1.\" Copyright (c) 2005 Doug Rabson 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.Dd January 26, 2010 25.Dt MECH 5 26.Os 27.Sh NAME 28.Nm mech , 29.Nm qop 30.Nd "GSS-API Mechanism and QOP files" 31.Sh SYNOPSIS 32.Pa "/etc/gss/mech" 33.Pa "/etc/gss/qop" 34.Sh DESCRIPTION 35The 36.Pa "/etc/gss/mech" 37file contains a list of installed GSS-API security mechanisms. 38Each line of the file either contains a comment if the first character 39is '#' or it contains five fields with the following meanings: 40.Bl -tag -width ".It Object identifier" 41.It Name 42The name of this GSS-API mechanism. 43.It Object identifier 44The OID for this mechanism. 45.It Library 46A shared library containing the implementation of this mechanism. 47.It Kernel module 48Optional kernel module containing the implementation of this mechanism (not 49yet supported in FreeBSD). 50.It Library options 51Optional parameters interpreted by the mechanism. Library options 52must be enclosed in brackets ([ ]) to differentiate them from the 53optional kernel module entry. 54.El 55.Pp 56The first mechanism listed in 57.Pa "/etc/gss/mech" 58is the default mechanism. 59This mechanism will be used by 60.Xr gss_init_sec_context 3 61if the user doesn't specify a specific mechanism. 62.Pp 63The 64.Pa "/etc/gss/qop" 65file contains a list of Quality of Protection values for use with 66GSS-API. 67Each line of the file either contains a comment if the first character 68is '#' or it contains three fields with the following meanings: 69.Bl -tag -width ".It Mechanism name" 70.It QOP string 71The name of this Quality of Protection algorithm. 72.It QOP value 73The numeric value used to select this algorithm for use with GSS-API 74functions such as 75.Xr gss_get_mic 3 . 76.It Mechanism name 77The GSS-API mechanism name that corresponds to this algorithm. 78.El 79.Sh EXAMPLES 80This is a typical entry from 81.Pa "/etc/gss/mech" : 82.Bd -literal 83kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 - 84.Ed 85.Pp 86This is a typical entry from 87.Pa "/etc/gss/qop" : 88.Bd -literal 89GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5 90.Ed 91.Sh HISTORY 92The 93.Nm 94manual page first appeared in 95.Fx 7.0 . 96.Sh AUTHORS 97This 98manual page was written by 99.An Doug Rabson Aq Mt dfr@FreeBSD.org . 100