1*ae771770SStanislav Sedov.\" Copyright (c) 2003 - 2007 Kungliga Tekniska Högskolan 2bbd80c28SJacques Vidrine.\" (Royal Institute of Technology, Stockholm, Sweden). 3bbd80c28SJacques Vidrine.\" All rights reserved. 4bbd80c28SJacques Vidrine.\" 5bbd80c28SJacques Vidrine.\" Redistribution and use in source and binary forms, with or without 6bbd80c28SJacques Vidrine.\" modification, are permitted provided that the following conditions 7bbd80c28SJacques Vidrine.\" are met: 8bbd80c28SJacques Vidrine.\" 9bbd80c28SJacques Vidrine.\" 1. Redistributions of source code must retain the above copyright 10bbd80c28SJacques Vidrine.\" notice, this list of conditions and the following disclaimer. 11bbd80c28SJacques Vidrine.\" 12bbd80c28SJacques Vidrine.\" 2. Redistributions in binary form must reproduce the above copyright 13bbd80c28SJacques Vidrine.\" notice, this list of conditions and the following disclaimer in the 14bbd80c28SJacques Vidrine.\" documentation and/or other materials provided with the distribution. 15bbd80c28SJacques Vidrine.\" 16bbd80c28SJacques Vidrine.\" 3. Neither the name of the Institute nor the names of its contributors 17bbd80c28SJacques Vidrine.\" may be used to endorse or promote products derived from this software 18bbd80c28SJacques Vidrine.\" without specific prior written permission. 19bbd80c28SJacques Vidrine.\" 20bbd80c28SJacques Vidrine.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 21bbd80c28SJacques Vidrine.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22bbd80c28SJacques Vidrine.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23bbd80c28SJacques Vidrine.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 24bbd80c28SJacques Vidrine.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25bbd80c28SJacques Vidrine.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26bbd80c28SJacques Vidrine.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27bbd80c28SJacques Vidrine.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28bbd80c28SJacques Vidrine.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29bbd80c28SJacques Vidrine.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30bbd80c28SJacques Vidrine.\" SUCH DAMAGE. 31bbd80c28SJacques Vidrine.\" 32*ae771770SStanislav Sedov.\" $Id$ 33bbd80c28SJacques Vidrine.\" 34c19800e8SDoug Rabson.Dd October 26, 2005 35bbd80c28SJacques Vidrine.Dt GSS_ACQUIRE_CRED 3 36bbd80c28SJacques Vidrine.Os HEIMDAL 37bbd80c28SJacques Vidrine.Sh NAME 38bbd80c28SJacques Vidrine.Nm gss_accept_sec_context , 39bbd80c28SJacques Vidrine.Nm gss_acquire_cred , 40bbd80c28SJacques Vidrine.Nm gss_add_cred , 41bbd80c28SJacques Vidrine.Nm gss_add_oid_set_member , 42bbd80c28SJacques Vidrine.Nm gss_canonicalize_name , 43bbd80c28SJacques Vidrine.Nm gss_compare_name , 44bbd80c28SJacques Vidrine.Nm gss_context_time , 45bbd80c28SJacques Vidrine.Nm gss_create_empty_oid_set , 46bbd80c28SJacques Vidrine.Nm gss_delete_sec_context , 47bbd80c28SJacques Vidrine.Nm gss_display_name , 48bbd80c28SJacques Vidrine.Nm gss_display_status , 49bbd80c28SJacques Vidrine.Nm gss_duplicate_name , 50bbd80c28SJacques Vidrine.Nm gss_export_name , 51bbd80c28SJacques Vidrine.Nm gss_export_sec_context , 52bbd80c28SJacques Vidrine.Nm gss_get_mic , 53bbd80c28SJacques Vidrine.Nm gss_import_name , 54bbd80c28SJacques Vidrine.Nm gss_import_sec_context , 55bbd80c28SJacques Vidrine.Nm gss_indicate_mechs , 56bbd80c28SJacques Vidrine.Nm gss_init_sec_context , 57bbd80c28SJacques Vidrine.Nm gss_inquire_context , 58bbd80c28SJacques Vidrine.Nm gss_inquire_cred , 59bbd80c28SJacques Vidrine.Nm gss_inquire_cred_by_mech , 60bbd80c28SJacques Vidrine.Nm gss_inquire_mechs_for_name , 61bbd80c28SJacques Vidrine.Nm gss_inquire_names_for_mech , 62c19800e8SDoug Rabson.Nm gss_krb5_ccache_name , 63bbd80c28SJacques Vidrine.Nm gss_krb5_compat_des3_mic , 64c19800e8SDoug Rabson.Nm gss_krb5_copy_ccache , 65c19800e8SDoug Rabson.Nm gss_krb5_import_cred 66c19800e8SDoug Rabson.Nm gsskrb5_extract_authz_data_from_sec_context , 67c19800e8SDoug Rabson.Nm gsskrb5_register_acceptor_identity , 68c19800e8SDoug Rabson.Nm gss_krb5_import_ccache , 69c19800e8SDoug Rabson.Nm gss_krb5_get_tkt_flags , 70bbd80c28SJacques Vidrine.Nm gss_process_context_token , 71bbd80c28SJacques Vidrine.Nm gss_release_buffer , 72bbd80c28SJacques Vidrine.Nm gss_release_cred , 73bbd80c28SJacques Vidrine.Nm gss_release_name , 74bbd80c28SJacques Vidrine.Nm gss_release_oid_set , 75bbd80c28SJacques Vidrine.Nm gss_seal , 76bbd80c28SJacques Vidrine.Nm gss_sign , 77bbd80c28SJacques Vidrine.Nm gss_test_oid_set_member , 78bbd80c28SJacques Vidrine.Nm gss_unseal , 79bbd80c28SJacques Vidrine.Nm gss_unwrap , 80bbd80c28SJacques Vidrine.Nm gss_verify , 81bbd80c28SJacques Vidrine.Nm gss_verify_mic , 82bbd80c28SJacques Vidrine.Nm gss_wrap , 83bbd80c28SJacques Vidrine.Nm gss_wrap_size_limit 84bbd80c28SJacques Vidrine.Nd Generic Security Service Application Program Interface library 85bbd80c28SJacques Vidrine.Sh LIBRARY 86bbd80c28SJacques VidrineGSS-API library (libgssapi, -lgssapi) 87bbd80c28SJacques Vidrine.Sh SYNOPSIS 88bbd80c28SJacques Vidrine.In gssapi.h 89bbd80c28SJacques Vidrine.Pp 90bbd80c28SJacques Vidrine.Ft OM_uint32 91bbd80c28SJacques Vidrine.Fo gss_accept_sec_context 92bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 93bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t * context_handle" 94bbd80c28SJacques Vidrine.Fa "const gss_cred_id_t acceptor_cred_handle" 95bbd80c28SJacques Vidrine.Fa "const gss_buffer_t input_token_buffer" 96bbd80c28SJacques Vidrine.Fa "const gss_channel_bindings_t input_chan_bindings" 97bbd80c28SJacques Vidrine.Fa "gss_name_t * src_name" 98bbd80c28SJacques Vidrine.Fa "gss_OID * mech_type" 99bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_token" 100bbd80c28SJacques Vidrine.Fa "OM_uint32 * ret_flags" 101bbd80c28SJacques Vidrine.Fa "OM_uint32 * time_rec" 102bbd80c28SJacques Vidrine.Fa "gss_cred_id_t * delegated_cred_handle" 103bbd80c28SJacques Vidrine.Fc 104bbd80c28SJacques Vidrine.Pp 105bbd80c28SJacques Vidrine.Ft OM_uint32 106bbd80c28SJacques Vidrine.Fo gss_acquire_cred 107bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 108bbd80c28SJacques Vidrine.Fa "const gss_name_t desired_name" 109bbd80c28SJacques Vidrine.Fa "OM_uint32 time_req" 110bbd80c28SJacques Vidrine.Fa "const gss_OID_set desired_mechs" 111bbd80c28SJacques Vidrine.Fa "gss_cred_usage_t cred_usage" 112bbd80c28SJacques Vidrine.Fa "gss_cred_id_t * output_cred_handle" 113bbd80c28SJacques Vidrine.Fa "gss_OID_set * actual_mechs" 114bbd80c28SJacques Vidrine.Fa "OM_uint32 * time_rec" 115bbd80c28SJacques Vidrine.Fc 116c19800e8SDoug Rabson.Ft OM_uint32 117c19800e8SDoug Rabson.Fo gss_add_cred 118c19800e8SDoug Rabson.Fa "OM_uint32 *minor_status" 119c19800e8SDoug Rabson.Fa "const gss_cred_id_t input_cred_handle" 120c19800e8SDoug Rabson.Fa "const gss_name_t desired_name" 121c19800e8SDoug Rabson.Fa "const gss_OID desired_mech" 122c19800e8SDoug Rabson.Fa "gss_cred_usage_t cred_usage" 123c19800e8SDoug Rabson.Fa "OM_uint32 initiator_time_req" 124c19800e8SDoug Rabson.Fa "OM_uint32 acceptor_time_req" 125c19800e8SDoug Rabson.Fa "gss_cred_id_t *output_cred_handle" 126c19800e8SDoug Rabson.Fa "gss_OID_set *actual_mechs" 127c19800e8SDoug Rabson.Fa "OM_uint32 *initiator_time_rec" 128c19800e8SDoug Rabson.Fa "OM_uint32 *acceptor_time_rec" 129c19800e8SDoug Rabson.Fc 130bbd80c28SJacques Vidrine.Ft OM_uint32 131bbd80c28SJacques Vidrine.Fo gss_add_oid_set_member 132bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 133bbd80c28SJacques Vidrine.Fa "const gss_OID member_oid" 134bbd80c28SJacques Vidrine.Fa "gss_OID_set * oid_set" 135bbd80c28SJacques Vidrine.Fc 136bbd80c28SJacques Vidrine.Ft OM_uint32 137bbd80c28SJacques Vidrine.Fo gss_canonicalize_name 138bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 139bbd80c28SJacques Vidrine.Fa "const gss_name_t input_name" 140bbd80c28SJacques Vidrine.Fa "const gss_OID mech_type" 141bbd80c28SJacques Vidrine.Fa "gss_name_t * output_name" 142bbd80c28SJacques Vidrine.Fc 143bbd80c28SJacques Vidrine.Ft OM_uint32 144bbd80c28SJacques Vidrine.Fo gss_compare_name 145bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 146bbd80c28SJacques Vidrine.Fa "const gss_name_t name1" 147bbd80c28SJacques Vidrine.Fa "const gss_name_t name2" 148bbd80c28SJacques Vidrine.Fa "int * name_equal" 149bbd80c28SJacques Vidrine.Fc 150bbd80c28SJacques Vidrine.Ft OM_uint32 151bbd80c28SJacques Vidrine.Fo gss_context_time 152bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 153bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 154bbd80c28SJacques Vidrine.Fa "OM_uint32 * time_rec" 155bbd80c28SJacques Vidrine.Fc 156bbd80c28SJacques Vidrine.Ft OM_uint32 157bbd80c28SJacques Vidrine.Fo gss_create_empty_oid_set 158bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 159bbd80c28SJacques Vidrine.Fa "gss_OID_set * oid_set" 160bbd80c28SJacques Vidrine.Fc 161bbd80c28SJacques Vidrine.Ft OM_uint32 162bbd80c28SJacques Vidrine.Fo gss_delete_sec_context 163bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 164bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t * context_handle" 165bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_token" 166bbd80c28SJacques Vidrine.Fc 167bbd80c28SJacques Vidrine.Ft OM_uint32 168bbd80c28SJacques Vidrine.Fo gss_display_name 169bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 170bbd80c28SJacques Vidrine.Fa "const gss_name_t input_name" 171bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_name_buffer" 172bbd80c28SJacques Vidrine.Fa "gss_OID * output_name_type" 173bbd80c28SJacques Vidrine.Fc 174bbd80c28SJacques Vidrine.Ft OM_uint32 175bbd80c28SJacques Vidrine.Fo gss_display_status 176bbd80c28SJacques Vidrine.Fa "OM_uint32 *minor_status" 177bbd80c28SJacques Vidrine.Fa "OM_uint32 status_value" 178bbd80c28SJacques Vidrine.Fa "int status_type" 179bbd80c28SJacques Vidrine.Fa "const gss_OID mech_type" 180bbd80c28SJacques Vidrine.Fa "OM_uint32 *message_context" 181bbd80c28SJacques Vidrine.Fa "gss_buffer_t status_string" 182bbd80c28SJacques Vidrine.Fc 183bbd80c28SJacques Vidrine.Ft OM_uint32 184bbd80c28SJacques Vidrine.Fo gss_duplicate_name 185bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 186bbd80c28SJacques Vidrine.Fa "const gss_name_t src_name" 187bbd80c28SJacques Vidrine.Fa "gss_name_t * dest_name" 188bbd80c28SJacques Vidrine.Fc 189bbd80c28SJacques Vidrine.Ft OM_uint32 190bbd80c28SJacques Vidrine.Fo gss_export_name 191bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 192bbd80c28SJacques Vidrine.Fa "const gss_name_t input_name" 193bbd80c28SJacques Vidrine.Fa "gss_buffer_t exported_name" 194bbd80c28SJacques Vidrine.Fc 195bbd80c28SJacques Vidrine.Ft OM_uint32 196bbd80c28SJacques Vidrine.Fo gss_export_sec_context 197bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 198bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t * context_handle" 199bbd80c28SJacques Vidrine.Fa "gss_buffer_t interprocess_token" 200bbd80c28SJacques Vidrine.Fc 201bbd80c28SJacques Vidrine.Ft OM_uint32 202bbd80c28SJacques Vidrine.Fo gss_get_mic 203bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 204bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 205bbd80c28SJacques Vidrine.Fa "gss_qop_t qop_req" 206bbd80c28SJacques Vidrine.Fa "const gss_buffer_t message_buffer" 207bbd80c28SJacques Vidrine.Fa "gss_buffer_t message_token" 208bbd80c28SJacques Vidrine.Fc 209bbd80c28SJacques Vidrine.Ft OM_uint32 210bbd80c28SJacques Vidrine.Fo gss_import_name 211c19800e8SDoug Rabson.Fa "OM_uint32 * minor_status" 212bbd80c28SJacques Vidrine.Fa "const gss_buffer_t input_name_buffer" 213bbd80c28SJacques Vidrine.Fa "const gss_OID input_name_type" 214bbd80c28SJacques Vidrine.Fa "gss_name_t * output_name" 215bbd80c28SJacques Vidrine.Fc 216bbd80c28SJacques Vidrine.Ft OM_uint32 217bbd80c28SJacques Vidrine.Fo gss_import_sec_context 218bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 219bbd80c28SJacques Vidrine.Fa "const gss_buffer_t interprocess_token" 220bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t * context_handle" 221bbd80c28SJacques Vidrine.Fc 222bbd80c28SJacques Vidrine.Ft OM_uint32 223bbd80c28SJacques Vidrine.Fo gss_indicate_mechs 224bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 225bbd80c28SJacques Vidrine.Fa "gss_OID_set * mech_set" 226bbd80c28SJacques Vidrine.Fc 227bbd80c28SJacques Vidrine.Ft OM_uint32 228bbd80c28SJacques Vidrine.Fo gss_init_sec_context 229bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 230bbd80c28SJacques Vidrine.Fa "const gss_cred_id_t initiator_cred_handle" 231bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t * context_handle" 232bbd80c28SJacques Vidrine.Fa "const gss_name_t target_name" 233bbd80c28SJacques Vidrine.Fa "const gss_OID mech_type" 234bbd80c28SJacques Vidrine.Fa "OM_uint32 req_flags" 235bbd80c28SJacques Vidrine.Fa "OM_uint32 time_req" 236bbd80c28SJacques Vidrine.Fa "const gss_channel_bindings_t input_chan_bindings" 237bbd80c28SJacques Vidrine.Fa "const gss_buffer_t input_token" 238bbd80c28SJacques Vidrine.Fa "gss_OID * actual_mech_type" 239bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_token" 240bbd80c28SJacques Vidrine.Fa "OM_uint32 * ret_flags" 241bbd80c28SJacques Vidrine.Fa "OM_uint32 * time_rec" 242bbd80c28SJacques Vidrine.Fc 243bbd80c28SJacques Vidrine.Ft OM_uint32 244bbd80c28SJacques Vidrine.Fo gss_inquire_context 245bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 246bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 247bbd80c28SJacques Vidrine.Fa "gss_name_t * src_name" 248bbd80c28SJacques Vidrine.Fa "gss_name_t * targ_name" 249bbd80c28SJacques Vidrine.Fa "OM_uint32 * lifetime_rec" 250bbd80c28SJacques Vidrine.Fa "gss_OID * mech_type" 251bbd80c28SJacques Vidrine.Fa "OM_uint32 * ctx_flags" 252bbd80c28SJacques Vidrine.Fa "int * locally_initiated" 253bbd80c28SJacques Vidrine.Fa "int * open_context" 254bbd80c28SJacques Vidrine.Fc 255bbd80c28SJacques Vidrine.Ft OM_uint32 256bbd80c28SJacques Vidrine.Fo gss_inquire_cred 257bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 258bbd80c28SJacques Vidrine.Fa "const gss_cred_id_t cred_handle" 259bbd80c28SJacques Vidrine.Fa "gss_name_t * name" 260bbd80c28SJacques Vidrine.Fa "OM_uint32 * lifetime" 261bbd80c28SJacques Vidrine.Fa "gss_cred_usage_t * cred_usage" 262bbd80c28SJacques Vidrine.Fa "gss_OID_set * mechanisms" 263bbd80c28SJacques Vidrine.Fc 264bbd80c28SJacques Vidrine.Ft OM_uint32 265bbd80c28SJacques Vidrine.Fo gss_inquire_cred_by_mech 266c19800e8SDoug Rabson.Fa "OM_uint32 * minor_status" 267c19800e8SDoug Rabson.Fa "const gss_cred_id_t cred_handle" 268c19800e8SDoug Rabson.Fa "const gss_OID mech_type" 269c19800e8SDoug Rabson.Fa "gss_name_t * name" 270c19800e8SDoug Rabson.Fa "OM_uint32 * initiator_lifetime" 271c19800e8SDoug Rabson.Fa "OM_uint32 * acceptor_lifetime" 272c19800e8SDoug Rabson.Fa "gss_cred_usage_t * cred_usage" 273bbd80c28SJacques Vidrine.Fc 274bbd80c28SJacques Vidrine.Ft OM_uint32 275bbd80c28SJacques Vidrine.Fo gss_inquire_mechs_for_name 276c19800e8SDoug Rabson.Fa "OM_uint32 * minor_status" 277c19800e8SDoug Rabson.Fa "const gss_name_t input_name" 278c19800e8SDoug Rabson.Fa "gss_OID_set * mech_types" 279bbd80c28SJacques Vidrine.Fc 280bbd80c28SJacques Vidrine.Ft OM_uint32 281bbd80c28SJacques Vidrine.Fo gss_inquire_names_for_mech 282c19800e8SDoug Rabson.Fa "OM_uint32 * minor_status" 283c19800e8SDoug Rabson.Fa "const gss_OID mechanism" 284c19800e8SDoug Rabson.Fa "gss_OID_set * name_types" 285c19800e8SDoug Rabson.Fc 286c19800e8SDoug Rabson.Ft OM_uint32 287c19800e8SDoug Rabson.Fo gss_krb5_ccache_name 288c19800e8SDoug Rabson.Fa "OM_uint32 *minor" 289c19800e8SDoug Rabson.Fa "const char *name" 290c19800e8SDoug Rabson.Fa "const char **old_name" 291bbd80c28SJacques Vidrine.Fc 292bbd80c28SJacques Vidrine.Ft OM_uint32 293bbd80c28SJacques Vidrine.Fo gss_krb5_copy_ccache 294bbd80c28SJacques Vidrine.Fa "OM_uint32 *minor" 295bbd80c28SJacques Vidrine.Fa "gss_cred_id_t cred" 296bbd80c28SJacques Vidrine.Fa "krb5_ccache out" 297bbd80c28SJacques Vidrine.Fc 298bbd80c28SJacques Vidrine.Ft OM_uint32 299c19800e8SDoug Rabson.Fo gss_krb5_import_cred 300c19800e8SDoug Rabson.Fa "OM_uint32 *minor_status" 301c19800e8SDoug Rabson.Fa "krb5_ccache id" 302c19800e8SDoug Rabson.Fa "krb5_principal keytab_principal" 303c19800e8SDoug Rabson.Fa "krb5_keytab keytab" 304c19800e8SDoug Rabson.Fa "gss_cred_id_t *cred" 305c19800e8SDoug Rabson.Fc 306c19800e8SDoug Rabson.Ft OM_uint32 307bbd80c28SJacques Vidrine.Fo gss_krb5_compat_des3_mic 308bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 309bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t context_handle" 310bbd80c28SJacques Vidrine.Fa "int onoff" 311bbd80c28SJacques Vidrine.Fc 312bbd80c28SJacques Vidrine.Ft OM_uint32 313c19800e8SDoug Rabson.Fo gsskrb5_extract_authz_data_from_sec_context 314c19800e8SDoug Rabson.Fa "OM_uint32 *minor_status" 315c19800e8SDoug Rabson.Fa "gss_ctx_id_t context_handle" 316c19800e8SDoug Rabson.Fa "int ad_type" 317c19800e8SDoug Rabson.Fa "gss_buffer_t ad_data" 318c19800e8SDoug Rabson.Fc 319c19800e8SDoug Rabson.Ft OM_uint32 320c19800e8SDoug Rabson.Fo gsskrb5_register_acceptor_identity 321c19800e8SDoug Rabson.Fa "const char *identity" 322c19800e8SDoug Rabson.Fc 323c19800e8SDoug Rabson.Ft OM_uint32 324c19800e8SDoug Rabson.Fo gss_krb5_import_cache 325c19800e8SDoug Rabson.Fa "OM_uint32 *minor" 326c19800e8SDoug Rabson.Fa "krb5_ccache id" 327c19800e8SDoug Rabson.Fa "krb5_keytab keytab" 328c19800e8SDoug Rabson.Fa "gss_cred_id_t *cred" 329c19800e8SDoug Rabson.Fc 330c19800e8SDoug Rabson.Ft OM_uint32 331c19800e8SDoug Rabson.Fo gss_krb5_get_tkt_flags 332c19800e8SDoug Rabson.Fa "OM_uint32 *minor_status" 333c19800e8SDoug Rabson.Fa "gss_ctx_id_t context_handle" 334c19800e8SDoug Rabson.Fa "OM_uint32 *tkt_flags" 335c19800e8SDoug Rabson.Fc 336c19800e8SDoug Rabson.Ft OM_uint32 337bbd80c28SJacques Vidrine.Fo gss_process_context_token 338c19800e8SDoug Rabson.Fa "OM_uint32 * minor_status" 339c19800e8SDoug Rabson.Fa "const gss_ctx_id_t context_handle" 340c19800e8SDoug Rabson.Fa "const gss_buffer_t token_buffer" 341bbd80c28SJacques Vidrine.Fc 342bbd80c28SJacques Vidrine.Ft OM_uint32 343bbd80c28SJacques Vidrine.Fo gss_release_buffer 344bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 345bbd80c28SJacques Vidrine.Fa "gss_buffer_t buffer" 346bbd80c28SJacques Vidrine.Fc 347bbd80c28SJacques Vidrine.Ft OM_uint32 348bbd80c28SJacques Vidrine.Fo gss_release_cred 349bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 350bbd80c28SJacques Vidrine.Fa "gss_cred_id_t * cred_handle" 351bbd80c28SJacques Vidrine.Fc 352bbd80c28SJacques Vidrine.Ft OM_uint32 353bbd80c28SJacques Vidrine.Fo gss_release_name 354bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 355bbd80c28SJacques Vidrine.Fa "gss_name_t * input_name" 356bbd80c28SJacques Vidrine.Fc 357c19800e8SDoug Rabson.Ft OM_uint32 358bbd80c28SJacques Vidrine.Fo gss_release_oid_set 359bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 360bbd80c28SJacques Vidrine.Fa "gss_OID_set * set" 361bbd80c28SJacques Vidrine.Fc 362bbd80c28SJacques Vidrine.Ft OM_uint32 363bbd80c28SJacques Vidrine.Fo gss_seal 364bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 365bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t context_handle" 366bbd80c28SJacques Vidrine.Fa "int conf_req_flag" 367bbd80c28SJacques Vidrine.Fa "int qop_req" 368bbd80c28SJacques Vidrine.Fa "gss_buffer_t input_message_buffer" 369bbd80c28SJacques Vidrine.Fa "int * conf_state" 370bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_message_buffer" 371bbd80c28SJacques Vidrine.Fc 372bbd80c28SJacques Vidrine.Ft OM_uint32 373bbd80c28SJacques Vidrine.Fo gss_sign 374bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 375bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t context_handle" 376bbd80c28SJacques Vidrine.Fa "int qop_req" 377bbd80c28SJacques Vidrine.Fa "gss_buffer_t message_buffer" 378bbd80c28SJacques Vidrine.Fa "gss_buffer_t message_token" 379bbd80c28SJacques Vidrine.Fc 380bbd80c28SJacques Vidrine.Ft OM_uint32 381bbd80c28SJacques Vidrine.Fo gss_test_oid_set_member 382bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 383bbd80c28SJacques Vidrine.Fa "const gss_OID member" 384bbd80c28SJacques Vidrine.Fa "const gss_OID_set set" 385bbd80c28SJacques Vidrine.Fa "int * present" 386bbd80c28SJacques Vidrine.Fc 387bbd80c28SJacques Vidrine.Ft OM_uint32 388bbd80c28SJacques Vidrine.Fo gss_unseal 389bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 390bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t context_handle" 391bbd80c28SJacques Vidrine.Fa "gss_buffer_t input_message_buffer" 392bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_message_buffer" 393bbd80c28SJacques Vidrine.Fa "int * conf_state" 394bbd80c28SJacques Vidrine.Fa "int * qop_state" 395bbd80c28SJacques Vidrine.Fc 396bbd80c28SJacques Vidrine.Ft OM_uint32 397bbd80c28SJacques Vidrine.Fo gss_unwrap 398bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 399bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 400bbd80c28SJacques Vidrine.Fa "const gss_buffer_t input_message_buffer" 401bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_message_buffer" 402bbd80c28SJacques Vidrine.Fa "int * conf_state" 403bbd80c28SJacques Vidrine.Fa "gss_qop_t * qop_state" 404bbd80c28SJacques Vidrine.Fc 405bbd80c28SJacques Vidrine.Ft OM_uint32 406bbd80c28SJacques Vidrine.Fo gss_verify 407bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 408bbd80c28SJacques Vidrine.Fa "gss_ctx_id_t context_handle" 409bbd80c28SJacques Vidrine.Fa "gss_buffer_t message_buffer" 410bbd80c28SJacques Vidrine.Fa "gss_buffer_t token_buffer" 411bbd80c28SJacques Vidrine.Fa "int * qop_state" 412bbd80c28SJacques Vidrine.Fc 413bbd80c28SJacques Vidrine.Ft OM_uint32 414bbd80c28SJacques Vidrine.Fo gss_verify_mic 415bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 416bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 417bbd80c28SJacques Vidrine.Fa "const gss_buffer_t message_buffer" 418bbd80c28SJacques Vidrine.Fa "const gss_buffer_t token_buffer" 419bbd80c28SJacques Vidrine.Fa "gss_qop_t * qop_state" 420bbd80c28SJacques Vidrine.Fc 421c19800e8SDoug Rabson.Ft OM_uint32 422bbd80c28SJacques Vidrine.Fo gss_wrap 423bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 424bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 425bbd80c28SJacques Vidrine.Fa "int conf_req_flag" 426bbd80c28SJacques Vidrine.Fa "gss_qop_t qop_req" 427bbd80c28SJacques Vidrine.Fa "const gss_buffer_t input_message_buffer" 428bbd80c28SJacques Vidrine.Fa "int * conf_state" 429bbd80c28SJacques Vidrine.Fa "gss_buffer_t output_message_buffer" 430bbd80c28SJacques Vidrine.Fc 431bbd80c28SJacques Vidrine.Ft OM_uint32 432bbd80c28SJacques Vidrine.Fo gss_wrap_size_limit 433bbd80c28SJacques Vidrine.Fa "OM_uint32 * minor_status" 434bbd80c28SJacques Vidrine.Fa "const gss_ctx_id_t context_handle" 435bbd80c28SJacques Vidrine.Fa "int conf_req_flag" 436bbd80c28SJacques Vidrine.Fa "gss_qop_t qop_req" 437bbd80c28SJacques Vidrine.Fa "OM_uint32 req_output_size" 438bbd80c28SJacques Vidrine.Fa "OM_uint32 * max_input_size" 439bbd80c28SJacques Vidrine.Fc 440bbd80c28SJacques Vidrine.Sh DESCRIPTION 441bbd80c28SJacques VidrineGeneric Security Service API (GSS-API) version 2, and its C binding, 442bbd80c28SJacques Vidrineis described in 443bbd80c28SJacques Vidrine.Li RFC2743 444bbd80c28SJacques Vidrineand 445bbd80c28SJacques Vidrine.Li RFC2744 . 446bbd80c28SJacques VidrineVersion 1 (deprecated) of the C binding is described in 447bbd80c28SJacques Vidrine.Li RFC1509 . 448bbd80c28SJacques Vidrine.Pp 449bbd80c28SJacques VidrineHeimdals GSS-API implementation supports the following mechanisms 450bbd80c28SJacques Vidrine.Bl -bullet 451bbd80c28SJacques Vidrine.It 452bbd80c28SJacques Vidrine.Li GSS_KRB5_MECHANISM 453c19800e8SDoug Rabson.It 454c19800e8SDoug Rabson.Li GSS_SPNEGO_MECHANISM 455bbd80c28SJacques Vidrine.El 456bbd80c28SJacques Vidrine.Pp 457bbd80c28SJacques VidrineGSS-API have generic name types that all mechanism are supposed to 458c19800e8SDoug Rabsonimplement (if possible): 459bbd80c28SJacques Vidrine.Bl -bullet 460bbd80c28SJacques Vidrine.It 461bbd80c28SJacques Vidrine.Li GSS_C_NT_USER_NAME 462bbd80c28SJacques Vidrine.It 463bbd80c28SJacques Vidrine.Li GSS_C_NT_MACHINE_UID_NAME 464bbd80c28SJacques Vidrine.It 465bbd80c28SJacques Vidrine.Li GSS_C_NT_STRING_UID_NAME 466bbd80c28SJacques Vidrine.It 467bbd80c28SJacques Vidrine.Li GSS_C_NT_HOSTBASED_SERVICE 468bbd80c28SJacques Vidrine.It 469bbd80c28SJacques Vidrine.Li GSS_C_NT_ANONYMOUS 470bbd80c28SJacques Vidrine.It 471bbd80c28SJacques Vidrine.Li GSS_C_NT_EXPORT_NAME 472bbd80c28SJacques Vidrine.El 473bbd80c28SJacques Vidrine.Pp 474bbd80c28SJacques VidrineGSS-API implementations that supports Kerberos 5 have some additional 475c19800e8SDoug Rabsonname types: 476bbd80c28SJacques Vidrine.Bl -bullet 477bbd80c28SJacques Vidrine.It 478bbd80c28SJacques Vidrine.Li GSS_KRB5_NT_PRINCIPAL_NAME 479bbd80c28SJacques Vidrine.It 480bbd80c28SJacques Vidrine.Li GSS_KRB5_NT_USER_NAME 481bbd80c28SJacques Vidrine.It 482bbd80c28SJacques Vidrine.Li GSS_KRB5_NT_MACHINE_UID_NAME 483bbd80c28SJacques Vidrine.It 484bbd80c28SJacques Vidrine.Li GSS_KRB5_NT_STRING_UID_NAME 485bbd80c28SJacques Vidrine.El 486bbd80c28SJacques Vidrine.Pp 487c19800e8SDoug RabsonIn GSS-API, names have two forms, internal names and contiguous string 488c19800e8SDoug Rabsonnames. 489c19800e8SDoug Rabson.Bl -bullet 490c19800e8SDoug Rabson.It 491c19800e8SDoug Rabson.Li Internal name and mechanism name 492c19800e8SDoug Rabson.Pp 493c19800e8SDoug RabsonInternal names are implementation specific representation of 494c19800e8SDoug Rabsona GSS-API name. 495c19800e8SDoug Rabson.Li Mechanism names 496c19800e8SDoug Rabsonspecial form of internal names corresponds to one and only one mechanism. 497c19800e8SDoug Rabson.Pp 498c19800e8SDoug RabsonIn GSS-API an internal name is stored in a 499c19800e8SDoug Rabson.Dv gss_name_t . 500c19800e8SDoug Rabson.It 501c19800e8SDoug Rabson.Li Contiguous string name and exported name 502c19800e8SDoug Rabson.Pp 503c19800e8SDoug RabsonContiguous string names are gssapi names stored in a 504c19800e8SDoug Rabson.Dv OCTET STRING 505c19800e8SDoug Rabsonthat together with a name type identifier (OID) uniquely specifies a 506c19800e8SDoug Rabsongss-name. 507c19800e8SDoug RabsonA special form of the contiguous string name is the exported name that 508c19800e8SDoug Rabsonhave a OID embedded in the string to make it unique. 509c19800e8SDoug RabsonExported name have the nametype 510c19800e8SDoug Rabson.Dv GSS_C_NT_EXPORT_NAME . 511c19800e8SDoug Rabson.Pp 512c19800e8SDoug RabsonIn GSS-API an contiguous string name is stored in a 513c19800e8SDoug Rabson.Dv gss_buffer_t . 514c19800e8SDoug Rabson.Pp 515c19800e8SDoug RabsonExported names also have the property that they are specified by the 516*ae771770SStanislav Sedovmechanism itself and compatible between different GSS-API 517c19800e8SDoug Rabsonimplementations. 518c19800e8SDoug Rabson.El 519c19800e8SDoug Rabson.Sh ACCESS CONTROL 520c19800e8SDoug RabsonThere are two ways of comparing GSS-API names, either comparing two 521c19800e8SDoug Rabsoninternal names with each other or two contiguous string names with 522c19800e8SDoug Rabsoneither other. 523c19800e8SDoug Rabson.Pp 524c19800e8SDoug RabsonTo compare two internal names with each other, import (if needed) the 525c19800e8SDoug Rabsonnames with 526c19800e8SDoug Rabson.Fn gss_import_name 527c19800e8SDoug Rabsoninto the GSS-API implementation and the compare the imported name with 528c19800e8SDoug Rabson.Fn gss_compare_name . 529c19800e8SDoug Rabson.Pp 530c19800e8SDoug RabsonImporting names can be slow, so when its possible to store exported 531c19800e8SDoug Rabsonnames in the access control list, comparing contiguous string name 532c19800e8SDoug Rabsonmight be better. 533c19800e8SDoug Rabson.Pp 534c19800e8SDoug Rabsonwhen comparing contiguous string name, first export them into a 535c19800e8SDoug Rabson.Dv GSS_C_NT_EXPORT_NAME 536c19800e8SDoug Rabsonname with 537c19800e8SDoug Rabson.Fn gss_export_name 538c19800e8SDoug Rabsonand then compare with 539c19800e8SDoug Rabson.Xr memcmp 3 . 540c19800e8SDoug Rabson.Pp 541c19800e8SDoug RabsonNote that there are might be a difference between the two methods of 542c19800e8SDoug Rabsoncomparing names. 543c19800e8SDoug RabsonThe first (using 544c19800e8SDoug Rabson.Fn gss_compare_name ) 545c19800e8SDoug Rabsonwill compare to (unauthenticated) names are the same. 546c19800e8SDoug RabsonThe second will compare if a mechanism will authenticate them as the 547c19800e8SDoug Rabsonsame principal. 548c19800e8SDoug Rabson.Pp 549c19800e8SDoug RabsonFor example, if 550c19800e8SDoug Rabson.Fn gss_import_name 551c19800e8SDoug Rabsonname was used with 552c19800e8SDoug Rabson.Dv GSS_C_NO_OID 553c19800e8SDoug Rabsonthe default syntax is used for all mechanism the GSS-API 554c19800e8SDoug Rabsonimplementation supports. 555c19800e8SDoug RabsonWhen compare the imported name of 556c19800e8SDoug Rabson.Dv GSS_C_NO_OID 557c19800e8SDoug Rabsonit may match serveral mechanism names (MN). 558c19800e8SDoug Rabson.Pp 559c19800e8SDoug RabsonThe resulting name from 560c19800e8SDoug Rabson.Fn gss_display_name 561c19800e8SDoug Rabsonmust not be used for acccess control. 562c19800e8SDoug Rabson.Sh FUNCTIONS 563bbd80c28SJacques Vidrine.Fn gss_display_name 564bbd80c28SJacques Vidrinetakes the gss name in 565bbd80c28SJacques Vidrine.Fa input_name 566c19800e8SDoug Rabsonand puts a printable form in 567bbd80c28SJacques Vidrine.Fa output_name_buffer . 568bbd80c28SJacques Vidrine.Fa output_name_buffer 569bbd80c28SJacques Vidrineshould be freed when done using 570bbd80c28SJacques Vidrine.Fn gss_release_buffer . 571bbd80c28SJacques Vidrine.Fa output_name_type 572bbd80c28SJacques Vidrinecan either be 573bbd80c28SJacques Vidrine.Dv NULL 574bbd80c28SJacques Vidrineor a pointer to a 575bbd80c28SJacques Vidrine.Li gss_OID 576c19800e8SDoug Rabsonand will in the latter case contain the OID type of the name. 577c19800e8SDoug RabsonThe name must only be used for printing. 578c19800e8SDoug RabsonIf access control is needed, see section 579c19800e8SDoug Rabson.Sx ACCESS CONTROL . 580c19800e8SDoug Rabson.Pp 581c19800e8SDoug Rabson.Fn gss_inquire_context 582c19800e8SDoug Rabsonreturns information about the context. 583c19800e8SDoug RabsonInformation is available even after the context have expired. 584c19800e8SDoug Rabson.Fa lifetime_rec 585c19800e8SDoug Rabsonargument is set to 586c19800e8SDoug Rabson.Dv GSS_C_INDEFINITE 587c19800e8SDoug Rabson(dont expire) or the number of seconds that the context is still valid. 588c19800e8SDoug RabsonA value of 0 means that the context is expired. 589c19800e8SDoug Rabson.Fa mech_type 590c19800e8SDoug Rabsonargument should be considered readonly and must not be released. 591c19800e8SDoug Rabson.Fa src_name 592c19800e8SDoug Rabsonand 593c19800e8SDoug Rabson.Fn dest_name 594c19800e8SDoug Rabsonare both mechanims names and must be released with 595c19800e8SDoug Rabson.Fn gss_release_name 596c19800e8SDoug Rabsonwhen no longer used. 597c19800e8SDoug Rabson.Pp 598c19800e8SDoug Rabson.Nm gss_context_time 599c19800e8SDoug Rabsonwill return the amount of time (in seconds) of the context is still 600c19800e8SDoug Rabsonvalid. 601c19800e8SDoug RabsonIf its expired 602c19800e8SDoug Rabson.Fa time_rec 603c19800e8SDoug Rabsonwill be set to 0 and 604c19800e8SDoug Rabson.Dv GSS_S_CONTEXT_EXPIRED 605c19800e8SDoug Rabsonreturned. 606bbd80c28SJacques Vidrine.Pp 607bbd80c28SJacques Vidrine.Fn gss_sign , 608bbd80c28SJacques Vidrine.Fn gss_verify , 609bbd80c28SJacques Vidrine.Fn gss_seal , 610bbd80c28SJacques Vidrineand 611bbd80c28SJacques Vidrine.Fn gss_unseal 612c19800e8SDoug Rabsonare part of the GSS-API V1 interface and are obsolete. 613c19800e8SDoug RabsonThe functions should not be used for new applications. 614bbd80c28SJacques VidrineThey are provided so that version 1 applications can link against the 615bbd80c28SJacques Vidrinelibrary. 616c19800e8SDoug Rabson.Sh EXTENSIONS 617c19800e8SDoug Rabson.Fn gss_krb5_ccache_name 618c19800e8SDoug Rabsonsets the internal kerberos 5 credential cache name to 619c19800e8SDoug Rabson.Fa name . 620c19800e8SDoug RabsonThe old name is returned in 621c19800e8SDoug Rabson.Fa old_name , 622c19800e8SDoug Rabsonand must not be freed. 623c19800e8SDoug RabsonThe data allocated for 624c19800e8SDoug Rabson.Fa old_name 625c19800e8SDoug Rabsonis free upon next call to 626c19800e8SDoug Rabson.Fn gss_krb5_ccache_name . 627c19800e8SDoug RabsonThis function is not threadsafe if 628c19800e8SDoug Rabson.Fa old_name 629c19800e8SDoug Rabsonargument is used. 630bbd80c28SJacques Vidrine.Pp 631bbd80c28SJacques Vidrine.Fn gss_krb5_copy_ccache 632c19800e8SDoug Rabsonwill extract the krb5 credentials that are transferred from the 633c19800e8SDoug Rabsoninitiator to the acceptor when using token delegation in the Kerberos 634c19800e8SDoug Rabsonmechanism. 635bbd80c28SJacques VidrineThe acceptor receives the delegated token in the last argument to 636bbd80c28SJacques Vidrine.Fn gss_accept_sec_context . 637bbd80c28SJacques Vidrine.Pp 638c19800e8SDoug Rabson.Fn gss_krb5_import_cred 639c19800e8SDoug Rabsonwill import the krb5 credentials (both keytab and/or credential cache) 640c19800e8SDoug Rabsoninto gss credential so it can be used withing GSS-API. 641c19800e8SDoug RabsonThe 642c19800e8SDoug Rabson.Fa ccache 643c19800e8SDoug Rabsonis copied by reference and thus shared, so if the credential is destroyed 644c19800e8SDoug Rabsonwith 645c19800e8SDoug Rabson.Fa krb5_cc_destroy , 646c19800e8SDoug Rabsonall users of thep 647c19800e8SDoug Rabson.Fa gss_cred_id_t 648c19800e8SDoug Rabsonreturned by 649c19800e8SDoug Rabson.Fn gss_krb5_import_ccache 650c19800e8SDoug Rabsonwill fail. 651c19800e8SDoug Rabson.Pp 652c19800e8SDoug Rabson.Fn gsskrb5_register_acceptor_identity 653c19800e8SDoug Rabsonsets the Kerberos 5 filebased keytab that the acceptor will use. The 654c19800e8SDoug Rabson.Fa identifier 655c19800e8SDoug Rabsonis the file name. 656c19800e8SDoug Rabson.Pp 657c19800e8SDoug Rabson.Fn gsskrb5_extract_authz_data_from_sec_context 658c19800e8SDoug Rabsonextracts the Kerberos authorizationdata that may be stored within the 659c19800e8SDoug Rabsoncontext. 660c19800e8SDoug RabsonTha caller must free the returned buffer 661c19800e8SDoug Rabson.Fa ad_data 662c19800e8SDoug Rabsonwith 663c19800e8SDoug Rabson.Fn gss_release_buffer 664c19800e8SDoug Rabsonupon success. 665c19800e8SDoug Rabson.Pp 666c19800e8SDoug Rabson.Fn gss_krb5_get_tkt_flags 667c19800e8SDoug Rabsonreturn the ticket flags for the kerberos ticket receive when 668c19800e8SDoug Rabsonauthenticating the initiator. 669c19800e8SDoug RabsonOnly valid on the acceptor context. 670c19800e8SDoug Rabson.Pp 671c19800e8SDoug Rabson.Fn gss_krb5_compat_des3_mic 672c19800e8SDoug Rabsonturns on or off the compatibility with older version of Heimdal using 673bbd80c28SJacques Vidrinedes3 get and verify mic, this is way to programmatically set the 674bbd80c28SJacques Vidrine[gssapi]broken_des3_mic and [gssapi]correct_des3_mic flags (see 675bbd80c28SJacques VidrineCOMPATIBILITY section in 676bbd80c28SJacques Vidrine.Xr gssapi 3 ) . 677bbd80c28SJacques VidrineIf the CPP symbol 678bbd80c28SJacques Vidrine.Dv GSS_C_KRB5_COMPAT_DES3_MIC 679bbd80c28SJacques Vidrineis present, 680c19800e8SDoug Rabson.Fn gss_krb5_compat_des3_mic 681bbd80c28SJacques Vidrineexists. 682c19800e8SDoug Rabson.Fn gss_krb5_compat_des3_mic 683bbd80c28SJacques Vidrinewill be removed in a later version of the GSS-API library. 684bbd80c28SJacques Vidrine.Sh SEE ALSO 685c19800e8SDoug Rabson.Xr gssapi 3 , 686bbd80c28SJacques Vidrine.Xr krb5 3 , 687bbd80c28SJacques Vidrine.Xr krb5_ccache 3 , 688bbd80c28SJacques Vidrine.Xr kerberos 8 689