KRB5 Client Release Notes for HP-UX 11.0
6 Chapter1
KRB5 Client Release Notes for HP-UX 11.0
What’s in This Version
What’s in This Version
The KRB5-Client software is based on MIT Kerberos V5 1.1.1 with all the major fixes to the
buffer overrun vulnerabilities detected in MIT Kerberos V5 1.1.1 release. It consists of
libraries, header files, man-pages and Kerberos utilities, which help in performing
command-line or programmatic authentication. Data encryption APIs can be used to protect
data transmitted over the net. The KRB5-Client Version-1.0 software supports both 32- and
64-bit development, as shown in the table below:
Utilities:
• /usr/bin/kinit: obtain and cache the Kerberos ticket-granting ticket.
• /usr/bin/klist: list cached Kerberos tickets.
• /usr/bin/kvno: print key version numbers of Kerberos principals.
Table 1-1. Kerberos Client Libraries
32 Bits 64 Bits Functionality
/usr/lib/libkrb5.sl /usr/lib/pa20_64/libkrb5.sl Authenticate users,
verify tickets, create
authenticator, and
manage the context
/usr/lib/libcom_err.sl /usr/lib/pa20_64/libcom_err.sl Print appropriate
error messages to
stderr based on the
error code returnedby
kerberos APIs.
/usr/lib/libk5crypto.sl /usr/lib/pa20_64/libk5crypto.sl Encrypt (DES) and
decrypt all of their
communications to
assure privacy and
data integrity
/usr/lib/gss/libgssapi_krb5.sl /usr/lib/pa20_64/gss/libgssapi_krb5.sl Kerberos mechanism-
specific library used
by GSSAPI
(/usr/lib/libgss.sl)