| rpc_secure.3 (108087) | rpc_secure.3 (131504) |
|---|---|
| 1.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI | 1.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI |
| 2.\" $FreeBSD: head/lib/libc/rpc/rpc_secure.3 108087 2002-12-19 09:40:28Z ru $ | 2.\" $FreeBSD: head/lib/libc/rpc/rpc_secure.3 131504 2004-07-02 23:52:20Z ru $ |
| 3.\" 4.Dd February 16, 1988 5.Dt RPC 3 6.Os 7.Sh NAME 8.Nm rpc_secure 9.Nd library routines for secure remote procedure calls 10.Sh SYNOPSIS --- 23 unchanged lines hidden (view full) --- 34.Fn netname2host "char *name" "char *host" "int hostlen" 35.Ft int 36.Fn netname2user "char *name" "uid_t *uidp" "gid_t *gidp" "int *gidlenp" "gid_t *gidlist" 37.Ft int 38.Fn user2netname "char *name" "const uid_t uid" "const char *domain" 39.Sh DESCRIPTION 40These routines are part of the 41.Tn RPC | 3.\" 4.Dd February 16, 1988 5.Dt RPC 3 6.Os 7.Sh NAME 8.Nm rpc_secure 9.Nd library routines for secure remote procedure calls 10.Sh SYNOPSIS --- 23 unchanged lines hidden (view full) --- 34.Fn netname2host "char *name" "char *host" "int hostlen" 35.Ft int 36.Fn netname2user "char *name" "uid_t *uidp" "gid_t *gidp" "int *gidlenp" "gid_t *gidlist" 37.Ft int 38.Fn user2netname "char *name" "const uid_t uid" "const char *domain" 39.Sh DESCRIPTION 40These routines are part of the 41.Tn RPC |
| 42library. They implement | 42library. 43They implement |
| 43.Tn DES | 44.Tn DES |
| 44Authentication. See | 45Authentication. 46See |
| 45.Xr rpc 3 46for further details about 47.Tn RPC . 48.Pp 49The 50.Fn authdes_create 51is the first of two routines which interface to the 52.Tn RPC --- 23 unchanged lines hidden (view full) --- 76This field usually 77represents a 78.Fa hostname 79derived from the utility routine 80.Fn host2netname , 81but could also represent a user name using 82.Fn user2netname . 83The second field is window on the validity of | 47.Xr rpc 3 48for further details about 49.Tn RPC . 50.Pp 51The 52.Fn authdes_create 53is the first of two routines which interface to the 54.Tn RPC --- 23 unchanged lines hidden (view full) --- 78This field usually 79represents a 80.Fa hostname 81derived from the utility routine 82.Fn host2netname , 83but could also represent a user name using 84.Fn user2netname . 85The second field is window on the validity of |
| 84the client credential, given in seconds. A small | 86the client credential, given in seconds. 87A small |
| 85window is more secure than a large one, but choosing 86too small of a window will increase the frequency of 87resynchronizations because of clock drift. 88The third 89argument 90.Fa addr | 88window is more secure than a large one, but choosing 89too small of a window will increase the frequency of 90resynchronizations because of clock drift. 91The third 92argument 93.Fa addr |
| 91is optional. If it is | 94is optional. 95If it is |
| 92.Dv NULL , 93then the authentication system will assume 94that the local clock is always in sync with the server's 95clock, and will not attempt resynchronizations. 96If an address 97is supplied, however, then the system will use the address 98for consulting the remote time service whenever 99resynchronization 100is required. 101This argument is usually the 102address of the 103.Tn RPC 104server itself. 105The final argument 106.Fa ckey | 96.Dv NULL , 97then the authentication system will assume 98that the local clock is always in sync with the server's 99clock, and will not attempt resynchronizations. 100If an address 101is supplied, however, then the system will use the address 102for consulting the remote time service whenever 103resynchronization 104is required. 105This argument is usually the 106address of the 107.Tn RPC 108server itself. 109The final argument 110.Fa ckey |
| 107is also optional. If it is | 111is also optional. 112If it is |
| 108.Dv NULL , 109then the authentication system will 110generate a random 111.Tn DES 112key to be used for the encryption of credentials. 113If it is supplied, however, then it will be used instead. 114.Pp 115The --- 63 unchanged lines hidden (view full) --- 179.Pp 180The 181.Fn key_decryptsession 182function 183takes a server netname and a 184.Tn DES 185key, and decrypts the key by 186using the public key of the server and the secret key | 113.Dv NULL , 114then the authentication system will 115generate a random 116.Tn DES 117key to be used for the encryption of credentials. 118If it is supplied, however, then it will be used instead. 119.Pp 120The --- 63 unchanged lines hidden (view full) --- 184.Pp 185The 186.Fn key_decryptsession 187function 188takes a server netname and a 189.Tn DES 190key, and decrypts the key by 191using the public key of the server and the secret key |
| 187associated with the effective uid of the calling process. It | 192associated with the effective uid of the calling process. 193It |
| 188is the inverse of 189.Fn key_encryptsession . 190.Pp 191The 192.Fn key_encryptsession 193function 194is a keyserver interface routine. 195It 196takes a server netname and a des key, and encrypts 197it using the public key of the server and the secret key | 194is the inverse of 195.Fn key_encryptsession . 196.Pp 197The 198.Fn key_encryptsession 199function 200is a keyserver interface routine. 201It 202takes a server netname and a des key, and encrypts 203it using the public key of the server and the secret key |
| 198associated with the effective uid of the calling process. It | 204associated with the effective uid of the calling process. 205It |
| 199is the inverse of 200.Fn key_decryptsession . 201.Pp 202The 203.Fn key_gendes 204function 205is a keyserver interface routine. 206It --- 18 unchanged lines hidden (view full) --- 225.Fn netname2host 226function 227converts from an operating-system independent netname to a 228domain-specific hostname. 229Returns 230.Dv TRUE 231if it succeeds and 232.Dv FALSE | 206is the inverse of 207.Fn key_decryptsession . 208.Pp 209The 210.Fn key_gendes 211function 212is a keyserver interface routine. 213It --- 18 unchanged lines hidden (view full) --- 232.Fn netname2host 233function 234converts from an operating-system independent netname to a 235domain-specific hostname. 236Returns 237.Dv TRUE 238if it succeeds and 239.Dv FALSE |
| 233if it fails. Inverse of | 240if it fails. 241Inverse of |
| 234.Fn host2netname . 235.Pp 236The 237.Fn netname2user 238function 239converts from an operating-system independent netname to a 240domain-specific user ID. 241Returns --- 38 unchanged lines hidden --- | 242.Fn host2netname . 243.Pp 244The 245.Fn netname2user 246function 247converts from an operating-system independent netname to a 248domain-specific user ID. 249Returns --- 38 unchanged lines hidden --- |