krb_set_srvtab_string(3krb) [ultrix man page]
krb_set_tkt_string(3krb) krb_set_tkt_string(3krb) Name krb_set_tkt_string, krb_set_srvtab_string - Environmental setup of the Kerberos libraries Syntax #include <krb.h> void krb_set_tkt_string (filename) char *filename void krb_set_srvtab_string (filename) char *filename Arguments filename The filename of the Kerberos ticket cache file or the name of the service table file. Description The routine sets the default name of the file that holds a cache of service tickets and associated session keys belonging to a Kerberos principal. The routine accepts a filename for the cache and copies this name into the local storage of The default before any calls to is is the user ID of the process that calls You should call krb_set_tkt_string during Kerberos initialization to assure that any routines called later receive the proper name if they require the filename of the cache. The routine sets the default name of the file that stores the keys of the Kerberos applications running on the local host. The routine accepts a filename for the service table file and copies this name into the local storage of You should call krb_set_srvtab_string during the Kerberos initialization of a service to assure that any subsequently called routines that require the filename of the service table receive the proper name. The default, before any calls to the string, is Files See Also kerberos(3krb), krb_sendauth(3krb), krb_sendmutual(3krb) krb_set_tkt_string(3krb)
Check Out this Related Man Page
krb_svc_init(3krb) krb_svc_init(3krb) Name krb_svc_init, krb_get_svc_in_tkt, krb_get_pw_in_tkt - Kerberos authentication initialization routines Syntax #include <krb.h> #include <des.h> krb_svc_init (user, instance, realm, lifetime, srvtab_file, tkt_file) char *user, *instance, *realm; int lifetime; char *srvtab_file, *tkt_file; krb_get_svc_in_tkt (user, instance, realm, service, service_instance, lifetime, srvtab_file) char *user, *instance, *realm, *service,; char *service_instance; int lifetime; char *srvtab_file; krb_get_pw_in_tkt (user, instance, realm, service, service_instance, lifetime, password) char *user, *instance, *realm,; char *service, *service_instance; int lifetime; char *password; Arguments user For and the primary name of the principal that is obtaining a ticket that will authenticate it to principal, service. For the primary name of the principal that is obtaining a ticket to communicate with the ticket-granting service. instance For and the instance name of the principal that is obtaining a ticket that will authenticate it to principal, service. For the instance name of the principal that is obtaining a ticket to communicate with the ticket-granting service. realm For and the realm name of the principal that is obtaining a ticket that will authenticate it to principal, service. For the realm name of the principal that is obtaining a ticket to communicate with the ticket-granting service. service The primary name of the service for which a ticket will be obtained. service_instance The instance of the service for which a ticket will be obtained. lifetime The number of five-minute intervals for which the obtained ticket should be valid. Values greater than 255 will be set to 255. Values greater than the maximum lifetime allowed for tickets given to the requesting principal will be set to the maximum lifetime allowed. The maximum lifetime of the tickets granted to a principal is determined when the principal is added to the Kerberos database. srvtab_file The path name of the file that contains the key of the principal obtaining a ticket. If this value is set to the NULL pointer, the default service table (srvtab) file value is used. The default srvtab file value is set by default to although this value can be changed by a call to the function. (Refer to tkt_file The path name of the file into which the credentials and tickets of the user or service should be placed. If the tkt_file parame- ter is equal to the NULL pointer, then the default ticket file value is used. The default ticket file value is set equal to is the user ID of the process that calls the above functions. The default ticket file value can be changed by the function call. password The password of the principal that is obtaining a ticket that will authenticate it to principal, service. If the password input is the NULL string, then will prompt for a password on and read the password from Description The routines are designed to obtain for the requesting principal a ticket to communicate with a specific service. They require that the password/key of the requesting principal be either available as an argument, or available from the srvtab_file argument or from Since the routines always require a password, they are best used to obtain the ticket used to communicate with the ticket-granting service. The ticket-granting ticket is used by the other Kerberos routines to obtain tickets to communicate with principals other than the ticket-grant- ing service, without needing the key of the principal. The routines as well as the routines will not work as intended without the presence of a ticket-granting ticket. The routines of are as follows: krb_svc_init For the principal with a primary name of user, an instance name of instance, and a realm name of realm, the routine obtains a ticket that the principal can use to communicate with the ticket-granting service. The key of the principal is read from srvtab_file and the ticket obtained is placed in tkt_file. If the realm argument is equivalent to the NULL string, then the realm of which the local host is a member, is used by default. If life- time is equivalent to 0, then the default lifetime, 255, is used. If srvtab_file is not equivalent to the NULL string, then the srvtab_file parameter is used as the service table (srvtab) file name and the default srvtab file is set equal to the srvtab_file parame- ter. If srvtab_file is equivalent to NULL, then the default srvtab file is used. If the tkt_file parameter is not equivalent to the NULL string, then the tkt_file parameter is used as the ticket file name and the default ticket file is set equal to the tkt_file parameter. If the tkt_file parameter is NULL, then the default ticket file value is used. returns INT_OK if has successfully obtained a ticket-granting ticket. The following is a list of most of the error values returned from and their possible cause: KFAILURE The file (see cannot be opened or it is not properly formed, or The service table (srvtab) file does not exist, or A read of the srvtab file failed, or The srvtab file is badly formatted, or The srvtab file did not contain the key of the principal with primary name, user, or A write to the ticket file failed. SKDC_CANT A Kerberos server must be contacted so that can perform its function, but the attempt cannot be made because a socket cannot be opened or bound, or there is no Kerberos server listed in SKDC_RETRY A Kerberos server needs to be contacted, but none responded even after several attempts. INTK_PROT Kerberos protocol version mismatch. The version of the Kerberos protocol supported by does not match the Kerberos protocol ver- sion supported by the daemon. INTK_BADPW The ticket returned by the daemon did not decrypt correctly. This is usually caused by an incorrect service password. INTK_ERR The ticket sent from the daemon was not a ticket to communicate with the ticket-granting service, or The ticket file cannot be accessed, or The ticket file could not be created, or A write operation to the ticket file failed. TKT_FIL_LCK The ticket file could not be locked for access. krb_get_svc_in_tkt For the principal with a primary name of user, an instance name of instance and a realm name of realm, the routine obtains a ticket to com- municate with the principal that has a primary name of service and an instance name of service_instance. The key of the requesting primary is read from the file srvtab_file and the tickets are placed in the default ticket file. If the srvtab_file argument is equivalent to the NULL string, then the default srvtab file value is used instead of the srvtab_file parameter. The default srvtab file value and default ticket file value can be changed respectively by and To obtain the ticket-granting ticket, the service parameter must be set equal to "krbtgt" and the service_instance argument must be set equal to the realm name of the local realm. returns INT_OK if has successfully obtained a ticket to communicate with principal, service. The following is a list of most of the error values returned from and their possible causes: KFAILURE The file cannot be opened or it is not properly formed, or A read of the service table (srvtab) file failed, or The srvtab file did not contain the key of the principal with primary name, user, or A write to the ticket file failed. SKDC_CANT A Kerberos server must be contacted in order for to perform its function, but the attempt cannot be made because a socket cannot be opened or bound, or there is no Kerberos server listed in SKDC_RETRY A Kerberos server needs to be contacted but none responded even after several attempts. INTK_PROT Kerberos protocol version mismatch. The version of the Kerberos protocol supported by does not match the Kerberos protocol ver- sion supported by the daemon. INTK_BADPW The ticket returned by the daemon did not decrypt correctly. This is usually caused by an incorrect service password. INTK_ERR The ticket sent from the daemon was not a ticket to communicate with the ticket-granting service, or The ticket file cannot be accessed, or The ticket file could not be created, or A write operation to the ticket file failed. TKT_FIL_LCK The ticket file could not be locked for access. krb_get_pw_in_tkt For the principal with a primary name of user, an instance name of instance, and a realm name of realm, the routine obtains a ticket to communicate with the principal with a primary name of service and an instance name of service_instance. The key of the principal must be input either as the password parameter or, if the password field is equivalent to the NULL string, the password must be input from The tickets that are obtained are placed in the default ticket file. The default ticket file can be changed by the function. To obtain the ticket-granting ticket, the service parameter must be set equal to "krbtgt" and the service_instance argument must be set equal to the realm name of the local realm. returns INT_OK if has successfully obtained a ticket to communicate with principal, service. The following is a list of most of the error values returned from and their possible causes: KFAILURE file cannot be opened or it is not properly formed. A write to the ticket file failed. SKDC_CANT A Kerberos server must be contacted in order for to perform its function but the attempt cannot be made because a socket cannot be opened or bound, or there is no Kerberos server listed in SKDC_RETRY A Kerberos server needs to be contacted but none responded even after several attempts. INTK_PROT Kerberos protocol version mismatch. The version of the Kerberos protocol supported by does not match the Kerberos protocol ver- sion supported by the daemon. INTK_BADPW The ticket returned by the daemon did not decrypt correctly. This is usually caused by an incorrect user password. INTK_ERR The ticket sent from the daemon was not a ticket to communicate with the ticket-granting service, or The ticket file cannot be accessed, or The ticket file could not be created, or A write operation to the ticket file failed. TKT_FIL_LCK The ticket file could not be locked for access. See Also krb_get_lrealm(3krb), krb_set_tkt_string(3krb), kerberos(3krb), krb_sendauth(3krb), kerberos(8krb) krb_svc_init(3krb)