gss_inquire_context man page on FreeBSD

Man page or keyword search:  
man Server   9747 pages
apropos Keyword Search (all sections)
Output format
FreeBSD logo
[printable version]

GSS_INQUIRE_CONTEXT(3)	      Programmer's Manual	GSS_INQUIRE_CONTEXT(3)

NAME
     gss_inquire_context — Obtain information about a security context

SYNOPSIS
     #include <gssapi/gssapi.h>

     OM_uint32
     gss_inquire_context(OM_uint32 *minor_status,
	 const gss_ctx_id_t context_handle, gss_name_t *src_name,
	 gss_name_t *targ_name, OM_uint32 *lifetime_rec, gss_OID *mech_type,
	 OM_uint32 *ctx_flags, int *locally_initiated, int *open);

DESCRIPTION
     Obtains information about a security context.  The caller must already
     have obtained a handle that refers to the context, although the context
     need not be fully established.

PARAMETERS
     minor_status  Mechanism specific status code.

     context_handle
		   A handle that refers to the security context.

     src_name	   The name of the context initiator.  If the context was
		   established using anonymous authentication, and if the
		   application invoking gss_inquire_context() is the context
		   acceptor, an anonymous name will be returned.  Storage
		   associated with this name must be freed by the application
		   after use with a call to gss_release_name().	 Specify NULL
		   if not required.

     targ_name	   The name of the context acceptor.  Storage associated with
		   this name must be freed by the application after use with a
		   call to gss_release_name().	If the context acceptor did
		   not authenticate itself, and if the initiator did not spec‐
		   ify a target name in its call to gss_init_sec_context(),
		   the value GSS_C_NO_NAME will be returned.  Specify NULL if
		   not required.

     lifetime_rec  The number of seconds for which the context will remain
		   valid.  If the context has expired, this parameter will be
		   set to zero.	 If the implementation does not support con‐
		   text expiration, the value GSS_C_INDEFINITE will be
		   returned.  Specify NULL if not required.

     mech_type	   The security mechanism providing the context.  The returned
		   OID will be a pointer to static storage that should be
		   treated as read-only by the application; in particular the
		   application should not attempt to free it.  Specify NULL if
		   not required.

     ctx_flags	   Contains various independent flags, each of which indicates
		   that the context supports (or is expected to support, if
		   open is false) a specific service option.  If not needed,
		   specify NULL.  Symbolic names are provided for each flag,
		   and the symbolic names corresponding to the required flags
		   should be logically-ANDed with the ctx_flags value to test
		   whether a given option is supported by the context.	The
		   flags are:

		   GSS_C_DELEG_FLAG

		       True   Credentials were delegated from the initiator to
			      the acceptor.

		       False  No credentials were delegated.

		   GSS_C_MUTUAL_FLAG

		       True   The acceptor was authenticated to the initiator.

		       False  The acceptor did not authenticate itself.

		   GSS_C_REPLAY_FLAG

		       True   Replay of protected messages will be detected.

		       False  Replayed messages will not be detected.

		   GSS_C_SEQUENCE_FLAG

		       True   Out-of-sequence protected messages will be
			      detected.

		       False  Out-of-sequence messages will not be detected.

		   GSS_C_CONF_FLAG

		       True   Confidentiality service may be invoked by call‐
			      ing gss_wrap() routine.

		       False  No confidentiality service (via gss_wrap())
			      available.  gss_wrap() will provide message
			      encapsulation, data-origin authentication and
			      integrity services only.

		   GSS_C_INTEG_FLAG

		       True   Integrity service may be invoked by calling
			      either gss_get_mic() or gss_wrap() routines.

		       False  Per-message integrity service unavailable.

		   GSS_C_ANON_FLAG

		       True   The initiator's identity will not be revealed to
			      the acceptor.  The src_name parameter (if
			      requested) contains an anonymous internal name.

		       False  The initiator has been authenticated normally.

		   GSS_C_PROT_READY_FLAG

		       True   Protection services (as specified by the states
			      of the GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG) are
			      available for use.

		       False  Protection services (as specified by the states
			      of the GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG) are
			      available only if the context is fully estab‐
			      lished (i.e. if the open parameter is non-zero).

		   GSS_C_TRANS_FLAG

		       True   The security context may be transferred to other
			      processes via a call to
			      gss_export_sec_context().

		       False  The security context is not transferable.

     locally_initiated
		   Non-zero if the invoking application is the context initia‐
		   tor.	 Specify NULL if not required.

     open	   Non-zero if the context is fully established; Zero if a
		   context-establishment token is expected from the peer
		   application.	 Specify NULL if not required.

RETURN VALUES
     GSS_S_COMPLETE
		   Successful completion

     GSS_S_NO_CONTEXT
		   The referenced context could not be accessed

SEE ALSO
     gss_release_name(3), gss_init_sec_context(3), gss_wrap(3),
     gss_get_mic(3), gss_export_sec_context(3)

STANDARDS
     RFC 2743	   Generic Security Service Application Program Interface Ver‐
		   sion 2, Update 1

     RFC 2744	   Generic Security Service API Version 2 : C-bindings

HISTORY
     The gss_inquire_context function first appeared in FreeBSD 7.0.

AUTHORS
     John Wray, Iris Associates

COPYRIGHT
     Copyright (C) The Internet Society (2000).	 All Rights Reserved.

     This document and translations of it may be copied and furnished to oth‐
     ers, and derivative works that comment on or otherwise explain it or
     assist in its implementation may be prepared, copied, published and dis‐
     tributed, in whole or in part, without restriction of any kind, provided
     that the above copyright notice and this paragraph are included on all
     such copies and derivative works.	However, this document itself may not
     be modified in any way, such as by removing the copyright notice or ref‐
     erences to the Internet Society or other Internet organizations, except
     as needed for the purpose of developing Internet standards in which case
     the procedures for copyrights defined in the Internet Standards process
     must be followed, or as required to translate it into languages other
     than English.

     The limited permissions granted above are perpetual and will not be
     revoked by the Internet Society or its successors or assigns.

     This document and the information contained herein is provided on an "AS
     IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
     FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
     LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
     INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FIT‐
     NESS FOR A PARTICULAR PURPOSE.

BSD			       January 26, 2010				   BSD
[top]

List of man pages available for FreeBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net