1.\" $NetBSD: krb5_set_password.3,v 1.2 2017/01/28 21:31:49 christos Exp $ 2.\" 3.\" Copyright (c) 2003 - 2004 Kungliga Tekniska Högskolan 4.\" (Royal Institute of Technology, Stockholm, Sweden). 5.\" All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 11.\" 1. Redistributions of source code must retain the above copyright 12.\" notice, this list of conditions and the following disclaimer. 13.\" 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 18.\" 3. Neither the name of the Institute nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" Id 35.\" 36.Dd July 15, 2004 37.Dt KRB5_SET_PASSWORD 3 38.Os 39.Sh NAME 40.Nm krb5_change_password , 41.Nm krb5_set_password , 42.Nm krb5_set_password_using_ccache , 43.Nm krb5_passwd_result_to_string 44.Nd change password functions 45.Sh LIBRARY 46Kerberos 5 Library (libkrb5, -lkrb5) 47.Sh SYNOPSIS 48.In krb5/krb5.h 49.Ft krb5_error_code 50.Fo krb5_change_password 51.Fa "krb5_context context" 52.Fa "krb5_creds *creds" 53.Fa "char *newpw" 54.Fa "int *result_code" 55.Fa "krb5_data *result_code_string" 56.Fa "krb5_data *result_string" 57.Fc 58.Ft krb5_error_code 59.Fo krb5_set_password 60.Fa "krb5_context context" 61.Fa "krb5_creds *creds" 62.Fa "char *newpw" 63.Fa "krb5_principal targprinc" 64.Fa "int *result_code" 65.Fa "krb5_data *result_code_string" 66.Fa "krb5_data *result_string" 67.Fc 68.Ft krb5_error_code 69.Fo krb5_set_password_using_ccache 70.Fa "krb5_context context" 71.Fa "krb5_ccache ccache" 72.Fa "char *newpw" 73.Fa "krb5_principal targprinc" 74.Fa "int *result_code" 75.Fa "krb5_data *result_code_string" 76.Fa "krb5_data *result_string" 77.Fc 78.Ft "const char *" 79.Fo krb5_passwd_result_to_string 80.Fa "krb5_context context" 81.Fa "int result" 82.Fc 83.Sh DESCRIPTION 84These functions change the password for a given principal. 85.Pp 86.Fn krb5_set_password 87and 88.Fn krb5_set_password_using_ccache 89are the newer of the three functions, and use a newer version of the 90protocol (and also fall back to the older set-password protocol if the 91newer protocol doesn't work). 92.Pp 93.Fn krb5_change_password 94sets the password 95.Fa newpasswd 96for the client principal in 97.Fa creds . 98The server principal of creds must be 99.Li kadmin/changepw . 100.Pp 101.Fn krb5_set_password 102and 103.Fn krb5_set_password_using_ccache 104change the password for the principal 105.Fa targprinc . 106.Pp 107.Fn krb5_set_password 108requires that the credential for 109.Li kadmin/changepw@REALM 110is in 111.Fa creds . 112If the user caller isn't an administrator, this credential 113needs to be an initial credential, see 114.Xr krb5_get_init_creds 3 115how to get such credentials. 116.Pp 117.Fn krb5_set_password_using_ccache 118will get the credential from 119.Fa ccache . 120.Pp 121If 122.Fa targprinc 123is 124.Dv NULL , 125.Fn krb5_set_password_using_ccache 126uses the the default principal in 127.Fa ccache 128and 129.Fn krb5_set_password 130uses the global the default principal. 131.Pp 132All three functions return an error in 133.Fa result_code 134and maybe an error string to print in 135.Fa result_string . 136.Pp 137.Fn krb5_passwd_result_to_string 138returns an human readable string describing the error code in 139.Fa result_code 140from the 141.Fn krb5_set_password 142functions. 143.Sh SEE ALSO 144.Xr krb5_ccache 3 , 145.Xr krb5_init_context 3 146