VMS Help
DCE_SECURITY, API Routines, sec_key_mgmt_garbage_collect
 *Conan The Librarian (sorry for the slow response - running on an old VAX) 

 NAME
   sec_key_mgmt_garbage_collect - Deletes obsolete keys

 SYNOPSIS

   #include <dce/keymgmt.h>

   void sec_key_mgmt_garbage_collect(
           sec_key_mgmt_authn_service authn_service,
           void *arg,
           idl_char *principal_name,
           error_status_t *status);

 PARAMETERS

   Input

   authn_service
          Identifies the authentication protocol using this key.  The
          possible authentication protocols are as follows:

          rpc_c_authn_dce_secret
                      DCE shared-secret key authentication.

          rpc_c_authn_dce_public
                      DCE public key authentication (reserved for future
                      use).

   arg    This parameter can specify either the local key file or an
          argument to the get_key_fn key acquisition routine of the
          rpc_server_register_auth_info routine.  A value of NULL
          specifies that the default key file (DCE$LOCAL:[KRB]V5SRVTAB.;)
          should be used.  A key file name specifies that file should be
          used as the key file.  You must prepend the file's absolute
          filename with FILE: and the file must have been created with
          the rgy_edit ktadd command or the sec_key_mgmt_set_key routine.
          Any other value specifies an argument for the get_key_fn key
          acquisition routine. See the rpc_server_register_auth_info()
          reference page for more information.

   principal_name
          A pointer to a character string indicating the name of the
          principal whose key information is to be garbage collected.

   Output

   status
          A pointer to the completion status.  On successful completion,
          the routine returns error_status_ok. Otherwise, it returns an
          error.

 DESCRIPTION

   The sec_key_mgmt_garbage_collect() routine discards any obsolete key
   information for this principal.  An obsolete key is one that can only
   decode invalid tickets. As an example, consider a key that was in use
   on Monday, and was only used to encode tickets whose maximum lifetime
   was 1 day. If that key was changed at 8:00 a.m.  Tuesday morning, then
   it would become obsolete by 8:00 a.m. Wednesday morning, at which time
   there could be no valid tickets outstanding.

 FILES
     SYS$COMMON:[DCE$LIBRARY]KEYMGMT.IDL
                The idl file from which dce/keymgmt.h was derived.

 ERRORS

   sec_key_mgmt_e_authn_invalid
                The authentication protocol is not valid.

   sec_key_mgmt_e_unauthorized
                The caller is not authorized to perform the operation.

                Requested key not present.

   sec_rgy_server_unavailable
                The DCE Registry Server is unavailable.

   sec_rgy_object_not_found
                No principal was found with the given name.

   sec_login_s_no_memory
                A memory allocation error occurred.

   error_status_ok
                The call was successful.

 RELATED INFORMATION

   Functions: sec_intro
              sec_key_mgmt_delete_key
  Close     HLB-list     TLB-list     Help  

[legal] [privacy] [GNU] [policy] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.