For convenience, the GSS-API does allow mechanisms and QOPs to be displayed in human-readable form. On Solaris systems, two files, /etc/gss/mech and /etc/gss/qop, contain information about available mechanisms and QOPs. If you don't have access to these files (perhaps because a remote machine won't let you in), then you must provide the string literals from some other source, such as the published internet standard for that mechanism or QOP.
You can look in the /etc/gss/mech file to see which mechanisms are available; /etc/gss/mech contains their names in both numerical and alphabetic form. /etc/gss/mech presents the information in this format: the mechanism name, in ASCII; the mechanism's OID; the shared library implementing the services provided by this mechanism; and, optionally, the kernel module implementing the service. A sample /etc/gss/mech might look like Example C–1.
# # Copyright (c) 2000, by Sun Microsystems, Inc. # All rights reserved. # #ident "@(#)mech 1.6 00/12/04 SMI" # # This file contains the GSS-API based security mechanism names, # its object identifier (OID) and a shared library that implements # the services for that mechanism under GSS-API. # # Mechanism Name Object Identifier Shared Library Kernel Module # diffie_hellman_640_0 1.3.6.4.1.42.2.26.2.4 dh640-0.so.1 diffie_hellman_1024_0 1.3.6.4.1.42.2.26.2.5 dh1024-0.so.1 kerberos_v5 1.2.840.113554.1.2.2 gl/mech_krb5.so gl_kmech_krb5
The /etc/gss/qop file stores, for all mechanisms installed, all the QOPs supported by each mechanism, both as an ASCII string as its corresponding 32–bit integer. A sample /etc/gss/qop might look like Example C–2.
# # Copyright (c) 2000, by Sun Microsystems, Inc. # All rights reserved. # #ident "@(#)qop 1.3 00/11/09 SMI" # # This file contains information about the GSS-API based quality of # protection (QOP), its string name and its value (32-bit integer). # # QOP string QOP Value Mechanism Name # GSS_KRB5_INTEG_C_QOP_DES_MD5 0 kerberos_v5 GSS_KRB5_CONF_C_QOP_DES 0 kerberos_v5