2N/A * The contents of this file are subject to the terms of the 2N/A * Common Development and Distribution License (the "License"). 2N/A * You may not use this file except in compliance with the License. 2N/A * See the License for the specific language governing permissions 2N/A * and limitations under the License. 2N/A * When distributing Covered Code, include this CDDL HEADER in each 2N/A * If applicable, add the following below this CDDL HEADER, with the 2N/A * fields enclosed by brackets "[]" replaced with your own identifying 2N/A * information: Portions Copyright [yyyy] [name of copyright owner] 2N/A * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. 2N/A * This module defines the entry point for gss_mech_initialize and the 2N/A * key opts for Diffie-Hellman mechanism of type algorithm 0. Each algorithm 2N/A * 0 mechanism defines its OID, MODULUS, ROOT, KEYLEN, ALGTYPE (which should 2N/A * be zero) and HEX_KEY_BYTES. That module then will #include this file. 2N/A/* The keyopts for the per mechanism context */ 2N/A/* The gss_context for this mechanism */ 2N/A * gss_mech_initialize: This is the libgss entry point to bring this 2N/A * mechanism on line. It is just a wrap to pass the pointer to its 2N/A * gss_config structure, OID, and the above keyopts to the common 2N/A * __dh_geneirc_initialize routine. We return null on failure, otherwise 2N/A * we return the mechanism's gss_mechanism. 2N/A * A NIS+ server will define the function __rpcsec_gss_is_server. 2N/A * This function will return one when it is appropriate to get public 2N/A * keys out of the per process public key cache. Appropriateness here 2N/A * is when the name server just put the public key in the cache from a 2N/A * received directory object, typically from the cold start file. 2N/A "in dh_getpublickey for %s. " 2N/A * If we're not being called by a nis plus server or that 2N/A * server does not want to get the keys from the cache we 2N/A * get the key in the normal manner. 2N/A * Routine to encrypt a set of session keys with keys derived from 2N/A * the common key with the caller and the remote principal. 2N/A * Get the public key out of the cache if this is a NIS+ 2N/A * server. The reason is that the server may be a root replica 2N/A * that has just been created. It will not yet have the 2N/A * public key data to talk to its master. When the cold start 2N/A * file is read the public keys that are found there are 2N/A * cached. We will use the cache to get the public key data so 2N/A * the server will not hang or dump core. We call NIS_getpublickey 2N/A * to get the appropriate public key from NIS+. If that fails 2N/A * we just try to get the public key in the normal manner. 2N/A * Routine to decrypt a set of session keys with the common key that 2N/A * is held between the caller and the remote principal. 2N/A * If we are not using the cache, flush the entry for remotename. 2N/A * It may be bad. The call to __getpublickey_cached_g below will 2N/A * repopulate the cache with the current public key. 2N/A /* Get the public key */ 2N/A * Routine to generate a set of random session keys. 2N/A * Routine that will return true if this mechanism corresponding 2N/A * private keys has been set. 2N/A * Routine to retrieve the callers principal name. Note it is up to 2N/A * the caller to free the result.