1.\" $NetBSD: krb5_check_transited.3,v 1.1.1.3 2014/04/24 12:45:50 pettai Exp $ 2.\" 3.\" Copyright (c) 2004, 2006 Kungliga Tekniska Högskolan 4.\" (Royal Institute of Technology, Stockholm, Sweden). 5.\" All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 11.\" 1. Redistributions of source code must retain the above copyright 12.\" notice, this list of conditions and the following disclaimer. 13.\" 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 18.\" 3. Neither the name of the Institute nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" Id 35.\" 36.Dd May 1, 2006 37.Dt KRB5_CHECK_TRANSITED 3 38.Os 39.Sh NAME 40.Nm krb5_check_transited , 41.Nm krb5_check_transited_realms , 42.Nm krb5_domain_x500_decode , 43.Nm krb5_domain_x500_encode 44.Nd realm transit verification and encoding/decoding functions 45.Sh LIBRARY 46Kerberos 5 Library (libkrb5, -lkrb5) 47.Sh SYNOPSIS 48.In krb5/krb5.h 49.Ft krb5_error_code 50.Fo krb5_check_transited 51.Fa "krb5_context context" 52.Fa "krb5_const_realm client_realm" 53.Fa "krb5_const_realm server_realm" 54.Fa "krb5_realm *realms" 55.Fa "int num_realms" 56.Fa "int *bad_realm" 57.Fc 58.Ft krb5_error_code 59.Fo krb5_check_transited_realms 60.Fa "krb5_context context" 61.Fa "const char *const *realms" 62.Fa "int num_realms" 63.Fa "int *bad_realm" 64.Fc 65.Ft krb5_error_code 66.Fo krb5_domain_x500_decode 67.Fa "krb5_context context" 68.Fa "krb5_data tr" 69.Fa "char ***realms" 70.Fa "int *num_realms" 71.Fa "const char *client_realm" 72.Fa "const char *server_realm" 73.Fc 74.Ft krb5_error_code 75.Fo krb5_domain_x500_encode 76.Fa "char **realms" 77.Fa "int num_realms" 78.Fa "krb5_data *encoding" 79.Fc 80.Sh DESCRIPTION 81.Fn krb5_check_transited 82checks the path from 83.Fa client_realm 84to 85.Fa server_realm 86where 87.Fa realms 88and 89.Fa num_realms 90is the realms between them. 91If the function returns an error value, 92.Fa bad_realm 93will be set to the realm in the list causing the error. 94.Fn krb5_check_transited 95is used internally by the KDC and libkrb5 and should not be called by 96client applications. 97.Pp 98.Fn krb5_check_transited_realms 99is deprecated. 100.Pp 101.Fn krb5_domain_x500_encode 102and 103.Fn krb5_domain_x500_decode 104encodes and decodes the realm names in the X500 format that Kerberos 105uses to describe the transited realms in krbtgts. 106.Sh SEE ALSO 107.Xr krb5 3 , 108.Xr krb5.conf 5 109