summaryrefslogtreecommitdiffstats
path: root/c/src/exec/librpc/src/rpc/rpc_secure.3
diff options
context:
space:
mode:
Diffstat (limited to 'c/src/exec/librpc/src/rpc/rpc_secure.3')
-rw-r--r--c/src/exec/librpc/src/rpc/rpc_secure.3254
1 files changed, 0 insertions, 254 deletions
diff --git a/c/src/exec/librpc/src/rpc/rpc_secure.3 b/c/src/exec/librpc/src/rpc/rpc_secure.3
deleted file mode 100644
index 4efd9b8614..0000000000
--- a/c/src/exec/librpc/src/rpc/rpc_secure.3
+++ /dev/null
@@ -1,254 +0,0 @@
-.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI
-.\" $FreeBSD: src/lib/libc/rpc/rpc_secure.3,v 1.6 2000/03/02 09:13:48 sheldonh Exp $
-.\"
-.Dd February 16, 1988
-.Dt RPC 3
-.Sh NAME
-.Nm rpc_secure
-.Nd library routines for secure remote procedure calls
-.Sh SYNOPSIS
-.Fd #include <rpc/rpc.h>
-.Ft AUTH *
-.Fo authdes_create
-.Fa "char *name"
-.Fa "unsigned window"
-.Fa "struct sockaddr *addr"
-.Fa "des_block *ckey"
-.Fc
-.Ft int
-.Fn authdes_getucred "struct authdes_cred *adc" "uid_t *uid" "gid_t *gid" "int *grouplen" "gid_t *groups"
-.Ft int
-.Fn getnetname "char *name"
-.Ft int
-.Fn host2netname "char *name" "char *host" "char *domain"
-.Ft int
-.Fn key_decryptsession "const char *remotename" "des_block *deskey"
-.Ft int
-.Fn key_encryptsession "const char *remotename" "des_block *deskey"
-.Ft int
-.Fn key_gendes "des_block *deskey"
-.Ft int
-.Fn key_setsecret "const char *key"
-.Ft int
-.Fn netname2host "char *name" "char *host" "int hostlen"
-.Ft int
-.Fn netname2user "char *name" "uid_t *uidp" "gid_t *gidp" "int *gidlenp" "gid_t *gidlist"
-.Ft int
-.Fn user2netname "char *name" "uid_t uid" "char *domain"
-.Sh DESCRIPTION
-These routines are part of the
-.Tn RPC
-library. They implement
-.Tn DES
-Authentication. See
-.Xr rpc 3
-for further details about
-.Tn RPC .
-.Pp
-The
-.Fn authdes_create
-is the first of two routines which interface to the
-.Tn RPC
-secure authentication system, known as
-.Tn DES
-authentication.
-The second is
-.Fn authdes_getucred ,
-below.
-.Pp
-Note: the keyserver daemon
-.Xr keyserv 8
-must be running for the
-.Tn DES
-authentication system to work.
-.Pp
-.Fn Authdes_create ,
-used on the client side, returns an authentication handle that
-will enable the use of the secure authentication system.
-The first parameter
-.Fa name
-is the network name, or
-.Fa netname ,
-of the owner of the server process.
-This field usually
-represents a
-.Fa hostname
-derived from the utility routine
-.Fn host2netname ,
-but could also represent a user name using
-.Fn user2netname .
-The second field is window on the validity of
-the client credential, given in seconds. A small
-window is more secure than a large one, but choosing
-too small of a window will increase the frequency of
-resynchronizations because of clock drift.
-The third
-parameter
-.Fa addr
-is optional. If it is
-.Dv NULL ,
-then the authentication system will assume
-that the local clock is always in sync with the server's
-clock, and will not attempt resynchronizations.
-If an address
-is supplied, however, then the system will use the address
-for consulting the remote time service whenever
-resynchronization
-is required.
-This parameter is usually the
-address of the
-.Tn RPC
-server itself.
-The final parameter
-.Fa ckey
-is also optional. If it is
-.Dv NULL ,
-then the authentication system will
-generate a random
-.Tn DES
-key to be used for the encryption of credentials.
-If it is supplied, however, then it will be used instead.
-.Pp
-.Fn Authdes_getucred ,
-the second of the two
-.Tn DES
-authentication routines,
-is used on the server side for converting a
-.Tn DES
-credential, which is
-operating system independent, into a
-.Ux
-credential.
-This routine differs from utility routine
-.Fn netname2user
-in that
-.Fn authdes_getucred
-pulls its information from a cache, and does not have to do a
-Yellow Pages lookup every time it is called to get its information.
-.Pp
-.Fn Getnetname
-installs the unique, operating-system independent netname of
-the
-caller in the fixed-length array
-.Fa name .
-Returns
-.Dv TRUE
-if it succeeds and
-.Dv FALSE
-if it fails.
-.Pp
-.Fn Host2netname
-converts from a domain-specific hostname to an
-operating-system independent netname.
-Returns
-.Dv TRUE
-if it succeeds and
-.Dv FALSE
-if it fails.
-Inverse of
-.Fn netname2host .
-.Pp
-.Fn Key_decryptsession
-is an interface to the keyserver daemon, which is associated
-with
-.Tn RPC Ns 's
-secure authentication system (
-.Tn DES
-authentication).
-User programs rarely need to call it, or its associated routines
-.Fn key_encryptsession ,
-.Fn key_gendes
-and
-.Fn key_setsecret .
-System commands such as
-.Xr login 1
-and the
-.Tn RPC
-library are the main clients of these four routines.
-.Pp
-.Fn Key_decryptsession
-takes a server netname and a
-.Tn DES
-key, and decrypts the key by
-using the the public key of the the server and the secret key
-associated with the effective uid of the calling process. It
-is the inverse of
-.Fn key_encryptsession .
-.Pp
-.Fn Key_encryptsession
-is a keyserver interface routine.
-It
-takes a server netname and a des key, and encrypts
-it using the public key of the the server and the secret key
-associated with the effective uid of the calling process. It
-is the inverse of
-.Fn key_decryptsession .
-.Pp
-.Fn Key_gendes
-is a keyserver interface routine.
-It
-is used to ask the keyserver for a secure conversation key.
-Choosing one
-.Qq random
-is usually not good enough,
-because
-the common ways of choosing random numbers, such as using the
-current time, are very easy to guess.
-.Pp
-.Fn Key_setsecret
-is a keyserver interface routine.
-It is used to set the key for
-the effective
-.Fa uid
-of the calling process.
-.Pp
-.Fn Netname2host
-converts from an operating-system independent netname to a
-domain-specific hostname.
-Returns
-.Dv TRUE
-if it succeeds and
-.Dv FALSE
-if it fails. Inverse of
-.Fn host2netname .
-.Pp
-.Fn Netname2user
-converts from an operating-system independent netname to a
-domain-specific user ID.
-Returns
-.Dv TRUE
-if it succeeds and
-.Dv FALSE
-if it fails.
-Inverse of
-.Fn user2netname .
-.Pp
-.Fn User2netname
-converts from a domain-specific username to an operating-system
-independent netname.
-Returns
-.Dv TRUE
-if it succeeds and
-.Dv FALSE
-if it fails.
-Inverse of
-.Fn netname2user .
-.Sh SEE ALSO
-.Xr rpc 3 ,
-.Xr xdr 3 ,
-.Xr keyserv 8
-.Pp
-The following manuals:
-.Rs
-.%B Remote Procedure Calls: Protocol Specification
-.Re
-.Rs
-.%B Remote Procedure Call Programming Guide
-.Re
-.Rs
-.%B Rpcgen Programming Guide
-.Re
-.Rs
-.%B RPC: Remote Procedure Call Protocol Specification
-.%O RFC1050, Sun Microsystems Inc., USC-ISI
-.Re
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 22:30:04 +0000