All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
$FreeBSD$
.Dd January 26, 2010 .Dt MECH 5 .Os .Sh NAME .Nm mech , .Nm qop .Nd "GSS-API Mechanism and QOP files" .Sh SYNOPSIS
a "/etc/gss/qop" .Sh DESCRIPTION The
a "/etc/gss/mech" file contains a list of installed GSS-API security mechanisms. Each line of the file either contains a comment if the first character is '#' or it contains five fields with the following meanings: l -tag -width ".It Object identifier" t Name The name of this GSS-API mechanism. t Object identifier The OID for this mechanism. t Library A shared library containing the implementation of this mechanism. t Kernel module Optional kernel module containing the implementation of this mechanism (not yet supported in FreeBSD). t Library options Optional parameters interpreted by the mechanism. Library options must be enclosed in brackets ([ ]) to differentiate them from the optional kernel module entry. .El
p The first mechanism listed in
a "/etc/gss/mech" is the default mechanism. This mechanism will be used by .Xr gss_init_sec_context 3 if the user doesn't specify a specific mechanism.
p The
a "/etc/gss/qop" file contains a list of Quality of Protection values for use with GSS-API. Each line of the file either contains a comment if the first character is '#' or it contains three fields with the following meanings: l -tag -width ".It Mechanism name" t QOP string The name of this Quality of Protection algorithm. t QOP value The numeric value used to select this algorithm for use with GSS-API functions such as .Xr gss_get_mic 3 . t Mechanism name The GSS-API mechanism name that corresponds to this algorithm. .El .Sh EXAMPLES This is a typical entry from
a "/etc/gss/mech" : d -literal kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 - .Ed
p This is a typical entry from
a "/etc/gss/qop" : d -literal GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5 .Ed .Sh HISTORY The .Nm manual page first appeared in .Fx 7.0 . .Sh AUTHORS This manual page was written by .An Doug Rabson Aq dfr@FreeBSD.org .