1.\" Copyright (c) 2005 Doug Rabson 2.\" All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.Dd January 26, 2010 27.Dt MECH 5 28.Os 29.Sh NAME 30.Nm mech , 31.Nm qop 32.Nd "GSS-API Mechanism and QOP files" 33.Sh SYNOPSIS 34.Pa "/etc/gss/mech" 35.Pa "/etc/gss/qop" 36.Sh DESCRIPTION 37The 38.Pa "/etc/gss/mech" 39file contains a list of installed GSS-API security mechanisms. 40Each line of the file either contains a comment if the first character 41is '#' or it contains five fields with the following meanings: 42.Bl -tag -width ".It Object identifier" 43.It Name 44The name of this GSS-API mechanism. 45.It Object identifier 46The OID for this mechanism. 47.It Library 48A shared library containing the implementation of this mechanism. 49.It Kernel module 50Optional kernel module containing the implementation of this mechanism (not 51yet supported in FreeBSD). 52.It Library options 53Optional parameters interpreted by the mechanism. Library options 54must be enclosed in brackets ([ ]) to differentiate them from the 55optional kernel module entry. 56.El 57.Pp 58The first mechanism listed in 59.Pa "/etc/gss/mech" 60is the default mechanism. 61This mechanism will be used by 62.Xr gss_init_sec_context 3 63if the user doesn't specify a specific mechanism. 64.Pp 65The 66.Pa "/etc/gss/qop" 67file contains a list of Quality of Protection values for use with 68GSS-API. 69Each line of the file either contains a comment if the first character 70is '#' or it contains three fields with the following meanings: 71.Bl -tag -width ".It Mechanism name" 72.It QOP string 73The name of this Quality of Protection algorithm. 74.It QOP value 75The numeric value used to select this algorithm for use with GSS-API 76functions such as 77.Xr gss_get_mic 3 . 78.It Mechanism name 79The GSS-API mechanism name that corresponds to this algorithm. 80.El 81.Sh EXAMPLES 82This is a typical entry from 83.Pa "/etc/gss/mech" : 84.Bd -literal 85kerberosv5 1.2.840.113554.1.2.2 /usr/lib/libgssapi_krb5.so.8 - 86.Ed 87.Pp 88This is a typical entry from 89.Pa "/etc/gss/qop" : 90.Bd -literal 91GSS_KRB5_CONF_C_QOP_DES 0x0100 kerberosv5 92.Ed 93.Sh HISTORY 94The 95.Nm 96manual page first appeared in 97.Fx 7.0 . 98.Sh AUTHORS 99This 100manual page was written by 101.An Doug Rabson Aq Mt dfr@FreeBSD.org . 102