| /freebsd/crypto/krb5/src/ccapi/lib/ |
| H A D | ccapi_err.et | 28 error_table_manager "Credentials Cache"
35 error_code ccErrInvalidContext, "Invalid credentials cache context"
36 error_code ccErrInvalidCCache, "Invalid credentials cache"
40 error_code ccErrInvalidString, "Invalid credentials cache string"
41 error_code ccErrInvalidCredentials, "Invalid credentials"
42 error_code ccErrInvalidCCacheIterator, "Invalid credentials cache iterator"
43 error_code ccErrInvalidCredentialsIterator, "Invalid credentials iterator"
48 error_code ccErrBadName, "Invalid credentials cache name"
49 error_code ccErrBadCredentialsVersion, "Invalid credentials cache version (not 4 or 5)"
51 error_code ccErrContextLocked, "Credentials cache context is already locked"
[all …]
|
| H A D | ccapi_credentials.c | 66 cci_credentials_t credentials = NULL; in cci_credentials_read() local
72 credentials = malloc (sizeof (*credentials)); in cci_credentials_read()
73 if (credentials) { in cci_credentials_read()
74 *credentials = cci_credentials_initializer; in cci_credentials_read()
81 credentials->functions = malloc (sizeof (*credentials->functions)); in cci_credentials_read()
82 if (credentials->functions) { in cci_credentials_read()
83 *credentials->functions = cci_credentials_f_initializer; in cci_credentials_read()
90 err = cci_identifier_read (&credentials->identifier, in_stream); in cci_credentials_read()
94 err = cci_credentials_union_read (&credentials->data, in_stream); in cci_credentials_read()
98 *out_credentials = (cc_credentials_t) credentials; in cci_credentials_read()
[all …]
|
| /freebsd/lib/libsys/ |
| H A D | setcred.2 | 14 .Nd set current process credentials atomically
24 system call can set any combination of user-accessible credentials of the
37 the exact credentials transition requested, once again unless any active MAC
42 argument serves to indicate which process credentials should be changed by the
187 The user is not the super-user and/or the requested credentials transition is
190 Some of the requested credentials have a type that the system does not support.
212 usually changes process credentials that are listed by POSIX/SUS standards.
215 from calling standard or traditional credentials-setting functions.
218 lead to modifying standard credentials.
222 to change standard credentials instead of standard or traditional functions are:
[all …]
|
| /freebsd/crypto/krb5/src/include/ |
| H A D | CredentialsCache.h | 73 * \mainpage Credentials Cache API (CCAPI) Documentation
106 * This is the specification for an API which provides Credentials Cache
109 * credentials caches, mediated by this API specification. On the Mac OS and
113 * Abstractly, a credentials cache collection contains one or more credentials
119 * credentials for multiple Kerberos versions in the same ccache.
143 * Note that iterators do not iterate over ccaches and credentials atomically
162 * of the lock to indefinitely (until the expiration time) use credentials that
272 …ccErrInvalidCredentials, /*!< Credentials are invalid (e.g., they were released), or they have a …
274 … ccErrInvalidCredentialsIterator, /*!< Credentials iterator is invalid (e.g., it was released). */
279 ccErrBadCredentialsVersion, /*!< Credentials version is invalid. */
[all …]
|
| /freebsd/lib/libgssapi/ |
| H A D | gss_acquire_cred.3 | 33 .Nd Obtain a GSS-API credential handle for pre-existing credentials
54 unauthorized callers from acquiring credentials to which they are not
58 new credentials rather than merely acquiring a handle to existing
59 credentials.
95 of obtaining GSS-API initiator credentials from the system login
101 credentials via
131 Number of seconds that credentials should remain valid.
134 to request that the credentials have the maximum
143 Credentials may be used either to initiate or accept security
146 Credentials will only be used to initiate security contexts.
[all …]
|
| H A D | gss_add_cred.3 | 33 .Nd Construct credentials incrementally
90 obtaining GSS-API initiator credentials from the system login process.
95 credentials via
203 This argument is ignored if the composed credentials are of type
207 to request that the credentials have the maximum permitted initiator lifetime.
211 This argument is ignored if the composed credentials are of type
215 to request that the credentials have the maximum permitted initiator lifetime.
247 Actual number of seconds for which the returned credentials will
250 credentials,
258 Actual number of seconds for which the returned credentials will
[all …]
|
| /freebsd/share/man/man4/ |
| H A D | mac_do.4 | 16 .Nd "policy allowing unprivileged users to change process credentials"
41 policy module allows unprivileged users to change process credentials according
52 .Sh CREDENTIALS RULES
53 Rules specify which transitions of process credentials
55 will allow, based on current process credentials and the desired final ones.
59 credentials in a safe and compact way.
67 authorizes a credentials transition as soon as at least one rule in the list
84 is matched against the credentials of the process requesting some credentials
109 specify are alternatives for the target credentials, except in some cases
122 The first form is a compact way to specify that any target credentials are
[all …]
|
| H A D | unix.4 | 133 file descriptors and process credentials through the use of the
170 Credentials of the sending process can be transmitted explicitly using a
219 receive the credentials of the process calling
273 sockets credentials are passed only on the first read from a socket,
299 except that socket credentials are passed on every read from a
351 socket returns credentials of the remote side.
372 The credentials presented to the server (the
376 the credentials presented to the client (the
381 the credentials presented to its peer except by calling the appropriate
386 under different effective credentials.
[all …]
|
| /freebsd/contrib/openpam/doc/man/ |
| H A D | pam_setcred.3 | 7 .Nd modify / delete user credentials for an authentication service
16 function manages the application's credentials.
26 Establish the credentials of the target user.
28 Revoke all established credentials.
30 Fully reinitialise credentials.
32 Refresh credentials.
57 Failed to set user credentials.
59 User credentials have expired.
61 Failed to retrieve user credentials.
|
| /freebsd/crypto/krb5/src/ccapi/server/ |
| H A D | ccs_credentials.c | 43 ccs_credentials_t credentials = NULL; in ccs_credentials_new() local
49 credentials = malloc (sizeof (*credentials)); in ccs_credentials_new()
50 if (credentials) { in ccs_credentials_new()
51 *credentials = ccs_credentials_initializer; in ccs_credentials_new()
58 err = cci_credentials_union_read (&credentials->cred_union, in_stream); in ccs_credentials_new()
61 if (!err && !(credentials->cred_union->version & in_ccache_version)) { in ccs_credentials_new()
62 /* ccache does not have a principal set for this credentials version */ in ccs_credentials_new()
67 err = ccs_server_new_identifier (&credentials->identifier); in ccs_credentials_new()
71 err = ccs_credentials_list_add (io_credentials_list, credentials); in ccs_credentials_new()
75 *out_credentials = credentials; in ccs_credentials_new()
[all …]
|
| /freebsd/crypto/heimdal/kuser/ |
| H A D | copy_cred_cache.1 | 39 .Nd copy credentials from one cache to another
52 copies credentials from
60 Copies only krbtgt credentials for the client's realm. This is
64 Copies only credentials matching this service principal.
66 Copies only credentials a matching enctype.
68 Copies only credentials with these ticket flags set.
70 Copies only credentials that are valid for at least this long. This
80 To copy only credentials that are valid for at least one day and with
91 credentials where actually copied.
|
| /freebsd/crypto/krb5/src/man/ |
| H A D | klist.man | 46 credentials cache, or the keys held in a keytab file.
64 List tickets held in a credentials cache. This is the default if
68 Shows the flags present in the credentials, using the following
94 with status 1 if the credentials cache cannot be read or is
98 Display list of addresses in credentials.
104 List configuration data that has been stored in the credentials
132 the credentials in the default credentials cache or keytab file as
143 Default location of Kerberos 5 credentials cache
|
| H A D | kvno.man | 55 Specifies the name of a credentials cache to use (if not the
78 treated as services for which credentials should be acquired using
93 credentials cache client principal.
104 Only retrieve credentials already present in the cache, not from
108 Do not store retrieved credentials in the cache. If
109 \fB\-\-out\-cache\fP is also specified, credentials will still be
113 Initialize \fIccache\fP and store all retrieved credentials into it.
114 Do not store acquired credentials in the input cache. (Added in
131 Default location of the credentials cache
|
| H A D | kdestroy.man | 43 tickets by overwriting and deleting the credentials cache that
44 contains them. If the credentials cache is not specified, the default
45 credentials cache is destroyed.
59 Use \fIcache_name\fP as the credentials (ticket) cache name and
63 The default credentials cache may vary between systems. If the
85 Default location of Kerberos 5 credentials cache
|
| /freebsd/crypto/heimdal/lib/krb5/ |
| H A D | krb5_err.et | 29 error_code CLIENT_REVOKED, "Clients credentials have been revoked"
30 error_code SERVICE_REVOKED, "Credentials for server have been revoked"
204 error_code KRB5_CC_TYPE_EXISTS, "Credentials cache type is already registered."
207 error_code KRB5_CC_IO, "Credentials cache I/O operation failed XXX"
208 error_code KRB5_FCC_PERM, "Credentials cache file permissions incorrect"
209 error_code KRB5_FCC_NOFILE, "No credentials cache file found"
210 error_code KRB5_FCC_INTERNAL, "Internal file credentials cache error"
211 error_code KRB5_CC_WRITE, "Error writing to credentials cache file"
212 error_code KRB5_CC_NOMEM, "No more memory to allocate (in credentials cache code)"
213 error_code KRB5_CC_FORMAT, "Bad format in credentials cache"
[all …]
|
| H A D | krb5.conf.5 | 121 When obtaining initial credentials, make the credentials forwardable.
123 When obtaining initial credentials, make the credentials proxiable.
125 When obtaining initial credentials, request them for an empty set of
134 Forward credentials to remote host (for
170 sets the default credentials type.
172 the default credentials cache name.
210 When obtaining initial credentials, make the credentials forwardable.
213 When obtaining initial credentials, make the credentials proxiable.
216 If enabled, failure to verify credentials against a local key is a
344 obtain credentials for a service in the
|
| /freebsd/lib/libpam/modules/pam_krb5/ |
| H A D | pam_krb5.8 | 30 and to set user specific credentials
54 function stores the newly acquired credentials in a credentials cache,
58 The credentials cache should be destroyed by the user at logout with
88 Obtain forwardable Kerberos credentials for the user.
90 Do not save the obtained credentials in a credentials cache.
99 as the credentials cache.
211 Location of the credentials cache.
216 default credentials cache
|
| /freebsd/crypto/heimdal/doc/doxyout/krb5/man/man3/ |
| H A D | krb5_v4compat.3 | 10 …onvert_creds_kdc\fP (krb5_context context, krb5_creds *in_cred, struct credentials *v4creds) KRB5_…
13 …(krb5_context context, krb5_ccache ccache, krb5_creds *in_cred, struct credentials *v4creds) KRB5_…
21 …rb524_convert_creds_kdc (krb5_context context, krb5_creds * in_cred, struct credentials * v4creds)"
23 Convert the v5 credentials in in_cred to v4-dito in v4creds. This is done by sending them to the 52…
40 …che (krb5_context context, krb5_ccache ccache, krb5_creds * in_cred, struct credentials * v4creds)"
42 Convert the v5 credentials in in_cred to v4-dito in v4creds, check the credential cache ccache befo…
|
| /freebsd/contrib/libfido2/man/ |
| H A D | fido_credman_metadata_new.3 | 99 allows resident credentials on a FIDO2 authenticator to be listed,
151 and returns the number of resident credentials on the
157 and returns the estimated number of resident credentials that can
162 type abstracts the set of resident credentials belonging to a
195 with the set of resident credentials belonging to
205 function returns the number of resident credentials in
285 with information about relying parties with resident credentials
347 Resident credentials are called
348 .Dq discoverable credentials
|
| /freebsd/lib/libc/gen/ |
| H A D | getpeereid.3 | 31 .Nd get the effective credentials of a UNIX-domain peer
63 The credentials returned to the
67 the credentials returned to the
72 the credentials returned to its peer except by calling the appropriate
77 under different effective credentials.
82 to verify the credentials of its client.
83 Likewise, the client can verify the credentials of the server.
|
| /freebsd/crypto/krb5/src/windows/leash/htmlhelp/html/ |
| H A D | KDESTROY.htm | 34 credentials cache that contains them. If the credentials
35 cache is not specified, the default credentials cache is
50 <td>Use <span class="command"><I>cache</I><B>_</B><I>name</I></span> as the credentials (ticket) c…
51 The default credentials cache may vary between systems. If the KRB5CCNAME environment variable is…
69 <td> Location of the default Kerberos 5 credentials (ticket)
85 <td> default location of Kerberos 5 credentials cache ([uid] is the decimal UID of the us…
98 Only the tickets in the specified credentials cache are destroyed.
101 user's tickets kept in a single credentials cache.
|
| /freebsd/share/man/man9/ |
| H A D | cr_bsd_visible.9 | 37 This function determines if a subject with credentials
39 is denied seeing an object or subject associated to credentials
77 This function returns zero if a subject with credentials
79 may see a subject or object with credentials
87 Credentials
93 Credentials
103 Credentials
|
| /freebsd/crypto/krb5/src/lib/krb5/error_tables/ |
| H A D | krb5_err.et | 59 error_code KRB5KDC_ERR_CLIENT_REVOKED, "Client's credentials have been revoked"
60 error_code KRB5KDC_ERR_SERVICE_REVOKED, "Credentials for server have been revoked"
258 error_code KRB5_CC_TYPE_EXISTS, "Credentials cache type is already registered."
261 error_code KRB5_CC_IO, "Credentials cache I/O operation failed"
262 error_code KRB5_FCC_PERM, "Credentials cache permissions incorrect"
263 error_code KRB5_FCC_NOFILE, "No credentials cache found"
264 error_code KRB5_FCC_INTERNAL, "Internal credentials cache error"
265 error_code KRB5_CC_WRITE, "Error writing to credentials cache"
266 error_code KRB5_CC_NOMEM, "No more memory to allocate (in credentials cache code)"
267 error_code KRB5_CC_FORMAT, "Bad format in credentials cache"
[all …]
|
| /freebsd/contrib/openpam/lib/libpam/ |
| H A D | pam_setcred.c | 50 * Modify / delete user credentials for an authentication service
78 * The =pam_setcred function manages the application's credentials.
86 * Establish the credentials of the target user.
88 * Revoke all established credentials.
90 * Fully reinitialise credentials.
92 * Refresh credentials.
|
| /freebsd/tools/regression/security/proc_to_proc/ |
| H A D | README | 7 important scenarios using specifically crafted process credentials
27 same non-root effective credentials
29 different non-root effective credentials
31 non-root real credentials
33 different non-root real credentials
|