libcom_err.so man page on HP-UX

Man page or keyword search:  
man Server   10987 pages
apropos Keyword Search (all sections)
Output format
HP-UX logo
[printable version]

libkrb5(3)							    libkrb5(3)

NAME
       libkrb5:	   libkrb5.sl,	 libkrb5.so,   libcom_err.sl,	libcom_err.so,
       libk5crypto.sl, libk5crypto.so - Kerberos client libraries

SYNOPSIS
   32-Bit Libraries on Itanium-based Systems
   64-Bit Libraries on Itanium-based Systems
   32-Bit Libraries on PA-RISC Systems
   64-Bit Libraries on PA-RISC Systems
DESCRIPTION
       Kerberos is a network authentication protocol developed at  MIT.	  This
       is  now	an IETF standard RFC 1510, the Kerberos Network Authentication
       Service	(V5).	The  shared  libraries,	 and  support  authentication,
       integrity  and confidentiality services as per the Kerberos V5 specifi‐
       cation.

       Kerberos performs authentication as a trusted  third-party  authentica‐
       tion  service  by  using	 conventional (shared secret key) cryptography
       mechanism.  It provides a means of verifying the identities of  princi‐
       pals,  without  relying	on authentication by the host operating system
       and without basing trust on host addresses.  This protocol works	 with‐
       out  requiring  the  physical  security of all the hosts on the network
       under the assumption that packets transmitting over the network can  be
       read, modified and inserted at will.

       is  the	main Kerberos library, which provides APIs for authentication,
       verifying tickets, creating authenticator,  context  management,	 cache
       and replay cache management, keytab file management, memory management,
       principal name style mapping and operating system specific calls.   The
       header  file  should be included in the application that uses APIs from
       library.

       which is linked to will provide the encryption and decryption APIs.   A
       user  should  not  link	this library directly with an application.  In
       order to add authentication, an application may need  to	 call  one  or
       more APIs of the Kerberos library, which results in the transmission of
       the necessary messages to achieve authentication.

       implements Kerberos library error  code	tables.	  There	 are  separate
       error code tables for database, magic numbers and ASN.1 APIs.  Based on
       the failure in the API, the user may get an  error  from	 these	tables
       using  the  appropriate API.  The header file should be included in the
       application that uses routines from the library.	 Executable files must
       be linked with in order to cause the library to be included.

       The   functionalities  of  the  APIs  implemented  in  Kerberos	client
       libraries are given below.

   krb5_context Management APIs
       The context is designed to represent per	 process  state.   The	Global
       parameters  which  are "context" specific are stored in this structure.
       The structure contains default realm, default encryption type,  default
       configuration files and the like.  APIs will provide full access to the
       data structure stored  in  the  context	and  should  not  be  accessed
       directly by developers.	Some of the common APIs are and

       The  encryption	types  which  are retrieved from the and stored in the
       should be freed by the caller.

   krb5_auth_context Management APIs
       The is a per-connection	context	 and  is  used	by  the	 various  APIs
       involved	 directly  in  client/server authentication.  Some of the data
       stored in this context include keyblocks, addresses, sequence  numbers,
       authenticator,  checksum	 type  and  replay cache pointer.  Some of the
       common APIs are and

       The structure should be freed using It is  the  responsibility  of  the
       application developer to free the memory allocated to the authenticator
       by using The application developer must also free the memory  that  was
       allocated to store the local sub keyblocks using

   Principal Access APIs
       A principal is a uniquely named client or server instance that partici‐
       pates in a network communication.  The APIs allow you to create, modify
       and access portions of the krb5_principal.  Some of the common APIs are
       and so on.

       Some of the APIs are internal functions, which are not intended for use
       by  the	application  programs  since  this interface may change at any
       time.  Even though it is possible to directly access the data  elements
       in  the	structure,  it	is recommended that these APIs should be used.
       The returned principal should be freed with

   Credential Cache Management APIs
       These APIs deal with storing credentials	 (tickets,  session  keys  and
       other  identifying information) in a semi-permanent store for later use
       by different programs.  The credential storage can be a hard disk or  a
       memory storage.	Some of the common APIs are and

       The retrieved credentials should be freed using

   Replay Cache Management APIs
       These  APIs deal with verifying that do not contain duplicate authenti‐
       cators.	The storage  must  be  non-volatile  for  the  site-determined
       validity period of authenticators.  Some of the common APIs are and

       initializes  the	 private  data	for  a replay cache.  This API must be
       called before the other replay cache APIs.  The allocated memory should
       be freed using

       These APIs are not generally used by the applications.

   Keytab Management APIs
       These  APIs  deal  with	storing and retrieving service keys for use by
       unattended services  which  participate	in  authentication  exchanges.
       Keytab routines are all atomic.	All keytab types support multiple con‐
       current sequential scans.  Some of the common APIs are and

       To free the resources, the user should use

   Memory Management APIs
       These APIs deal with deallocation of memory that has been allocated  by
       various	routines.  It is recommended that the developer must use these
       routines in order to free the data structures.  All the APIs start with
       prefix.	Some of the common APIs are and

   Operating System-Specific APIs
       These  APIs  provide  an	 interface  between  the  other	 parts	of the
       libraries and the operating system.  These include APIs to allow access
       to  configuration specific information, disk based I/O operations, net‐
       work based operations and operating system specific access APIs.	  Some
       of the common APIs are and

   Application-Specific and Miscellaneous APIs
       These  APIs  deal  with sending and receiving KRB5 protocol messages to
       the Kerberos server, ticket management and miscellaneous	 calls.	  Some
       of the common APIs are and

WARNINGS
       It  is  strongly	 recommended  that you use GSS-API instead of Kerberos
       calls.  The Kerberos libraries are not thread safe.

AUTHOR
       Kerberos client libraries were developed at the Massachusetts Institute
       of  Technology.	 This  version	of  the	 libraries  is compatible with
       MIT1.3.5.

SEE ALSO
       kdestroy(1),  kinit(1),	klist(1),  kpasswd(1),	 ktutil(1),   kvno(1),
       krb5.conf(4), gssapi(5), kerberos(5).

								    libkrb5(3)
[top]

List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net