144 lines
4.2 KiB
Groff
144 lines
4.2 KiB
Groff
.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan
|
|
.\" (Royal Institute of Technology, Stockholm, Sweden).
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\"
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\"
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\"
|
|
.\" 3. Neither the name of the Institute nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" $Id: krb5_set_password.3 14052 2004-07-15 14:39:06Z lha $
|
|
.\"
|
|
.Dd July 15, 2004
|
|
.Dt KRB5_SET_PASSWORD 3
|
|
.Os HEIMDAL
|
|
.Sh NAME
|
|
.Nm krb5_change_password ,
|
|
.Nm krb5_set_password ,
|
|
.Nm krb5_set_password_using_ccache ,
|
|
.Nm krb5_passwd_result_to_string
|
|
.Nd change password functions
|
|
.Sh LIBRARY
|
|
Kerberos 5 Library (libkrb5, -lkrb5)
|
|
.Sh SYNOPSIS
|
|
.In krb5.h
|
|
.Ft krb5_error_code
|
|
.Fo krb5_change_password
|
|
.Fa "krb5_context context"
|
|
.Fa "krb5_creds *creds"
|
|
.Fa "char *newpw"
|
|
.Fa "int *result_code"
|
|
.Fa "krb5_data *result_code_string"
|
|
.Fa "krb5_data *result_string"
|
|
.Fc
|
|
.Ft krb5_error_code
|
|
.Fo krb5_set_password
|
|
.Fa "krb5_context context"
|
|
.Fa "krb5_creds *creds"
|
|
.Fa "char *newpw"
|
|
.Fa "krb5_principal targprinc"
|
|
.Fa "int *result_code"
|
|
.Fa "krb5_data *result_code_string"
|
|
.Fa "krb5_data *result_string"
|
|
.Fc
|
|
.Ft krb5_error_code
|
|
.Fo krb5_set_password_using_ccache
|
|
.Fa "krb5_context context"
|
|
.Fa "krb5_ccache ccache"
|
|
.Fa "char *newpw"
|
|
.Fa "krb5_principal targprinc"
|
|
.Fa "int *result_code"
|
|
.Fa "krb5_data *result_code_string"
|
|
.Fa "krb5_data *result_string"
|
|
.Fc
|
|
.Ft "const char *"
|
|
.Fo krb5_passwd_result_to_string
|
|
.Fa "krb5_context context"
|
|
.Fa "int result"
|
|
.Fc
|
|
.Sh DESCRIPTION
|
|
These functions change the password for a given principal.
|
|
.Pp
|
|
.Fn krb5_set_password
|
|
and
|
|
.Fn krb5_set_password_using_ccache
|
|
are the newer of the three functions, and use a newer version of the
|
|
protocol (and also fall back to the older set-password protocol if the
|
|
newer protocol doesn't work).
|
|
.Pp
|
|
.Fn krb5_change_password
|
|
sets the password
|
|
.Fa newpasswd
|
|
for the client principal in
|
|
.Fa creds .
|
|
The server principal of creds must be
|
|
.Li kadmin/changepw .
|
|
.Pp
|
|
.Fn krb5_set_password
|
|
and
|
|
.Fn krb5_set_password_using_ccache
|
|
change the password for the principal
|
|
.Fa targprinc .
|
|
.Pp
|
|
.Fn krb5_set_password
|
|
requires that the credential for
|
|
.Li kadmin/changepw@REALM
|
|
is in
|
|
.Fa creds .
|
|
If the user caller isn't an administrator, this credential
|
|
needs to be an initial credential, see
|
|
.Xr krb5_get_init_creds 3
|
|
how to get such credentials.
|
|
.Pp
|
|
.Fn krb5_set_password_using_ccache
|
|
will get the credential from
|
|
.Fa ccache .
|
|
.Pp
|
|
If
|
|
.Fa targprinc
|
|
is
|
|
.Dv NULL ,
|
|
.Fn krb5_set_password_using_ccache
|
|
uses the the default principal in
|
|
.Fa ccache
|
|
and
|
|
.Fn krb5_set_password
|
|
uses the global the default principal.
|
|
.Pp
|
|
All three functions return an error in
|
|
.Fa result_code
|
|
and maybe an error string to print in
|
|
.Fa result_string .
|
|
.Pp
|
|
.Fn krb5_passwd_result_to_string
|
|
returns an human readable string describing the error code in
|
|
.Fa result_code
|
|
from the
|
|
.Fn krb5_set_password
|
|
functions.
|
|
.Sh SEE ALSO
|
|
.Xr krb5_ccache 3 ,
|
|
.Xr krb5_init_context 3
|