1.\" @(#)rpc_secure.3n 2.1 88/08/08 4.0 RPCSRC; from 1.19 88/06/24 SMI |
2.\" $FreeBSD: head/lib/libc/rpc/rpc_secure.3 57686 2000-03-02 09:14:21Z sheldonh $ |
3.\" 4.Dd February 16, 1988 5.Dt RPC 3 6.Sh NAME 7.Nm rpc_secure 8.Nd library routines for secure remote procedure calls 9.Sh SYNOPSIS 10.Fd #include <rpc/rpc.h> --- 53 unchanged lines hidden (view full) --- 64.Pp 65.Fn Authdes_create , 66used on the client side, returns an authentication handle that 67will enable the use of the secure authentication system. 68The first parameter 69.Fa name 70is the network name, or 71.Fa netname , |
72of the owner of the server process. 73This field usually |
74represents a 75.Fa hostname 76derived from the utility routine 77.Fn host2netname , 78but could also represent a user name using 79.Fn user2netname . 80The second field is window on the validity of 81the client credential, given in seconds. A small 82window is more secure than a large one, but choosing 83too small of a window will increase the frequency of |
84resynchronizations because of clock drift. 85The third |
86parameter 87.Fa addr 88is optional. If it is 89.Dv NULL , 90then the authentication system will assume 91that the local clock is always in sync with the server's |
92clock, and will not attempt resynchronizations. 93If an address |
94is supplied, however, then the system will use the address 95for consulting the remote time service whenever 96resynchronization |
97is required. 98This parameter is usually the |
99address of the 100.Tn RPC |
101server itself. 102The final parameter |
103.Fa ckey 104is also optional. If it is 105.Dv NULL , 106then the authentication system will 107generate a random 108.Tn DES 109key to be used for the encryption of credentials. 110If it is supplied, however, then it will be used instead. 111.Pp 112.Fn Authdes_getucred , 113the second of the two 114.Tn DES 115authentication routines, 116is used on the server side for converting a 117.Tn DES 118credential, which is 119operating system independent, into a 120.Ux |
121credential. 122This routine differs from utility routine |
123.Fn netname2user 124in that 125.Fn authdes_getucred 126pulls its information from a cache, and does not have to do a 127Yellow Pages lookup every time it is called to get its information. 128.Pp 129.Fn Getnetname 130installs the unique, operating-system independent netname of 131the 132caller in the fixed-length array 133.Fa name . 134Returns 135.Dv TRUE 136if it succeeds and 137.Dv FALSE 138if it fails. 139.Pp 140.Fn Host2netname 141converts from a domain-specific hostname to an |
142operating-system independent netname. 143Returns |
144.Dv TRUE 145if it succeeds and 146.Dv FALSE |
147if it fails. 148Inverse of |
149.Fn netname2host . 150.Pp 151.Fn Key_decryptsession 152is an interface to the keyserver daemon, which is associated 153with 154.Tn RPC Ns 's 155secure authentication system ( 156.Tn DES --- 14 unchanged lines hidden (view full) --- 171.Tn DES 172key, and decrypts the key by 173using the the public key of the the server and the secret key 174associated with the effective uid of the calling process. It 175is the inverse of 176.Fn key_encryptsession . 177.Pp 178.Fn Key_encryptsession |
179is a keyserver interface routine. 180It |
181takes a server netname and a des key, and encrypts 182it using the public key of the the server and the secret key 183associated with the effective uid of the calling process. It 184is the inverse of 185.Fn key_decryptsession . 186.Pp 187.Fn Key_gendes |
188is a keyserver interface routine. 189It |
190is used to ask the keyserver for a secure conversation key. 191Choosing one 192.Qq random 193is usually not good enough, 194because 195the common ways of choosing random numbers, such as using the 196current time, are very easy to guess. 197.Pp 198.Fn Key_setsecret |
199is a keyserver interface routine. 200It is used to set the key for |
201the effective 202.Fa uid 203of the calling process. 204.Pp 205.Fn Netname2host 206converts from an operating-system independent netname to a |
207domain-specific hostname. 208Returns |
209.Dv TRUE 210if it succeeds and 211.Dv FALSE 212if it fails. Inverse of 213.Fn host2netname . 214.Pp 215.Fn Netname2user 216converts from an operating-system independent netname to a 217domain-specific user ID. 218Returns 219.Dv TRUE 220if it succeeds and 221.Dv FALSE |
222if it fails. 223Inverse of |
224.Fn user2netname . 225.Pp 226.Fn User2netname 227converts from a domain-specific username to an operating-system |
228independent netname. 229Returns |
230.Dv TRUE 231if it succeeds and 232.Dv FALSE |
233if it fails. 234Inverse of |
235.Fn netname2user . 236.Sh SEE ALSO 237.Xr rpc 3 , 238.Xr xdr 3 , 239.Xr keyserv 8 240.Pp 241The following manuals: 242.Rs --- 12 unchanged lines hidden --- |