Package heimdal-devel

Header and other development files for Heimdal kerberos

http://www.h5l.org/

Contains files needed to compile and link software using the Heimdal
kerberos headers/libraries.

General Commands (Section 1)
heimdal-krb5-config
krb5-config tells the application programmer what special flags to use to compile and link programs against the libraries installed by Heimdal.
Library Functions (Section 3)
cb_s
Create a handle for a Kerberos database Create a handle for a Kerberos database backend specified by a filename. Doesn't create a file if its doesn't exists...
ecalloc
These functions do the same as the ones without the “e” prefix, but if there is an error they will print a message with errx(3), and exit. For eread and ewrite...
getarg
getarg() collects any command line options given to a program in an easily used way. arg_printusage() pretty-prints the available options, with a short help...
gss_accept_sec_context
Generic Security Service API (GSS-API) version 2, and its C binding, is described in RFC2743 and RFC2744. Version 1 (deprecated) of the C binding is described...
gssapi
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member (OM_uint32 *minor_status, const gss_OID member_oid, gss_OID_set *oid_set)...
gssapi_mechs_intro
GSS-API mechanisms
gssapi_services_intro
Context creationContext creation flagsPer-message services
hcrypto_core
int EVP_CIPHER_CTX_rand_key (EVP_CIPHER_CTX *ctx, void *key) int EVP_CIPHER_CTX_ctrl (EVP_CIPHER_CTX *ctx, int type, int arg, void *data) void...
hcrypto_des
See the DES - Data Encryption Standard crypto interface for description and examples.
hcrypto_dh
See the DH - Diffie-Hellman key exchange for description and examples.
hcrypto_evp
See the EVP - generic crypto interface for description and examples.
hcrypto_misc
int PKCS5_PBKDF2_HMAC_SHA1 (const void *password, size_t password_len, const void *salt, size_t salt_len, unsigned long iter, size_t keylen, void *key)
hcrypto_rand
See the RAND - random number for description and examples.
hcrypto_rsa
See the RSA - public-key cryptography for description and examples.
HDB
HDB backend function pointer structure The HDB structure is what the KDC and kadmind framework uses to query the backend database when talking about principals.
hdb_entry_ex
hdb_entry_ex is a wrapper structure around the hdb_entry structure that allows backends to keep a pointer to the backing store, ie in ->hdb_fetch_kvno(), so...
hx509
int hx509_context_init (hx509_context *context) void hx509_context_free (hx509_context *context)
hx509_ca
See the Hx509 CA functions for description and examples.
hx509_cert
See the The basic certificate for description and examples.
hx509_cms
See the CMS/PKCS7 message functions. for description and examples.
hx509_crypto
int hx509_verify_signature (hx509_context context, const hx509_cert signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const...
hx509_env
int hx509_env_add (hx509_context context, hx509_env *env, const char *key, const char *value) int hx509_env_add_binding (hx509_context context, hx509_env *env...
hx509_error
See the Hx509 error reporting functions for description and examples.
hx509_keyset
See the Certificate store operations for description and examples.
hx509_lock
Generated automatically by Doxygen for Heimdalx509library from the source code.
hx509_misc
void hx509_free_octet_string_list (hx509_octet_string_list *list) void hx509_xfree (void *ptr)
hx509_name
See the PKIX/X.509 Names for description and examples.
hx509_peer
int hx509_peer_info_add_cms_alg (hx509_context, hx509_peer_info, const AlgorithmIdentifier *) int hx509_peer_info_alloc (hx509_context, hx509_peer_info *) void...
hx509_print
void hx509_bitstring_print (const heim_bit_string *, hx509_vprint_func, void *) int hx509_cert_keyusage_print (hx509_context, hx509_cert, char **) void...
hx509_query
Generated automatically by Doxygen for Heimdalx509library from the source code.
hx509_revoke
See the Revocation methods for description and examples.
hx509_verify
void hx509_context_set_missing_revoke (hx509_context context, int flag) int hx509_verify_init_ctx (hx509_context context, hx509_verify_ctx *ctx) void...
internal_v_smechname
There are two name representations in GSS-API: Internal form and Contiguous string ('flat') form. Functions gss_export_name() and gss_import_name() can be used...
kafs
k_hasafs() initializes some library internal structures, and tests for the presence of AFS in the kernel, none of the other functions should be called before...
krb5
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_add_et_list (krb5_context context, void(*func)(struct et_list **)) KRB5_LIB_FUNCTION krb5_error_code...
krb5_425_conv_principal
Converting between version 4 and version 5 principals can at best be described as a mess. A version 4 principal consists of a name, an instance, and a realm. A...
krb5_address
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_sockaddr2address (krb5_context context, const struct sockaddr *sa, krb5_address *addr) KRB5_LIB_FUNCTION...
krb5_appdefault
These functions get application defaults from the appdefaults section of the krb5.conf(5) configuration file. These defaults can be specified per application...
krb5_auth
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_rd_req_ctx (krb5_context, krb5_auth_context *, const krb5_data *, krb5_const_principal, krb5_rd_req_in_ctx...
krb5_auth_con_addflags
The krb5_auth_context structure holds all context related to an authenticated connection, in a similar way to krb5_context that holds the context for the thread...
krb5_c_block_size
The functions starting with krb5_c are compat functions with MIT kerberos. The krb5_enc_data structure holds and encrypted data. There are two public accessable...
krb5_ccache
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_cc_register (krb5_context context, const krb5_cc_ops *ops, krb5_boolean override) KRB5_LIB_FUNCTION...
krb5_ccache_intro
krb5_ccache structure holds a Kerberos credential cache.
krb5_checksum
The krb5_checksum structure holds a Kerberos checksum. There is no component inside krb5_checksum that is directly referable. The functions are used to create...
krb5_check_transited
krb5_check_transited() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the function returns an...
krb5_context
The krb5_init_context() function initializes the context structure and reads the configuration file /etc/krb5.conf. The structure should be freed by calling...
krb5_credential
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_fwd_tgt_creds (krb5_context context, krb5_auth_context auth_context, const char *hostname, krb5_principal...
krb5_creds
Kerberos 5 credential handling functions
krb5_crypto
HEIMDAL_WARN_UNUSED_RESULT_ATTRIBUTE KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_generate_random (void *buf, size_t len) KRB5_LIB_FUNCTION void...
krb5_crypto_iov
Semi private, not stable yet
krb5_deprecated
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_change_password (krb5_context context, krb5_creds *creds, const char *newpw, int *result_code, krb5_data...
krb5_digest
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_digest_probe (krb5_context context, krb5_realm realm, krb5_ccache ccache, unsigned *flags)
krb5_digest_alloc
The krb5_digest_alloc() function allocatates the digest structure. The structure should be freed with krb5_digest_free() when it is no longer being used...
krb5_encrypt
These functions are used to encrypt and decrypt data. krb5_encrypt_ivec() puts the encrypted version of data (of size len) in result. If the encryption type...
krb5_error
KRB5_LIB_FUNCTION char *KRB5_LIB_CALL krb5_get_error_string (krb5_context context) KRB5_DEPRECATED_FUNCTION('Use krb5_get_error_message instead')...
krb5_fileformats
This section documents the diffrent file formats that are used in Heimdal and other Kerberos implementations.keytab The keytab binary format is not a standard...
krb5_find_padata
krb5_find_padata() tries to find the pre-authentication data entry of type type in the array val of length len. The search is started at entry pointed out by...
krb5_get_all_client_addrs
These functions return in addrs a list of addresses associated with the local host. The server variant returns all configured interface addresses (if possible)...
krb5_get_credentials
krb5_get_credentials_with_flags() get credentials specified by in_creds->server and in_creds->client (the rest of the in_creds structure is ignored) by first...
krb5_get_creds
krb5_get_creds() fetches credentials specified by opt by first looking in the ccache, and then it doesn't exists, fetch the credential from the KDC using the...
krb5_get_default_principal
krb5_principal holds the name of a user or service in Kerberos. A principal has two parts, a PrincipalName and a realm. The PrincipalName consists of one or...
krb5_get_default_realm
krb5_copy_host_realm() copies the list of realms from from to to. to should be freed by the caller using krb5_free_host_realm. krb5_free_host_realm() frees all...
krb5_get_init_creds
Getting initial credential ticket for a principal. That may include changing an expired password, and doing preauthentication. This interface that replaces the...
krb5_get_in_tkt
deprecated initial authentication functions
krb5_get_krbhst
These functions implement the old API to get a list of Kerberos hosts, and are thus similar to the krb5_krbhst_init() functions. However, since these functions...
krb5_getportbyname
krb5_getportbyname() gets the port number for service / proto pair from the global service table for and returns it in network order. If it isn't found in the...
krb5_init_creds_intro
Functions to get initial credentials: Heimdal Kerberos 5 credential handing functions .
krb5_initlog
These functions logs messages to one or more destinations. The krb5_openlog() function creates a logging facility, that is used to log messages. A facility...
krb5_introduction
All functions are documented in manual pages. This section tries to give an overview of the major components used in Kerberos library, and point to where to...
krb5_keytab
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_kt_register (krb5_context context, const krb5_kt_ops *ops) KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL...
krb5_keytab_intro
See the library functions here: Heimdal Kerberos 5 keytab handling functions Keytabs are long term key storage for servers, their equvalment of password files...
krb5_krbhst_init
These functions are used to sequence through all Kerberos hosts of a particular realm and service. The service type can be the KDCs, the administrative servers...
krb5_mk_req
The functions documented in this manual page document the functions that facilitates the exchange between a Kerberos client and server. They are the core...
krb5_mk_safe
krb5_mk_safe() and krb5_mk_priv() formats KRB-SAFE (integrity protected) and KRB-PRIV (also encrypted) messages into outbuf. The actual message data is taken...
krb5_pac
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_pac_get_buffer (krb5_context, krb5_pac, uint32_t, krb5_data *) KRB5_LIB_FUNCTION krb5_error_code...
krb5plugin_an2ln_ftable_desc
Description of the krb5_aname_to_lname(3) plugin facility. The krb5_aname_to_lname(3) function is pluggable. The plugin is named KRB5_PLUGIN_AN2LN ('an2ln')...
krb5plugin_db_ftable_desc
Description of the krb5 DB plugin facility. The krb5_aname_to_lname(3) function's DB rule is pluggable. The plugin is named KRB5_PLUGIN_DB ('krb5_db_plug')...
krb5plugin_kuserok_ftable_desc
Description of the krb5_kuserok(3) plugin facility. The krb5_kuserok(3) function is pluggable. The plugin is named KRB5_PLUGIN_KUSEROK ('krb5_plugin_kuserok')...
krb5_principal
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_build_principal (krb5_context, krb5_principal *, int, krb5_const_realm,...) KRB5_LIB_FUNCTION...
krb5_principal_intro
No description.
krb5_pwcheck
These functions perform the quality check for the heimdal database library. There are two versions of the shared object API; the old version (0) is deprecated...
krb5_rcache
The krb5_rcache structure holds a storage element that is used for data manipulation. The structure contains no public accessible elements. krb5_rc_initialize()...
krb5_rd_error
Usually applications never needs to parse and understand Kerberos error messages since higher level functions will parse and push up the error in the...
krb5_rd_safe
krb5_rd_safe() and krb5_rd_priv() parses KRB-SAFE and KRB-PRIV messages (as generated by krb5_mk_safe(3) and krb5_mk_priv(3)) from inbuf and verifies its...
krb5_set_password_using_ccache
These functions change the password for a given principal. krb5_set_password() and krb5_set_password_using_ccache() are the newer of the three functions, and...
krb5_storage
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_address (krb5_storage *, krb5_address *) KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb5_ret_addrs...
krb5_string_to_key
The string to key functions convert a string to a kerberos key. krb5_string_to_key_data_salt_opaque() is the function that does all the work, the rest of the...
krb5_support
struct krb5plugin_an2ln_ftable_desc Description of the krb5_aname_to_lname(3) plugin facility. struct krb5plugin_db_ftable_desc Description of the krb5 DB...
krb5_ticket
KRB5_LIB_FUNCTION unsigned long KRB5_LIB_CALL krb5_ticket_get_flags (krb5_context, const krb5_ticket *)
krb5_timeofday
krb5_set_real_time sets the absolute time that the caller knows the KDC has. With this the Kerberos library can calculate the relative difference between the...
krb5_v4compat
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL krb524_convert_creds_kdc (krb5_context context, krb5_creds *in_cred, struct credentials *v4creds)...
krb5_verify_init_creds
The krb5_verify_init_creds function verifies the initial tickets with the local keytab to make sure the response of the KDC was spoof-ed. krb5_verify_init_creds...
krb5_verify_user
The krb5_verify_user function verifies the password supplied by a user. The principal whose password will be verified is specified in principal. New tickets...
ntlm_buf
Buffer for storing data in the NTLM library. When filled in by the library it should be freed with heim_ntlm_free_buf(). Examples: test_ntlm.c.
ntlm_core
The NTLM core functions implement the string2key generation function, message encode and decode function, and the hash function functions.
ntlm_type1
Struct for the NTLM type1 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with heim_ntlm_free_type1()...
ntlm_type2
Struct for the NTLM type2 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with heim_ntlm_free_type2()...
ntlm_type3
Struct for the NTLM type3 message info, the strings is assumed to be in UTF8. When filled in by the library it should be freed with heim_ntlm_free_type3()...
page_ca
No description.
page_cert
No description.
page_cms
No description.
page_des
To generate a DES key safely you have to use the code-snippet below. This is because the DES_random_key() can fail with an abort() in case of and failure to...
page_dh
No description.
page_env
No description.
page_error
No description.
page_evp
The use of EVP_CipherInit_ex() and EVP_Cipher() is pretty easy to understand forward, then EVP_CipherUpdate() and EVP_CipherFinal_ex() really needs an example...
page_keyset
No description.
page_lock
No description.
page_name
No description.
page_peer
No description.
page_print
No description.
page_rand
No description.
page_revoke
No description.
page_rsa
gmp: 0.73 6.60 44.80 tfm: 2.45 -- -- ltm: 3.79 20.74 105.41 (default in hcrypto) openssl: 4.04 11.90 82.59 cdsa: 15.89 102.89 721.40 imath: 40.62 -- -- See the...
parse_time
The parse_time() function converts the period of time specified into a number of seconds. The timespec can be any number of ⟨number unit⟩ pairs separated by...
rtbl
This set of functions assemble a simple table consisting of rows and columns, allowing it to be printed with certain options. Typical use would be output from...
wind
int wind_punycode_label_toascii (const uint32_t *in, size_t in_len, char *out, size_t *out_len) int wind_stringprep (const uint32_t *in, size_t in_len, uint32_t...
Miscellanea (Section 7)
krb5-plugin
Heimdal has a plugin interface. Plugins may be statically linked into Heimdal and registered via the krb5_plugin_register(3) function, or they may be...