diff options
| author | Chuck Lever <chuck.lever@oracle.com> | 2015-07-10 10:02:34 -0400 |
|---|---|---|
| committer | Steve Dickson <steved@redhat.com> | 2015-07-10 11:19:27 -0400 |
| commit | 407751a5384bfe983e7752e003c7aa767ae7d6ee (patch) | |
| tree | cabaf399d34911a850a71618dce8b2cd428c11f0 /man | |
| parent | 5d240cd7e18565028ccdeaa1de3551f5d953c804 (diff) | |
| download | ti-rpc-407751a5384bfe983e7752e003c7aa767ae7d6ee.tar.gz | |
man: /etc/gss/{mech, qop} are not used by this implementation
Replace text in the new rpc_gss man pages that refer to
/etc/gss/mech or /etc/gss/qop. The Linux libtirpc implementation
currently does not use these files.
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
Diffstat (limited to 'man')
| -rw-r--r-- | man/rpc_gss_get_mech_info.3t | 27 | ||||
| -rw-r--r-- | man/rpc_gss_is_installed.3t | 11 | ||||
| -rw-r--r-- | man/rpc_gss_mech_to_oid.3t | 23 | ||||
| -rw-r--r-- | man/rpc_gss_qop_to_num.3t | 29 | ||||
| -rw-r--r-- | man/rpc_gss_seccreate.3t | 10 |
5 files changed, 59 insertions, 41 deletions
diff --git a/man/rpc_gss_get_mech_info.3t b/man/rpc_gss_get_mech_info.3t index 1f3ba04..44f0df3 100644 --- a/man/rpc_gss_get_mech_info.3t +++ b/man/rpc_gss_get_mech_info.3t @@ -29,28 +29,33 @@ .Os .Sh NAME .Nm rpc_gss_get_mech_info -.Nd "Get extra information about a security mechanism" +.Nd "Get Quality of Protection information for a security mechanism" .Sh SYNOPSIS .In rpc/rpcsec_gss.h .Ft const char ** .Fn rpc_gss_get_mech_info "const char *mech" "rpc_gss_service_t *service" .Sh DESCRIPTION -This function looks up a mechanism by name by reading the file -/etc/gss/mech and queries it for its capabilities. +This function returns the list of QOP names supported by the +GSS_API mechanism named "mech". .Sh PARAMETERS .Bl -tag -width ".It service" .It mech -The mechanism to search for +The name of a GSS_API mechanism. +"kerberos_v5" is currently the only supported mechanism. .It service -If the mechanism is found, the maximum supported service type is -returned in -.Fa *service +Buffer in which maximum service type is planted .El .Sh RETURN VALUES -If the mechanism is found, -a list of the supported qualities of protection is returned, -otherwise -.Dv NULL . +If the named GSS_API mechanism is recognized, +a list of the supported Qualities of Protection is returned. +The maximum supported service type for the mechanism is returned in +.Fa *service . +Otherwise +.Dv NULL +is returned. +.Pp +Note: The returned QOP list is statically allocated memory. +The caller must not free this array. .Sh AVAILABILITY The .Fn rpc_gss_get_mech_info diff --git a/man/rpc_gss_is_installed.3t b/man/rpc_gss_is_installed.3t index 274a1f0..d5f5e44 100644 --- a/man/rpc_gss_is_installed.3t +++ b/man/rpc_gss_is_installed.3t @@ -29,23 +29,24 @@ .Os .Sh NAME .Nm rpc_gss_is_installed -.Nd "Query for the presence os a security mechanism" +.Nd "Query for the presence of a security mechanism" .Sh SYNOPSIS .In rpc/rpcsec_gss.h .Ft bool_t .Fn rpc_gss_is_installed "const char *mech" .Sh DESCRIPTION -This function looks up a mechanism by name by reading the file -/etc/gss/mech. +This function indicates whether the GSS_API mechanism named "mech" +is installed and enabled. .Sh PARAMETERS .Bl -tag -width ".It mech" .It mech -The mechanism to search for +The name of a GSS_API mechanism. +"kerberos_v5" is currently the only supported mechanism. .El .Sh RETURN VALUES Returns .Dv TRUE -if the mechanism is installed, +if the named GSS_API mechanism is installed and enabled, .Dv FALSE otherwise. .Sh AVAILABILITY diff --git a/man/rpc_gss_mech_to_oid.3t b/man/rpc_gss_mech_to_oid.3t index 8bbe616..4a1b25d 100644 --- a/man/rpc_gss_mech_to_oid.3t +++ b/man/rpc_gss_mech_to_oid.3t @@ -35,22 +35,27 @@ .Ft bool_t .Fn rpc_gss_mech_to_oid "const char *mech" "gss_OID *oid_ret" .Sh DESCRIPTION -This function looks up a mechanism by name by reading the file -/etc/gss/mech. +This function returns the GSS OID associated with the GSS_API +mechanism "mech". .Sh PARAMETERS .Bl -tag -width ".It oid_ret" .It mech -The mechanism name to search for +The name of a GSS_API mechanism. +"kerberos_v5" is currently the only supported mechanism. .It oid_ret -If the mechanism is found, the corresponding GSS-API oid is returned -in -.Fa *oid_ret +Buffer in which to place the returned OID .El .Sh RETURN VALUES -If the mechanism is found, +If the GSS_API mechanism name is recognized, .Dv TRUE -is returned, otherwise -.Dv FALSE . +is returned. +The corresponding GSS-API oid is returned in +.Fa *oid_ret . +Otherwise +.Dv FALSE +is returned and +.Fa *oid_ret +is left untouched. .Sh AVAILABILITY The .Fn rpc_gss_mech_to_oid diff --git a/man/rpc_gss_qop_to_num.3t b/man/rpc_gss_qop_to_num.3t index 3968216..7ac1a4c 100644 --- a/man/rpc_gss_qop_to_num.3t +++ b/man/rpc_gss_qop_to_num.3t @@ -29,30 +29,37 @@ .Os .Sh NAME .Nm rpc_gss_qop_to_num -.Nd "Convert a quality of protection name to number" +.Nd "Convert a Quality of Protection name to number" .Sh SYNOPSIS .In rpc/rpcsec_gss.h .Ft bool_t .Fn rpc_gss_qop_to_num "const char *qop" "const char *mech" "u_int *num_ret" .Sh DESCRIPTION -This function looks up a quality of protection by name by reading the file -/etc/gss/qop. +This function returns the numeric QOP value associated with the +GSS_API QOP "qop" and mechanism "mech." .Sh PARAMETERS .Bl -tag -width ".It number_ret" .It qop -The quality of protection to search for +The name of Quality of Protection associated with the +GSS_API mechanism "mech". +"GSS_C_QOP_DEFAULT" is currently the only supported QOP. .It mech -The mechanism name to search for +The name of a GSS_API mechanism. +"kerberos_v5" is currently the only supported mechanism. .It number_ret -If the quality of protection is found, the corresponding number is -returned in -.Fa *num_ret +Buffer in which to place the returned QOP number .El .Sh RETURN VALUES -If the value is found, +If the QOP and mechanism names are recognized, .Dv TRUE -is returned, otherwise -.Dv FALSE . +is returned. +The corresponding QOP number is returned in +.Fa *num_ret . +Otherwise +.Dv FALSE +is returned and +.It number_ret +is left untouched. .Sh AVAILABILITY The .Fn rpc_gss_qop_to_num diff --git a/man/rpc_gss_seccreate.3t b/man/rpc_gss_seccreate.3t index 9f526a6..b52df19 100644 --- a/man/rpc_gss_seccreate.3t +++ b/man/rpc_gss_seccreate.3t @@ -55,9 +55,8 @@ For instance, a principal such as .Qq nfs@server.example.com might be used by an application which needs to contact an NFS server .It mechanism -The desired mechanism for this security context. -The value of mechanism should be the name of one of the security -mechanisms listed in /etc/gss/mech. +The name of the GSS_API mechanism to use for the new security context. +"kerberos_v5" is currently the only supported mechanism. .It service Type of service requested. .Bl -tag -width "rpc_gss_svc_integrity" @@ -72,8 +71,9 @@ RPC headers and data are integrity protected by a checksum. RPC headers are integrity protected by a checksum and data is encrypted. .El .It qop -Desired quality of protection or NULL for the default. -Available values are listed in /etc/gss/qop +The name of the Quality of Protection to use for the new security context, +or NULL to use the default QOP. +"GSS_C_QOP_DEFAULT" is currently the only supported QOP. .It options_req Extra security context options to be passed to the underlying GSS-API mechanism. |