*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> gss_inquire_context (3)              
Title
Content
Arch
Section
 

gss_inquire_context(3)

Contents

NAME    [Toc]    [Back]

       gss_inquire_context - Obtain information about an existing
       security context.

SYNOPSIS    [Toc]    [Back]

       #include <gssapi/gssapi.h>

       OM_uint32 gss_inquire_context(
               OM_uint32 * minor_status,
               const gss_ctx_id_t context_handle,
               gss_name_t * src_name,
               gss_name_t * targ_name,
               OM_uint32 * lifetime_rec,
               gss_OID * mech_type,
               OM_uint32 * ctx_flags,
               OM_uint32 * locally_initiated,
               OM_uint32 * open );

PARAMETERS    [Toc]    [Back]

       Kerberos 5 error code.  Security context  to  be  queried.
       Internal  form name of security context initiator. Specify
       NULL if this information is not required.

              Storage associated with this name must be freed  by
              the   application   after   use   with  a  call  to
              gss_release_name().  Internal form name of security
              context  acceptor. Specify NULL if this information
              is not required.

              Storage associated with this name must be freed  by
              the   application   after   use   with  a  call  to
              gss_release_name().  Number of  seconds  for  which
              the  security  context  remains valid. Since the HP
              implementation of  the  GSS-API  does  not  support
              security context expiration, the value GSS_C_INDEFINITE
 is always  returned.  Specify  NULL  if  this
              information  is  not  required.  Security mechanism
              providing the context that, in the  HP  implementation
 of the GSS-API, is Kerberos 5. Specify NULL if
              this information is not required.

              The OID  set  returned  via  this  parameter  is  a
              pointer to static storage that should be treated as
              read-only. The application should  not  attempt  to
              free  it.   Flags that indicate the service options
              the context supports (or is expected to support, if
              open is false). Specify NULL if this information is
              not required.

              Symbolic names are provided  for  each  flag.  (See
              Context  Flag Constants for the definitions.) These
              names should be bitwise ANDed  with  the  ctx_flags
              value  to  test whether a given option is supported
              by the context.








                                     Note

              To check whether the requested encryption is  being
              used   (DES3   or   DES),   call   csf_gss_get_context_options().


              The flags are: GSS_C_ANON_FLAG

              Since the HP Application Security SDK does not support
 anonymous authentication, this value is always
              set to false.  GSS_C_CONF_FLAG

              True -- Confidentiality service may be  invoked  by
              calling the gss_wrap() function.

              False  -- No confidentiality service via gss_wrap()
              is available. The gss_wrap() function provides message
 encapsulation, data origin authentication, and
              integrity services only.  GSS_C_DELEG_FLAG

              True -- Credentials were delegated from the  initiating
 application to the accepting application.

              False    --    No   credentials   were   delegated.
              GSS_C_INTEG_FLAG

              True -- Integrity service may be invoked by calling
              either gss_get_mic() or gss_wrap().

              False  -- Per-message integrity service is unavailable.
  GSS_C_MUTUAL_FLAG

              True -- The accepting application was authenticated
              to the initiating application.

              False  -- The accepting application was not authenticated
    to    the    initiating     application.
              GSS_C_PROT_READY_FLAG

              True  --  Protection  services (as specified by the
              states of GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG) are
              available for use.

              False  --  Protection services (as specified by the
              states of GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG) are
              available only if the context is fully established.
              GSS_C_REPLAY_FLAG

              True  --  Replay  of  protected  messages  will  be
              detected.

              False  --  Replay of messages will not be detected.
              GSS_C_SEQUENCE_FLAG

              True -- Out-of-sequence protected messages will  be
              detected.

              False  --  Out-of-sequence  messages  will  not  be
              detected.  GSS_C_TRANS_FLAG -- The  value  of  this
              bit   indicates   the  actual  state  at  the  time
              gss_accept_sec_context() returns,  whether  or  not
              the context is fully established.

              True  --  The  resulting  security  context  may be
              transferred  to  other  processes  via  a  call  to
              gss_export_sec_context().

              False  -- The security context is not transferable.
              Non-zero if the invoking application is the context
              initiator.  Specify  NULL if the information is not
              required.  Non-zero if the context is fully  established.
 Zero is returned if a context-establishment
              token is expected from the peer application.  Specify
 NULL if the information is not required.

DESCRIPTION    [Toc]    [Back]

       The  gss_inquire_context()  function  obtains  information
       about a security context.  The  application  must  already
       have  initiated the context, although the context need not
       be fully established.

       When the application is finished using the  names  of  the
       initiating and accepting applications, it must release the
       resources associated  with  src_name  and  targ_name  with
       calls to gss_release_name().

RETURN VALUES    [Toc]    [Back]

       GSS_S_CALL_INACCESSIBLE_READ    01xxxxxx
       GSS_S_CALL_INACCESSIBLE_WRITE   02xxxxxx
       GSS_S_COMPLETE                  00000000
       GSS_S_CONTEXT_EXPIRED           xx0Cxxxx
       GSS_S_FAILURE                   xx0Dxxxx
       GSS_S_NO_CONTEXT                xx08xxxx

PORTABILITY CONSIDERATIONS    [Toc]    [Back]

       The  HP  Application  Security  Toolkit  does  not support
       anonymous authentication or context expiration.

SEE ALSO    [Toc]    [Back]

      
       
       Functions:  csf_gss_get_context_options(3),
       gss_accept_sec_context(3),      gss_export_sec_context(3),
       gss_get_mic(3),                 gss_import_sec_context(3),
       gss_init_sec_context(3), gss_release_name(3), gss_wrap(3)



                                           gss_inquire_context(3)
[ Back ]
 Similar pages
Name OS Title
csf_gss_get_context_options Tru64 Obtain information about a security context
gss_inquire_context HP-UX obtain information about a security context
gss_inquire_cred_by_mech Tru64 obtain information about credentials for a specific security mechanism
gss_init_sec_context HP-UX establish a security context between the context initiator and a context acceptor
gss_accept_sec_context HP-UX establish a security context between the application and a context acceptor
gss_add_cred Tru64 Obtain credentials that allow a user to accept security contexts.
get_seed_es Tru64 Obtain a drand48 seed value for an extended profile (Enhanced Security)
gss_delete_sec_context Tru64 Release a security context.
gss_delete_sec_context HP-UX delete a security context
ffsinfo FreeBSD dump all meta information of an existing ufs file system
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service