[unix-history] / usr / share / man / cat3 / tf_util.0



TF_UTIL(3)           BSD Programmer's Manual           TF_UTIL(3)


N\bNA\bAM\bME\bE
       tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close
       - routines for manipulating a Kerberos ticket file

S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
       #\b#i\bin\bnc\bcl\blu\bud\bde\be <\b<k\bke\ber\brb\bbe\ber\bro\bos\bsI\bIV\bV/\b/k\bkr\brb\bb.\b.h\bh>\b>

       e\bex\bxt\bte\ber\brn\bn c\bch\bha\bar\br *\b*k\bkr\brb\bb_\b_e\ber\brr\br_\b_t\btx\bxt\bt[\b[]\b];\b;

       t\btf\bf_\b_i\bin\bni\bit\bt(\b(t\btf\bf_\b_n\bna\bam\bme\be,\b, r\brw\bw)\b)
       c\bch\bha\bar\br *\b*t\btf\bf_\b_n\bna\bam\bme\be;\b;
       i\bin\bnt\bt r\brw\bw;\b;

       t\btf\bf_\b_g\bge\bet\bt_\b_p\bpn\bna\bam\bme\be(\b(p\bpn\bna\bam\bme\be)\b)
       c\bch\bha\bar\br *\b*p\bpn\bna\bam\bme\be;\b;

       t\btf\bf_\b_g\bge\bet\bt_\b_p\bpi\bin\bns\bst\bt(\b(p\bpi\bin\bns\bst\bt)\b)
       c\bch\bha\bar\br *\b*p\bpi\bin\bns\bst\bt;\b;

       t\btf\bf_\b_g\bge\bet\bt_\b_c\bcr\bre\bed\bd(\b(c\bc)\b)
       C\bCR\bRE\bED\bDE\bEN\bNT\bTI\bIA\bAL\bLS\bS *\b*c\bc;\b;

       t\btf\bf_\b_c\bcl\blo\bos\bse\be(\b()\b)


D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
       This group of routines are provided to manipulate the Ker-
       beros  tickets file.  A ticket file has the following for-
       mat:

           principal's name          (null-terminated string)
           principal's instance      (null-terminated string)
           CREDENTIAL_1
           CREDENTIAL_2
             ...
           CREDENTIAL_n
           EOF


       Where "CREDENTIAL_x" consists of the following fixed-length
       fields from the CREDENTIALS structure (defined in <kerberosIV/krb.h>):

                char      service[ANAME_SZ]
                char      instance[INST_SZ]
                char      realm[REALM_SZ]
                des_cblock     session
                int       lifetime
                int       kvno
                KTEXT_ST  ticket_st
                long      issue_date


MIT Project Athena     Kerberos Version 4.0                     1


TF_UTIL(3)           BSD Programmer's Manual           TF_UTIL(3)


       _\bt_\bf_\b__\bi_\bn_\bi_\bt must be called before the other ticket  file  rou-
       tines.  It takes the name of the ticket file to use, and a
       read/write flag as arguments.  It tries to open the ticket
       file, checks the mode and if everything is okay, locks the
       file.  If it's opened for reading, the lock is shared.  If
       it's  opened for writing, the lock is exclusive.  KSUCCESS
       is returned if all went well, otherwise one of the follow-
       ing:

       NO_TKT_FIL     - file wasn't there
       TKT_FIL_ACC    - file was in wrong mode, etc.
       TKT_FIL_LCK    - couldn't lock the file, even after a retry


       The  _\bt_\bf_\b__\bg_\be_\bt_\b__\bp_\bn_\ba_\bm_\be reads the principal's name from a ticket
       file.  It should only be called  after  tf_init  has  been
       called.   The  principal's  name  is filled into the _\bp_\bn_\ba_\bm_\be
       parameter.  If all goes well, KSUCCESS  is  returned.   If
       tf_init  wasn't  called,  TKT_FIL_INI is returned.  If the
       principal's name was null, or EOF was encountered, or  the
       name was longer than ANAME_SZ, TKT_FIL_FMT is returned.

       The  _\bt_\bf_\b__\bg_\be_\bt_\b__\bp_\bi_\bn_\bs_\bt  reads  the  principal's instance from a
       ticket file.  It should only be called after  tf_init  and
       tf_get_pname  have  been called.  The principal's instance
       is filled into the _\bp_\bi_\bn_\bs_\bt parameter.   If  all  goes  well,
       KSUCCESS   is   returned.    If   tf_init  wasn't  called,
       TKT_FIL_INI is returned.  If EOF was encountered,  or  the
       name  was  longer  than  INST_SZ, TKT_FIL_FMT is returned.
       Note that, unlike the principal name,  the  instance  name
       may be null.

       The  _\bt_\bf_\b__\bg_\be_\bt_\b__\bc_\br_\be_\bd routine reads a CREDENTIALS record from a
       ticket file and fills in the given structure.   It  should
       only   be   called   after   tf_init,   tf_get_pname,  and
       tf_get_pinst have been called.  If all goes well, KSUCCESS
       is returned.  Possible error codes are:

       TKT_FIL_INI    - tf_init wasn't called first
       TKT_FIL_FMT    - bad format
       EOF       - end of file encountered


       _\bt_\bf_\b__\bc_\bl_\bo_\bs_\be  closes  the ticket file and releases the lock on
       it.

S\bSE\bEE\bE A\bAL\bLS\bSO\bO
       krb(3)

D\bDI\bIA\bAG\bGN\bNO\bOS\bST\bTI\bIC\bCS\bS


MIT Project Athena     Kerberos Version 4.0                     2


TF_UTIL(3)           BSD Programmer's Manual           TF_UTIL(3)


B\bBU\bUG\bGS\bS
       The ticket file routines have to be called  in  a  certain
       order.

A\bAU\bUT\bTH\bHO\bOR\bRS\bS
       Jennifer Steiner, MIT Project Athena
       Bill Bryant, MIT Project Athena

R\bRE\bES\bST\bTR\bRI\bIC\bCT\bTI\bIO\bON\bNS\bS
       Copyright 1987 Massachusetts Institute of Technology


MIT Project Athena     Kerberos Version 4.0                     3
Commit	Line	Data
b1052012 C	1
	2
	3
	4	TF_UTIL(3) BSD Programmer's Manual TF_UTIL(3)
	5
	6
	7	N\bNA\bAM\bME\bE
	8	tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close
	9	- routines for manipulating a Kerberos ticket file
	10
	11	S\bSY\bYN\bNO\bOP\bPS\bSI\bIS\bS
	12	#\b#i\bin\bnc\bcl\blu\bud\bde\be <\b<k\bke\ber\brb\bbe\ber\bro\bos\bsI\bIV\bV/\b/k\bkr\brb\bb.\b.h\bh>\b>
	13
	14	e\bex\bxt\bte\ber\brn\bn c\bch\bha\bar\br \bk\bkr\brb\bb_\b_e\ber\brr\br_\b_t\btx\bxt\bt[\b[]\b];\b;
	15
	16	t\btf\bf_\b_i\bin\bni\bit\bt(\b(t\btf\bf_\b_n\bna\bam\bme\be,\b, r\brw\bw)\b)
	17	c\bch\bha\bar\br \bt\btf\bf_\b_n\bna\bam\bme\be;\b;
	18	i\bin\bnt\bt r\brw\bw;\b;
	19
	20	t\btf\bf_\b_g\bge\bet\bt_\b_p\bpn\bna\bam\bme\be(\b(p\bpn\bna\bam\bme\be)\b)
	21	c\bch\bha\bar\br \bp\bpn\bna\bam\bme\be;\b;
	22
	23	t\btf\bf_\b_g\bge\bet\bt_\b_p\bpi\bin\bns\bst\bt(\b(p\bpi\bin\bns\bst\bt)\b)
	24	c\bch\bha\bar\br \bp\bpi\bin\bns\bst\bt;\b;
	25
	26	t\btf\bf_\b_g\bge\bet\bt_\b_c\bcr\bre\bed\bd(\b(c\bc)\b)
	27	C\bCR\bRE\bED\bDE\bEN\bNT\bTI\bIA\bAL\bLS\bS \bc\bc;\b;
	28
	29	t\btf\bf_\b_c\bcl\blo\bos\bse\be(\b()\b)
	30
	31
	32	D\bDE\bES\bSC\bCR\bRI\bIP\bPT\bTI\bIO\bON\bN
	33	This group of routines are provided to manipulate the Ker-
	34	beros tickets file. A ticket file has the following for-
	35	mat:
	36
	37	principal's name (null-terminated string)
	38	principal's instance (null-terminated string)
	39	CREDENTIAL_1
	40	CREDENTIAL_2
	41	...
	42	CREDENTIAL_n
	43	EOF
	44
	45
	46	Where "CREDENTIAL_x" consists of the following fixed-length
	47	fields from the CREDENTIALS structure (defined in <kerberosIV/krb.h>):
	48
	49	char service[ANAME_SZ]
	50	char instance[INST_SZ]
	51	char realm[REALM_SZ]
	52	des_cblock session
	53	int lifetime
	54	int kvno
	55	KTEXT_ST ticket_st
	56	long issue_date
	57
	58
	59
	60
	61	MIT Project Athena Kerberos Version 4.0 1
	62
	63
	64
65
66
67
68
69
70	TF_UTIL(3) BSD Programmer's Manual TF_UTIL(3)
71
72
73	_\bt_\bf_\b__\bi_\bn_\bi_\bt must be called before the other ticket file rou-
74	tines. It takes the name of the ticket file to use, and a
75	read/write flag as arguments. It tries to open the ticket
76	file, checks the mode and if everything is okay, locks the
77	file. If it's opened for reading, the lock is shared. If
78	it's opened for writing, the lock is exclusive. KSUCCESS
79	is returned if all went well, otherwise one of the follow-
80	ing:
81
82	NO_TKT_FIL - file wasn't there
83	TKT_FIL_ACC - file was in wrong mode, etc.
84	TKT_FIL_LCK - couldn't lock the file, even after a retry
85
86
87	The _\bt_\bf_\b__\bg_\be_\bt_\b__\bp_\bn_\ba_\bm_\be reads the principal's name from a ticket
88	file. It should only be called after tf_init has been
89	called. The principal's name is filled into the _\bp_\bn_\ba_\bm_\be
90	parameter. If all goes well, KSUCCESS is returned. If
91	tf_init wasn't called, TKT_FIL_INI is returned. If the
92	principal's name was null, or EOF was encountered, or the
93	name was longer than ANAME_SZ, TKT_FIL_FMT is returned.
94
95	The _\bt_\bf_\b__\bg_\be_\bt_\b__\bp_\bi_\bn_\bs_\bt reads the principal's instance from a
96	ticket file. It should only be called after tf_init and
97	tf_get_pname have been called. The principal's instance
98	is filled into the _\bp_\bi_\bn_\bs_\bt parameter. If all goes well,
99	KSUCCESS is returned. If tf_init wasn't called,
100	TKT_FIL_INI is returned. If EOF was encountered, or the
101	name was longer than INST_SZ, TKT_FIL_FMT is returned.
102	Note that, unlike the principal name, the instance name
103	may be null.
104
105	The _\bt_\bf_\b__\bg_\be_\bt_\b__\bc_\br_\be_\bd routine reads a CREDENTIALS record from a
106	ticket file and fills in the given structure. It should
107	only be called after tf_init, tf_get_pname, and
108	tf_get_pinst have been called. If all goes well, KSUCCESS
109	is returned. Possible error codes are:
110
111	TKT_FIL_INI - tf_init wasn't called first
112	TKT_FIL_FMT - bad format
113	EOF - end of file encountered
114
115
116	_\bt_\bf_\b__\bc_\bl_\bo_\bs_\be closes the ticket file and releases the lock on
117	it.
118
119	S\bSE\bEE\bE A\bAL\bLS\bSO\bO
120	krb(3)
121
122	D\bDI\bIA\bAG\bGN\bNO\bOS\bST\bTI\bIC\bCS\bS
123
124
125
126
127	MIT Project Athena Kerberos Version 4.0 2
128
129
130
131
132
133
134
135
136	TF_UTIL(3) BSD Programmer's Manual TF_UTIL(3)
137
138
139	B\bBU\bUG\bGS\bS
140	The ticket file routines have to be called in a certain
141	order.
142
143	A\bAU\bUT\bTH\bHO\bOR\bRS\bS
144	Jennifer Steiner, MIT Project Athena
145	Bill Bryant, MIT Project Athena
146
147	R\bRE\bES\bST\bTR\bRI\bIC\bCT\bTI\bIO\bON\bNS\bS
148	Copyright 1987 Massachusetts Institute of Technology
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193	MIT Project Athena Kerberos Version 4.0 3
194
195
196
197
198