1226031Sstas/* 2226031Sstas * Copyright (c) 2009 Kungliga Tekniska H��gskolan 3226031Sstas * (Royal Institute of Technology, Stockholm, Sweden). 4226031Sstas * All rights reserved. 5226031Sstas * 6226031Sstas * Redistribution and use in source and binary forms, with or without 7226031Sstas * modification, are permitted provided that the following conditions 8226031Sstas * are met: 9226031Sstas * 10226031Sstas * 1. Redistributions of source code must retain the above copyright 11226031Sstas * notice, this list of conditions and the following disclaimer. 12226031Sstas * 13226031Sstas * 2. Redistributions in binary form must reproduce the above copyright 14226031Sstas * notice, this list of conditions and the following disclaimer in the 15226031Sstas * documentation and/or other materials provided with the distribution. 16226031Sstas * 17226031Sstas * 3. Neither the name of the Institute nor the names of its contributors 18226031Sstas * may be used to endorse or promote products derived from this software 19226031Sstas * without specific prior written permission. 20226031Sstas * 21226031Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 22226031Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23226031Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24226031Sstas * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 25226031Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26226031Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27226031Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28226031Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29226031Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30226031Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31226031Sstas * SUCH DAMAGE. 32226031Sstas */ 33226031Sstas 34226031Sstas/*! @mainpage Heimdal GSS-API Library 35226031Sstas * 36226031Sstas * Heimdal implements the following mechanisms: 37226031Sstas * 38226031Sstas * - Kerberos 5 39226031Sstas * - SPNEGO 40226031Sstas * - NTLM 41226031Sstas * 42226031Sstas * See @ref gssapi_mechs for more describtion about these mechanisms. 43226031Sstas * 44226031Sstas * The project web page: http://www.h5l.org/ 45226031Sstas * 46226031Sstas * - @ref gssapi_services_intro 47226031Sstas * - @ref gssapi_mechs 48226031Sstas * - @ref gssapi_api_INvsMN 49226031Sstas */ 50226031Sstas 51226031Sstas/** 52226031Sstas * @page gssapi_services_intro Introduction to GSS-API services 53226031Sstas * @section gssapi_services GSS-API services 54226031Sstas * 55226031Sstas * @subsection gssapi_services_context Context creation 56226031Sstas * 57226031Sstas * - delegation 58226031Sstas * - mutual authentication 59226031Sstas * - anonymous 60226031Sstas * - use per message before context creation has completed 61226031Sstas * 62226031Sstas * return status: 63226031Sstas * - support conf 64226031Sstas * - support int 65226031Sstas * 66226031Sstas * @subsection gssapi_context_flags Context creation flags 67226031Sstas * 68226031Sstas * - GSS_C_DELEG_FLAG 69226031Sstas * - GSS_C_MUTUAL_FLAG 70226031Sstas * - GSS_C_REPLAY_FLAG 71226031Sstas * - GSS_C_SEQUENCE_FLAG 72226031Sstas * - GSS_C_CONF_FLAG 73226031Sstas * - GSS_C_INTEG_FLAG 74226031Sstas * - GSS_C_ANON_FLAG 75226031Sstas * - GSS_C_PROT_READY_FLAG 76226031Sstas * - GSS_C_TRANS_FLAG 77226031Sstas * - GSS_C_DCE_STYLE 78226031Sstas * - GSS_C_IDENTIFY_FLAG 79226031Sstas * - GSS_C_EXTENDED_ERROR_FLAG 80226031Sstas * - GSS_C_DELEG_POLICY_FLAG 81226031Sstas * 82226031Sstas * 83226031Sstas * @subsection gssapi_services_permessage Per-message services 84226031Sstas * 85226031Sstas * - conf 86226031Sstas * - int 87226031Sstas * - message integrity 88226031Sstas * - replay detection 89226031Sstas * - out of sequence 90226031Sstas * 91226031Sstas */ 92226031Sstas 93226031Sstas/** 94226031Sstas * @page gssapi_mechs_intro GSS-API mechanisms 95226031Sstas * @section gssapi_mechs GSS-API mechanisms 96226031Sstas * 97226031Sstas * - Kerberos 5 - GSS_KRB5_MECHANISM 98226031Sstas * - SPNEGO - GSS_SPNEGO_MECHANISM 99226031Sstas * - NTLM - GSS_NTLM_MECHANISM 100226031Sstas 101226031Sstas */ 102226031Sstas 103226031Sstas 104226031Sstas/** 105226031Sstas * @page internalVSmechname Internal names and mechanism names 106226031Sstas * @section gssapi_api_INvsMN Name forms 107226031Sstas * 108226031Sstas * There are two forms of name in GSS-API, Internal form and 109226031Sstas * Contiguous string ("flat") form. gss_export_name() and 110226031Sstas * gss_import_name() can be used to convert between the two forms. 111226031Sstas * 112226031Sstas * - The contiguous string form is described by an oid specificing the 113226031Sstas * type and an octet string. A special form of the contiguous 114226031Sstas * string form is the exported name object. The exported name 115226031Sstas * defined for each mechanism, is something that can be stored and 116226031Sstas * complared later. The exported name is what should be used for 117226031Sstas * ACLs comparisons. 118226031Sstas * 119226031Sstas * - The Internal form 120226031Sstas * 121226031Sstas * There is also special form of the Internal Name (IN), and that is 122226031Sstas * the Mechanism Name (MN). In the mechanism name all the generic 123226031Sstas * information is stripped of and only contain the information for 124226031Sstas * one mechanism. In GSS-API some function return MN and some 125226031Sstas * require MN as input. Each of these function is marked up as such. 126226031Sstas * 127226031Sstas * 128226031Sstas * Describe relationship between import_name, canonicalize_name, 129226031Sstas * export_name and friends. 130226031Sstas */ 131226031Sstas 132226031Sstas/** @defgroup gssapi Heimdal GSS-API functions */ 133