1226031Sstas/*
2226031Sstas * Copyright (c) 2009 Kungliga Tekniska H��gskolan
3226031Sstas * (Royal Institute of Technology, Stockholm, Sweden).
4226031Sstas * All rights reserved.
5226031Sstas *
6226031Sstas * Redistribution and use in source and binary forms, with or without
7226031Sstas * modification, are permitted provided that the following conditions
8226031Sstas * are met:
9226031Sstas *
10226031Sstas * 1. Redistributions of source code must retain the above copyright
11226031Sstas *    notice, this list of conditions and the following disclaimer.
12226031Sstas *
13226031Sstas * 2. Redistributions in binary form must reproduce the above copyright
14226031Sstas *    notice, this list of conditions and the following disclaimer in the
15226031Sstas *    documentation and/or other materials provided with the distribution.
16226031Sstas *
17226031Sstas * 3. Neither the name of the Institute nor the names of its contributors
18226031Sstas *    may be used to endorse or promote products derived from this software
19226031Sstas *    without specific prior written permission.
20226031Sstas *
21226031Sstas * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22226031Sstas * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23226031Sstas * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24226031Sstas * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25226031Sstas * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26226031Sstas * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27226031Sstas * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28226031Sstas * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29226031Sstas * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30226031Sstas * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31226031Sstas * SUCH DAMAGE.
32226031Sstas */
33226031Sstas
34226031Sstas/*! @mainpage Heimdal GSS-API Library
35226031Sstas *
36226031Sstas * Heimdal implements the following mechanisms:
37226031Sstas *
38226031Sstas * - Kerberos 5
39226031Sstas * - SPNEGO
40226031Sstas * - NTLM
41226031Sstas *
42226031Sstas * See @ref gssapi_mechs for more describtion about these mechanisms.
43226031Sstas *
44226031Sstas * The project web page: http://www.h5l.org/
45226031Sstas *
46226031Sstas * - @ref gssapi_services_intro
47226031Sstas * - @ref gssapi_mechs
48226031Sstas * - @ref gssapi_api_INvsMN
49226031Sstas */
50226031Sstas
51226031Sstas/**
52226031Sstas * @page gssapi_services_intro Introduction to GSS-API services
53226031Sstas * @section gssapi_services GSS-API services
54226031Sstas *
55226031Sstas * @subsection gssapi_services_context Context creation
56226031Sstas *
57226031Sstas *  - delegation
58226031Sstas *  - mutual authentication
59226031Sstas *  - anonymous
60226031Sstas *  - use per message before context creation has completed
61226031Sstas *
62226031Sstas *  return status:
63226031Sstas *  - support conf
64226031Sstas *  - support int
65226031Sstas *
66226031Sstas * @subsection gssapi_context_flags Context creation flags
67226031Sstas *
68226031Sstas * - GSS_C_DELEG_FLAG
69226031Sstas * - GSS_C_MUTUAL_FLAG
70226031Sstas * - GSS_C_REPLAY_FLAG
71226031Sstas * - GSS_C_SEQUENCE_FLAG
72226031Sstas * - GSS_C_CONF_FLAG
73226031Sstas * - GSS_C_INTEG_FLAG
74226031Sstas * - GSS_C_ANON_FLAG
75226031Sstas * - GSS_C_PROT_READY_FLAG
76226031Sstas * - GSS_C_TRANS_FLAG
77226031Sstas * - GSS_C_DCE_STYLE
78226031Sstas * - GSS_C_IDENTIFY_FLAG
79226031Sstas * - GSS_C_EXTENDED_ERROR_FLAG
80226031Sstas * - GSS_C_DELEG_POLICY_FLAG
81226031Sstas *
82226031Sstas *
83226031Sstas * @subsection gssapi_services_permessage Per-message services
84226031Sstas *
85226031Sstas *  - conf
86226031Sstas *  - int
87226031Sstas *  - message integrity
88226031Sstas *  - replay detection
89226031Sstas *  - out of sequence
90226031Sstas *
91226031Sstas */
92226031Sstas
93226031Sstas/**
94226031Sstas * @page gssapi_mechs_intro GSS-API mechanisms
95226031Sstas * @section gssapi_mechs GSS-API mechanisms
96226031Sstas *
97226031Sstas * - Kerberos 5 - GSS_KRB5_MECHANISM
98226031Sstas * - SPNEGO - GSS_SPNEGO_MECHANISM
99226031Sstas * - NTLM - GSS_NTLM_MECHANISM
100226031Sstas
101226031Sstas */
102226031Sstas
103226031Sstas
104226031Sstas/**
105226031Sstas * @page internalVSmechname Internal names and mechanism names
106226031Sstas * @section gssapi_api_INvsMN Name forms
107226031Sstas *
108226031Sstas * There are two forms of name in GSS-API, Internal form and
109226031Sstas * Contiguous string ("flat") form. gss_export_name() and
110226031Sstas * gss_import_name() can be used to convert between the two forms.
111226031Sstas *
112226031Sstas * - The contiguous string form is described by an oid specificing the
113226031Sstas *   type and an octet string. A special form of the contiguous
114226031Sstas *   string form is the exported name object. The exported name
115226031Sstas *   defined for each mechanism, is something that can be stored and
116226031Sstas *   complared later. The exported name is what should be used for
117226031Sstas *   ACLs comparisons.
118226031Sstas *
119226031Sstas * - The Internal form
120226031Sstas *
121226031Sstas *   There is also special form of the Internal Name (IN), and that is
122226031Sstas *   the Mechanism Name (MN). In the mechanism name all the generic
123226031Sstas *   information is stripped of and only contain the information for
124226031Sstas *   one mechanism.  In GSS-API some function return MN and some
125226031Sstas *   require MN as input. Each of these function is marked up as such.
126226031Sstas *
127226031Sstas *
128226031Sstas * Describe relationship between import_name, canonicalize_name,
129226031Sstas * export_name and friends.
130226031Sstas */
131226031Sstas
132226031Sstas/** @defgroup gssapi Heimdal GSS-API functions */
133