package config

Import Path
	github.com/jcmturner/gokrb5/v8/config (on go.dev)

Dependency Relation
	imports 17 packages, and imported by 4 packages

Involved Source Files

	    error.go
	    hosts.go
	  d krb5conf.go
		Package config implements KRB5 client and service configuration as described at https://web.mit.edu/kerberos/krb5-latest/doc/admin/conf_files/krb5_conf.html
Package-Level Type Names (total 6)

	/* sort by: alphabet | popularity */
	 type Config (struct)
		Config represents the KRB5 configuration.

		Fields (total 3)
			DomainRealm DomainRealm
			LibDefaults LibDefaults
			Realms []Realm
		Methods (total 4)
			(*Config) GetKDCs(realm string, tcp bool) (int, map[int]string, error)
				GetKDCs returns the count of KDCs available and a map of KDC host names keyed on preference order.

			(*Config) GetKpasswdServers(realm string, tcp bool) (int, map[int]string, error)
				GetKpasswdServers returns the count of kpasswd servers available and a map of kpasswd host names keyed on preference order.
				https://web.mit.edu/kerberos/krb5-latest/doc/admin/conf_files/krb5_conf.html#realms - see kpasswd_server section

			(*Config) JSON() (string, error)
				JSON return details of the config in a JSON format.

			(*Config) ResolveRealm(domainName string) string
				ResolveRealm resolves the kerberos realm for the specified domain name from the domain to realm mapping.
				The most specific mapping is returned.

		As Outputs Of (at least 5)
			func Load(cfgPath string) (*Config, error)
			func New() *Config
			func NewFromReader(r io.Reader) (*Config, error)
			func NewFromScanner(scanner *bufio.Scanner) (*Config, error)
			func NewFromString(s string) (*Config, error)
		As Inputs Of (at least 11)
			func github.com/jcmturner/gokrb5/v8/client.NewFromCCache(c *credentials.CCache, krb5conf *Config, settings ...func(*client.Settings)) (*client.Client, error)
			func github.com/jcmturner/gokrb5/v8/client.NewWithKeytab(username, realm string, kt *keytab.Keytab, krb5conf *Config, settings ...func(*client.Settings)) *client.Client
			func github.com/jcmturner/gokrb5/v8/client.NewWithPassword(username, realm, password string, krb5conf *Config, settings ...func(*client.Settings)) *client.Client
			func github.com/jcmturner/gokrb5/v8/messages.NewASReq(realm string, c *Config, cname, sname types.PrincipalName) (messages.ASReq, error)
			func github.com/jcmturner/gokrb5/v8/messages.NewASReqForChgPasswd(realm string, c *Config, cname types.PrincipalName) (messages.ASReq, error)
			func github.com/jcmturner/gokrb5/v8/messages.NewASReqForTGT(realm string, c *Config, cname types.PrincipalName) (messages.ASReq, error)
			func github.com/jcmturner/gokrb5/v8/messages.NewTGSReq(cname types.PrincipalName, kdcRealm string, c *Config, tgt messages.Ticket, sessionKey types.EncryptionKey, sname types.PrincipalName, renewal bool) (messages.TGSReq, error)
			func github.com/jcmturner/gokrb5/v8/messages.NewUser2UserTGSReq(cname types.PrincipalName, kdcRealm string, c *Config, clientTGT messages.Ticket, sessionKey types.EncryptionKey, sname types.PrincipalName, renewal bool, verifyingTGT messages.Ticket) (messages.TGSReq, error)
			func github.com/jcmturner/gokrb5/v8/messages.(*ASRep).Verify(cfg *Config, creds *credentials.Credentials, asReq messages.ASReq) (bool, error)
			func github.com/jcmturner/gokrb5/v8/messages.(*TGSRep).Verify(cfg *Config, tgsReq messages.TGSReq) (bool, error)
			func github.com/jcmturner/gokrb5/v8/service.NewKRB5BasicAuthenticator(headerVal string, krb5conf *Config, serviceSettings *service.Settings, clientSettings *client.Settings) service.KRB5BasicAuthenticator

	 type DomainRealm (map)
		DomainRealm maps the domains to realms representing the [domain_realm] section of the configuration.

	 type Invalid (struct)
		Invalid config error.

		Methods (only one)
			( Invalid) Error() string
				Error implements the error interface for invalid config error.

		Implements (at least one exported)
			 Invalid : error
		As Outputs Of (at least one exported)
			func InvalidErrorf(format string, a ...interface{}) Invalid

	 type LibDefaults (struct)
		LibDefaults represents the [libdefaults] section of the configuration.

		Fields (total 33)
			AllowWeakCrypto bool
				// default false

			CCacheType int
				// default is 4. unlikely to implement older

			Canonicalize bool
				ap_req_checksum_type int //unlikely to support this
				// default false

			Clockskew time.Duration
				// max allowed skew in seconds, default 300

			DNSCanonicalizeHostname bool
				// default true

			DNSLookupKDC bool
				// default false

			DNSLookupRealm bool
			DefaultClientKeytabName string
				Default_ccache_name string // default /tmp/krb5cc_%{uid} //Not implementing as will hold in memory
				// default /usr/local/var/krb5/user/%{euid}/client.keytab

			DefaultKeytabName string
				// default /etc/krb5.keytab

			DefaultRealm string
			DefaultTGSEnctypeIDs []int32
				// default aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4

			DefaultTGSEnctypes []string
				// default aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4

			DefaultTktEnctypeIDs []int32
				// default aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4

			DefaultTktEnctypes []string
				// default aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4

			ExtraAddresses []net.IP
				// Not implementing yet

			Forwardable bool
				// default false

			IgnoreAcceptorHostname bool
				// default false

			K5LoginAuthoritative bool
				// default false

			K5LoginDirectory string
				// default user's home directory. Must be owned by the user or root

			KDCDefaultOptions asn1.BitString
				// default 0x00000010 (KDC_OPT_RENEWABLE_OK)

			KDCTimeSync int
				// default 1

			NoAddresses bool
				kdc_req_checksum_type int //unlikely to implement as for very old KDCs
				// default true

			PermittedEnctypeIDs []int32
			PermittedEnctypes []string
				// default aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4

			PreferredPreauthTypes []int
				plugin_base_dir string //not supporting plugins
				// default “17, 16, 15, 14”, which forces libkrb5 to attempt to use PKINIT if it is supported

			Proxiable bool
				// default false

			RDNS bool
				// default true

			RealmTryDomains int
				// default -1

			RenewLifetime time.Duration
				// default 0

			SafeChecksumType int
				// default 8

			TicketLifetime time.Duration
				// default 1 day

			UDPPreferenceLimit int
				// 1 means to always use tcp. MIT krb5 has a default value of 1465, and it prevents user setting more than 32700.

			VerifyAPReqNofail bool
				// default false


	 type Realm (struct)
		Realm represents an entry in the [realms] section of the configuration.

		Fields (total 6)
			AdminServer []string
			DefaultDomain string
				auth_to_local //Not implementing for now
				auth_to_local_names //Not implementing for now

			KDC []string
			KPasswdServer []string
				// default admin_server:464

			MasterKDC []string
			Realm string

	 type UnsupportedDirective (struct)
		UnsupportedDirective error.

		Methods (only one)
			( UnsupportedDirective) Error() string
				Error implements the error interface for unsupported directives.

		Implements (at least one exported)
			 UnsupportedDirective : error


Package-Level Functions (total 6)

	 func InvalidErrorf(format string, a ...interface{}) Invalid
		InvalidErrorf creates a new Invalid error.

	 func Load(cfgPath string) (*Config, error)
		Load the KRB5 configuration from the specified file path.

	 func New() *Config
		New creates a new config struct instance.

	 func NewFromReader(r io.Reader) (*Config, error)
		NewFromReader creates a new Config struct from an io.Reader.

	 func NewFromScanner(scanner *bufio.Scanner) (*Config, error)
		NewFromScanner creates a new Config struct from a bufio.Scanner.

	 func NewFromString(s string) (*Config, error)
		NewFromString creates a new Config struct from a string.


Package-Level Constants (only one)

	const WeakETypeList = "des-cbc-crc des-cbc-md4 des-cbc-md5 des-cbc-raw des3-cbc-raw des-hma...
		WeakETypeList is a list of encryption types that have been deemed weak.

The pages are generated with Golds v0.6.7. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @Go100and1 (reachable from the left QR code) to get the latest news of Golds.