xref: /freebsd/crypto/heimdal/lib/gssapi/mech/doxygen.c (revision 8ddb146abcdf061be9f2c0db7e391697dafad85c) 
1 /*
2  * Copyright (c) 2009 Kungliga Tekniska Högskolan
3  * (Royal Institute of Technology, Stockholm, Sweden).
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  *
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  *
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in the
15  *    documentation and/or other materials provided with the distribution.
16  *
17  * 3. Neither the name of the Institute nor the names of its contributors
18  *    may be used to endorse or promote products derived from this software
19  *    without specific prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 /*! @mainpage Heimdal GSS-API Library
35  *
36  * Heimdal implements the following mechanisms:
37  *
38  * - Kerberos 5
39  * - SPNEGO
40  * - NTLM
41  *
42  * See @ref gssapi_mechs for more describtion about these mechanisms.
43  *
44  * The project web page: http://www.h5l.org/
45  *
46  * - @ref gssapi_services_intro
47  * - @ref gssapi_mechs
48  * - @ref gssapi_api_INvsMN
49  */
50 
51 /**
52  * @page gssapi_services_intro Introduction to GSS-API services
53  * @section gssapi_services GSS-API services
54  *
55  * @subsection gssapi_services_context Context creation
56  *
57  *  - delegation
58  *  - mutual authentication
59  *  - anonymous
60  *  - use per message before context creation has completed
61  *
62  *  return status:
63  *  - support conf
64  *  - support int
65  *
66  * @subsection gssapi_context_flags Context creation flags
67  *
68  * - GSS_C_DELEG_FLAG
69  * - GSS_C_MUTUAL_FLAG
70  * - GSS_C_REPLAY_FLAG
71  * - GSS_C_SEQUENCE_FLAG
72  * - GSS_C_CONF_FLAG
73  * - GSS_C_INTEG_FLAG
74  * - GSS_C_ANON_FLAG
75  * - GSS_C_PROT_READY_FLAG
76  * - GSS_C_TRANS_FLAG
77  * - GSS_C_DCE_STYLE
78  * - GSS_C_IDENTIFY_FLAG
79  * - GSS_C_EXTENDED_ERROR_FLAG
80  * - GSS_C_DELEG_POLICY_FLAG
81  *
82  *
83  * @subsection gssapi_services_permessage Per-message services
84  *
85  *  - conf
86  *  - int
87  *  - message integrity
88  *  - replay detection
89  *  - out of sequence
90  *
91  */
92 
93 /**
94  * @page gssapi_mechs_intro GSS-API mechanisms
95  * @section gssapi_mechs GSS-API mechanisms
96  *
97  * - Kerberos 5 - GSS_KRB5_MECHANISM
98  * - SPNEGO - GSS_SPNEGO_MECHANISM
99  * - NTLM - GSS_NTLM_MECHANISM
100 
101  */
102 
103 
104 /**
105  * @page internalVSmechname Internal names and mechanism names
106  * @section gssapi_api_INvsMN Name forms
107  *
108  * There are two forms of name in GSS-API, Internal form and
109  * Contiguous string ("flat") form. gss_export_name() and
110  * gss_import_name() can be used to convert between the two forms.
111  *
112  * - The contiguous string form is described by an oid specificing the
113  *   type and an octet string. A special form of the contiguous
114  *   string form is the exported name object. The exported name
115  *   defined for each mechanism, is something that can be stored and
116  *   complared later. The exported name is what should be used for
117  *   ACLs comparisons.
118  *
119  * - The Internal form
120  *
121  *   There is also special form of the Internal Name (IN), and that is
122  *   the Mechanism Name (MN). In the mechanism name all the generic
123  *   information is stripped of and only contain the information for
124  *   one mechanism.  In GSS-API some function return MN and some
125  *   require MN as input. Each of these function is marked up as such.
126  *
127  *
128  * Describe relationship between import_name, canonicalize_name,
129  * export_name and friends.
130  */
131 
132 /** @defgroup gssapi Heimdal GSS-API functions */
133