Man page - krb5_acl_match_file(3)

Packages contains this manual

Package:  heimdal-dev
apt-get install heimdal-dev

Manuals in package:
• krb5_set_default_realm(3)
• krb5_add_ignore_addresses(3)
• krb5_get_init_creds(3)
• krb5_auth_getlocalseqnumber(3)
• krb5_free_principal(3)
• kafs_settoken5(3)
• krb5_get_krb524hst(3)
• krb5_c_verify_checksum(3)
• krb5_rc_resolve_type(3)
• krb5_verify_init_creds_opt_init(3)
• rtbl_set_prefix(3)
• krb5_unparse_name_fixed_flags(3)
• krb5_prompt(3)
• gss_release_cred(3)
• gss_accept_sec_context(3)
• krb5_c_valid_cksumtype(3)
• krb5_425_conv_principal(3)
• krb5_get_in_cred(3)
• krb5_set_use_admin_kdc(3)
• krb5_auth_con_getauthenticator(3)
• estrdup(3)
• krb5_checksum_is_collision_proof(3)
• krb5_rc_initialize(3)
• gss_krb5_import_cred(3)
• krb5_c_encrypt_length(3)
• krb5_c_keylength(3)
• krb5_mk_rep_extended(3)
• krb5_auth_con_setkey(3)
• krb5_auth_con_getlocalsubkey(3)
• krb5_unparse_name_fixed_short(3)
• krb5_get_init_creds_opt_free(3)
• gssapi(3)
• krb5_rc_resolve_full(3)
• krb5_copy_principal(3)
• kafs(3)
• krb5_free_kdc_rep(3)
• krb5_realm_compare(3)
• k_unlog(3)
• krb5_get_renewed_creds(3)
• unparse_time_approx(3)
• krb5_string_to_key_salt_opaque(3)
• krb5_rc_default_type(3)
• krb5_crypto_getconfoundersize(3)
• krb5_add_et_list(3)
• rtbl_format(3)
• gss_canonicalize_name(3)
• k_hasafs(3)
• krb5_copy_creds_contents(3)
• krb5_get_krb_admin_hst(3)
• gss_inquire_cred(3)
• krb5_generate_random_block(3)
• krb5_init_ets(3)
• gss_display_status(3)
• krb5_check_transited(3)
• krb5_principal_get_type(3)
• krb5_get_default_principal(3)
• krb5_set_ignore_addresses(3)
• krb5_auth_context(3)
• gss_process_context_token(3)
• gss_krb5_get_tkt_flags(3)
• krb5_get_use_admin_kdc(3)
• krb5_c_get_checksum(3)
• krb5_encrypt(3)
• krb5_enctype_disable(3)
• krb5_format_time(3)
• krb5_digest_set_identifier(3)
• krb5_create_checksum(3)
• krb5_auth_getcksumtype(3)
• gss_add_oid_set_member(3)
• krb5_error_from_rd_error(3)
• k_hasafs_recheck(3)
• krb5_string_to_key(3)
• krb5_krbhst_init_flags(3)
• krb_afslog_uid(3)
• krb5_get_forwarded_creds(3)
• krb5_auth_con_getremotesubkey(3)
• krb5_524_conv_principal(3)
• krb5_c_is_keyed_cksum(3)
• krb5_principal_compare_any_realm(3)
• krb5_get_dns_canonize_hostname(3)
• rtbl_set_flags(3)
• krb5_get_init_creds_opt_set_salt(3)
• krb5_auth_con_setflags(3)
• krb5_c_checksum_length(3)
• krb5_verify_opt_set_secure(3)
• krb5_auth_con_setrcache(3)
• krb5_krbhst_format_string(3)
• gss_display_name(3)
• krb5_digest_get_client_binding(3)
• gss_export_sec_context(3)
• krb5_build_principal_va(3)
• krb5_verify_user_lrealm(3)
• krb5_verify_opt_set_ccache(3)
• krb5_c_block_size(3)
• krb5_enctype_valid(3)
• krb5_get_pw_salt(3)
• krb5_auth_setremoteseqnumber(3)
• krb5_mk_safe(3)
• krb5_rc_destroy(3)
• krb5_c_decrypt(3)
• k_afs_cell_of_file(3)
• parse_time(3)
• eread(3)
• gss_krb5_copy_ccache(3)
• gss_release_name(3)
• krb5_verify_user_opt(3)
• krb5_krbhst_next_as_string(3)
• gss_add_cred(3)
• ecalloc(3)
• krb5_auth_con_setaddrs(3)
• krb5_string_to_key_data(3)
• krb5_digest_free(3)
• gss_krb5_import_ccache(3)
• krb5_get_kdc_cred(3)
• krb5_change_password(3)
• krb5_free_error_contents(3)
• krb5_auth_con_getrcache(3)
• krb5_enctype_keysize(3)
• krb5_verify_opt_set_service(3)
• krb5_rc_get_lifespan(3)
• rtbl_add_column(3)
• krb5_c_is_coll_proof_cksum(3)
• krb5_addlog_dest(3)
• krb5_free_creds(3)
• krb5_digest_request(3)
• krb5_get_init_creds_opt_alloc(3)
• krb5_digest_set_client_nonce(3)
• gss_inquire_mechs_for_name(3)
• erealloc(3)
• getarg(3)
• krb5_digest_set_uri(3)
• krb5_getportbyname(3)
• krb5_checksum(3)
• krb5_get_init_creds_opt_set_proxiable(3)
• rtbl_get_flags(3)
• krb5_mk_req_exact(3)
• krb5_digest_set_authentication_user(3)
• krb5_rc_get_name(3)
• krb5_auth_setcksumtype(3)
• krb5_krbhst_next(3)
• rtbl_new_row(3)
• krb5_auth_con_removeflags(3)
• krb5_unparse_name_fixed(3)
• krb5_init_context(3)
• krb5_rd_rep(3)
• gss_seal(3)
• krb5_openlog(3)
• krb5_verify_opt_set_flags(3)
• krb5_checksum_disable(3)
• krb5_make_principal(3)
• krb5_build_principal_va_ext(3)
• krb5_auth_con_getflags(3)
• krb5_get_creds_opt_set_impersonate(3)
• krb5_parse_nametype(3)
• arg_printusage(3)
• gss_wrap(3)
• gss_import_name(3)
• krb5_crypto_get_checksum_type(3)
• krb5_free_checksum_contents(3)
• kadm5_check_password_quality(3)
• krb5_mk_rep(3)
• krb5_cksumtype_valid(3)
• unparse_time(3)
• krb5_parse_name(3)
• gsskrb5_register_acceptor_identity(3)
• krb5_get_server_rcache(3)
• krb5_get_init_creds_opt_set_etype_list(3)
• gss_acquire_cred(3)
• krb5_princ_set_realm(3)
• krb5_acl_match_string(3)
• krb5_hmac(3)
• krb5_afslog(3)
• krb5_get_max_time_skew(3)
• krb5_set_password(3)
• krb5_auth_con_free(3)
• krb5_verify_ap_req(3)
• krb5_log_msg(3)
• krb5_string_to_key_salt(3)
• krb5_addlog_func(3)
• krb5_parse_name_flags(3)
• krb5_get_krbhst(3)
• krb5_free_checksum(3)
• rtbl_create(3)
• krb5_auth_con_setivector(3)
• krb5_h_errno_to_heim_errno(3)
• kadm5_setup_passwd_quality_check(3)
• gss_sign(3)
• krb5_verify_opt_free(3)
• gss_duplicate_name(3)
• krb5_closelog(3)
• krb5_digest_get_a1_hash(3)
• rtbl_destroy(3)
• krb5_set_fcache_version(3)
• krb5_principal(3)
• kadm5_add_passwd_quality_verifier(3)
• krb5_c_set_checksum(3)
• krb5_get_init_creds_opt_set_preauth_list(3)
• krb5_string_to_enctype(3)
• krb5_digest_init_request(3)
• krb5_unparse_name(3)
• krb5_krbhst_reset(3)
• krb5_digest_set_method(3)
• krb5_digest_get_server_nonce(3)
• krb5_rd_req(3)
• krb5_free_salt(3)
• gss_unwrap(3)
• krb5_build_principal_ext(3)
• krb524_convert_creds_kdc(3)
• gss_inquire_cred_by_mech(3)
• krb5_digest_set_server_nonce(3)
• rtbl_add_column_entry_by_id(3)
• krb5_verify_opt_alloc(3)
• krb5_digest_set_qop(3)
• krb5_get_default_config_files(3)
• krb5_get_init_creds_opt_set_address_list(3)
• krb5_auth_con_init(3)
• krb5_digest_set_username(3)
• krb5_principal_set_type(3)
• krb5_encrypt_ivec(3)
• krb5_auth_setkeytype(3)
• krb5_get_init_creds_keytab(3)
• krb5_build_ap_req(3)
• krb5_string_to_key_data_salt(3)
• krb5_free_cred_contents(3)
• krb5_digest_get_tickets(3)
• krb5_get_in_tkt_with_skey(3)
• krb5_digest_get_identifier(3)
• krb5_domain_x500_encode(3)
• krb5_c_encrypt(3)
• krb5_rd_req_with_keyblock(3)
• krb5_enctype_to_string(3)
• krb5_krbhst_init(3)
• krb5_check_transited_realms(3)
• krb5_crypto_getblocksize(3)
• krb5_rc_expunge(3)
• krb5_free_host_realm(3)
• gss_init_sec_context(3)
• krb5_digest_get_rsp(3)
• krb5_digest_set_realm(3)
• krb5_auth_con_addflags(3)
• krb524_convert_creds_kdc_ccache(3)
• krb5_find_padata(3)
• krb5_unparse_name_short(3)
• krb5_prepend_config_files_default(3)
• gss_wrap_size_limit(3)
• krb5_string_to_key_data_salt_opaque(3)
• krb_afslog(3)
• rtbl_add_column_by_id(3)
• rtbl_set_column_affix_by_id(3)
• krb5_verify_init_creds_opt_set_ap_req_nofail(3)
• krb5_crypto_getpadsize(3)
• krb5_digest_set_type(3)
• krb5_verify_opt_init(3)
• gss_inquire_context(3)
• gsskrb5_extract_authz_data_from_sec_context(3)
• krb5_passwd_result_to_string(3)
• krb5_get_init_creds_opt_set_renew_life(3)
• gss_get_mic(3)
• krb5_digest_set_hostname(3)
• krb5_rc_close(3)
• krb5_digest_alloc(3)
• krb5_acl_match_file(3)
• krb5_get_init_creds_opt_set_canonicalize(3)
• krb5_get_extra_addresses(3)
• krb5_prompter_posix(3)
• gss_import_sec_context(3)
• krb5_get_creds_opt_alloc(3)
• krb5_aname_to_localname(3)
• krb5_prepend_config_files(3)
• ewrite(3)
• krb5_digest_get_opaque(3)
• krb5_get_creds_opt_add_options(3)
• krb5_get_creds_opt_set_options(3)
• krb5_rd_safe(3)
• krb5_get_init_creds_opt_init(3)
• gss_export_name(3)
• rtbl_add_column_entry(3)
• gss_inquire_names_for_mech(3)
• krb5_set_password_using_ccache(3)
• krb5_copy_creds(3)
• krb5_verify_user(3)
• krb5_digest_set_opaque(3)
• krb5_auth_con_setaddrs_from_fd(3)
• gss_create_empty_oid_set(3)
• krb5_creds(3)
• krb5_set_extra_addresses(3)
• krb5_auth_con_getuserkey(3)
• krb5_auth_getkeytype(3)
• gss_context_time(3)
• krb5_get_in_tkt(3)
• k_setpag(3)
• rtbl_set_column_prefix(3)
• krb5_principal_get_comp_string(3)
• krb5_get_init_creds_opt_set_anonymous(3)
• gss_release_oid_set(3)
• krb5_digest_set_server_cb(3)
• krb5_get_init_creds_opt(3)
• krb5_auth_getremoteseqnumber(3)
• krb5_free_context(3)
• krb5_auth_con_generatelocalsubkey(3)
• krb5_get_in_tkt_with_keytab(3)
• krb5_krbhst_free(3)
• krb5_auth_setlocalseqnumber(3)
• krb5-plugin(7)
• krb5_checksum_is_keyed(3)
• krb5_free_authenticator(3)
• krb5_decrypt(3)
• krb5-config(1)
• krb5_rcache(3)
• emalloc(3)
• krb5_free_config_files(3)
• krb5_get_fcache_version(3)
• krb5_principal_compare(3)
• krb5_appdefault(3)
• krb5_mk_req_extended(3)
• krb5_context(3)
• krb5_principal_get_realm(3)
• krb5_set_real_time(3)
• krb5_sname_to_principal(3)
• gss_verify_mic(3)
• krb5_auth_con_initivector(3)
• krb5_get_credentials(3)
• krb5_unparse_name_flags(3)
• krb5_get_creds_opt_free(3)
• krb5_copy_checksum(3)
• krb5_c_make_checksum(3)
• krb5_rc_default_name(3)
• krb5_string_to_deltat(3)
• krb5_digest_set_authid(3)
• krb5_us_timeofday(3)
• rtbl_set_separator(3)
• esetenv(3)
• krb5_auth_con_setuserkey(3)
• krb5_get_init_creds_opt_set_tkt_life(3)
• krb5_auth_con_getkey(3)
• krb5_rd_priv(3)
• krb5_domain_x500_decode(3)
• krb5_c_make_random_key(3)
• krb5_get_init_creds_opt_set_addressless(3)
• krb5_verify_checksum(3)
• gss_indicate_mechs(3)
• krb5_fwd_tgt_creds(3)
• krb5_password_key_proc(3)
• krb5_mk_priv(3)
• krb5_get_init_creds_opt_set_forwardable(3)
• krb5_get_init_creds_opt_set_default_flags(3)
• krb5_decrypt_ivec(3)
• krb5_get_wrapped_length(3)
• krb5_rc_store(3)
• krb5_pwcheck(3)
• krb5_rd_error(3)
• krb5_get_ignore_addresses(3)
• krb5_appdefault_string(3)
• krb5_digest(3)
• krb5_crypto_getenctype(3)
• krb5_c_enctype_compare(3)
• kafs_settoken_rxkad(3)
• rtbl(3)
• krb5_build_principal(3)
• krb5_get_init_creds_opt_set_win2k(3)
• gss_compare_name(3)
• gss_unseal(3)
• krb5_get_default_realms(3)
• krb5_get_default_realm(3)
• krb5_mk_req(3)
• krb5_get_creds(3)
• kadm5_pwcheck(3)
• krb5_get_creds_opt_set_ticket(3)
• krb5_get_host_realm(3)
• krb5_auth_con_getaddrs(3)
• krb5_checksumsize(3)
• krb5_auth_con_setlocalsubkey(3)
• krb5_krbhst_get_addrinfo(3)
• kafs_settoken(3)
• gss_delete_sec_context(3)
• krb5_rc_recover(3)
• gss_krb5_compat_des3_mic(3)
• krb5_padata_add(3)
• kafs_set_verbose(3)
• krb5_get_init_creds_opt_set_pa_password(3)
• krb5_free_error(3)
• krb5_rc_get_type(3)
• krb5_digest_set_digest(3)
• krb5_auth_con_genaddrs(3)
• krb5_principal_match(3)
• krb5_eai_to_heim_errno(3)
• print_time_table(3)
• krb5_add_extra_addresses(3)
• krb5_get_in_tkt_with_password(3)
• krb5_crypto_overhead(3)
• krb5_set_config_files(3)
• krb5_verify_init_creds(3)
• krb5_c_valid_enctype(3)
• krb5_set_max_time_skew(3)
• krb5_get_init_creds_opt_set_paq_request(3)
• gss_release_buffer(3)
• krb5_get_credentials_with_flags(3)
• gss_test_oid_set_member(3)
• krb5_timeofday(3)
• krb5_appdefault_boolean(3)
• krb5_appdefault_time(3)
• krb5_copy_host_realm(3)
• krb5_initlog(3)
• krb5_get_all_client_addrs(3)
• gss_verify(3)
• krb5_is_thread_safe(3)
• gss_krb5_ccache_name(3)
• krb5_afslog_uid(3)
• krb5_set_dns_canonize_hostname(3)
• krb5_425_conv_principal_ext(3)
• krb5_decrypt_ticket(3)
• krb5_get_all_server_addrs(3)
• krb5_get_kdc_sec_offset(3)
• krb5_mk_rep_exact(3)
• krb5_log(3)
• krb5_rc_resolve(3)
• krb5_get_creds_opt_set_enctype(3)
• k_pioctl(3)
• krb5_rc_default(3)
• krb5_auth_con_setremotesubkey(3)
• krb5_vlog_msg(3)
• krb5_sock_to_principal(3)
• krb5_free_krbhst(3)
• krb5_get_krb_changepw_hst(3)
• krb5_vlog(3)
• krb5_get_init_creds_password(3)
• krb5_verify_opt_set_keytab(3)
Documentations in package:
• heimdal-dev

Manual

---

KRB5_ACL_MATCH_FILE (3) Library Functions Manual KRB5_ACL_MATCH_FILE (3)

NAME

krb5_acl_match_file, krb5_acl_match_string — ACL matching functions

LIBRARY

Kerberos 5 Library (libkrb5, -lkrb5)

SYNOPSIS

krb5_error_code

krb5_acl_match_file ( krb5_context context , const char *file , const char *format , ... );

krb5_error_code

krb5_acl_match_string ( krb5_context context , const char *string , const char *format , ... );

DESCRIPTION

krb5_acl_match_file matches ACL format against each line in a file. Lines starting with # are treated like comments and ignored.

krb5_acl_match_string matches ACL format against a string.

The ACL format has three format specifiers: s, f, and r. Each specifier will retrieve one argument from the variable arguments for either matching or storing data. The input string is split up using " " and "\t" as a delimiter; multiple " " and "\t" in a row are considered to be the same.

s

Matches a string using strcmp (3) (case sensitive).

f

Matches the string with fnmatch (3). The flags argument (the last argument) passed to the fnmatch function is 0.

r

Returns a copy of the string in the char ** passed in; the copy must be freed with free (3). There is no need to free (3) the string on error: the function will clean up and set the pointer to NULL.

All unknown format specifiers cause an error.

EXAMPLES

char *s;

ret = krb5_acl_match_string(context, "foo", "s", "foo");
if (ret)
krb5_errx(context, 1, "acl didn’t match");
ret = krb5_acl_match_string(context, "foo foo baz/kaka",
"ss", "foo", &s, "foo/*");
if (ret) {
/* no need to free(s) on error */
assert(s == NULL);
krb5_errx(context, 1, "acl didn’t match");
}
free(s);

SEE ALSO

krb5 (3) HEIMDAL May 12, 2006 KRB5_ACL_MATCH_FILE (3)

---