEN]; /* output */ -char et_file[MAXPATHLEN]; /* input */ - -main(argc, argv) - int argc; - char **argv; -{ - register char *p; - int n_flag = 0, debug = 0; - - while (argc > 2) { - register char *arg, ch; - arg = argv[--argc]; - if (strlen(arg) != 2 || arg[0] != '-') - goto usage; - ch = arg[1]; - if (ch == 'n') - n_flag++; - else if (ch == 'd') - debug++; - else - goto usage; - } - - if (argc != 2) { - usage: - fprintf(stderr, "Usage: %s et_file [-n]\n", argv[0]); - exit(1); - } - - strcpy(et_file, argv[1]); - p = rindex(et_file, '/'); - if (p == (char *)NULL) - p = et_file; - else - p++; - p = rindex(p, '.'); - if (!strcmp(p, ".et")) - *++p = '\0'; - else { - if (!p) - p = et_file; - while (*p) - p++; - *p++ = '.'; - *p = '\0'; - } - /* p points at null where suffix should be */ - strcpy(p, "et.c"); - strcpy(c_file, et_file); - p[0] = 'h'; - p[1] = '\0'; - strcpy(h_file, et_file); - p[0] = 'o'; - strcpy(o_file, et_file); - p[0] = 'e'; - p[1] = 't'; - p[2] = '\0'; - - yyin = fopen(et_file, "r"); - if (!yyin) { - perror(et_file); - exit(1); - } - - hfile = fopen(h_file, "w"); - if (hfile == (FILE *)NULL) { - perror(h_file); - exit(1); - } - - cfile = fopen(c_file, "w"); - if (cfile == (FILE *)NULL) { - perror("Can't open temp file"); - exit(1); - } - - /* parse it */ - fputs("#define NULL 0\n", cfile); - fputs("static char *_et[] = {\n", cfile); - - yyparse(); - fclose(yyin); /* bye bye input file */ - - fputs("\t(char *)0\n};\n", cfile); - fputs("extern int init_error_table();\n\n", cfile); - fprintf(cfile, "int %s_err_base = %d;\n\n", table_name, table_number); - fprintf(cfile, "int\ninit_%s_err_tbl()\n", table_name); - fprintf(cfile, "{\n\treturn(init_error_table(_et, %d, %d));\n}\n", - table_number, current); - fclose(cfile); - - fputs("extern int init_", hfile); - fputs(table_name, hfile); - fputs("_err_tbl();\nextern int ", hfile); - fputs(table_name, hfile); - fputs("_err_base;\n", hfile); - fclose(hfile); /* bye bye hfile */ - - if (n_flag) - exit(0); - - if (!fork()) { - p = rindex(c_file, '/'); - if (p) { - *p++ = '\0'; - chdir(c_file); - } - else - p = c_file; - execlp("cc", "cc", "-c", "-R", "-O", p, 0); - perror("cc"); - exit(1); - } - else wait(0); - - if (!debug) - (void) unlink(c_file); - /* make it .o file name */ - c_file[strlen(c_file)-1] = 'o'; - if (!fork()) { - execlp("cp", "cp", c_file, o_file, 0); - perror("cp"); - exit(1); - } - else wait(0); - if (!debug) - (void) unlink(c_file); - - exit(0); -} - -yyerror(s) - char *s; -{ - fputs(s, stderr); - fprintf(stderr, "\nLine number %d; last token was '%s'\n", - yylineno, current_token); -} diff --git a/eBones/compile_et/error_message.c b/eBones/compile_et/error_message.c deleted file mode 100644 index 92cec57..0000000 --- a/eBones/compile_et/error_message.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright 1987 by the Student Information Processing Board - * of the Massachusetts Institute of Technology - * For copyright info, see "Copyright.SIPB". - * - * from: error_message.c,v 1.1 86/11/10 21:34:34 spook Exp $ - * $Id: error_message.c,v 1.3 1994/09/09 21:43:22 g89r4222 Exp $ - */ - -#include -#include "error_table.h" -extern int sys_nerr; - -static char buffer[25]; - -char * -error_message(code) - int code; -{ - register int offset; - register error_table **et; - register int table_num; - register int div; - register char *cp; - - offset = code & ((1<base == table_num) { - /* This is the right table */ - if ((*et)->n_msgs <= offset) - goto oops; - return((*et)->msgs[offset]); - } - } - oops: - cp = buffer; - { - register char *cp1; - for (cp1 = "Unknown code "; *cp1; cp1++, cp++) - *cp = *cp1; - if (table_num) { - for (cp1 = error_table_name(table_num); *cp1; cp1++, cp++) - *cp = *cp1; - *cp++ = ' '; - *cp = '\0'; - } - } - div = 1000000000; - if (offset == 0) { - *cp++ = '0'; - *cp = '\0'; - return(buffer); - } - while (div > offset) - div /= 10; - do { - register int n = offset / div; - *cp++ = '0' + n; - offset -= n * div; - div /= 10; - } while (offset && div); - while (div) { - *cp++ = '0'; - div /= 10; - } - *cp = '\0'; - return(buffer); -} diff --git a/eBones/compile_et/error_table.h b/eBones/compile_et/error_table.h deleted file mode 100644 index e32ec30..0000000 --- a/eBones/compile_et/error_table.h +++ /dev/null @@ -1,17 +0,0 @@ -#ifndef _ET -extern int errno; -typedef struct { - char **msgs; - int base; - int n_msgs; -} error_table; -extern error_table **_et_list; - -#define ERROR_CODE "int" /* type used for error codes */ - -#define ERRCODE_RANGE 8 /* # of bits to shift table number */ -#define BITS_PER_CHAR 6 /* # bits to shift per character in name */ - -extern char *error_table_name(); -#define _ET -#endif diff --git a/eBones/compile_et/error_table.y b/eBones/compile_et/error_table.y deleted file mode 100644 index 3913a84..0000000 --- a/eBones/compile_et/error_table.y +++ /dev/null @@ -1,205 +0,0 @@ -%{ -#include -char *str_concat(), *ds(), *quote(), *malloc(), *realloc(); -char *current_token = (char *)NULL; -extern char *table_name; -%} -%union { - char *dynstr; -} - -%token ERROR_TABLE ERROR_CODE_ENTRY END -%token STRING QUOTED_STRING -%type ec_name description table_id -%{ -%} -%start error_table -%% - -error_table : ERROR_TABLE table_id error_codes END - { table_name = ds($2); - current_token = table_name; - put_ecs(); } - ; - -table_id : STRING - { current_token = $1; - set_table_num($1); - $$ = $1; } - ; - -error_codes : error_codes ec_entry - | ec_entry - ; - -ec_entry : ERROR_CODE_ENTRY ec_name ',' description - { add_ec($2, $4); - free($2); - free($4); } - | ERROR_CODE_ENTRY ec_name '=' STRING ',' description - { add_ec_val($2, $4, $6); - free($2); - free($4); - free($6); - } - ; - -ec_name : STRING - { $$ = ds($1); - current_token = $$; } - ; - -description : QUOTED_STRING - { $$ = ds($1); - current_token = $$; } - ; - -%% -/* - * Copyright 1986, 1987 by the MIT Student Information Processing Board - * For copyright info, see Copyright.SIPB. - */ - -#include -#include -#include -#include -#include -#include "error_table.h" - -extern FILE *hfile, *cfile; - -static long gensym_n = 0; -char * -gensym(x) - char *x; -{ - char *symbol; - if (!gensym_n) { - struct timeval tv; - struct timezone tzp; - gettimeofday(&tv, &tzp); - gensym_n = (tv.tv_sec%10000)*100 + tv.tv_usec/10000; - } - symbol = malloc(32 * sizeof(char)); - gensym_n++; - sprintf(symbol, "et%ld", gensym_n); - return(symbol); -} - -char * -ds(string) - char *string; -{ - char *rv; - rv = malloc(strlen(string)+1); - strcpy(rv, string); - return(rv); -} - -char * -quote(string) - char *string; -{ - char *rv; - rv = malloc(strlen(string)+3); - strcpy(rv, "\""); - strcat(rv, string); - strcat(rv, "\""); - return(rv); -} - -int table_number; -int current = 0; -char **error_codes = (char **)NULL; - -add_ec(name, description) - char *name, *description; -{ - fprintf(cfile, "\t\"%s\",\n", description); - if (error_codes == (char **)NULL) { - error_codes = (char **)malloc(sizeof(char *)); - *error_codes = (char *)NULL; - } - error_codes = (char **)realloc((char *)error_codes, - (current + 2)*sizeof(char *)); - error_codes[current++] = ds(name); - error_codes[current] = (char *)NULL; -} - -add_ec_val(name, val, description) - char *name, *val, *description; -{ - int ncurrent = atoi(val); - if (ncurrent < current) { - printf("Error code %s (%d) out of order", name, - current); - return; - } - - while (ncurrent > current) - fputs("\t(char *)NULL,\n", cfile), current++; - - fprintf(cfile, "\t\"%s\",\n", description); - if (error_codes == (char **)NULL) { - error_codes = (char **)malloc(sizeof(char *)); - *error_codes = (char *)NULL; - } - error_codes = (char **)realloc((char *)error_codes, - (current + 2)*sizeof(char *)); - error_codes[current++] = ds(name); - error_codes[current] = (char *)NULL; -} - -put_ecs() -{ - int i; - for (i = 0; i < current; i++) { - if (error_codes[i] != (char *)NULL) - fprintf(hfile, "#define %-40s ((%s)%d)\n", - error_codes[i], ERROR_CODE, table_number + i); - } -} - -/* - * char_to_num -- maps letters and numbers into a small numbering space - * uppercase -> 1-26 - * lowercase -> 27-52 - * digits -> 53-62 - * underscore-> 63 - */ -int -char_to_num(c) - char c; -{ - if (isupper(c)) - return(c-'A'+1); - else if (islower(c)) - return(c-'a'+27); - else if (isdigit(c)) - return(c-'0'+53); - else { - fprintf(stderr, "Illegal character in name: %c\n", c); - exit(1); - /*NOTREACHED*/ - } -} - -set_table_num(string) - char *string; -{ - if (strlen(string) > 4) { - fprintf(stderr, "Table name %s too long, truncated ", - string); - string[4] = '\0'; - fprintf(stderr, "to %s\n", string); - } - while (*string != '\0') { - table_number = (table_number << BITS_PER_CHAR) - + char_to_num(*string); - string++; - } - table_number = table_number << ERRCODE_RANGE; -} - -#include "et_lex.lex.c" diff --git a/eBones/compile_et/et_lex.lex.l b/eBones/compile_et/et_lex.lex.l deleted file mode 100644 index c041819..0000000 --- a/eBones/compile_et/et_lex.lex.l +++ /dev/null @@ -1,29 +0,0 @@ -%{ -extern int yylineno; -int yylineno = 1; -%} - -PC [^\"\n] -AN [A-Z_a-z0-9] -%% - -error_table return ERROR_TABLE; -et return ERROR_TABLE; -error_code return ERROR_CODE_ENTRY; -ec return ERROR_CODE_ENTRY; -end return END; - -[\t ]+ ; -\n ++yylineno; - -\"{PC}*\" { register char *p; yylval.dynstr = ds(yytext+1); - if (p=rindex(yylval.dynstr, '"')) *p='\0'; - return QUOTED_STRING; - } - -{AN}* { yylval.dynstr = ds(yytext); return STRING; } - -#.*\n ++yylineno; - -. { return (*yytext); } -%% diff --git a/eBones/compile_et/et_name.c b/eBones/compile_et/et_name.c deleted file mode 100644 index 98ccb08..0000000 --- a/eBones/compile_et/et_name.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright 1987 by MIT Student Information Processing Board - * For copyright info, see Copyright.SIPB. - * - * $Id: et_name.c,v 1.2 1994/07/19 19:21:27 g89r4222 Exp $ - */ - -#include "error_table.h" - -static char copyright[] = "Copyright 1987 by MIT Student Information Processing Board"; - -char *malloc(); - -char * -error_table_name(num) - int num; -{ - register int ch; - register int i; - register char *buf, *p; - - /* num = aa aaa abb bbb bcc ccc cdd ddd d?? ??? ??? */ - buf = malloc(5); - p = buf; - num >>= ERRCODE_RANGE; - /* num = ?? ??? ??? aaa aaa bbb bbb ccc ccc ddd ddd */ - num &= 077777777; - /* num = 00 000 000 aaa aaa bbb bbb ccc ccc ddd ddd */ - for (i = 0; i < 5; i++) { - ch = (num >> 24-6*i) & 077; - if (ch == 0) - continue; - else if (ch < 27) - *p++ = ch - 1 + 'A'; - else if (ch < 53) - *p++ = ch - 27 + 'a'; - else if (ch < 63) - *p++ = ch - 53 + '0'; - else /* ch == 63 */ - *p++ = '_'; - } - return(buf); -} - diff --git a/eBones/compile_et/init_et.c b/eBones/compile_et/init_et.c deleted file mode 100644 index c23facb..0000000 --- a/eBones/compile_et/init_et.c +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright 1986 by MIT Information Systems and - * MIT Student Information Processing Board - * For copyright info, see Copyright.SIPB. - * - * form: init_et.c,v 1.1 86/11/10 21:42:26 spook Exp $ - * $Id: init_et.c,v 1.2 1994/07/19 19:21:28 g89r4222 Exp $ - */ - -#include -#include "error_table.h" - -static char copyright[] = "Copyright 1987 by MIT Student Information Processing Board"; - -extern char *malloc(), *realloc(); - -/* useful */ -typedef error_table *etp; -typedef etp *etpp; - -etpp _et_list = (etpp)NULL; -static int n_allocated = 0, n_used = 0; - -int -init_error_table(msgs, base, count) - char **msgs; - register int base; - int count; -{ - register int i; - register etp new_et; - register etpp list; - - if (!base || !count || !msgs) - return; - - new_et = (etp)malloc(sizeof(error_table)); - new_et->msgs = msgs; - new_et->base = base; - new_et->n_msgs= count; - - list = _et_list; - if (list == (etpp)NULL) { - _et_list = (etpp) malloc(10*sizeof(etp)); - list = _et_list; - if (list == (etpp)NULL) - return; /* oops */ - list[0] = new_et; - list[1] = (etp)NULL; - n_allocated = 10; - n_used = 1; - return; - } - for (i = 0; i < n_used; i++) - if (list[i]->base == base) - return; /* avoid duplicates */ - if (n_used+2 > n_allocated) { - n_allocated += 10; /* don't re-allocate too often */ - list = (etpp) realloc((char *)list, - (unsigned)n_allocated * sizeof(etp)); - _et_list = list; - if (list == (etpp)NULL) - return; /* oops */ - } - list[n_used++] = new_et; - list[n_used] = (etp)NULL; -} diff --git a/eBones/compile_et/perror.c b/eBones/compile_et/perror.c deleted file mode 100644 index ef50e07..0000000 --- a/eBones/compile_et/perror.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright 1987 by MIT Student Information Processing Board - * For copyright info, see Copyright.SIPB - * - * $Id: perror.c,v 1.2 1994/07/19 19:21:30 g89r4222 Exp $ - */ - -#include -#include -#include -#include "error_table.h" - -typedef int (*int_func)(); - -#if defined(mips) && defined(ultrix) -int errno; /* this is needed to keep the loader from complaining */ -#endif - -int_func com_err_hook = (int_func) NULL; -char *error_message(); - -void -com_err(whoami, code, message) - char *whoami; - int code; - char *message; -{ - struct iovec strings[6]; - - if (com_err_hook) { - (*com_err_hook)(whoami, code, message); - return; - } - - strings[0].iov_base = whoami; - strings[0].iov_len = strlen(whoami); - if (whoami) { - strings[1].iov_base = ": "; - strings[1].iov_len = 2; - } else - strings[1].iov_len = 0; - if (code) { - register char *errmsg = error_message(code); - strings[2].iov_base = errmsg; - strings[2].iov_len = strlen(errmsg); - } else - strings[2].iov_len = 0; - strings[3].iov_base = " "; - strings[3].iov_len = 1; - strings[4].iov_base = message; - strings[4].iov_len = strlen(message); - strings[5].iov_base = "\n"; - strings[5].iov_len = 1; - (void) writev(2, strings, 6); -} - -int_func -set_com_err_hook(new_proc) - int_func new_proc; -{ - register int_func x = com_err_hook; - com_err_hook = new_proc; - return (x); -} - -reset_com_err_hook() -{ - com_err_hook = (int_func) NULL; -} - -void -perror(msg) - register const char *msg; -{ - com_err(msg, errno, (char *)NULL); -} diff --git a/eBones/compile_et/test/test.c b/eBones/compile_et/test/test.c deleted file mode 100644 index df430da..0000000 --- a/eBones/compile_et/test/test.c +++ /dev/null @@ -1,43 +0,0 @@ -#include -#include -#include "test1.h" -#include "test2.h" -char *error_message(); -extern int sys_nerr, errno; - -main() -{ - printf("\nBefore initiating error table:\n\n"); - printf("Table name '%s'\n", error_table_name(KRB_MK_AP_TGTEXP)); - printf("UNIX name '%s'\n", error_table_name(EPERM)); - printf("Msg TGT-expired is '%s'\n", error_message(KRB_MK_AP_TGTEXP)); - printf("Msg EPERM is '%s'\n", error_message(EPERM)); - printf("Msg FOO_ERR is '%s'\n", error_message(FOO_ERR)); - printf("Msg {sys_nerr-1} is '%s'\n", error_message(sys_nerr-1)); - printf("Msg {sys_nerr} is '%s'\n", error_message(sys_nerr)); - - init_error_table(0, 0, 0); - printf("With 0: tgt-expired -> %s\n", error_message(KRB_MK_AP_TGTEXP)); - - init_krb_err_tbl(); - printf("KRB error table initialized: base %d (%s), name %s\n", - krb_err_base, error_message(krb_err_base), - error_table_name(krb_err_base)); - printf("With krb: tgt-expired -> %s\n", - error_message(KRB_MK_AP_TGTEXP)); - - init_quux_err_tbl(); - printf("QUUX error table initialized: base %d (%s), name %s\n", - quux_err_base, error_message(quux_err_base), - error_table_name(quux_err_base)); - - printf("Msg for TGT-expired is '%s'\n", - error_message(KRB_MK_AP_TGTEXP)); - printf("Msg {sys_nerr-1} is '%s'\n", error_message(sys_nerr-1)); - printf("Msg FOO_ERR is '%s'\n", error_message(FOO_ERR)); - printf("Msg KRB_SKDC_CANT is '%s'\n", - error_message(KRB_SKDC_CANT)); - printf("Msg 1e6 is '%s'\n", error_message(1000000)); - errno = FOO_ERR; - perror("FOO_ERR"); -} diff --git a/eBones/compile_et/test/test1.et b/eBones/compile_et/test/test1.et deleted file mode 100644 index 4c7b77f..0000000 --- a/eBones/compile_et/test/test1.et +++ /dev/null @@ -1,69 +0,0 @@ - error_table krb - - error_code KRB_MK_AP_TKFIL, - "Can't read ticket file" - - ec KRB_MK_AP_NOTKT, - "Can't find ticket or TGT" - - ec KRB_MK_AP_TGTEXP, - "TGT expired" - - ec KRB_RD_AP_UNDEC, - "Can't decode authenticator" - - ec KRB_RD_AP_EXP, - "Ticket expired" - - ec KRB_RD_AP_REPEAT, - "Repeated request" - - ec KRB_RD_AP_NOT_US, - "The ticket isn't for us" - - ec KRB_RD_AP_INCON, - "Request is inconsistent" - - ec KRB_RD_AP_TIME, - "Delta-T too big" - - ec KRB_RD_AP_BADD, - "Incorrect net address" - - ec KRB_RD_AP_VERSION, - "Protocol version mismatch" - - ec KRB_RD_AP_MSG_TYPE, - "Invalid message type" - - ec KRB_RD_AP_MODIFIED, - "Message stream modified" - - ec KRB_RD_AP_ORDER, - "Message out of order" - - ec KRB_RD_AP_UNAUTHOR, - "Unauthorized request" - - ec KRB_GT_PW_NULL, - "Current password is null" - - ec KRB_GT_PW_BADPW, - "Incorrect current password" - - ec KRB_GT_PW_PROT, - "Protocol error" - - ec KRB_GT_PW_KDCERR, - "Error returned by KDC" - - ec KRB_GT_PW_NULLTKT, - "Null ticket returned by KDC" - - ec KRB_SKDC_RETRY, - "Retry count exceeded" - - ec KRB_SKDC_CANT, - "Can't send request" - - end diff --git a/eBones/compile_et/test/test2.et b/eBones/compile_et/test/test2.et deleted file mode 100644 index 55ad74e..0000000 --- a/eBones/compile_et/test/test2.et +++ /dev/null @@ -1,9 +0,0 @@ - error_table quux - - ec FOO_ERR, "foo" - - ec BAR_ERR, "bar" - - ec BAZ_ERR, "meow" - - end diff --git a/eBones/des/include/des.h b/eBones/des/include/des.h deleted file mode 100644 index 3cfc894..0000000 --- a/eBones/des/include/des.h +++ /dev/null @@ -1,121 +0,0 @@ -/* des.h */ -/* Copyright (C) 1993 Eric Young - see README for more details */ - -/*- - * $Id: des.h,v 1.2 1994/07/19 19:22:17 g89r4222 Exp $ - */ - -#ifndef DES_DEFS -#define DES_DEFS - -typedef unsigned char des_cblock[8]; -typedef struct des_ks_struct - { - union { - des_cblock _; - /* make sure things are correct size on machines with - * 8 byte longs */ - unsigned long pad[2]; - } ks; -#define _ ks._ - } des_key_schedule[16]; - -#define DES_KEY_SZ (sizeof(des_cblock)) -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define DES_CBC_MODE 0 -#define DES_PCBC_MODE 1 - -#define C_Block des_cblock -#define Key_schedule des_key_schedule -#define ENCRYPT DES_ENCRYPT -#define DECRYPT DES_DECRYPT -#define KEY_SZ DES_KEY_SZ -#define string_to_key des_string_to_key -#define read_pw_string des_read_pw_string -#define random_key des_random_key -#define pcbc_encrypt des_pcbc_encrypt -#define set_key des_set__key -#define key_sched des_key_sched -#define ecb_encrypt des_ecb_encrypt -#define cbc_encrypt des_cbc_encrypt -#define cbc_cksum des_cbc_cksum -#define quad_cksum des_quad_cksum - -/* For compatibility with the MIT lib - eay 20/05/92 */ -typedef struct des_ks_struct bit_64; - -extern int des_check_key; /* defaults to false */ -extern int des_rw_mode; /* defaults to DES_PCBC_MODE */ - -/* The next line is used to disable full ANSI prototypes, if your - * compiler has problems with the prototypes, make sure this line always - * evaluates to true :-) */ -#if !defined(MSDOS) && !defined(__STDC__) -#ifndef KERBEROS -int des_3ecb_encrypt(); -int des_cbc_encrypt(); -int des_3cbc_encrypt(); -int des_cfb_encrypt(); -int des_ecb_encrypt(); -int des_encrypt(); -int des_enc_read(); -int des_enc_write(); -int des_ofb_encrypt(); -int des_pcbc_encrypt(); -int des_random_key(); -int des_read_password(); -int des_read_2passwords(); -int des_read_pw_string(); -int des_is_weak_key(); -int des_set__key(); -int des_key_sched(); -int des_string_to_key(); -int des_string_to_2keys(); -#endif -char *crypt(); -unsigned long des_cbc_cksum(); -unsigned long des_quad_cksum(); -unsigned long des_cbc_cksum(); -void des_set_odd_parity(); -#else /* PROTO */ -int des_3ecb_encrypt(des_cblock *input,des_cblock *output,\ - des_key_schedule ks1,des_key_schedule ks2,int encrypt); -unsigned long des_cbc_cksum(des_cblock *input,des_cblock *output,\ - long length,des_key_schedule schedule,des_cblock *ivec); -int des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,\ - des_key_schedule schedule,des_cblock *ivec,int encrypt); -int des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,\ - des_key_schedule sk1,des_key_schedule sk2,\ - des_cblock *ivec1,des_cblock *ivec2,int encrypt); -int des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,\ - long length,des_key_schedule schedule,des_cblock *ivec,int encrypt); -int des_ecb_encrypt(des_cblock *input,des_cblock *output,\ - des_key_schedule ks,int encrypt); -int des_encrypt(unsigned long *input,unsigned long *output, - des_key_schedule ks, int encrypt); -int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,\ - des_cblock *iv); -int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,\ - des_cblock *iv); -char *crypt(char *buf,char *salt); -int des_ofb_encrypt(unsigned char *in,unsigned char *out,\ - int numbits,long length,des_key_schedule schedule,des_cblock *ivec); -int des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,\ - des_key_schedule schedule,des_cblock *ivec,int encrypt); -unsigned long des_quad_cksum(des_cblock *input,des_cblock *output,\ - long length,int out_count,des_cblock *seed); -int des_random_key(des_cblock ret); -int des_read_password(des_cblock *key,char *prompt,int verify); -int des_read_2passwords(des_cblock *key1,des_cblock *key2, \ - char *prompt,int verify); -int des_read_pw_string(char *buf,int length,char *prompt,int verify); -void des_set_odd_parity(des_cblock *key); -int des_is_weak_key(des_cblock *key); -int des_set__key(des_cblock *key,des_key_schedule schedule); -int des_key_sched(des_cblock *key,des_key_schedule schedule); -int des_string_to_key(char *str,des_cblock *key); -int des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2); -#endif -#endif diff --git a/eBones/include/kadm.h b/eBones/include/kadm.h deleted file mode 100644 index a1cca81..0000000 --- a/eBones/include/kadm.h +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright 1988 by the Massachusetts Institute of Technology. - * For copying and distribution information, please see the file - * . - * - * Definitions for Kerberos administration server & client - * - * from: kadm.h,v 4.2 89/09/26 09:15:20 jtkohl Exp $ - * $Id: kadm.h,v 1.2 1994/07/19 19:23:09 g89r4222 Exp $ - */ - -#ifndef KADM_DEFS -#define KADM_DEFS - -/* - * kadm.h - * Header file for the fourth attempt at an admin server - * Doug Church, December 28, 1989, MIT Project Athena - */ - -/* for those broken Unixes without this defined... should be in sys/param.h */ -#ifndef MAXHOSTNAMELEN -#define MAXHOSTNAMELEN 64 -#endif - -#include -#include -#include -#include - -/* The global structures for the client and server */ -typedef struct { - struct sockaddr_in admin_addr; - struct sockaddr_in my_addr; - int my_addr_len; - int admin_fd; /* file descriptor for link to admin server */ - char sname[ANAME_SZ]; /* the service name */ - char sinst[INST_SZ]; /* the services instance */ - char krbrlm[REALM_SZ]; -} Kadm_Client; - -typedef struct { /* status of the server, i.e the parameters */ - int inter; /* Space for command line flags */ - char *sysfile; /* filename of server */ -} admin_params; /* Well... it's the admin's parameters */ - -/* Largest password length to be supported */ -#define MAX_KPW_LEN 128 - -/* Largest packet the admin server will ever allow itself to return */ -#define KADM_RET_MAX 2048 - -/* That's right, versions are 8 byte strings */ -#define KADM_VERSTR "KADM0.0A" -#define KADM_ULOSE "KYOULOSE" /* sent back when server can't - decrypt client's msg */ -#define KADM_VERSIZE strlen(KADM_VERSTR) - -/* the lookups for the server instances */ -#define PWSERV_NAME "changepw" -#define KADM_SNAME "kerberos_master" -#define KADM_SINST "kerberos" - -/* Attributes fields constants and macros */ -#define ALLOC 2 -#define RESERVED 3 -#define DEALLOC 4 -#define DEACTIVATED 5 -#define ACTIVE 6 - -/* Kadm_vals structure for passing db fields into the server routines */ -#define FLDSZ 4 - -typedef struct { - u_char fields[FLDSZ]; /* The active fields in this struct */ - char name[ANAME_SZ]; - char instance[INST_SZ]; - unsigned long key_low; - unsigned long key_high; - unsigned long exp_date; - unsigned short attributes; - unsigned char max_life; -} Kadm_vals; /* The basic values structure in Kadm */ - -/* Kadm_vals structure for passing db fields into the server routines */ -#define FLDSZ 4 - -/* Need to define fields types here */ -#define KADM_NAME 31 -#define KADM_INST 30 -#define KADM_EXPDATE 29 -#define KADM_ATTR 28 -#define KADM_MAXLIFE 27 -#define KADM_DESKEY 26 - -/* To set a field entry f in a fields structure d */ -#define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8))) - -/* To set a field entry f in a fields structure d */ -#define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8)))) - -/* Is field f in fields structure d */ -#define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8))) - -/* Various return codes */ -#define KADM_SUCCESS 0 - -#define WILDCARD_STR "*" - -enum acl_types { -ADDACL, -GETACL, -MODACL -}; - -/* Various opcodes for the admin server's functions */ -#define CHANGE_PW 2 -#define ADD_ENT 3 -#define MOD_ENT 4 -#define GET_ENT 5 - -extern long kdb_get_master_key(); /* XXX should be in krb_db.h */ -extern long kdb_verify_master_key(); /* XXX ditto */ - -extern long krb_mk_priv(), krb_rd_priv(); /* XXX should be in krb.h */ -extern void krb_set_tkt_string(); /* XXX ditto */ - -extern unsigned long quad_cksum(); /* XXX should be in des.h */ - -/* XXX This doesn't belong here!!! */ -char *malloc(), *realloc(); -#ifdef POSIX -typedef void sigtype; -#else -typedef int sigtype; -#endif - -#endif KADM_DEFS diff --git a/eBones/include/mit-copyright.h b/eBones/include/mit-copyright.h deleted file mode 100644 index cd30580..0000000 --- a/eBones/include/mit-copyright.h +++ /dev/null @@ -1,20 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ diff --git a/eBones/kadmin/kadmin.8 b/eBones/kadmin/kadmin.8 deleted file mode 100644 index 6e15015..0000000 --- a/eBones/kadmin/kadmin.8 +++ /dev/null @@ -1,158 +0,0 @@ -.\" from: kadmin.8,v 4.2 89/07/25 17:20:02 jtkohl Exp $ -.\" $Id: kadmin.8,v 1.2 1994/07/19 19:27:22 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KADMIN 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kadmin \- network utility for Kerberos database administration -.SH SYNOPSIS -.B kadmin [-u user] [-r default_realm] [-m] -.SH DESCRIPTION -This utility provides a unified administration interface to -the -Kerberos -master database. -Kerberos -administrators -use -.I kadmin -to register new users and services to the master database, -and to change information about existing database entries. -For instance, an administrator can use -.I kadmin -to change a user's -Kerberos -password. -A Kerberos administrator is a user with an ``admin'' instance -whose name appears on one of the Kerberos administration access control -lists. If the \-u option is used, -.I user -will be used as the administrator instead of the local user. -If the \-r option is used, -.I default_realm -will be used as the default realm for transactions. Otherwise, -the local realm will be used by default. -If the \-m option is used, multiple requests will be permitted -on only one entry of the admin password. Some sites won't -support this option. - -The -.I kadmin -program communicates over the network with the -.I kadmind -program, which runs on the machine housing the Kerberos master -database. -The -.I kadmind -creates new entries and makes modifications to the database. - -When you enter the -.I kadmin -command, -the program displays a message that welcomes you and explains -how to ask for help. -Then -.I kadmin -waits for you to enter commands (which are described below). -It then asks you for your -.I admin -password before accessing the database. - -Use the -.I add_new_key -(or -.I ank -for short) -command to register a new principal -with the master database. -The command requires one argument, -the principal's name. The name -given can be fully qualified using -the standard -.I name.instance@realm -convention. -You are asked to enter your -.I admin -password, -then prompted twice to enter the principal's -new password. If no realm is specified, -the local realm is used unless another was -given on the commandline with the \-r flag. -If no instance is -specified, a null instance is used. If -a realm other than the default realm is specified, -you will need to supply your admin password for -the other realm. - -Use the -.I change_password (cpw) -to change a principal's -Kerberos -password. -The command requires one argument, -the principal's -name. -You are asked to enter your -.I admin -password, -then prompted twice to enter the principal's new password. -The name -given can be fully qualified using -the standard -.I name.instance@realm -convention. - -Use the -.I change_admin_password (cap) -to change your -.I admin -instance password. -This command requires no arguments. -It prompts you for your old -.I admin -password, then prompts you twice to enter the new -.I admin -password. If this is your first command, -the default realm is used. Otherwise, the realm -used in the last command is used. - -Use the -.I destroy_tickets (dest) -command to destroy your admin tickets explicitly. - -Use the -.I list_requests (lr) -command to get a list of possible commands. - -Use the -.I help -command to display -.IR kadmin's -various help messages. -If entered without an argument, -.I help -displays a general help message. -You can get detailed information on specific -.I kadmin -commands -by entering -.I help -.IR command_name . - -To quit the program, type -.IR quit . - -.SH BUGS -The user interface is primitive, and the command names could be better. - -.SH "SEE ALSO" -kerberos(1), kadmind(8), kpasswd(1), ksrvutil(8) -.br -``A Subsystem Utilities Package for UNIX'' by Ken Raeburn -.SH AUTHORS -Jeffrey I. Schiller, MIT Project Athena -.br -Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/eBones/kdb/krb_dbl.c b/eBones/kdb/krb_dbl.c deleted file mode 100644 index 7776298..0000000 --- a/eBones/kdb/krb_dbl.c +++ /dev/null @@ -1 +0,0 @@ -This file is now obsolete. diff --git a/eBones/kdestroy/kdestroy.1 b/eBones/kdestroy/kdestroy.1 deleted file mode 100644 index 7099353..0000000 --- a/eBones/kdestroy/kdestroy.1 +++ /dev/null @@ -1,81 +0,0 @@ -.\" from: kdestroy.1,v 4.9 89/01/23 11:39:50 jtkohl Exp $ -.\" $Id: kdestroy.1,v 1.2 1994/07/19 19:27:32 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDESTROY 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdestroy \- destroy Kerberos tickets -.SH SYNOPSIS -.B kdestroy -[ -.B \-f -] -[ -.B \-q -] -.SH DESCRIPTION -The -.I kdestroy -utility destroys the user's active -Kerberos -authorization tickets by writing zeros to the file that contains them. -If the ticket file does not exist, -.I kdestroy -displays a message to that effect. -.PP -After overwriting the file, -.I kdestroy -removes the file from the system. -The utility -displays a message indicating the success or failure of the -operation. -If -.I kdestroy -is unable to destroy the ticket file, -the utility will warn you by making your terminal beep. -.PP -In the Athena workstation environment, -the -.I toehold -service automatically destroys your tickets when you -end a workstation session. -If your site does not provide a similar ticket-destroying mechanism, -you can place the -.I kdestroy -command in your -.I .logout -file so that your tickets are destroyed automatically -when you logout. -.PP -The options to -.I kdestroy -are as follows: -.TP 7 -.B \-f -.I kdestroy -runs without displaying the status message. -.TP -.B \-q -.I kdestroy -will not make your terminal beep if it fails to destroy the tickets. -.SH FILES -KRBTKFILE environment variable if set, otherwise -.br -/tmp/tkt[uid] -.SH SEE ALSO -kerberos(1), kinit(1), klist(1) -.SH BUGS -.PP -Only the tickets in the user's current ticket file are destroyed. -Separate ticket files are used to hold root instance and password -changing tickets. These files should probably be destroyed too, or -all of a user's tickets kept in a single ticket file. -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena -.br -Bill Sommerfeld, MIT Project Athena diff --git a/eBones/kinit/kinit.1 b/eBones/kinit/kinit.1 deleted file mode 100644 index f9a97a7..0000000 --- a/eBones/kinit/kinit.1 +++ /dev/null @@ -1,133 +0,0 @@ -.\" from: kinit.1,v 4.6 89/01/23 11:39:11 jtkohl Exp $ -.\" $Id: kinit.1,v 1.2 1994/07/19 19:27:36 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kinit \- Kerberos login utility -.SH SYNOPSIS -.B kinit -[ -.B \-irvl -] -.SH DESCRIPTION -The -.I kinit -command is used to login to the -Kerberos -authentication and authorization system. -Note that only registered -Kerberos -users can use the -Kerberos -system. -For information about registering as a -Kerberos -user, -see the -.I kerberos(1) -manual page. -.PP -If you are logged in to a workstation that is running the -.I toehold -service, -you do not have to use -.I kinit. -The -.I toehold -login procedure will log you into -Kerberos -automatically. -You will need to use -.I kinit -only in those situations in which -your original tickets have expired. -(Tickets expire in about a day.) -Note as well that -.I toehold -will automatically destroy your tickets when you logout from the workstation. -.PP -When you use -.I kinit -without options, -the utility -prompts for your username and Kerberos password, -and tries to authenticate your login with the local -Kerberos -server. -.PP -If -Kerberos -authenticates the login attempt, -.I kinit -retrieves your initial ticket and puts it in the ticket file specified by -your KRBTKFILE environment variable. -If this variable is undefined, -your ticket will be stored in the -.IR /tmp -directory, -in the file -.I tktuid , -where -.I uid -specifies your user identification number. -.PP -If you have logged in to -Kerberos -without the benefit of the workstation -.I toehold -system, -make sure you use the -.I kdestroy -command to destroy any active tickets before you end your login session. -You may want to put the -.I kdestroy -command in your -.I \.logout -file so that your tickets will be destroyed automatically when you logout. -.PP -The options to -.I kinit -are as follows: -.TP 7 -.B \-i -.I kinit -prompts you for a -Kerberos -instance. -.TP -.B \-r -.I kinit -prompts you for a -Kerberos -realm. -This option lets you authenticate yourself with a remote -Kerberos -server. -.TP -.B \-v -Verbose mode. -.I kinit -prints the name of the ticket file used, and -a status message indicating the success or failure of -your login attempt. -.TP -.B \-l -.I kinit -prompts you for a ticket lifetime in minutes. Due to protocol -restrictions in Kerberos Version 4, this value must be between 5 and -1275 minutes. -.SH SEE ALSO -.PP -kerberos(1), kdestroy(1), klist(1), toehold(1) -.SH BUGS -The -.B \-r -option has not been fully implemented. -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena diff --git a/eBones/ksrvutil/ksrvutil.8 b/eBones/ksrvutil/ksrvutil.8 deleted file mode 100644 index a7fed82..0000000 --- a/eBones/ksrvutil/ksrvutil.8 +++ /dev/null @@ -1,93 +0,0 @@ -.\" from: /mit/kerberos/src/man/RCS/ksrvutil.8,v 4.0 89/07/27 18:35:33 jtkohl Exp $ -.\" $Id: ksrvutil.8,v 1.2 1994/07/19 19:27:53 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KSRVUTIL 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -ksrvutil \- host kerberos keyfile (srvtab) manipulation utility -.SH SYNOPSIS -ksrvutil -.B operation -[ -.B \-k -] [ -.B \-i -] [ -.B \-f filename -] -.SH DESCRIPTION -.I ksrvutil -allows a system manager to list or change keys currently in his -keyfile or to add new keys to the keyfile. -.PP - -Operation must be one of the following: -.TP 10n -.I list -lists the keys in a keyfile showing version number and principal -name. If the \-k option is given, keys will also be shown. -.TP 10n -.I change -changes all the keys in the keyfile by using the regular admin -protocol. If the \-i flag is given, -.I ksrvutil -will prompt for yes or no before changing each key. If the \-k -option is used, the old and new keys will be displayed. -.TP 10n -.I add -allows the user to add a key. -.I add -prompts for name, instance, realm, and key version number, asks -for confirmation, and then asks for a password. -.I ksrvutil -then converts the password to a key and appends the keyfile with -the new information. If the \-k option is used, the key is -displayed. - -.PP -In all cases, the default file used is KEY_FILE as defined in -krb.h unless this is overridden by the \-f option. - -.PP -A good use for -.I ksrvutil -would be for adding keys to a keyfile. A system manager could -ask a kerberos administrator to create a new service key with -.IR kadmin (8) -and could supply an initial password. Then, he could use -.I ksrvutil -to add the key to the keyfile and then to change the key so that -it will be random and unknown to either the system manager or -the kerberos administrator. - -.I ksrvutil -always makes a backup copy of the keyfile before making any -changes. - -.SH DIAGNOSTICS -If -.I ksrvutil -should exit on an error condition at any time during a change or -add, a copy of the -original keyfile can be found in -.IR filename .old -where -.I filename -is the name of the keyfile, and a copy of the file with all new -keys changed or added so far can be found in -.IR filename .work. -The original keyfile is left unmodified until the program exits -at which point it is removed and replaced it with the workfile. -Appending the workfile to the backup copy and replacing the -keyfile with the result should always give a usable keyfile, -although the resulting keyfile will have some out of date keys -in it. - -.SH SEE ALSO -kadmin(8), ksrvtgt(1) - -.SH AUTHOR -Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/eBones/make_keypair/make_keypair.8 b/eBones/make_keypair/make_keypair.8 deleted file mode 100644 index d0b7b88..0000000 --- a/eBones/make_keypair/make_keypair.8 +++ /dev/null @@ -1,87 +0,0 @@ -.\" Copyright (c) 1988, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)make_keypair.8 8.2 (Berkeley) 12/11/93 -.\" -.Dd December 11, 1993 -.Dt MAKE_KEYPAIR 8 -.Os -.Sh NAME -.Nm make_keypair -.Nd generate Kerberos host key pair -.Sh SYNOPSIS -.Nm make_keypair -.Ar hostname -.Op Ar hostname ... -.Sh DESCRIPTION -The -.Nm make_keypair -command -is used to create pairs of -.Tn DES -keys for -each -.Ar hostname . -The keys are used by privileged programs such as -.Xr register 1 -to make remote updates to the Kerberos database without -having to have first acquired a Kerberos ticket granting ticket -.Pq Tn TGT . -The keys created by -.Nm make_keypair -are placed (by hand) in the filesystems of the -kerberos server in -.Pa /etc/kerberosIV/register_keys , -and in the root directory of the clients. -For example, the file -.Pa /.update.key128.32.130.3 -would -contain a copy of the key of the client with -IP address 128.32.130.3. -These keys provide a shared secret which may be used to establish -a secure channel between the client hosts and the Kerberos server. -.Sh FILES -.Bl -tag -width /etc/kerberosIV/register_keysxx -compact -.It Pa /.update.keyxx.xx.xx.xx -shared -.Tn DES -key with server -.It Pa /etc/kerberosIV/register_keys -server's key storage directory -.El -.Sh SEE ALSO -.Xr register 1 , -.Xr registerd 8 , -.Xr kerberos 1 -.Sh HISTORY -The -.Nm make_keypair -utility first appeared in 4.4BSD. diff --git a/eBones/man/des.point b/eBones/man/des.point deleted file mode 100644 index 853c9cb..0000000 --- a/eBones/man/des.point +++ /dev/null @@ -1 +0,0 @@ -.so man3/des_crypt.3 diff --git a/eBones/man/kadmin.8 b/eBones/man/kadmin.8 deleted file mode 100644 index 6e15015..0000000 --- a/eBones/man/kadmin.8 +++ /dev/null @@ -1,158 +0,0 @@ -.\" from: kadmin.8,v 4.2 89/07/25 17:20:02 jtkohl Exp $ -.\" $Id: kadmin.8,v 1.2 1994/07/19 19:27:22 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KADMIN 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kadmin \- network utility for Kerberos database administration -.SH SYNOPSIS -.B kadmin [-u user] [-r default_realm] [-m] -.SH DESCRIPTION -This utility provides a unified administration interface to -the -Kerberos -master database. -Kerberos -administrators -use -.I kadmin -to register new users and services to the master database, -and to change information about existing database entries. -For instance, an administrator can use -.I kadmin -to change a user's -Kerberos -password. -A Kerberos administrator is a user with an ``admin'' instance -whose name appears on one of the Kerberos administration access control -lists. If the \-u option is used, -.I user -will be used as the administrator instead of the local user. -If the \-r option is used, -.I default_realm -will be used as the default realm for transactions. Otherwise, -the local realm will be used by default. -If the \-m option is used, multiple requests will be permitted -on only one entry of the admin password. Some sites won't -support this option. - -The -.I kadmin -program communicates over the network with the -.I kadmind -program, which runs on the machine housing the Kerberos master -database. -The -.I kadmind -creates new entries and makes modifications to the database. - -When you enter the -.I kadmin -command, -the program displays a message that welcomes you and explains -how to ask for help. -Then -.I kadmin -waits for you to enter commands (which are described below). -It then asks you for your -.I admin -password before accessing the database. - -Use the -.I add_new_key -(or -.I ank -for short) -command to register a new principal -with the master database. -The command requires one argument, -the principal's name. The name -given can be fully qualified using -the standard -.I name.instance@realm -convention. -You are asked to enter your -.I admin -password, -then prompted twice to enter the principal's -new password. If no realm is specified, -the local realm is used unless another was -given on the commandline with the \-r flag. -If no instance is -specified, a null instance is used. If -a realm other than the default realm is specified, -you will need to supply your admin password for -the other realm. - -Use the -.I change_password (cpw) -to change a principal's -Kerberos -password. -The command requires one argument, -the principal's -name. -You are asked to enter your -.I admin -password, -then prompted twice to enter the principal's new password. -The name -given can be fully qualified using -the standard -.I name.instance@realm -convention. - -Use the -.I change_admin_password (cap) -to change your -.I admin -instance password. -This command requires no arguments. -It prompts you for your old -.I admin -password, then prompts you twice to enter the new -.I admin -password. If this is your first command, -the default realm is used. Otherwise, the realm -used in the last command is used. - -Use the -.I destroy_tickets (dest) -command to destroy your admin tickets explicitly. - -Use the -.I list_requests (lr) -command to get a list of possible commands. - -Use the -.I help -command to display -.IR kadmin's -various help messages. -If entered without an argument, -.I help -displays a general help message. -You can get detailed information on specific -.I kadmin -commands -by entering -.I help -.IR command_name . - -To quit the program, type -.IR quit . - -.SH BUGS -The user interface is primitive, and the command names could be better. - -.SH "SEE ALSO" -kerberos(1), kadmind(8), kpasswd(1), ksrvutil(8) -.br -``A Subsystem Utilities Package for UNIX'' by Ken Raeburn -.SH AUTHORS -Jeffrey I. Schiller, MIT Project Athena -.br -Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/eBones/man/kdestroy.1 b/eBones/man/kdestroy.1 deleted file mode 100644 index 7099353..0000000 --- a/eBones/man/kdestroy.1 +++ /dev/null @@ -1,81 +0,0 @@ -.\" from: kdestroy.1,v 4.9 89/01/23 11:39:50 jtkohl Exp $ -.\" $Id: kdestroy.1,v 1.2 1994/07/19 19:27:32 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDESTROY 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdestroy \- destroy Kerberos tickets -.SH SYNOPSIS -.B kdestroy -[ -.B \-f -] -[ -.B \-q -] -.SH DESCRIPTION -The -.I kdestroy -utility destroys the user's active -Kerberos -authorization tickets by writing zeros to the file that contains them. -If the ticket file does not exist, -.I kdestroy -displays a message to that effect. -.PP -After overwriting the file, -.I kdestroy -removes the file from the system. -The utility -displays a message indicating the success or failure of the -operation. -If -.I kdestroy -is unable to destroy the ticket file, -the utility will warn you by making your terminal beep. -.PP -In the Athena workstation environment, -the -.I toehold -service automatically destroys your tickets when you -end a workstation session. -If your site does not provide a similar ticket-destroying mechanism, -you can place the -.I kdestroy -command in your -.I .logout -file so that your tickets are destroyed automatically -when you logout. -.PP -The options to -.I kdestroy -are as follows: -.TP 7 -.B \-f -.I kdestroy -runs without displaying the status message. -.TP -.B \-q -.I kdestroy -will not make your terminal beep if it fails to destroy the tickets. -.SH FILES -KRBTKFILE environment variable if set, otherwise -.br -/tmp/tkt[uid] -.SH SEE ALSO -kerberos(1), kinit(1), klist(1) -.SH BUGS -.PP -Only the tickets in the user's current ticket file are destroyed. -Separate ticket files are used to hold root instance and password -changing tickets. These files should probably be destroyed too, or -all of a user's tickets kept in a single ticket file. -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena -.br -Bill Sommerfeld, MIT Project Athena diff --git a/eBones/man/kerberos.3 b/eBones/man/kerberos.3 deleted file mode 100644 index 30fa885..0000000 --- a/eBones/man/kerberos.3 +++ /dev/null @@ -1,461 +0,0 @@ -.\" from: kerberos.3,v 4.9 89/01/23 16:28:19 steiner Exp $ -.\" $Id: kerberos.3,v 1.2 1994/07/19 19:27:35 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred, -krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err, -krb_rd_err, krb_ck_repl \- Kerberos authentication library -.SH SYNOPSIS -.nf -.nj -.ft B -#include -#include -.PP -.ft B -extern char *krb_err_txt[]; -.PP -.ft B -int krb_mk_req(authent,service,instance,realm,checksum) -KTEXT authent; -char *service; -char *instance; -char *realm; -u_long checksum; -.PP -.ft B -int krb_rd_req(authent,service,instance,from_addr,ad,fn) -KTEXT authent; -char *service; -char *instance; -u_long from_addr; -AUTH_DAT *ad; -char *fn; -.PP -.ft B -int krb_kntoln(ad,lname) -AUTH_DAT *ad; -char *lname; -.PP -.ft B -int krb_set_key(key,cvt) -char *key; -int cvt; -.PP -.ft B -int krb_get_cred(service,instance,realm,c) -char *service; -char *instance; -char *realm; -CREDENTIALS *c; -.PP -.ft B -long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver) -u_char *in; -u_char *out; -u_long in_length; -des_cblock key; -des_key_schedule schedule; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -.PP -.ft B -long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data) -u_char *in; -u_long in_length; -Key_schedule schedule; -des_cblock key; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -MSG_DAT *msg_data; -.PP -.ft B -long krb_mk_safe(in,out,in_length,key,sender,receiver) -u_char *in; -u_char *out; -u_long in_length; -des_cblock key; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -.PP -.ft B -long krb_rd_safe(in,length,key,sender,receiver,msg_data) -u_char *in; -u_long length; -des_cblock key; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -MSG_DAT *msg_data; -.PP -.ft B -long krb_mk_err(out,code,string) -u_char *out; -long code; -char *string; -.PP -.ft B -long krb_rd_err(in,length,code,msg_data) -u_char *in; -u_long length; -long code; -MSG_DAT *msg_data; -.fi -.ft R -.SH DESCRIPTION -This library supports network authentication and various related -operations. The library contains many routines beyond those described -in this man page, but they are not intended to be used directly. -Instead, they are called by the routines that are described, the -authentication server and the login program. -.PP -.I krb_err_txt[] -contains text string descriptions of various Kerberos error codes returned -by some of the routines below. -.PP -.I krb_mk_req -takes a pointer to a text structure in which an authenticator is to be -built. It also takes the name, instance, and realm of the service to be -used and an optional checksum. It is up to the application to decide -how to generate the checksum. -.I krb_mk_req -then retrieves a ticket for the desired service and creates an -authenticator. The authenticator is built in -.I authent -and is accessible -to the calling procedure. -.PP -It is up to the application to get the authenticator to the service -where it will be read by -.I krb_rd_req. -Unless an attacker posesses the session key contained in the ticket, it -will be unable to modify the authenticator. Thus, the checksum can be -used to verify the authenticity of the other data that will pass through -a connection. -.PP -.I krb_rd_req -takes an authenticator of type -.B KTEXT, -a service name, an instance, the address of the -host originating the request, and a pointer to a structure of type -.B AUTH_DAT -which is filled in with information obtained from the authenticator. -It also optionally takes the name of the file in which it will find the -secret key(s) for the service. -If the supplied -.I instance -contains "*", then the first service key with the same service name -found in the service key file will be used, and the -.I instance -argument will be filled in with the chosen instance. This means that -the caller must provide space for such an instance name. -.PP -It is used to find out information about the principal when a request -has been made to a service. It is up to the application protocol to get -the authenticator from the client to the service. The authenticator is -then passed to -.I krb_rd_req -to extract the desired information. -.PP -.I krb_rd_req -returns zero (RD_AP_OK) upon successful authentication. If a packet was -forged, modified, or replayed, authentication will fail. If the -authentication fails, a non-zero value is returned indicating the -particular problem encountered. See -.I krb.h -for the list of error codes. -.PP -If the last argument is the null string (""), krb_rd_req will use the -file /etc/srvtab to find its keys. If the last argument is NULL, it -will assume that the key has been set by -.I krb_set_key -and will not bother looking further. -.PP -.I krb_kntoln -converts a Kerberos name to a local name. It takes a structure -of type AUTH_DAT and uses the name and instance to look in the database -/etc/aname to find the corresponding local name. The local name is -returned and can be used by an application to change uids, directories, -or other parameters. It is not an integral part of Kerberos, but is -instead provided to support the use of Kerberos in existing utilities. -.PP -.I krb_set_key -takes as an argument a des key. It then creates -a key schedule from it and saves the original key to be used as an -initialization vector. -It is used to set the server's key which -must be used to decrypt tickets. -.PP -If called with a non-zero second argument, -.I krb_set_key -will first convert the input from a string of arbitrary length to a DES -key by encrypting it with a one-way function. -.PP -In most cases it should not be necessary to call -.I krb_set_key. -The necessary keys will usually be obtained and set inside -.I krb_rd_req. krb_set_key -is provided for those applications that do not wish to place the -application keys on disk. -.PP -.I krb_get_cred -searches the caller's ticket file for a ticket for the given service, instance, -and realm; and, if a ticket is found, fills in the given CREDENTIALS structure -with the ticket information. -.PP -If the ticket was found, -.I krb_get_cred -returns GC_OK. -If the ticket file can't be found, can't be read, doesn't belong to -the user (other than root), isn't a regular file, or is in the wrong -mode, the error GC_TKFIL is returned. -.PP -.I krb_mk_priv -creates an encrypted, authenticated -message from any arbitrary application data, pointed to by -.I in -and -.I in_length -bytes long. -The private session key, pointed to by -.I key -and the key schedule, -.I schedule, -are used to encrypt the data and some header information using -.I pcbc_encrypt. -.I sender -and -.I receiver -point to the Internet address of the two parties. -In addition to providing privacy, this protocol message protects -against modifications, insertions or replays. The encapsulated message and -header are placed in the area pointed to by -.I out -and the routine returns the length of the output, or -1 indicating -an error. -.PP -.I krb_rd_priv -decrypts and authenticates a received -.I krb_mk_priv -message. -.I in -points to the beginning of the received message, whose length -is specified in -.I in_length. -The private session key, pointed to by -.I key, -and the key schedule, -.I schedule, -are used to decrypt and verify the received message. -.I msg_data -is a pointer to a -.I MSG_DAT -struct, defined in -.I krb.h. -The routine fills in the -.I app_data -field with a pointer to the decrypted application data, -.I app_length -with the length of the -.I app_data -field, -.I time_sec -and -.I time_5ms -with the timestamps in the message, and -.I swap -with a 1 if the byte order of the receiver is different than that of -the sender. (The application must still determine if it is appropriate -to byte-swap application data; the Kerberos protocol fields are already taken -care of). The -.I hash -field returns a value useful as input to the -.I krb_ck_repl -routine. - -The routine returns zero if ok, or a Kerberos error code. Modified messages -and old messages cause errors, but it is up to the caller to -check the time sequence of messages, and to check against recently replayed -messages using -.I krb_ck_repl -if so desired. -.PP -.I krb_mk_safe -creates an authenticated, but unencrypted message from any arbitrary -application data, -pointed to by -.I in -and -.I in_length -bytes long. -The private session key, pointed to by -.I key, -is used to seed the -.I quad_cksum() -checksum algorithm used as part of the authentication. -.I sender -and -.I receiver -point to the Internet address of the two parties. -This message does not provide privacy, but does protect (via detection) -against modifications, insertions or replays. The encapsulated message and -header are placed in the area pointed to by -.I out -and the routine returns the length of the output, or -1 indicating -an error. -The authentication provided by this routine is not as strong as that -provided by -.I krb_mk_priv -or by computing the checksum using -.I cbc_cksum -instead, both of which authenticate via DES. -.PP - -.I krb_rd_safe -authenticates a received -.I krb_mk_safe -message. -.I in -points to the beginning of the received message, whose length -is specified in -.I in_length. -The private session key, pointed to by -.I key, -is used to seed the quad_cksum() routine as part of the authentication. -.I msg_data -is a pointer to a -.I MSG_DAT -struct, defined in -.I krb.h . -The routine fills in these -.I MSG_DAT -fields: -the -.I app_data -field with a pointer to the application data, -.I app_length -with the length of the -.I app_data -field, -.I time_sec -and -.I time_5ms -with the timestamps in the message, and -.I swap -with a 1 if the byte order of the receiver is different than that of -the sender. -(The application must still determine if it is appropriate -to byte-swap application data; the Kerberos protocol fields are already taken -care of). The -.I hash -field returns a value useful as input to the -.I krb_ck_repl -routine. - -The routine returns zero if ok, or a Kerberos error code. Modified messages -and old messages cause errors, but it is up to the caller to -check the time sequence of messages, and to check against recently replayed -messages using -.I krb_ck_repl -if so desired. -.PP -.I krb_mk_err -constructs an application level error message that may be used along -with -.I krb_mk_priv -or -.I krb_mk_safe. -.I out -is a pointer to the output buffer, -.I code -is an application specific error code, and -.I string -is an application specific error string. - -.PP -.I krb_rd_err -unpacks a received -.I krb_mk_err -message. -.I in -points to the beginning of the received message, whose length -is specified in -.I in_length. -.I code -is a pointer to a value to be filled in with the error -value provided by the application. -.I msg_data -is a pointer to a -.I MSG_DAT -struct, defined in -.I krb.h . -The routine fills in these -.I MSG_DAT -fields: the -.I app_data -field with a pointer to the application error text, -.I app_length -with the length of the -.I app_data -field, and -.I swap -with a 1 if the byte order of the receiver is different than that of -the sender. (The application must still determine if it is appropriate -to byte-swap application data; the Kerberos protocol fields are already taken -care of). - -The routine returns zero if the error message has been successfully received, -or a Kerberos error code. -.PP -The -.I KTEXT -structure is used to pass around text of varying lengths. It consists -of a buffer for the data, and a length. krb_rd_req takes an argument of this -type containing the authenticator, and krb_mk_req returns the -authenticator in a structure of this type. KTEXT itself is really a -pointer to the structure. The actual structure is of type KTEXT_ST. -.PP -The -.I AUTH_DAT -structure is filled in by krb_rd_req. It must be allocated before -calling krb_rd_req, and a pointer to it is passed. The structure is -filled in with data obtained from Kerberos. -.I MSG_DAT -structure is filled in by either krb_rd_priv, krb_rd_safe, or -krb_rd_err. It must be allocated before the call and a pointer to it -is passed. The structure is -filled in with data obtained from Kerberos. -.PP -.SH FILES -/usr/include/krb.h -.br -/usr/lib/libkrb.a -.br -/usr/include/des.h -.br -/usr/lib/libdes.a -.br -/etc/aname -.br -/etc/srvtab -.br -/tmp/tkt[uid] -.SH "SEE ALSO" -kerberos(1), des_crypt(3) -.SH DIAGNOSTICS -.SH BUGS -The caller of -.I krb_rd_req, krb_rd_priv, and krb_rd_safe -must check time order and for replay attempts. -.I krb_ck_repl -is not implemented yet. -.SH AUTHORS -Clifford Neuman, MIT Project Athena -.br -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.SH RESTRICTIONS -COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology diff --git a/eBones/man/kerberos.point b/eBones/man/kerberos.point deleted file mode 100644 index a75ae2c..0000000 --- a/eBones/man/kerberos.point +++ /dev/null @@ -1 +0,0 @@ -.so man3/kerberos.3 diff --git a/eBones/man/kinit.1 b/eBones/man/kinit.1 deleted file mode 100644 index f9a97a7..0000000 --- a/eBones/man/kinit.1 +++ /dev/null @@ -1,133 +0,0 @@ -.\" from: kinit.1,v 4.6 89/01/23 11:39:11 jtkohl Exp $ -.\" $Id: kinit.1,v 1.2 1994/07/19 19:27:36 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kinit \- Kerberos login utility -.SH SYNOPSIS -.B kinit -[ -.B \-irvl -] -.SH DESCRIPTION -The -.I kinit -command is used to login to the -Kerberos -authentication and authorization system. -Note that only registered -Kerberos -users can use the -Kerberos -system. -For information about registering as a -Kerberos -user, -see the -.I kerberos(1) -manual page. -.PP -If you are logged in to a workstation that is running the -.I toehold -service, -you do not have to use -.I kinit. -The -.I toehold -login procedure will log you into -Kerberos -automatically. -You will need to use -.I kinit -only in those situations in which -your original tickets have expired. -(Tickets expire in about a day.) -Note as well that -.I toehold -will automatically destroy your tickets when you logout from the workstation. -.PP -When you use -.I kinit -without options, -the utility -prompts for your username and Kerberos password, -and tries to authenticate your login with the local -Kerberos -server. -.PP -If -Kerberos -authenticates the login attempt, -.I kinit -retrieves your initial ticket and puts it in the ticket file specified by -your KRBTKFILE environment variable. -If this variable is undefined, -your ticket will be stored in the -.IR /tmp -directory, -in the file -.I tktuid , -where -.I uid -specifies your user identification number. -.PP -If you have logged in to -Kerberos -without the benefit of the workstation -.I toehold -system, -make sure you use the -.I kdestroy -command to destroy any active tickets before you end your login session. -You may want to put the -.I kdestroy -command in your -.I \.logout -file so that your tickets will be destroyed automatically when you logout. -.PP -The options to -.I kinit -are as follows: -.TP 7 -.B \-i -.I kinit -prompts you for a -Kerberos -instance. -.TP -.B \-r -.I kinit -prompts you for a -Kerberos -realm. -This option lets you authenticate yourself with a remote -Kerberos -server. -.TP -.B \-v -Verbose mode. -.I kinit -prints the name of the ticket file used, and -a status message indicating the success or failure of -your login attempt. -.TP -.B \-l -.I kinit -prompts you for a ticket lifetime in minutes. Due to protocol -restrictions in Kerberos Version 4, this value must be between 5 and -1275 minutes. -.SH SEE ALSO -.PP -kerberos(1), kdestroy(1), klist(1), toehold(1) -.SH BUGS -The -.B \-r -option has not been fully implemented. -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena diff --git a/eBones/man/klogind.8 b/eBones/man/klogind.8 deleted file mode 100644 index 459cd26..0000000 --- a/eBones/man/klogind.8 +++ /dev/null @@ -1,122 +0,0 @@ -.\" from: klogind.8,v 4.1 89/01/23 11:39:30 jtkohl Exp $ -.\" $Id: klogind.8,v 1.2 1994/07/19 19:27:39 g89r4222 Exp $ -.\" -.\" Copyright (c) 1983 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)rlogind.8 6.4 (Berkeley) 9/19/88 -.\" -.TH KLOGIND 8 "Kerberos Version 4.0" "MIT Project Athena" -.UC 5 -.SH NAME -klogind \- remote login server -.SH SYNOPSIS -.B /usr/etc/klogind -.br -.B /usr/etc/Klogind -.br -.B /usr/etc/eklogind -.SH DESCRIPTION -.I Klogind -is the server for the Kerberos version of the -.IR rlogin (1) -program. The server provides a remote login facility -with authentication provided by Kerberos. -.PP -.I Klogind -listens for service requests at the port indicated in -the ``klogin'' or ``eklogin'' service specification; see -.IR services (5). -.PP -Invocation as Klogind is intended for secure -hosts to which no password access will be granted; invocation as klogind -is intended for normal hosts to which password access may be granted if -Kerberos authorization fails; invocation as eklogind provides an -encrypted communications channel. A host can run either Klogind or -klogind but not both (they use the same port, ``klogin''). Eklogind may -be run independently. -.PP -When a service request is received, the server checks the client's -source address and requests the corresponding host name (see -.IR gethostbyaddr (3N), -.IR hosts (5) -and -.IR named (8)). -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -.PP -Once the source address has been checked, -.I klogind -allocates a pseudo terminal (see -.IR pty (4)), -and manipulates file descriptors so that the slave -half of the pseudo terminal becomes the -.B stdin , -.B stdout , -and -.B stderr -for a login process. -The login process is an instance of the -.IR login (1) -program, invoked with the -.B \-k, -.B \-K, -or -.B \-e -option, depending on whether the klogind was started as klogind, Klogind -or eklogind, respectively. -The login process then proceeds with the -authentication process as described in -.IR kshd (8), -but if automatic authentication fails, it reprompts the user -to login as one finds on a standard terminal line. -.PP -The parent of the login process manipulates the master side of -the pseudo terminal, operating as an intermediary -between the login process and the client instance of the -.I rlogin -program. If klogind is invoked as eklogind, all data passed over -the network are encrypted. -In normal operation, the packet protocol described -in -.IR pty (4) -is invoked to provide ^S/^Q type facilities and propagate -interrupt signals to the remote programs. The login process -propagates the client terminal's baud rate and terminal type, -as found in the environment variable, ``TERM''; see -.IR environ (7). -The screen or window size of the terminal is requested from the client, -and window size changes from the client are propagated to the pseudo terminal. -.SH DIAGNOSTICS -All diagnostic messages are returned on the connection -associated with the -.BR stderr , -after which any network connections are closed. -An error is indicated by a leading byte with a value of 1. -.PP -.B ``Try again.'' -.br -A -.I fork -by the server failed. -.PP -.B ``/bin/sh: ...'' -.br -The user's login shell could not be started. -.SH SEE ALSO -kerberos(3) -.SH BUGS -.PP -A more extensible protocol should be used. diff --git a/eBones/man/kpasswd.1 b/eBones/man/kpasswd.1 deleted file mode 100644 index 2283f1f..0000000 --- a/eBones/man/kpasswd.1 +++ /dev/null @@ -1,86 +0,0 @@ -.\" from: kpasswd.1,v 4.2 89/07/25 17:23:08 jtkohl Exp $ -.\" $Id: kpasswd.1,v 1.2 1994/07/19 19:27:40 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KPASSWD 1 "Kerberos Version 4.0" "MIT Project Athena" -.FM mit -.SH NAME -kpasswd \- change a user's Kerberos password -.SH SYNOPSIS -.B kpasswd -[ -.B \-h -] [ -.B \-n -.I name -] [ -.B \-i -.I instance -] [ -.B \-r -.I realm -] [ -\-u -.IR username[.instance][@realm] ] -.SH DESCRIPTION -The -.I kpasswd -command is used to change a Kerberos principal's password. -.PP -If the -.I \-h -option is specified, a brief summary of the options is printed, and -.I kpasswd -then exits. -.PP -If the -.I \-n -option is specified, -.I name -is used as the principal name rather than the username of the user -running -.IR kpasswd . -(This is determined from the ticket file if it exists; -otherwise, it is determined from the unix user id.) -.PP -If the -.I \-i -option is specified, -.I instance -is used as the instance rather than a null instance. -.PP -If the -.I \-r -option is specified, -.I realm -is used as the realm rather than the local realm. -.PP -If the -.I \-u -option is specified, a fully qualified kerberos -principal can be given. -.PP - -The utility prompts for the current Kerberos password (printing -the name of the principal for which it intends to change the password), -which is verified by the Kerberos server. If the old password is -correct, the user is prompted twice for the new password. A message is -printed indicating the success or failure of the password changing -operation. - -.SH BUGS - -.I kpasswd -does not handle names, instances, or realms with special -characters in them when the -n, -i, or -r options are used. Any -valid fullname is accepted, however, if the -u option is used. - -If the principal whose password you are trying to change does -not exist, you will not be told until after you have entered the -old password. - -.SH SEE ALSO -kerberos(1), kinit(1), passwd(1), kadmin(8) diff --git a/eBones/man/ksend.point b/eBones/man/ksend.point deleted file mode 100644 index 2dbe5de..0000000 --- a/eBones/man/ksend.point +++ /dev/null @@ -1 +0,0 @@ -.so man3/krb_sendauth.3 diff --git a/eBones/man/kshd.8 b/eBones/man/kshd.8 deleted file mode 100644 index e1ecc22..0000000 --- a/eBones/man/kshd.8 +++ /dev/null @@ -1,152 +0,0 @@ -.\" from: kshd.8,v 4.1 89/01/23 11:39:41 jtkohl Exp $ -.\" $Id: kshd.8,v 1.2 1994/07/19 19:27:50 g89r4222 Exp $ -.\" -.\" Copyright (c) 1983 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)rshd.8 6.5 (Berkeley) 9/19/88 -.\" -.TH KSHD 8 "Kerberos Version 4.0" "MIT Project Athena" -.UC 5 -.SH NAME -kshd \- remote shell server -.SH SYNOPSIS -.B /usr/etc/kshd -.SH DESCRIPTION -.I Kshd -is the server for the -.IR kcmd (3) -routine and, consequently, for the -.IR rsh (1) -program. The server provides remote execution facilities -with authentication based on Kerberos. -.PP -.I Kshd -listens for service requests at the port indicated in -the ``kshell'' service specification; see -.IR services (5). -When a service request is received the following protocol -is initiated: -.IP 1) -The server reads characters from the socket up -to a null (`\e0') byte. The resultant string is -interpreted as an ASCII number, base 10. -.IP 2) -If the number received in step 1 is non-zero, -it is interpreted as the port number of a secondary -stream to be used for the -.BR stderr . -A second connection is then created to the specified -port on the client's machine. -.IP 3) -The server checks the client's source address -and requests the corresponding host name (see -.IR gethostbyaddr (3N), -.IR hosts (5) -and -.IR named (8)). -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -.IP 4) -A Kerberos ticket/authenticator pair are retrieved on the initial socket. -.IP 5) -A null terminated user name of at most 16 characters -is retrieved on the initial socket. This user name -is interpreted as a user identity to use on the -.BR server 's -machine. -.IP 6) -A null terminated command to be passed to a -shell is retrieved on the initial socket. The length of -the command is limited by the upper bound on the size of -the system's argument list. -.IP 7) -.I Kshd -then validates the user according to the following steps. -The local (server-end) user name is looked up in the password file -and a -.I chdir -is performed to the user's home directory. If either -the lookup or -.I chdir -fail, the connection is terminated. The \&.klogin file in the home -directory is used to mediate access to the account (via \fIkuserok\fP(3)) -by the Kerberos principal named in the ticket/authenticator. If this -authorization check fails, the connection is terminated. -.IP 8) -A null byte is returned on the initial socket -and the command line is passed to the normal login -shell of the user. The -shell inherits the network connections established -by -.IR kshd . -.SH DIAGNOSTICS -Except for the last one listed below, -all diagnostic messages -are returned on the initial socket, -after which any network connections are closed. -An error is indicated by a leading byte with a value of -1 (0 is returned in step 8 above upon successful completion -of all the steps prior to the execution of the login shell). -.PP -.B ``remuser too long'' -.br -The name of the user on the remote machine is -longer than 16 characters. -.PP -.B ``command too long '' -.br -The command line passed exceeds the size of the argument -list (as configured into the system). -.PP -.B ``Login incorrect.'' -.br -No password file entry for the user name existed. -.PP -.B ``No remote directory.'' -.br -The -.I chdir -command to the home directory failed. -.PP -.B ``Permission denied.'' -.br -The authorization procedure described above failed. -.PP -.B ``Can't make pipe.'' -.br -The pipe needed for the -.BR stderr , -wasn't created. -.PP -.B ``Try again.'' -.br -A -.I fork -by the server failed. -.PP -.B ``: ...'' -.br -The user's login shell could not be started. This message is returned -on the connection associated with the -.BR stderr , -and is not preceded by a flag byte. -.SH SEE ALSO -rsh(1), kerberos(3), kuserok(3) -.SH BUGS -A facility to allow all data exchanges to be encrypted should be -present. -.PP -A more extensible protocol should be used. diff --git a/eBones/man/ksrvutil.8 b/eBones/man/ksrvutil.8 deleted file mode 100644 index a7fed82..0000000 --- a/eBones/man/ksrvutil.8 +++ /dev/null @@ -1,93 +0,0 @@ -.\" from: /mit/kerberos/src/man/RCS/ksrvutil.8,v 4.0 89/07/27 18:35:33 jtkohl Exp $ -.\" $Id: ksrvutil.8,v 1.2 1994/07/19 19:27:53 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KSRVUTIL 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -ksrvutil \- host kerberos keyfile (srvtab) manipulation utility -.SH SYNOPSIS -ksrvutil -.B operation -[ -.B \-k -] [ -.B \-i -] [ -.B \-f filename -] -.SH DESCRIPTION -.I ksrvutil -allows a system manager to list or change keys currently in his -keyfile or to add new keys to the keyfile. -.PP - -Operation must be one of the following: -.TP 10n -.I list -lists the keys in a keyfile showing version number and principal -name. If the \-k option is given, keys will also be shown. -.TP 10n -.I change -changes all the keys in the keyfile by using the regular admin -protocol. If the \-i flag is given, -.I ksrvutil -will prompt for yes or no before changing each key. If the \-k -option is used, the old and new keys will be displayed. -.TP 10n -.I add -allows the user to add a key. -.I add -prompts for name, instance, realm, and key version number, asks -for confirmation, and then asks for a password. -.I ksrvutil -then converts the password to a key and appends the keyfile with -the new information. If the \-k option is used, the key is -displayed. - -.PP -In all cases, the default file used is KEY_FILE as defined in -krb.h unless this is overridden by the \-f option. - -.PP -A good use for -.I ksrvutil -would be for adding keys to a keyfile. A system manager could -ask a kerberos administrator to create a new service key with -.IR kadmin (8) -and could supply an initial password. Then, he could use -.I ksrvutil -to add the key to the keyfile and then to change the key so that -it will be random and unknown to either the system manager or -the kerberos administrator. - -.I ksrvutil -always makes a backup copy of the keyfile before making any -changes. - -.SH DIAGNOSTICS -If -.I ksrvutil -should exit on an error condition at any time during a change or -add, a copy of the -original keyfile can be found in -.IR filename .old -where -.I filename -is the name of the keyfile, and a copy of the file with all new -keys changed or added so far can be found in -.IR filename .work. -The original keyfile is left unmodified until the program exits -at which point it is removed and replaced it with the workfile. -Appending the workfile to the backup copy and replacing the -keyfile with the result should always give a usable keyfile, -although the resulting keyfile will have some out of date keys -in it. - -.SH SEE ALSO -kadmin(8), ksrvtgt(1) - -.SH AUTHOR -Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/eBones/man/ksu.1 b/eBones/man/ksu.1 deleted file mode 100644 index fe434d3..0000000 --- a/eBones/man/ksu.1 +++ /dev/null @@ -1,83 +0,0 @@ -.\" from: ksu.1,v 4.1 89/01/23 11:38:16 jtkohl Exp $ -.\" $Id: ksu.1,v 1.2 1994/07/19 19:27:57 g89r4222 Exp $ -.\" -.\" Copyright (c) 1988 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)su.1 6.7 (Berkeley) 12/7/88 -.\" -.TH KSU 1 "Kerberos Version 4.0" "MIT Project Athena" -.UC -.SH NAME -ksu \- substitute user id, using Kerberos -.SH SYNOPSIS -.B ksu -[-flm] [login] -.SH DESCRIPTION -\fIKsu\fP requests the password for \fIlogin\fP (or for ``root'', if no -login is provided), and switches to that user and group ID. A shell is -then invoked. -.PP -By default, your environment is unmodified with the exception of -\fIUSER\fP, \fIHOME\fP, and \fISHELL\fP. \fIHOME\fP and \fISHELL\fP -are set to the target login's \fI/etc/passwd\fP values. \fIUSER\fP -is set to the target login, unless the target login has a UID of 0, -in which case it is unmodified. The invoked shell is the target -login's. This is the traditional behavior of \fIksu\fP. -.PP -The \fI-l\fP option simulates a full login. The environment is discarded -except for \fIHOME\fP, \fISHELL\fP, \fIPATH\fP, \fITERM\fP, and \fIUSER\fP. -\fIHOME\fP and \fISHELL\fP are modified as above. \fIUSER\fP is set to -the target login. \fIPATH\fP is set to ``/usr/ucb:/bin:/usr/bin''. -\fITERM\fP is imported from your current environment. The invoked shell -is the target login's, and \fIksu\fP will change directory to the target -login's home directory. -.PP -The \fI-m\fP option causes the environment to remain unmodified, and -the invoked shell to be your login shell. No directory changes are -made. As a security precaution, if the -.I -m -option is specified, the target user's shell is a non-standard shell -(as defined by \fIgetusershell\fP(3)) and the caller's real uid is -non-zero, -.I su -will fail. -.PP -If the invoked shell is \fIcsh\fP, the \fI-f\fP option prevents it from -reading the \fI.cshrc\fP file. Otherwise, this option is ignored. -.PP -Only users with root instances listed in /\&.klogin may \fIksu\fP to -``root'' (The format of this file is described by \fIrlogin\fP(1).). When -attempting root access, \fIksu\fP attempts to fetch a -ticket-granting-ticket for ``username.root@localrealm'', where -\fIusername\fP is the username of the process. If possible, the tickets -are used to obtain, use, and verify tickets for the service -``rcmd.host@localrealm'' where \fIhost\fP is the canonical host name (as -determined by -.IR krb_get_phost (3)) -of the machine. If this verification -fails, the \fIksu\fP is disallowed (If the service -``rcmd.host@localrealm'' is not registered, the \fIksu\fP is allowed.). -.PP -By default (unless the prompt is reset by a startup file) the super-user -prompt is set to ``#'' to remind one of its awesome power. -.PP -When not attempting to switch to the ``root'' user, -.I ksu -behaves exactly like -.IR su (1). -.SH "SEE ALSO" -su(1), csh(1), login(1), rlogin(1), sh(1), krb_get_phost(3), passwd(5), -group(5), environ(7) diff --git a/eBones/man/rcp.1 b/eBones/man/rcp.1 deleted file mode 100644 index 1f298f6..0000000 --- a/eBones/man/rcp.1 +++ /dev/null @@ -1,129 +0,0 @@ -.\" from: rcp.1,v 4.1 89/01/23 11:39:00 jtkohl Exp $ -.\" $Id: rcp.1,v 1.2 1994/07/19 19:28:00 g89r4222 Exp $ -.\" -.\" Copyright (c) 1983 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)rcp.1 6.6 (Berkeley) 9/20/88 -.\" -.TH RCP 1 "Kerberos Version 4.0" "MIT Project Athena" -.UC 5 -.SH NAME -rcp \- remote file copy -.SH SYNOPSIS -.B rcp -[ -.B \-p -] [ -.B \-x -] [ -.B \-k -realm ] file1 file2 -.br -.B rcp -[ -.B \-p -] [ -.B \-x -] [ -.B \-k -realm ] [ -.B \-r -] file ... directory -.SH DESCRIPTION -.I Rcp -copies files between machines. Each -.I file -or -.I directory -argument is either a remote file name of the -form ``rhost:path'', or a local file name (containing no `:' characters, -or a `/' before any `:'s). -.PP -If the -.B \-r -option -is specified and any of the source files are directories, -.I rcp -copies each subtree rooted at that name; in this case -the destination must be a directory. -.PP -By default, the mode and owner of -.I file2 -are preserved if it already existed; otherwise the mode of the source file -modified by the -.IR umask (2) -on the destination host is used. -The -.B \-p -option causes -.I rcp -to attempt to preserve (duplicate) in its copies the modification -times and modes of the source files, ignoring the -.IR umask . -.PP -If -.I path -is not a full path name, it is interpreted relative to -your login directory on -.IR rhost . -A -.I path -on a remote host may be quoted (using \e, ", or \(aa) -so that the metacharacters are interpreted remotely. -.PP -.I Rcp -does not prompt for passwords; it uses Kerberos authentication when -connecting to -.IR rhost . -Authorization is as described in -.IR rlogin (1). -.PP -The -.B \-x -option selects encryption of all information transferring between hosts. -The -.B \-k -.I realm -option causes -.I rcp -to obtain tickets for the remote host in -.I realm -instead of the remote host's realm as determined by -.IR krb_realmofhost (3). -.PP -.I Rcp -handles third party copies, where neither source nor target files -are on the current machine. -Hostnames may also take the form ``rname@rhost'' to use -.I rname -rather than the current user name on the remote host. -.SH SEE ALSO -cp(1), ftp(1), rsh(1), rlogin(1), kerberos(3), krb_getrealm(3), -rcp(1) [UCB version] -.SH BUGS -Doesn't detect all cases where the target of a copy might -be a file in cases where only a directory should be legal. -.PP -Is confused by any output generated by commands in a -\&.login, \&.profile, or \&.cshrc file on the remote host. -.PP -The destination user and hostname may have to be specified as -``rhost.rname'' when the destination machine is running the 4.2BSD -version of \fIrcp\fP. -.PP -Kerberos is only used for the first connection of a third-party copy; -the second connection uses the standard Berkeley rcp protocol. - diff --git a/eBones/man/realm.point b/eBones/man/realm.point deleted file mode 100644 index 9c6940f..0000000 --- a/eBones/man/realm.point +++ /dev/null @@ -1 +0,0 @@ -.so man3/krb_realmofhost.3 diff --git a/eBones/man/rlogin.1 b/eBones/man/rlogin.1 deleted file mode 100644 index 3e0dc62..0000000 --- a/eBones/man/rlogin.1 +++ /dev/null @@ -1,199 +0,0 @@ -.\" from: rlogin.1,v 4.2 89/11/02 11:20:39 jtkohl Exp $ -.\" $Id: rlogin.1,v 1.2 1994/07/19 19:28:01 g89r4222 Exp $ -.\" -.\" Copyright (c) 1983 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)rlogin.1 6.9 (Berkeley) 9/19/88 -.\" -.TH RLOGIN 1 "Kerberos Version 4.0" "MIT Project Athena" -.UC 5 -.SH NAME -rlogin \- remote login -.SH SYNOPSIS -.B rlogin -rhost [ -\fB\-e\fR\fI\|c\fR -] [ -.B \-8 -] [ -.B \-c -] [ -.B \-a -] [ -.B \-t -termtype ] [ -.B \-n -] [ -.B \-7 -] [ -.B \-d -] [ -.B \-k -realm ] [ -.B \-x -] [ -.B \-noflow -] [ -.B \-L -] [ -.B \-l -username ] -.br -rhost [ -\fB\-e\fR\fIc\fR -] [ -.B \-8 -] [ -.B \-c -] [ -.B \-a -] [ -.B \-t -termtype ] [ -.B \-n -] [ -.B \-7 -] [ -.B \-d -] [ -.B \-k -realm ] [ -.B \-x -] [ -.B \-noflow -] [ -.B \-L -] [ -.B \-l -username ] -.SH DESCRIPTION -.I Rlogin -connects your terminal on the current local host system -.I lhost -to the remote host system -.I rhost. -.PP -The version built to use Kerberos authentication is very similar to the -standard Berkeley rlogin(1), except that instead of the \fIrhosts\fP -mechanism, it uses Kerberos authentication to determine the -authorization to use a remote account. -.PP -Each user may have a private authorization list in a file \&.klogin -in his login directory. Each line in this file should contain a -Kerberos principal name of the form -.IR principal.instance@realm . -If the originating user is authenticated to one of the principals named -in \&.klogin, access is granted to the account. The principal -\fIaccountname\fP.@\fIlocalrealm\fP is granted access if there is no -\&.klogin file. -Otherwise -a login and password will be prompted for on the remote machine as in -.IR login (1). -To avoid some security problems, the \&.klogin file must be owned by -the remote user. -.PP -If there is some problem in marshaling the Kerberos authentication -information, an error message is printed and the standard UCB rlogin is -executed in place of the Kerberos rlogin. -.PP -A line of the form ``~.'' disconnects from the remote host, where -``~'' is the escape character. -Similarly, the line ``~^Z'' (where ^Z, control-Z, is the suspend character) -will suspend the rlogin session. -Substitution of the delayed-suspend character (normally ^Y) -for the suspend character suspends the send portion of the rlogin, -but allows output from the remote system. -.PP -The remote terminal type is the same as your local -terminal type (as given in your environment TERM variable), unless the -.B \-t -option is specified (see below). -The terminal or window size is also copied to the remote system -if the server supports the option, -and changes in size are reflected as well. -.PP -All echoing takes place at the remote site, so that (except for -delays) the rlogin is transparent. Flow control via ^S and ^Q and -flushing of input and output on interrupts are handled properly. -.PP -The -.B \-8 -option allows an eight-bit input data path at all times; -otherwise parity bits are stripped except when the remote side's -stop and start characters are other than ^S/^Q. Eight-bit mode is the default. -.PP -The -.B \-L -option allows the rlogin session to be run in litout mode. -.PP -The -.B \-e -option allows specification of a different escape character. -There is no space separating this option flag and the new escape -character. -.PP -The -.B \-c -option requires confirmation before disconnecting via ``~.'' -.PP -The -.B \-a -option forces the remote machine to ask for a password by sending a null local -username. This option has no effect unless the standard UCB rlogin is -executed in place of the Kerberos rlogin (see above). -.PP -The -.B \-t -option replaces the terminal type passed to the remote host with -\fItermtype\fP. -.PP -The -.B \-n -option prevents suspension of rlogin via ``~^Z'' or ``~^Y''. -.PP -The -.B \-7 -option forces seven-bit transmissions. -.PP -The -.B \-d -option turns on socket debugging (via \fIsetsockopt(2)\fR) on the TCP -sockets used for communication with the remote host. -.PP -The -.B \-noflow -option forces transmission of flow control characters (^S/^Q) to the -remote system. -.PP -The -.B \-k -option requests rlogin to obtain tickets for the remote host in realm -.I realm -instead of the remote host's realm as determined by -.IR krb_realmofhost (3). -.PP -The -.B \-x -option turns on DES encryption for all data passed via the -rlogin session. This significantly reduces response time and -significantly increases CPU utilization. -.SH SEE ALSO -rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), -rlogin(1) [UCB version] -.SH FILES -/usr/hosts/* for \fIrhost\fP version of the command -.SH BUGS -More of the environment should be propagated. diff --git a/eBones/man/rsh.1 b/eBones/man/rsh.1 deleted file mode 100644 index 8d0974c..0000000 --- a/eBones/man/rsh.1 +++ /dev/null @@ -1,152 +0,0 @@ -.\" from: rsh.1,v 4.1 89/01/23 11:39:11 jtkohl Exp $ -.\" $Id: rsh.1,v 1.2 1994/07/19 19:28:03 g89r4222 Exp $ -.\" -.\" Copyright (c) 1983 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms are permitted -.\" provided that the above copyright notice and this paragraph are -.\" duplicated in all such forms and that any documentation, -.\" advertising materials, and other materials related to such -.\" distribution and use acknowledge that the software was developed -.\" by the University of California, Berkeley. The name of the -.\" University may not be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -.\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. -.\" -.\" @(#)rsh.1 6.2 (Berkeley) 9/20/88 -.\" -.TH RSH 1 "Kerberos Version 4.0" "MIT Project Athena" -.UC 5 -.SH NAME -rsh \- remote shell -.SH SYNOPSIS -.B rsh -host -[ -.B \-l -username -] [ -.B \-n -] [ -.B \-d -] [ -.B \-k -realm ] command -.br -host -[ -.B \-l -username -] [ -.B \-n -] [ -.B \-d -] [ -.B \-k -realm ] command -.SH DESCRIPTION -.I Rsh -connects to the specified -.I host, -and executes the specified \fIcommand\fR. -.I Rsh -copies its standard input to the remote command, the standard -output of the remote command to its standard output, and the -standard error of the remote command to its standard error. -Interrupt, quit and terminate signals are propagated to the remote -command; \fIrsh\fP normally terminates when the remote command does. -.PP -The remote username used is the same as your local username, -unless you specify a different remote name with the -.B \-l -option. -Kerberos authentication is used, and authorization is determined as in -rlogin(1). -.PP -The -.B \-k -\fIrealm\fP option causes -.I rsh -to obtain tickets for the remote host in -.I realm -instead of the remote host's realm as determined by -.IR krb_realmofhost (3). -.PP -The -.B \-d -option turns on socket debugging (via \fIsetsockopt(2)\fR) on the TCP -sockets used for communication with the remote host. -.PP -The -.B \-n -option redirects input from the special device -.I /dev/null -(see the BUGS section below). -.PP -If you omit -.I command, -then instead of executing a single command, you will be logged in -on the remote host using -.IR rlogin (1). -.PP -Shell metacharacters which are not quoted are interpreted -on local machine, while quoted metacharacters are interpreted on -the remote machine. -Thus the command -.PP -\ \ \ rsh otherhost cat remotefile >> localfile -.PP -appends the remote file -.I remotefile -to the local file -.I localfile, -while -.PP -\ \ \ rsh otherhost cat remotefile ">>" otherremotefile -.PP -appends -.I remotefile -to -.I otherremotefile. -.PP -The host names for local machines are also commands in the directory -/usr/hosts; if you put this directory in your search path -then the -.B rsh -on the command line can be omitted. -.SH FILES -.ta 2i -/etc/hosts -.br -/usr/hosts/* -.DT -.SH SEE ALSO -rlogin(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3) -.SH BUGS -If you are using -.IR csh (1) -and put a -.IR rsh (1) -in the background without redirecting its input -away from the terminal, it will block even if no reads -are posted by the remote command. If no input is desired -you should redirect the input of -.I rsh -to /dev/null using the -.B \-n -option. -.PP -You cannot run an interactive command -(like -.IR rogue (6) -or -.IR vi (1)); -use -.IR rlogin (1). -.PP -Stop signals stop the local \fIrsh\fP process only; this is arguably -wrong, but currently hard to fix for reasons too complicated to -explain here. diff --git a/eBones/man/tcom.8 b/eBones/man/tcom.8 deleted file mode 100644 index 23317cc..0000000 --- a/eBones/man/tcom.8 +++ /dev/null @@ -1,54 +0,0 @@ -.\" from: tcom.8,v 4.2 89/05/03 14:34:53 jtkohl Exp $ -.\" $Id: tcom.8,v 1.2 1994/07/19 19:28:04 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH TCOM 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -tcom \- control operation of server tftp daemon -.SH SYNOPSIS -tcom -.SH DESCRIPTION -.I Tcom -is a program to control the execution of the server trivial file transfer -daemon. It sends user commands to the daemon by writing them into a -shared file and signalling the daemon; it watches the daemon's log to -obtain the results of the commands. The following commands are supported: -.TP 20 -help -display a list of commands -.TP -input trace on|off -turn tracing of input packets on or off -.TP -output trace on|off -turn tracing of output packets on or off -.TP -trace on|off -turn all packet tracing on or off -.TP -times -display server parent and children process times -.TP -uptime -display daemon up time -.TP -exit -force daemon to shut down and exit -.SH FILES -.TP 20 -/tftpd/lock -lock file containing daemon's PID -.TP -/tftpd/command -command file to daemon -.TP -/tftpd/slog -daemon's log file -.SH "SEE ALSO" -tftpd (8) -.SH BUGS -Two tcom's running at the same time will result in chaos. Also, -watching the daemon's log file uses a lot of CPU time. diff --git a/eBones/man/tftp.1 b/eBones/man/tftp.1 deleted file mode 100644 index 4abd7ac..0000000 --- a/eBones/man/tftp.1 +++ /dev/null @@ -1,66 +0,0 @@ -.\" from: tftp.1,v 4.1 89/01/23 11:36:23 jtkohl Exp $ -.\" $Id: tftp.1,v 1.2 1994/07/19 19:28:07 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH TFTP 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -tftp \- trivial file transfer protocol -.SH SYNOPSIS -.B tftp --action localname host foreignname [mode] -.SH DESCRIPTION -If -.I action -is -.B w, -.B p, -or -.B ap, -.I tftp -writes the local file, called localname, onto the foreign host's -file system as foreignname. If -.I action -is -.B ap, -Kerberos authentication is used. -Note that foreignname must be quoted if it -contains shell special characters. If -.I action -is -.B r, -.B g, -or -.B ag, -.I tftp -reads foreign host's file foreignname into the local file, -localname. If -.I action -is -.B ag, -Kerberos authentication is used. -.I Tftp -will not supersede or overwrite existing local files, however; to do so, -use -.I action -.B o. -.sp 2 -.I Mode -may be -.B netascii, -or -.B image. -Netascii, the default mode, transfers -the file as standard ascii characters. Image mode transfers -the file in binary, with no character conversion. -.sp 1 -If Kerberos authentication is not used with -.B tftp, -access will be denied unless the remote and local host are on the same -local-area network. -.SH "SEE ALSO" -.nf -\fIInternet Protocol Handbook\fR -kerberosintro(1) diff --git a/eBones/man/tftpd.8 b/eBones/man/tftpd.8 deleted file mode 100644 index 22a7fe8..0000000 --- a/eBones/man/tftpd.8 +++ /dev/null @@ -1,39 +0,0 @@ -.\" from: tftpd.8,v 4.1 89/01/23 11:36:12 jtkohl Exp $ -.\" $Id: tftpd.8,v 1.2 1994/07/19 19:28:08 g89r4222 Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH TFTPD 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -tftpd \- server tftp daemon -.SH SYNOPSIS -.B /etc/tftpd -.SH DESCRIPTION -.I Tftpd -is a daemon which runs the trivial file transfer protocol server for the -MIT Internet software. It listens for incoming connections, and forks a -child to perform each requested transfer. It uses the directory -.IR /tftpd ; -the file -.I lock -in that directory is used to prevent two daemons from becoming -active simultaneously; it also contains the daemon's process ID, -which is used by the tftp command program -.IR tcom (8) -to control the daemon's operation. -.SH FILES -.br -.TP 20n -/tftpd/lock -interlock, PID storage -.TP -/dev/net -the network device -.i0 -.dt -.SH "SEE ALSO" -tftp (1), tcom (8) -.br -\fIInternet Protocol Handbook\fR diff --git a/eBones/register/pathnames.h b/eBones/register/pathnames.h deleted file mode 100644 index 611c54f..0000000 --- a/eBones/register/pathnames.h +++ /dev/null @@ -1,39 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/1/93 - */ - -#define SERVER_KEYDIR "/etc/kerberosIV/register_keys" -#define CLIENT_KEYFILE "/etc/kerberosIV/.update.key" -#define KEYFILE_BASE ".update.key" -#define _PATH_KPASSWD "/usr/bin/passwd" diff --git a/eBones/register/register.1 b/eBones/register/register.1 deleted file mode 100644 index d8bf104..0000000 --- a/eBones/register/register.1 +++ /dev/null @@ -1,63 +0,0 @@ -.\" Copyright (c) 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)register.1 8.1 (Berkeley) 6/1/93 -.\" -.TH REGISTER 1 "June 1, 1993" -.UC 7 -.SH NAME -register \- register with Kerberos -.SH SYNOPSIS -.B register -.SH DESCRIPTION -The -.I register -command -is used to register a new user with Kerberos. -The Kerberos server keeps record of certain trusted hosts -from which it will accept new registrations. -If the host on which -.I register -is run is trusted by Kerberos, the user -is asked for his current password, and then -a new password to be used with Kerberos. -A user may only register with Kerberos one time. -.SH FILES -.br -/.update.keyxx.xx.xx.xx shared DES key with server -.SH "SEE ALSO" -registerd(8), kerberos(1) -.SH DIAGNOSTICS -\*(lqPrincipal not unique\*(rq -if the user already exists in the Kerberos database. -.br -\*(lqPermission Denied,\*(rq -if the host on which register is being run is untrusted. diff --git a/eBones/register/register_proto.h b/eBones/register/register_proto.h deleted file mode 100644 index 5478949..0000000 --- a/eBones/register/register_proto.h +++ /dev/null @@ -1,43 +0,0 @@ -/*- - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)register_proto.h 8.1 (Berkeley) 6/1/93 - */ - -#define APPEND_DB 0x01 -#define ABORT 0x02 - -#define GOTKEY_MSG "GOTKEY" - -struct keyfile_data { - C_Block kf_key; -}; diff --git a/eBones/registerd/registerd.8 b/eBones/registerd/registerd.8 deleted file mode 100644 index 7ceff75..0000000 --- a/eBones/registerd/registerd.8 +++ /dev/null @@ -1,69 +0,0 @@ -.\" Copyright (c) 1990, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)registerd.8 8.2 (Berkeley) 12/11/93 -.\" -.Dd December 11, 1993 -.Dt REGISTERD 8 -.Os -.Sh NAME -.Nm registerd -.Nd Kerberos registration daemon -.Sh SYNOPSIS -.Nm registerd -.Sh DESCRIPTION -Act as a registration agent for a Kerberos domain. -.Sh FILES -.Bl -tag -width /etc/kerberosIV/register_keys -compact -.It Pa /.update.keyxx.xx.xx.xx -shared -.Tn DES -key with server -.It Pa /etc/kerberosIV/principal* -Kerberos database -.It Pa /etc/kerberosIV/register_keys -directory containing keys for trusted hosts -.El -.Sh SEE ALSO -.Xr registerd 8 , -.Xr kerberos 1 -.Sh DIAGNOSTICS -.Dq Already exists , -if the user already exists in the Kerberos database. -.Pp -.Dq Permission Denied , -if the host on which register is being run is untrusted. -.Sh HISTORY -The -.Nm registerd -utility -first appeared in 4.4BSD. - diff --git a/eBones/usr.bin/telnet/krb4-proto.h b/eBones/usr.bin/telnet/krb4-proto.h deleted file mode 100644 index 75f6d41..0000000 --- a/eBones/usr.bin/telnet/krb4-proto.h +++ /dev/null @@ -1,207 +0,0 @@ -#ifdef __STDC__ -# define P(s) s -#else -# define P(s) () -#endif - -/* add_ticket.c */ -int add_ticket P((KTEXT , int , char *, int , char *, char *, char *, int , KTEXT )); - -/* cr_err_reply.c */ -void cr_err_reply P((KTEXT , char *, char *, char *, u_long , u_long , char *)); - -/* create_auth_reply.c */ -KTEXT create_auth_reply P((char *, char *, char *, long , int , unsigned long , int , KTEXT )); - -/* create_ciph.c */ -int create_ciph P((KTEXT , C_Block , char *, char *, char *, unsigned long , int , KTEXT , unsigned long , C_Block )); - -/* create_death_packet.c */ -KTEXT krb_create_death_packet P((char *)); - -/* create_ticket.c */ -int krb_create_ticket P((KTEXT , unsigned int , char *, char *, char *, long , char *, int , long , char *, char *, C_Block )); - -/* debug_decl.c */ - -/* decomp_ticket.c */ -int decomp_ticket P((KTEXT , unsigned char *, char *, char *, char *, unsigned long *, C_Block , int *, unsigned long *, char *, char *, C_Block , Key_schedule )); - -/* dest_tkt.c */ -int dest_tkt P((void )); - -/* extract_ticket.c */ -int extract_ticket P((KTEXT , int , char *, int *, int *, char *, KTEXT )); - -/* fgetst.c */ -int fgetst P((FILE *, char *, int )); - -/* get_ad_tkt.c */ -int get_ad_tkt P((char *, char *, char *, int )); - -/* get_admhst.c */ -int krb_get_admhst P((char *, char *, int )); - -/* get_cred.c */ -int krb_get_cred P((char *, char *, char *, CREDENTIALS *)); - -/* get_in_tkt.c */ -int krb_get_pw_in_tkt P((char *, char *, char *, char *, char *, int , char *)); -int placebo_read_password P((des_cblock *, char *, int )); -int placebo_read_pw_string P((char *, int , char *, int )); - -/* get_krbhst.c */ -int krb_get_krbhst P((char *, char *, int )); - -/* get_krbrlm.c */ -int krb_get_lrealm P((char *, int )); - -/* get_phost.c */ -char *krb_get_phost P((char *)); - -/* get_pw_tkt.c */ -int get_pw_tkt P((char *, char *, char *, char *)); - -/* get_request.c */ -int get_request P((KTEXT , int , char **, char **)); - -/* get_svc_in_tkt.c */ -int krb_get_svc_in_tkt P((char *, char *, char *, char *, char *, int , char *)); - -/* get_tf_fullname.c */ -int krb_get_tf_fullname P((char *, char *, char *, char *)); - -/* get_tf_realm.c */ -int krb_get_tf_realm P((char *, char *)); - -/* getopt.c */ -int getopt P((int , char **, char *)); - -/* getrealm.c */ -char *krb_realmofhost P((char *)); - -/* getst.c */ -int getst P((int , char *, int )); - -/* in_tkt.c */ -int in_tkt P((char *, char *)); - -/* k_gethostname.c */ -int k_gethostname P((char *, int )); - -/* klog.c */ -char *klog P((int , char *, int , int , int , int , int , int , int , int , int , int )); -int kset_logfile P((char *)); - -/* kname_parse.c */ -int kname_parse P((char *, char *, char *, char *)); -int k_isname P((char *)); -int k_isinst P((char *)); -int k_isrealm P((char *)); - -/* kntoln.c */ -int krb_kntoln P((AUTH_DAT *, char *)); - -/* krb_err_txt.c */ - -/* krb_get_in_tkt.c */ -int krb_get_in_tkt P((char *, char *, char *, char *, char *, int , int (*key_proc )(), int (*decrypt_proc )(), char *)); - -/* kuserok.c */ -int kuserok P((AUTH_DAT *, char *)); - -/* log.c */ -void log P((char *, int , int , int , int , int , int , int , int , int , int )); -int set_logfile P((char *)); -int new_log P((long , char *)); - -/* mk_err.c */ -long krb_mk_err P((u_char *, long , char *)); - -/* mk_priv.c */ -long krb_mk_priv P((u_char *, u_char *, u_long , Key_schedule , C_Block , struct sockaddr_in *, struct sockaddr_in *)); - -/* mk_req.c */ -int krb_mk_req P((KTEXT , char *, char *, char *, long )); -int krb_set_lifetime P((int )); - -/* mk_safe.c */ -long krb_mk_safe P((u_char *, u_char *, u_long , C_Block *, struct sockaddr_in *, struct sockaddr_in *)); - -/* month_sname.c */ -char *month_sname P((int )); - -/* netread.c */ -int krb_net_read P((int , char *, int )); - -/* netwrite.c */ -int krb_net_write P((int , char *, int )); - -/* one.c */ - -/* pkt_cipher.c */ -KTEXT pkt_cipher P((KTEXT )); - -/* pkt_clen.c */ -int pkt_clen P((KTEXT )); - -/* rd_err.c */ -int krb_rd_err P((u_char *, u_long , long *, MSG_DAT *)); - -/* rd_priv.c */ -long krb_rd_priv P((u_char *, u_long , Key_schedule , C_Block , struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); - -/* rd_req.c */ -int krb_set_key P((char *, int )); -int krb_rd_req P((KTEXT , char *, char *, long , AUTH_DAT *, char *)); - -/* rd_safe.c */ -long krb_rd_safe P((u_char *, u_long , C_Block *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *)); - -/* read_service_key.c */ -int read_service_key P((char *, char *, char *, int , char *, char *)); - -/* recvauth.c */ -int krb_recvauth P((long , int , KTEXT , char *, char *, struct sockaddr_in *, struct sockaddr_in *, AUTH_DAT *, char *, Key_schedule , char *)); - -/* save_credentials.c */ -int save_credentials P((char *, char *, char *, C_Block , int , int , KTEXT , long )); - -/* send_to_kdc.c */ -int send_to_kdc P((KTEXT , KTEXT , char *)); - -/* sendauth.c */ -int krb_sendauth P((long , int , KTEXT , char *, char *, char *, u_long , MSG_DAT *, CREDENTIALS *, Key_schedule , struct sockaddr_in *, struct sockaddr_in *, char *)); -int krb_sendsvc P((int , char *)); - -/* setenv.c */ -int setenv P((char *, char *, int )); -void unsetenv P((char *)); -char *getenv P((char *)); -char *_findenv P((char *, int *)); - -/* stime.c */ -char *stime P((long *)); - -/* tf_shm.c */ -int krb_shm_create P((char *)); -int krb_is_diskless P((void )); -int krb_shm_dest P((char *)); - -/* tf_util.c */ -int tf_init P((char *, int )); -int tf_get_pname P((char *)); -int tf_get_pinst P((char *)); -int tf_get_cred P((CREDENTIALS *)); -int tf_close P((void )); -int tf_save_cred P((char *, char *, char *, C_Block , int , int , KTEXT , long )); - -/* tkt_string.c */ -char *tkt_string P((void )); -void krb_set_tkt_string P((char *)); - -/* util.c */ -int ad_print P((AUTH_DAT *)); -int placebo_cblock_print P((des_cblock )); - -#undef P -- cgit v1.1