| rpc_secure.3 (84425) | rpc_secure.3 (108037) |
|---|---|
| 1.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI | 1.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI |
| 2.\" $FreeBSD: head/lib/libc/rpc/rpc_secure.3 84425 2001-10-03 16:47:56Z bde $ | 2.\" $FreeBSD: head/lib/libc/rpc/rpc_secure.3 108037 2002-12-18 12:45:11Z ru $ |
| 3.\" 4.Dd February 16, 1988 5.Dt RPC 3 6.Os 7.Sh NAME 8.Nm rpc_secure 9.Nd library routines for secure remote procedure calls 10.Sh SYNOPSIS --- 47 unchanged lines hidden (view full) --- 58below. 59.Pp 60Note: the keyserver daemon 61.Xr keyserv 8 62must be running for the 63.Tn DES 64authentication system to work. 65.Pp | 3.\" 4.Dd February 16, 1988 5.Dt RPC 3 6.Os 7.Sh NAME 8.Nm rpc_secure 9.Nd library routines for secure remote procedure calls 10.Sh SYNOPSIS --- 47 unchanged lines hidden (view full) --- 58below. 59.Pp 60Note: the keyserver daemon 61.Xr keyserv 8 62must be running for the 63.Tn DES 64authentication system to work. 65.Pp |
| 66.Fn Authdes_create , | 66The 67.Fn authdes_create 68function, |
| 67used on the client side, returns an authentication handle that 68will enable the use of the secure authentication system. 69The first parameter 70.Fa name 71is the network name, or 72.Fa netname , 73of the owner of the server process. 74This field usually --- 30 unchanged lines hidden (view full) --- 105is also optional. If it is 106.Dv NULL , 107then the authentication system will 108generate a random 109.Tn DES 110key to be used for the encryption of credentials. 111If it is supplied, however, then it will be used instead. 112.Pp | 69used on the client side, returns an authentication handle that 70will enable the use of the secure authentication system. 71The first parameter 72.Fa name 73is the network name, or 74.Fa netname , 75of the owner of the server process. 76This field usually --- 30 unchanged lines hidden (view full) --- 107is also optional. If it is 108.Dv NULL , 109then the authentication system will 110generate a random 111.Tn DES 112key to be used for the encryption of credentials. 113If it is supplied, however, then it will be used instead. 114.Pp |
| 113.Fn Authdes_getucred , | 115The 116.Fn authdes_getucred 117function, |
| 114the second of the two 115.Tn DES 116authentication routines, 117is used on the server side for converting a 118.Tn DES 119credential, which is 120operating system independent, into a 121.Ux 122credential. 123This routine differs from utility routine 124.Fn netname2user 125in that 126.Fn authdes_getucred 127pulls its information from a cache, and does not have to do a 128Yellow Pages lookup every time it is called to get its information. 129.Pp | 118the second of the two 119.Tn DES 120authentication routines, 121is used on the server side for converting a 122.Tn DES 123credential, which is 124operating system independent, into a 125.Ux 126credential. 127This routine differs from utility routine 128.Fn netname2user 129in that 130.Fn authdes_getucred 131pulls its information from a cache, and does not have to do a 132Yellow Pages lookup every time it is called to get its information. 133.Pp |
| 130.Fn Getnetname | 134The 135.Fn getnetname 136function |
| 131installs the unique, operating-system independent netname of 132the 133caller in the fixed-length array 134.Fa name . 135Returns 136.Dv TRUE 137if it succeeds and 138.Dv FALSE 139if it fails. 140.Pp | 137installs the unique, operating-system independent netname of 138the 139caller in the fixed-length array 140.Fa name . 141Returns 142.Dv TRUE 143if it succeeds and 144.Dv FALSE 145if it fails. 146.Pp |
| 141.Fn Host2netname | 147The 148.Fn host2netname 149function |
| 142converts from a domain-specific hostname to an 143operating-system independent netname. 144Returns 145.Dv TRUE 146if it succeeds and 147.Dv FALSE 148if it fails. 149Inverse of 150.Fn netname2host . 151.Pp | 150converts from a domain-specific hostname to an 151operating-system independent netname. 152Returns 153.Dv TRUE 154if it succeeds and 155.Dv FALSE 156if it fails. 157Inverse of 158.Fn netname2host . 159.Pp |
| 152.Fn Key_decryptsession | 160The 161.Fn key_decryptsession 162function |
| 153is an interface to the keyserver daemon, which is associated 154with 155.Tn RPC Ns 's 156secure authentication system 157.Tn ( DES 158authentication). 159User programs rarely need to call it, or its associated routines 160.Fn key_encryptsession , 161.Fn key_gendes 162and 163.Fn key_setsecret . 164System commands such as 165.Xr login 1 166and the 167.Tn RPC 168library are the main clients of these four routines. 169.Pp | 163is an interface to the keyserver daemon, which is associated 164with 165.Tn RPC Ns 's 166secure authentication system 167.Tn ( DES 168authentication). 169User programs rarely need to call it, or its associated routines 170.Fn key_encryptsession , 171.Fn key_gendes 172and 173.Fn key_setsecret . 174System commands such as 175.Xr login 1 176and the 177.Tn RPC 178library are the main clients of these four routines. 179.Pp |
| 170.Fn Key_decryptsession | 180The 181.Fn key_decryptsession 182function |
| 171takes a server netname and a 172.Tn DES 173key, and decrypts the key by 174using the public key of the server and the secret key 175associated with the effective uid of the calling process. It 176is the inverse of 177.Fn key_encryptsession . 178.Pp | 183takes a server netname and a 184.Tn DES 185key, and decrypts the key by 186using the public key of the server and the secret key 187associated with the effective uid of the calling process. It 188is the inverse of 189.Fn key_encryptsession . 190.Pp |
| 179.Fn Key_encryptsession | 191The 192.Fn key_encryptsession 193function |
| 180is a keyserver interface routine. 181It 182takes a server netname and a des key, and encrypts 183it using the public key of the server and the secret key 184associated with the effective uid of the calling process. It 185is the inverse of 186.Fn key_decryptsession . 187.Pp | 194is a keyserver interface routine. 195It 196takes a server netname and a des key, and encrypts 197it using the public key of the server and the secret key 198associated with the effective uid of the calling process. It 199is the inverse of 200.Fn key_decryptsession . 201.Pp |
| 188.Fn Key_gendes | 202The 203.Fn key_gendes 204function |
| 189is a keyserver interface routine. 190It 191is used to ask the keyserver for a secure conversation key. 192Choosing one 193.Qq random 194is usually not good enough, 195because 196the common ways of choosing random numbers, such as using the 197current time, are very easy to guess. 198.Pp | 205is a keyserver interface routine. 206It 207is used to ask the keyserver for a secure conversation key. 208Choosing one 209.Qq random 210is usually not good enough, 211because 212the common ways of choosing random numbers, such as using the 213current time, are very easy to guess. 214.Pp |
| 199.Fn Key_setsecret | 215The 216.Fn key_setsecret 217function |
| 200is a keyserver interface routine. 201It is used to set the key for 202the effective 203.Fa uid 204of the calling process. 205.Pp | 218is a keyserver interface routine. 219It is used to set the key for 220the effective 221.Fa uid 222of the calling process. 223.Pp |
| 206.Fn Netname2host | 224The 225.Fn netname2host 226function |
| 207converts from an operating-system independent netname to a 208domain-specific hostname. 209Returns 210.Dv TRUE 211if it succeeds and 212.Dv FALSE 213if it fails. Inverse of 214.Fn host2netname . 215.Pp | 227converts from an operating-system independent netname to a 228domain-specific hostname. 229Returns 230.Dv TRUE 231if it succeeds and 232.Dv FALSE 233if it fails. Inverse of 234.Fn host2netname . 235.Pp |
| 216.Fn Netname2user | 236The 237.Fn netname2user 238function |
| 217converts from an operating-system independent netname to a 218domain-specific user ID. 219Returns 220.Dv TRUE 221if it succeeds and 222.Dv FALSE 223if it fails. 224Inverse of 225.Fn user2netname . 226.Pp | 239converts from an operating-system independent netname to a 240domain-specific user ID. 241Returns 242.Dv TRUE 243if it succeeds and 244.Dv FALSE 245if it fails. 246Inverse of 247.Fn user2netname . 248.Pp |
| 227.Fn User2netname | 249The 250.Fn user2netname 251function |
| 228converts from a domain-specific username to an operating-system 229independent netname. 230Returns 231.Dv TRUE 232if it succeeds and 233.Dv FALSE 234if it fails. 235Inverse of --- 20 unchanged lines hidden --- | 252converts from a domain-specific username to an operating-system 253independent netname. 254Returns 255.Dv TRUE 256if it succeeds and 257.Dv FALSE 258if it fails. 259Inverse of --- 20 unchanged lines hidden --- |