Unix/Linux Go Back    


NetBSD 6.1.5 - man page for krb5_verify_init_creds_opt_set_ap_req_nofail (netbsd section 3)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


KRB5_VERIFY_INIT_CREDS(3)	   BSD Library Functions Manual 	KRB5_VERIFY_INIT_CREDS(3)

NAME
     krb5_verify_init_creds_opt_init, krb5_verify_init_creds_opt_set_ap_req_nofail,
     krb5_verify_init_creds -- verifies a credential cache is correct by using a local keytab

LIBRARY
     Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS
     #include <krb5/krb5.h>

     struct krb5_verify_init_creds_opt;

     void
     krb5_verify_init_creds_opt_init(krb5_verify_init_creds_opt *options);

     void
     krb5_verify_init_creds_opt_set_ap_req_nofail(krb5_verify_init_creds_opt *options,
	 int ap_req_nofail);

     krb5_error_code
     krb5_verify_init_creds(krb5_context context, krb5_creds *creds,
	 krb5_principal ap_req_server, krb5_ccache *ccache, krb5_verify_init_creds_opt *options);

DESCRIPTION
     The krb5_verify_init_creds function verifies the initial tickets with the local keytab to
     make sure the response of the KDC was spoof-ed.

     krb5_verify_init_creds will use principal ap_req_server from the local keytab, if NULL is
     passed in, the code will guess the local hostname and use that to form host/host-
     name/GUESSED-REALM-FOR-HOSTNAME.  creds is the credential that krb5_verify_init_creds should
     verify.  If ccache is given krb5_verify_init_creds() stores all credentials it fetched from
     the KDC there, otherwise it will use a memory credential cache that is destroyed when done.

     krb5_verify_init_creds_opt_init() cleans the the structure, must be used before trying to
     pass it in to krb5_verify_init_creds().

     krb5_verify_init_creds_opt_set_ap_req_nofail() controls controls the behavior if
     ap_req_server doesn't exists in the local keytab or in the KDC's database, if it's true, the
     error will be ignored.  Note that this use is possible insecure.

SEE ALSO
     krb5(3), krb5_get_init_creds(3), krb5_verify_user(3), krb5.conf(5)

BSD					   May 1, 2006					      BSD
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums


All times are GMT -4. The time now is 09:49 AM.