Difference between revisions of "Projects/Documentation Tasks"
From K5Wiki
< Projects
m (removed duplicate line) |
m (→Administration) |
||
| (50 intermediate revisions by 5 users not shown) | |||
| Line 5: | Line 5: | ||
To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc. |
To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc. |
||
| − | |||
| − | |||
| − | {| class="wikitable" |
||
| − | |+ Matrix of Document-Type VS Intended Readership |
||
| − | |- |
||
| − | ! Doc-type/Reader |
||
| − | ! Architectural Guide |
||
| − | ! Setup & Config of Kerberos |
||
| − | ! Admin & Operations of Kerberos |
||
| − | ! Custom Build |
||
| − | ! API Description |
||
| − | ! API Details |
||
| − | |- |
||
| − | |- |
||
| − | | End-users || || || || || || |
||
| − | |- |
||
| − | | Architects || || || || || || |
||
| − | |- |
||
| − | |System Admins || || || || || || |
||
| − | |- |
||
| − | |Application Developers || || || || || || |
||
| − | |- |
||
| − | |GSSAPI Developers || || || || || || |
||
| − | |- |
||
| − | |Kerberos Developers || || || || || || |
||
| − | |} |
||
| Line 39: | Line 13: | ||
|- |
|- |
||
! task |
! task |
||
| − | ! who writes? |
||
| + | ! Proposed Author |
||
| − | ! who reviews? |
||
| + | ! Target Date |
||
| − | ! reviewed? |
||
| + | ! Reviewer |
||
| − | ! comments |
||
| + | ! Reviewer Comments |
||
|- |
|- |
||
|- |
|- |
||
| Line 60: | Line 34: | ||
|- |
|- |
||
| <ul><li> How to write mechanism-independent GSS-API code</ul>|| || || || |
| <ul><li> How to write mechanism-independent GSS-API code</ul>|| || || || |
||
| − | |- |
||
| − | | <ul><li> Acceptor naming - How to get servers to use any key in a keytab</ul>|| GH|| || || |
||
|- |
|- |
||
| <ul><li> A guide to GSS-API naming as compared to Kerberos principal naming</ul>|| || || || |
| <ul><li> A guide to GSS-API naming as compared to Kerberos principal naming</ul>|| || || || |
||
| Line 67: | Line 39: | ||
| <ul><li> Using IAKERB</ul>|| || || || |
| <ul><li> Using IAKERB</ul>|| || || || |
||
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> Delegating credentials</ul>|| GH ||2012-10-01 || || |
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> Available extensions</ul>|| || || || |
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> Thread safety</ul>|| KR || || || |
|- |
|- |
||
| − | | <ul><li> Thread safety</ul>|| || || || |
||
| + | | <ul><li> Validating the flags set on the connection to ensure things like mutual authentication, confidentiality, integrity, replay protection, and sequence protection</ul>|| || || || |
||
|- |
|- |
||
| − | | |
+ | | Krb5 library guide|| || || || |
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> Kerberos prompter behavior</ul>|| || || || |
|- |
|- |
||
| − | | <ul><li>Overview of existing pluggable interfaces </ul>|| || || || |
||
| + | | <ul><li> An introduction to ticket caches and keytabs and their corresponding APIs </ul>|| KR || || || under review |
||
|- |
|- |
||
| − | | |
+ | | <ul><li> An advanced guide to the pre-auth mechanisms, FAST</ul>|| || || || |
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> An advanced guide to the principal manipulation and parsing</ul>|| TY || TBD || || |
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> Thread safety</ul>|| KR || || || |
|- |
|- |
||
| − | | <ul><li> An advanced guide to the pre-auth mechanisms, FAST</ul>|| || || || |
||
| + | | <ul><li> Password change including the automatic internal support for password change on expired passwords if a prompter is provided</ul>|| || || || |
||
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> krb5_appdefault_* functions and their alternatives </ul>|| || || || |
|- |
|- |
||
| − | | <ul><li> Thread safety</ul>|| || || || |
||
| + | |} |
||
| + | |||
| + | {| class="wikitable" |
||
| + | |+ |
||
| + | |- |
||
| + | ! Completed task |
||
| + | ! Author |
||
| + | ! Date |
||
| + | ! Reviewer |
||
| + | ! Reviewer Comments |
||
| + | |- |
||
| + | | Choosing security API|| || || || |
||
| + | |- |
||
| + | | <ul><li> Acceptor naming - How to get servers to use any key in a keytab</ul>|| GH||2012-03-01|| || |
||
| + | |- |
||
| + | | <ul><li> Anonymous credentials</ul> || GH || 2012-10-01 || || |
||
| + | |- |
||
| + | | Developing plugins|| GH ||2012-03-08|| || |
||
| + | |- |
||
| + | | <ul><li> A guide to developing plugins </ul>|| || || || |
||
| + | |- |
||
| + | | <ul><li>Overview of existing pluggable interfaces </ul>|| || ||ZT reviewed profile plugin || |
||
| + | |- |
||
| + | | A more advanced introduction to using the Kerberos libraries for initial authentication, focusing on the authentication steps, validating initial credential|| TY || 2012-04-27 || || |
||
| + | |- |
||
| + | | MIT Kerberos features : quick facts || ZT || ongoing || || |
||
|- |
|- |
||
| − | | |
+ | | How to build Kerberos from source || ZT || || || |
|- |
|- |
||
|} |
|} |
||
| − | |||
== Administration == |
== Administration == |
||
| Line 104: | Line 100: | ||
|- |
|- |
||
! task |
! task |
||
| − | ! who writes? |
||
| + | ! Proposed Author |
||
| − | ! who reviews? |
||
| + | ! Target Date |
||
| − | ! reviewed? |
||
| + | ! Reviewer |
||
| − | ! comments |
||
| + | ! Reviewer Comments |
||
|- |
|- |
||
| + | | Introduction to Kerberos system || || || || |
||
| + | |- |
||
| + | |<ul><li>Man page </ul>|| TH || 2012-08-15|| || in progress |
||
| + | |- |
||
| + | |<ul><li>General overview</ul>|| TH ||2012-08-15 || || |
||
| + | |- |
||
| + | |<ul><li>Intro for admins</ul>|| TH ||2012-08-15 || || |
||
| + | |- |
||
| + | |<ul><li>Technical overview</ul>|| TH ||2012-07-15 || ||in progress |
||
|- |
|- |
||
|Setting a new realm|| || || || |
|Setting a new realm|| || || || |
||
| Line 114: | Line 119: | ||
|<ul><li>Choosing backend: LDAP vs DB2</ul>|| || || || |
|<ul><li>Choosing backend: LDAP vs DB2</ul>|| || || || |
||
|- |
|- |
||
| − | |<ul><li> |
+ | |<ul><li> DNS configuration and SRV records - how they are used, in what order</ul>|| KR || || || |
| + | |- |
||
| + | | Choosing encryption types for principals|| TY|| 2012-12-14|| ||under review |
||
| + | |- |
||
| + | | Upgrading a Kerberos infrastructure (order, backward compatibility) || || || || |
||
|- |
|- |
||
| Integration Kerberos with Login System|| || || || |
| Integration Kerberos with Login System|| || || || |
||
| + | |- |
||
| + | | <ul><li> Difference between real Kerberos authentication, Kerberos password verification on the server side, and "LDAP authentication" in a Kerberos environment</ul>|| || || || |
||
|- |
|- |
||
| <ul><li> Validating Kerberos tickets</ul>|| || || || |
| <ul><li> Validating Kerberos tickets</ul>|| || || || |
||
| Line 122: | Line 129: | ||
| <ul><li> Clear text password over HTTPS </ul>|| || || || |
| <ul><li> Clear text password over HTTPS </ul>|| || || || |
||
|- |
|- |
||
| − | | <ul><li> Configuring with |
+ | | <ul><li> Configuring with pam_krb5 module</ul>|| || || || |
|- |
|- |
||
| <ul><li> Storing/locating keytab</ul>|| || || || |
| <ul><li> Storing/locating keytab</ul>|| || || || |
||
| Line 129: | Line 136: | ||
|- |
|- |
||
| <ul><li>cross-realm interaction with AD </ul>|| || || || |
| <ul><li>cross-realm interaction with AD </ul>|| || || || |
||
| + | |- |
||
| + | | <ul><li> Transitive trust</ul>|| || || || |
||
| + | |- |
||
| + | | <ul><li> Referrals</ul>|| || || || |
||
|- |
|- |
||
| Performance|| || || || |
| Performance|| || || || |
||
| Line 136: | Line 147: | ||
| <ul><li> Performance tradeoffs</ul>|| || || || |
| <ul><li> Performance tradeoffs</ul>|| || || || |
||
|- |
|- |
||
| − | | |
+ | | kadmin interface|| || || || |
| + | |- |
||
| + | | <ul><li> Keying workstation/ host key setting</ul>|| || || || |
||
|- |
|- |
||
| Using Smartcard with PKINIT|| || || || |
| Using Smartcard with PKINIT|| || || || |
||
| Line 146: | Line 157: | ||
| <ul><li>Cross-realm and ssh</ul>|| || || || |
| <ul><li>Cross-realm and ssh</ul>|| || || || |
||
|- |
|- |
||
| − | | Selecting and configuring plugins|| GH || || || |
||
| + | | A guide to principal naming basics and structure|| ZT ||2013-03-01 || || |
||
|- |
|- |
||
| − | | |
+ | | Troubleshooting|| || || || |
|- |
|- |
||
| − | | A guide to principal naming basics and structure|| || || || |
||
| + | | <ul><li>Troubleshooting errors</ul> || ZT || ongoing|| || |
||
|- |
|- |
||
| − | | |
+ | | <ul><li>Realm renaming </ul>|| || || || |
|- |
|- |
||
| − | | <ul><li> |
+ | | <ul><li> Forgot Kerberos Master Key|| GH || || || |
|- |
|- |
||
| − | | <ul><li>Trace logging</ul>||GH || || || |
||
| + | | Basic concepts (passwd policy, ticket ) || || || || |
||
|- |
|- |
||
| − | | Using LDAP server for Kerberos backend|| ZT || || || Ubuntu 10.4 (lucid) |
||
| + | | Approaches to authorization -- centralized vs distributed, etc. || || || || |
||
|- |
|- |
||
|} |
|} |
||
| + | |||
| + | {| class="wikitable" |
||
| + | |+ |
||
| + | |- |
||
| + | ! Completed task |
||
| + | ! Author |
||
| + | ! Date |
||
| + | ! Reviewer |
||
| + | ! Reviewer Comments |
||
| + | |- |
||
| + | | Replication || ZT|| || || |
||
| + | |- |
||
| + | | Reverse DNS|| TY|| 2012-12-12|| || |
||
| + | |- |
||
| + | | Selecting and configuring plugins|| GH ||2012-03-15|| || |
||
| + | |- |
||
| + | | Anonymity support|| GH ||2012-10-01 || || |
||
| + | |- |
||
| + | | Trace logging ||GH ||2012-03-22|| || |
||
| + | |- |
||
| + | | Using LDAP server for Kerberos backend|| ZT || || || Ubuntu 10.4 (lucid) |
||
| + | |- |
||
| + | | Acceptable date and time formats || ZT || 2012-07-15 || || |
||
| + | |- |
||
| + | | kadm5.acl man page || ZT || 2012-08-15 || || |
||
| + | |- |
||
| + | |} |
||
| + | |||
| + | == General == |
||
| + | |||
| + | {| class="wikitable" |
||
| + | |+ |
||
| + | |- |
||
| + | ! task |
||
| + | ! Proposed Author |
||
| + | ! Target Date |
||
| + | ! Reviewer |
||
| + | ! Reviewer Comments |
||
| + | |- |
||
| + | | Why Kerberos system is suitable for the internet, not only for the enterprise || TY || || || |
||
| + | |- |
||
| + | | Impact RC4 vulnerabilities on Kerberos || TY || || || |
||
| + | |- |
||
| + | |} |
||
== API documentation == |
== API documentation == |
||
| − | ===Most commonly used API functions (in alphabetical order)=== |
||
| + | |||
| + | Most commonly used API functions (in alphabetical order): |
||
{| class="wikitable" |
{| class="wikitable" |
||
|+ Tier 1 - Highest priority |
|+ Tier 1 - Highest priority |
||
|- |
|- |
||
| − | ! API |
+ | ! Completed API |
| − | ! |
+ | ! Author |
| − | ! |
+ | ! Reviewer |
| − | ! |
+ | ! Date |
| − | ! |
+ | ! Reviewer Comments |
|- |
|- |
||
|- |
|- |
||
| − | | krb5_build_principal [http://web.mit.edu/ |
+ | | krb5_build_principal [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_build_principal.html]|| ZT || GH|| || |
|- |
|- |
||
| − | |krb5_build_principal_alloc_va [http://web.mit.edu/ |
+ | |krb5_build_principal_alloc_va [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_build_principal_alloc_va.html] || ZT || GH|| || |
|- |
|- |
||
| − | | krb5_build_principal_ext [http://web.mit.edu/ |
+ | | krb5_build_principal_ext [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_build_principal_ext.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_cc_close [http://web.mit.edu/ |
+ | | krb5_cc_close [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_close.html] ||ZT ||GH || || |
|- |
|- |
||
| − | | krb5_cc_default [http://web.mit.edu/ |
+ | | krb5_cc_default [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_default.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_cc_default_name [http://web.mit.edu/ |
+ | | krb5_cc_default_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_default_name.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_cc_destroy [http://web.mit.edu/ |
+ | | krb5_cc_destroy [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_destroy.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_cc_dup [http://web.mit.edu/ |
+ | | krb5_cc_dup [http://web.mit.edu/kerberos/krb5-current/dockrb_appldev/refs/api/krb5_cc_dup.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_cc_get_name [http://web.mit.edu/ |
+ | | krb5_cc_get_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_get_name.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_cc_get_principal [http://web.mit.edu/ |
+ | | krb5_cc_get_principal [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_get_principal.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_cc_get_type [http://web.mit.edu/ |
+ | | krb5_cc_get_type [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_get_type.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_cc_initialize [http://web.mit.edu/ |
+ | | krb5_cc_initialize [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_initialize.html]|| ZT||GH || || |
|- |
|- |
||
| − | | krb5_cc_new_unique [http://web.mit.edu/ |
+ | | krb5_cc_new_unique [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_new_unique.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_cc_resolve [http://web.mit.edu/ |
+ | | krb5_cc_resolve [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_cc_resolve.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_change_password [http://web.mit.edu/ |
+ | | krb5_change_password [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_change_password.html]|| ZT||GH || || |
|- |
|- |
||
| − | | krb5_free_context [http://web.mit.edu/ |
+ | | krb5_free_context [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_free_context.html]|| ZT|| GH|| || |
|- |
|- |
||
| − | | krb5_free_error_message [http://web.mit.edu/ |
+ | | krb5_free_error_message [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_free_error_message.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_free_principal [http://web.mit.edu/ |
+ | | krb5_free_principal [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_free_principal.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_fwd_tgt_cred [http://web.mit.edu/ |
+ | | krb5_fwd_tgt_cred [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_fwd_tgt_cred.html]|| ZT || GH|| || Needs example |
|- |
|- |
||
| − | | krb5_get_default_realm [http://web.mit.edu/ |
+ | | krb5_get_default_realm [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_default_realm.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_error_message [http://web.mit.edu/ |
+ | | krb5_get_error_message [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_error_message.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_host_realm [http://web.mit.edu/ |
+ | | krb5_get_host_realm [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_host_realm.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_credentials [http://web.mit.edu/ |
+ | | krb5_get_credentials [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_credentials.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_fallback_host_realm [http://web.mit.edu/ |
+ | | krb5_get_fallback_host_realm [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_fallback_host_realm.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_keytab [http://web.mit.edu/ |
+ | | krb5_get_init_creds_keytab [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_keytab.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_alloc [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_alloc [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_alloc.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_free [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_free [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_free.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_get_fast_flags [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_get_fast_flags [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_get_fast_flags.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_init [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_init [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_init.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_address_list [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_address_list [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_address_list.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_anonymous [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_anonymous [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_anonymous.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_canonicalize [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_canonicalize [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_canonicalize.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_change_password_prompt [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_change_password_prompt [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_change_password_prompt.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_etype_list [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_etype_list [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_etype_list.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_expire_callback [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_expire_callback [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_expire_callback.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_fast_ccache [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_fast_ccache [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_fast_ccache.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_fast_ccache_name [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_fast_ccache_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_fast_ccache_name.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_fast_flags [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_fast_flags [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_fast_flags.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_forwardable [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_forwardable [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_forwardable.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_out_ccache [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_out_ccache [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_out_ccache.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_pa [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_pa [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_pa.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_preauth_list [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_preauth_list [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_preauth_list.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_proxiable [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_proxiable [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_proxiable.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_renew_life [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_renew_life [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_renew_life.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_salt [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_salt [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_salt.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_opt_set_tkt_life [http://web.mit.edu/ |
+ | | krb5_get_init_creds_opt_set_tkt_life [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_opt_set_tkt_life.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_init_creds_password [http://web.mit.edu/ |
+ | | krb5_get_init_creds_password [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_init_creds_password.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_profile [http://web.mit.edu/ |
+ | | krb5_get_profile [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_profile.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_prompt_types [http://web.mit.edu/ |
+ | | krb5_get_prompt_types [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_prompt_types.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_get_renewed_creds [http://web.mit.edu/ |
+ | | krb5_get_renewed_creds [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_renewed_creds.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_get_validated_creds [http://web.mit.edu/ |
+ | | krb5_get_validated_creds [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_get_validated_creds.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_init_context [http://web.mit.edu/ |
+ | | krb5_init_context [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_init_context.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_init_secure_context [http://web.mit.edu/ |
+ | | krb5_init_secure_context [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_init_secure_context.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_is_config_principal [http://web.mit.edu/ |
+ | | krb5_is_config_principal [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_is_config_principal.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_is_thread_safe [http://web.mit.edu/ |
+ | | krb5_is_thread_safe [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_is_thread_safe.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_kt_close [http://web.mit.edu/ |
+ | | krb5_kt_close [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kt_close.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_kt_default [http://web.mit.edu/ |
+ | | krb5_kt_default [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kt_default.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_kt_default_name [http://web.mit.edu/ |
+ | | krb5_kt_default_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kt_default_name.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_kt_get_name [http://web.mit.edu/ |
+ | | krb5_kt_get_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kt_get_name.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_kt_get_type [http://web.mit.edu/ |
+ | | krb5_kt_get_type [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kt_get_type.html] || ZT ||GH || || |
|- |
|- |
||
| − | | krb5_kt_resolve [http://web.mit.edu/ |
+ | | krb5_kt_resolve [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kt_resolve.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_kuserok [http://web.mit.edu/ |
+ | | krb5_kuserok [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_kuserok.html] || ZT ||GH || || |
|- |
|- |
||
| − | | krb5_parse_name [http://web.mit.edu/ |
+ | | krb5_parse_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_parse_name.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_parse_name_flags [http://web.mit.edu/ |
+ | | krb5_parse_name_flags [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_parse_name_flags.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_principal_compare [http://web.mit.edu/ |
+ | | krb5_principal_compare [http://web.mit.edu/kerberos/krb5-current/dockrb_appldev/refs/api/krb5_principal_compare.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_principal_compare_any_realm [http://web.mit.edu/ |
+ | | krb5_principal_compare_any_realm [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_principal_compare_any_realm.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_principal_compare_flags [http://web.mit.edu/ |
+ | | krb5_principal_compare_flags [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_principal_compare_flags.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_prompter_posix [http://web.mit.edu/ |
+ | | krb5_prompter_posix [http://web.mit.edu/kerberos/krb5-current/dockrb_appldev/refs/api/krb5_prompter_posix.html]|| ZT||GH || || |
|- |
|- |
||
| − | | krb5_realm_compare [http://web.mit.edu/ |
+ | | krb5_realm_compare [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_realm_compare.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_recvauth [http://web.mit.edu/ |
+ | | krb5_recvauth [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_recvauth.html]||ZT ||GH || || |
|- |
|- |
||
| − | | krb5_recvauth_version [http://web.mit.edu/ |
+ | | krb5_recvauth_version [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_recvauth_version.html] ||ZT ||GH || || |
|- |
|- |
||
| − | | krb5_set_default_realm [http://web.mit.edu/ |
+ | | krb5_set_default_realm [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_set_default_realm.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_set_password [http://web.mit.edu/ |
+ | | krb5_set_password [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_set_password.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_set_password_using_ccache [http://web.mit.edu/ |
+ | | krb5_set_password_using_ccache [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_set_password_using_ccache.html] || ZT ||GH || || |
|- |
|- |
||
| − | | krb5_set_principal_realm [http://web.mit.edu/ |
+ | | krb5_set_principal_realm [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_set_principal_realm.html] || ZT || GH|| || |
|- |
|- |
||
| − | | krb5_set_trace_callback [http://web.mit.edu/ |
+ | | krb5_set_trace_callback [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_set_trace_callback.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_set_trace_filename [http://web.mit.edu/ |
+ | | krb5_set_trace_filename [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_set_trace_filename.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_sname_to_principal [http://web.mit.edu/ |
+ | | krb5_sname_to_principal [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_sname_to_principal.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_unparse_name [http://web.mit.edu/ |
+ | | krb5_unparse_name [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_unparse_name.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_unparse_name_ext [http://web.mit.edu/ |
+ | | krb5_unparse_name_ext [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_unparse_name_ext.html]|| ZT ||GH || || |
|- |
|- |
||
| − | | krb5_unparse_name_flags [http://web.mit.edu/ |
+ | | krb5_unparse_name_flags [http://web.mit.edu/kerberos/krb5-current/dockrb_appldev/refs/api/krb5_unparse_name_flags.html] || ZT || GH|| || |
|- |
|- |
||
| − | | krb5_unparse_name_flags_ext [http://web.mit.edu/ |
+ | | krb5_unparse_name_flags_ext [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_unparse_name_flags_ext.html] || ZT ||GH || || |
|- |
|- |
||
| − | | krb5_us_timeofday [http://web.mit.edu/ |
+ | | krb5_us_timeofday [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_us_timeofday.html]|| ZT || GH|| || |
|- |
|- |
||
| − | | krb5_verify_authdata_kdc_issued [http://web.mit.edu/ |
+ | | krb5_verify_authdata_kdc_issued [http://web.mit.edu/kerberos/krb5-current/doc/krb_appldev/refs/api/krb5_verify_authdata_kdc_issued.html]|| ZT || GH|| || |
|- |
|- |
||
| + | |} |
||
| + | We may want to have more examples for some of the common API functions. |
||
| + | |||
| + | == Manpage proofreading == |
||
| + | {| class="wikitable" |
||
| + | |+ |
||
| + | |- |
||
| + | ! manpage |
||
| + | ! original |
||
| + | ! reviewer |
||
| + | ! comments |
||
| + | |- |
||
| + | | k5identity.5 || src/gen-manpages/k5identity.M || GH || |
||
| + | |- |
||
| + | | k5login.5 || src/gen-manpages/k5login.M || GH || |
||
| + | |- |
||
| + | | k5srvutil.1 || src/kadmin/cli/k5srvutil.M || GH || |
||
| + | |- |
||
| + | | kadmin.1 || src/kadmin/cli/kadmin.M || GH || |
||
| + | |- |
||
| + | | kadmind.8 || src/kadmin/server/kadmind.M || GH || |
||
| + | |- |
||
| + | | kdb5_ldap_util.8 || src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.M || GH || |
||
| + | |- |
||
| + | | kdb5_util.8 || src/kadmin/dbutil/kdb5_util.M || GH || |
||
| + | |- |
||
| + | | kdc.conf.5 || src/config-files/kdc.conf.M || GH || |
||
| + | |- |
||
| + | | kdestroy.1 || src/clients/kdestroy/kdestroy.M || GH || |
||
| + | |- |
||
| + | | kinit.1 || src/clients/kinit/kinit.M || GH || |
||
| + | |- |
||
| + | | kpasswd.1 || src/clients/kpasswd/kpasswd.M || GH || |
||
| + | |- |
||
| + | | kprop.8 || src/slave/kprop.M || GH || |
||
| + | |- |
||
| + | | kpropd.8 || src/slave/kpropd.M || GH || |
||
| + | |- |
||
| + | | kproplog.8 || src/slave/kproplog.M || GH || |
||
| + | |- |
||
| + | | krb5-send-pr.1 || src/util/send-pr/send-pr.1 || || copyright issues. Removed from the documentation |
||
| + | |- |
||
| + | | krb5.conf.5 || src/config-files/krb5.conf.M || GH || |
||
| + | |- |
||
| + | | krb5kdc.8 || src/kdc/krb5kdc.M || GH || |
||
| + | |- |
||
| + | | ksu.1 || src/clients/ksu/ksu.M || GH || needs rewrite |
||
| + | |- |
||
| + | | kswitch.1 || src/clients/kswitch/kswitch.M || GH || |
||
| + | |- |
||
| + | | kvno.1 || src/clients/kvno/kvno.M || GH || |
||
| + | |- |
||
| + | | sclient.1 || src/appl/sample/sclient/sclient.M || GH || |
||
| + | |- |
||
| + | | sserver.8 || src/appl/sample/sserver/sserver.M || GH || |
||
|} |
|} |
||
| Line 357: | Line 468: | ||
|- |
|- |
||
| GH || Greg Hudson |
| GH || Greg Hudson |
||
| + | |- |
||
| + | | KR || Ken Raeburn |
||
|- |
|- |
||
| MIT || MITKC group |
| MIT || MITKC group |
||
|- |
|- |
||
| − | | |
+ | | NW || Nico Williams |
| + | |- |
||
| + | | TH || Thomas Hardjono |
||
| + | |- |
||
| + | | TY || Tom Yu |
||
|- |
|- |
||
| − | | ZT || Zhanna |
+ | | ZT || Zhanna Tsitkov |
|- |
|- |
||
|} |
|} |
||
Latest revision as of 09:28, 5 June 2013
This is an early stage project for MIT Kerberos. It is being fleshed out by its proponents. Feel free to help flesh out the details of this project. After the project is ready, it will be presented for review and approval.
Contents
Purpose
To keep track of the various tasks that need to be documented such as function documentation, administration, troubleshooting etc.
Application development
| task | Proposed Author | Target Date | Reviewer | Reviewer Comments |
|---|---|---|---|---|
| Designing a new protocol, or extending existing one, to use GSS-API | ||||
| Choosing security API | ||||
|
||||
|
||||
| GSS-API | ||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
GH | 2012-10-01 | ||
|
||||
|
KR | |||
|
||||
| Krb5 library guide | ||||
|
||||
|
KR | under review | ||
|
||||
|
TY | TBD | ||
|
KR | |||
|
||||
|
| Completed task | Author | Date | Reviewer | Reviewer Comments |
|---|---|---|---|---|
| Choosing security API | ||||
|
GH | 2012-03-01 | ||
|
GH | 2012-10-01 | ||
| Developing plugins | GH | 2012-03-08 | ||
|
||||
|
ZT reviewed profile plugin | |||
| A more advanced introduction to using the Kerberos libraries for initial authentication, focusing on the authentication steps, validating initial credential | TY | 2012-04-27 | ||
| MIT Kerberos features : quick facts | ZT | ongoing | ||
| How to build Kerberos from source | ZT |
Administration
| task | Proposed Author | Target Date | Reviewer | Reviewer Comments |
|---|---|---|---|---|
| Introduction to Kerberos system | ||||
|
TH | 2012-08-15 | in progress | |
|
TH | 2012-08-15 | ||
|
TH | 2012-08-15 | ||
|
TH | 2012-07-15 | in progress | |
| Setting a new realm | ||||
|
||||
|
KR | |||
| Choosing encryption types for principals | TY | 2012-12-14 | under review | |
| Upgrading a Kerberos infrastructure (order, backward compatibility) | ||||
| Integration Kerberos with Login System | ||||
|
||||
|
||||
|
||||
|
||||
|
||||
| Cross-realm | ||||
|
||||
|
||||
|
||||
| Performance | ||||
|
||||
|
||||
| kadmin interface | ||||
|
||||
| Using Smartcard with PKINIT | ||||
| Kerberized ssh | ||||
|
||||
|
||||
| A guide to principal naming basics and structure | ZT | 2013-03-01 | ||
| Troubleshooting | ||||
|
ZT | ongoing | ||
|
||||
|
GH | |||
| Basic concepts (passwd policy, ticket ) | ||||
| Approaches to authorization -- centralized vs distributed, etc. |
| Completed task | Author | Date | Reviewer | Reviewer Comments |
|---|---|---|---|---|
| Replication | ZT | |||
| Reverse DNS | TY | 2012-12-12 | ||
| Selecting and configuring plugins | GH | 2012-03-15 | ||
| Anonymity support | GH | 2012-10-01 | ||
| Trace logging | GH | 2012-03-22 | ||
| Using LDAP server for Kerberos backend | ZT | Ubuntu 10.4 (lucid) | ||
| Acceptable date and time formats | ZT | 2012-07-15 | ||
| kadm5.acl man page | ZT | 2012-08-15 |
General
| task | Proposed Author | Target Date | Reviewer | Reviewer Comments |
|---|---|---|---|---|
| Why Kerberos system is suitable for the internet, not only for the enterprise | TY | |||
| Impact RC4 vulnerabilities on Kerberos | TY |
API documentation
Most commonly used API functions (in alphabetical order):
| Completed API | Author | Reviewer | Date | Reviewer Comments |
|---|---|---|---|---|
| krb5_build_principal [1] | ZT | GH | ||
| krb5_build_principal_alloc_va [2] | ZT | GH | ||
| krb5_build_principal_ext [3] | ZT | GH | ||
| krb5_cc_close [4] | ZT | GH | ||
| krb5_cc_default [5] | ZT | GH | ||
| krb5_cc_default_name [6] | ZT | GH | ||
| krb5_cc_destroy [7] | ZT | GH | ||
| krb5_cc_dup [8] | ZT | GH | ||
| krb5_cc_get_name [9] | ZT | GH | ||
| krb5_cc_get_principal [10] | ZT | GH | ||
| krb5_cc_get_type [11] | ZT | GH | ||
| krb5_cc_initialize [12] | ZT | GH | ||
| krb5_cc_new_unique [13] | ZT | GH | ||
| krb5_cc_resolve [14] | ZT | GH | ||
| krb5_change_password [15] | ZT | GH | ||
| krb5_free_context [16] | ZT | GH | ||
| krb5_free_error_message [17] | ZT | GH | ||
| krb5_free_principal [18] | ZT | GH | ||
| krb5_fwd_tgt_cred [19] | ZT | GH | Needs example | |
| krb5_get_default_realm [20] | ZT | GH | ||
| krb5_get_error_message [21] | ZT | GH | ||
| krb5_get_host_realm [22] | ZT | GH | ||
| krb5_get_credentials [23] | ZT | GH | ||
| krb5_get_fallback_host_realm [24] | ZT | GH | ||
| krb5_get_init_creds_keytab [25] | ZT | GH | ||
| krb5_get_init_creds_opt_alloc [26] | ZT | GH | ||
| krb5_get_init_creds_opt_free [27] | ZT | GH | ||
| krb5_get_init_creds_opt_get_fast_flags [28] | ZT | GH | ||
| krb5_get_init_creds_opt_init [29] | ZT | GH | ||
| krb5_get_init_creds_opt_set_address_list [30] | ZT | GH | ||
| krb5_get_init_creds_opt_set_anonymous [31] | ZT | GH | ||
| krb5_get_init_creds_opt_set_canonicalize [32] | ZT | GH | ||
| krb5_get_init_creds_opt_set_change_password_prompt [33] | ZT | GH | ||
| krb5_get_init_creds_opt_set_etype_list [34] | ZT | GH | ||
| krb5_get_init_creds_opt_set_expire_callback [35] | ZT | GH | ||
| krb5_get_init_creds_opt_set_fast_ccache [36] | ZT | GH | ||
| krb5_get_init_creds_opt_set_fast_ccache_name [37] | ZT | GH | ||
| krb5_get_init_creds_opt_set_fast_flags [38] | ZT | GH | ||
| krb5_get_init_creds_opt_set_forwardable [39] | ZT | GH | ||
| krb5_get_init_creds_opt_set_out_ccache [40] | ZT | GH | ||
| krb5_get_init_creds_opt_set_pa [41] | ZT | GH | ||
| krb5_get_init_creds_opt_set_preauth_list [42] | ZT | GH | ||
| krb5_get_init_creds_opt_set_proxiable [43] | ZT | GH | ||
| krb5_get_init_creds_opt_set_renew_life [44] | ZT | GH | ||
| krb5_get_init_creds_opt_set_salt [45] | ZT | GH | ||
| krb5_get_init_creds_opt_set_tkt_life [46] | ZT | GH | ||
| krb5_get_init_creds_password [47] | ZT | GH | ||
| krb5_get_profile [48] | ZT | GH | ||
| krb5_get_prompt_types [49] | ZT | GH | ||
| krb5_get_renewed_creds [50] | ZT | GH | ||
| krb5_get_validated_creds [51] | ZT | GH | ||
| krb5_init_context [52] | ZT | GH | ||
| krb5_init_secure_context [53] | ZT | GH | ||
| krb5_is_config_principal [54] | ZT | GH | ||
| krb5_is_thread_safe [55] | ZT | GH | ||
| krb5_kt_close [56] | ZT | GH | ||
| krb5_kt_default [57] | ZT | GH | ||
| krb5_kt_default_name [58] | ZT | GH | ||
| krb5_kt_get_name [59] | ZT | GH | ||
| krb5_kt_get_type [60] | ZT | GH | ||
| krb5_kt_resolve [61] | ZT | GH | ||
| krb5_kuserok [62] | ZT | GH | ||
| krb5_parse_name [63] | ZT | GH | ||
| krb5_parse_name_flags [64] | ZT | GH | ||
| krb5_principal_compare [65] | ZT | GH | ||
| krb5_principal_compare_any_realm [66] | ZT | GH | ||
| krb5_principal_compare_flags [67] | ZT | GH | ||
| krb5_prompter_posix [68] | ZT | GH | ||
| krb5_realm_compare [69] | ZT | GH | ||
| krb5_recvauth [70] | ZT | GH | ||
| krb5_recvauth_version [71] | ZT | GH | ||
| krb5_set_default_realm [72] | ZT | GH | ||
| krb5_set_password [73] | ZT | GH | ||
| krb5_set_password_using_ccache [74] | ZT | GH | ||
| krb5_set_principal_realm [75] | ZT | GH | ||
| krb5_set_trace_callback [76] | ZT | GH | ||
| krb5_set_trace_filename [77] | ZT | GH | ||
| krb5_sname_to_principal [78] | ZT | GH | ||
| krb5_unparse_name [79] | ZT | GH | ||
| krb5_unparse_name_ext [80] | ZT | GH | ||
| krb5_unparse_name_flags [81] | ZT | GH | ||
| krb5_unparse_name_flags_ext [82] | ZT | GH | ||
| krb5_us_timeofday [83] | ZT | GH | ||
| krb5_verify_authdata_kdc_issued [84] | ZT | GH |
We may want to have more examples for some of the common API functions.
Manpage proofreading
| manpage | original | reviewer | comments |
|---|---|---|---|
| k5identity.5 | src/gen-manpages/k5identity.M | GH | |
| k5login.5 | src/gen-manpages/k5login.M | GH | |
| k5srvutil.1 | src/kadmin/cli/k5srvutil.M | GH | |
| kadmin.1 | src/kadmin/cli/kadmin.M | GH | |
| kadmind.8 | src/kadmin/server/kadmind.M | GH | |
| kdb5_ldap_util.8 | src/plugins/kdb/ldap/ldap_util/kdb5_ldap_util.M | GH | |
| kdb5_util.8 | src/kadmin/dbutil/kdb5_util.M | GH | |
| kdc.conf.5 | src/config-files/kdc.conf.M | GH | |
| kdestroy.1 | src/clients/kdestroy/kdestroy.M | GH | |
| kinit.1 | src/clients/kinit/kinit.M | GH | |
| kpasswd.1 | src/clients/kpasswd/kpasswd.M | GH | |
| kprop.8 | src/slave/kprop.M | GH | |
| kpropd.8 | src/slave/kpropd.M | GH | |
| kproplog.8 | src/slave/kproplog.M | GH | |
| krb5-send-pr.1 | src/util/send-pr/send-pr.1 | copyright issues. Removed from the documentation | |
| krb5.conf.5 | src/config-files/krb5.conf.M | GH | |
| krb5kdc.8 | src/kdc/krb5kdc.M | GH | |
| ksu.1 | src/clients/ksu/ksu.M | GH | needs rewrite |
| kswitch.1 | src/clients/kswitch/kswitch.M | GH | |
| kvno.1 | src/clients/kvno/kvno.M | GH | |
| sclient.1 | src/appl/sample/sclient/sclient.M | GH | |
| sserver.8 | src/appl/sample/sserver/sserver.M | GH |
Abbreviations
| abbreviation | full names? |
|---|---|
| GH | Greg Hudson |
| KR | Ken Raeburn |
| MIT | MITKC group |
| NW | Nico Williams |
| TH | Thomas Hardjono |
| TY | Tom Yu |
| ZT | Zhanna Tsitkov |
