illumos-gate New usr/src/man/man3nsl/rpc_gss_get_principal

   1 '\" te
   2 .\" Copyright (C) 2002, Sun Microsystems, Inc. All Rights Reserved
   3 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
   4 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
   5 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   6 .TH RPC_GSS_GET_PRINCIPAL_NAME 3NSL "Jun 17, 2014"
   7 .SH NAME
   8 rpc_gss_get_principal_name \- Get principal names at server
   9 .SH SYNOPSIS
  10 .LP
  11 .nf
  12 #include <rpc/rpcsec_gss.h>
  13 
  14 \fBbool_t\fR \fBrpc_gss_get_principal_name\fR(\fBrpc_gss_principal_t\fR \fI*principal\fR,
  15      \fBchar\fR \fI*mech\fR, \fBchar\fR \fI*name\fR, \fBchar\fR \fI*node\fR, \fBchar\fR \fI*domain\fR);
  16 .fi
  17 
  18 .SH DESCRIPTION
  19 .sp
  20 .LP
  21 Servers need to be able to operate on a client's principal name. Such a name is
  22 stored by the server as a  \fBrpc_gss_principal_t\fR structure, an opaque byte
  23 string which can be used either directly in access control lists or as database
  24 indices which can be used to look up a UNIX credential. A server may, for
  25 example, need to compare a principal name it has received with the principal
  26 name of a known entity, and to do that, it must be able to generate
  27 \fBrpc_gss_principal_t\fR structures from known entities.
  28 .sp
  29 .LP
  30 \fBrpc_gss_get_principal_name()\fR takes as input a security mechanism, a
  31 pointer to a \fBrpc_gss_principal_t\fR structure, and several parameters which
  32 uniquely identify an entity on a network: a user or service name, a node name,
  33 and a domain name.  From these parameters it constructs a unique,
  34 mechanism-dependent principal name of the \fBrpc_gss_principal_t\fR structure
  35 type.
  36 .SH PARAMETERS
  37 .sp
  38 .LP
  39 How many of the identifying parameters  (\fIname \fR,  \fInode\fR, and \fI
  40 \fRdomain\fI)\fR are necessary to specify depends on the mechanism being used.
  41 For example, Kerberos V5 requires only a user name but can accept a node and
  42 domain name. An application can choose to set unneeded parameters to
  43 \fINULL.\fR
  44 .sp
  45 .LP
  46 Information on RPCSEC_GSS data types for parameters may be found on the
  47 \fBrpcsec_gss\fR(3NSL) man page.
  48 .sp
  49 .ne 2
  50 .na
  51 \fB\fIprincipal\fR \fR
  52 .ad
  53 .RS 14n
  54 An opaque, mechanism-dependent structure representing the client's principal
  55 name.
  56 .RE
  57 
  58 .sp
  59 .ne 2
  60 .na
  61 \fB\fImech\fR \fR
  62 .ad
  63 .RS 14n
  64 An ASCII string representing the security mechanism in use.  Valid strings may
  65 be found in the \fB/etc/gss/mech\fR file, or by using
  66 \fBrpc_gss_get_mechanisms()\fR.
  67 .RE
  68 
  69 .sp
  70 .ne 2
  71 .na
  72 \fB\fIname\fR \fR
  73 .ad
  74 .RS 14n
  75 A  UNIX login name (for example, 'gwashington') or service name, such as 'nfs'.
  76 .RE
  77 
  78 .sp
  79 .ne 2
  80 .na
  81 \fB\fInode\fR \fR
  82 .ad
  83 .RS 14n
  84 A node in a domain; typically, this would be a machine name (for
  85 example, 'valleyforge').
  86 .RE
  87 
  88 .sp
  89 .ne 2
  90 .na
  91 \fB\fIdomain\fR \fR
  92 .ad
  93 .RS 14n
  94 A security domain; for example, a DNS, NIS, or NIS+ domain name
  95 ('eng.company.com').
  96 .RE
  97 
  98 .SH RETURN VALUES
  99 .sp
 100 .LP
 101 \fBrpc_gss_get_principal_name()\fR returns  TRUE if it is successful;
 102 otherwise, use  \fBrpc_gss_get_error()\fR to get the error associated with the
 103 failure.
 104 .SH FILES
 105 .sp
 106 .ne 2
 107 .na
 108 \fB\fB/etc/gss/mech\fR \fR
 109 .ad
 110 .RS 18n
 111 File containing valid security mechanisms
 112 .RE
 113 
 114 .SH ATTRIBUTES
 115 .sp
 116 .LP
 117 See \fBattributes\fR(5) for descriptions of the following attributes:
 118 .sp
 119 
 120 .sp
 121 .TS
 122 box;
 123 c | c
 124 l | l .
 125 ATTRIBUTE TYPE  ATTRIBUTE VALUE
 126 _
 127 MT-Level        MT-Safe
 128 .TE
 129 
 130 .SH SEE ALSO
 131 .sp
 132 .LP
 133 \fBfree\fR(3C), \fBrpc\fR(3NSL), \fBrpc_gss_get_mechanisms\fR(3NSL), \fBrpc_gss_set_svc_name\fR(3NSL), \fBrpcsec_gss\fR(3NSL), \fBmech\fR(4), \fBattributes\fR(5)
 134 .sp
 135 .LP
 136 \fIONC+ Developer\&'s Guide\fR
 137 .sp
 138 .LP
 139 Linn, J. \fIRFC 2078, Generic Security Service Application Program Interface, Version 2\fR. Network Working Group. January 1997.
 140 .SH NOTES
 141 .sp