freebsd-skq/lib/librpcsec_gss/rpc_gss_set_callback.3
Doug Rabson 8f55a568f6 Add an implementation of the RPCSEC_GSS authentication protocol for RPC. This
is based on an old implementation from the University of Michigan with lots of
changes and fixes by me and the addition of a Solaris-compatible API.

Sponsored by:	Isilon Systems
Reviewed by:	alfred
2008-08-06 14:02:05 +00:00

116 lines
3.8 KiB
Groff

.\" Copyright (c) 2008 Isilon Inc http://www.isilon.com/
.\" Authors: Doug Rabson <dfr@rabson.org>
.\" Developed with Red Inc: Alfred Perlstein <alfred@freebsd.org>
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD$
.Dd July 4, 2008
.Dt RPC_GSS_SET_CALLBACK 3
.Os
.Sh NAME
.Nm rpc_gss_set_callback
.Nd "Register a security context creation callback"
.Sh LIBRARY
.Lb librpcsec_gss
.Sh SYNOPSIS
.In rpc/rpcsec_gss.h
.Ft bool_t
.Fo (*callback)
.Fa "struct svc_req *req"
.Fa "gss_cred_id_t deleg"
.Fa "gss_ctx_id_t gss_context"
.Fa "rpc_gss_lock_t *lock"
.Fa "void **cookie"
.Fc
.Ft bool_t
.Fn rpc_gss_set_callback "rpc_gss_callback_t *cb"
.Sh DESCRIPTION
Register a function which will be called when new security contexts
are created on a server.
This function will be called on the first RPC request which uses that
context and has the opportunity of rejecting the request (for instance
after matching the request credentials to an access control list).
To accept the new security context, the callback should return
.Dv TRUE ,
otherwise
.Dv FALSE .
If the callback accepts a context, it becomes responsible for the
lifetime of the delegated client credentials (if any).
.Pp
It is also possible to 'lock' the values of service and quality of
protection used by the context.
If a context is locked, any subsequent requests which use different
values for service and quality of protection will be rejected.
.Sh PARAMETERS
.Bl -tag
.It cb
A structure containing the RPC program and version for this callback
and a function which will be called when new contexts are created for
ths given RPC program and version
.It req
The RPC request using the new context
.It deleg
GSS-APi delegated credentials (if any)
.It gss_context
The GSS-API context
.It lock
A structure used to enforce a particular QOP and service. Set
.Fa lock->locked
to
.Dv TRUE
to lock the service and QOP values
.It cookie
The callback function may set
.Fa *cookie
to any pointer sized value.
This value can be accessed during the lifetime of the context via
.Fn rpc_gss_getcred .
.El
.Sh RETURN VALUES
Returns
.Dv TRUE
if the callback was registered successfully or
.Dv FALSE
otherwise
.Sh SEE ALSO
.Xr rpc 3 ,
.Xr gssapi 3 ,
.Xr rpc_gss_getcred 3
.Xr rpcset_gss 3
.Sh HISTORY
The
.Nm
manual page example first appeared in
.Fx 8.0 .
.Sh AUTHORS
This
manual page was written by
.An Doug Rabson Aq dfr@FreeBSD.org .
.Sh BUGS
There is no mechanism for informing a server when a security context
has been deleted.
This makes it difficult to allocate resources (e.g. to return via the
callback's
.Fa cookie
argument).