Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
GSS_INQUIRE_CONTEXT(3)	      Programmer's Manual	GSS_INQUIRE_CONTEXT(3)

NAME
     gss_inquire_context -- Obtain information about a security	context

SYNOPSIS
     #include <gssapi/gssapi.h>

     OM_uint32
     gss_inquire_context(OM_uint32 *minor_status,
	 const gss_ctx_id_t context_handle, gss_name_t *src_name,
	 gss_name_t *targ_name,	OM_uint32 *lifetime_rec, gss_OID *mech_type,
	 OM_uint32 *ctx_flags, int *locally_initiated, int *open);

DESCRIPTION
     Obtains information about a security context.  The	caller must already
     have obtained a handle that refers	to the context,	although the context
     need not be fully established.

PARAMETERS
     minor_status	Mechanism specific status code.

     context_handle	A handle that refers to	the security context.

     src_name		The name of the	context	initiator.  If the context was
			established using anonymous authentication, and	if the
			application invoking gss_inquire_context() is the con-
			text acceptor, an anonymous name will be returned.
			Storage	associated with	this name must be freed	by the
			application after use with a call to
			gss_release_name().  Specify NULL if not required.

     targ_name		The name of the	context	acceptor.  Storage associated
			with this name must be freed by	the application	after
			use with a call	to gss_release_name().	If the context
			acceptor did not authenticate itself, and if the ini-
			tiator did not specify a target	name in	its call to
			gss_init_sec_context(),	the value GSS_C_NO_NAME	will
			be returned.  Specify NULL if not required.

     lifetime_rec	The number of seconds for which	the context will re-
			main valid.  If	the context has	expired, this parame-
			ter will be set	to zero.  If the implementation	does
			not support context expiration,	the value
			GSS_C_INDEFINITE will be returned.  Specify NULL if
			not required.

     mech_type		The security mechanism providing the context.  The re-
			turned OID will	be a pointer to	static storage that
			should be treated as read-only by the application; in
			particular the application should not attempt to free
			it.  Specify NULL if not required.

     ctx_flags		Contains various independent flags, each of which in-
			dicates	that the context supports (or is expected to
			support, if open is false) a specific service option.
			If not needed, specify NULL.  Symbolic names are pro-
			vided for each flag, and the symbolic names corre-
			sponding to the	required flags should be logically-
			ANDed with the ctx_flags value to test whether a given
			option is supported by the context.  The flags are:

			GSS_C_DELEG_FLAG

			    True   Credentials were delegated from the initia-
				   tor to the acceptor.

			    False  No credentials were delegated.

			GSS_C_MUTUAL_FLAG

			    True   The acceptor	was authenticated to the ini-
				   tiator.

			    False  The acceptor	did not	authenticate itself.

			GSS_C_REPLAY_FLAG

			    True   Replay of protected messages	will be	de-
				   tected.

			    False  Replayed messages will not be detected.

			GSS_C_SEQUENCE_FLAG

			    True   Out-of-sequence protected messages will be
				   detected.

			    False  Out-of-sequence messages will not be	de-
				   tected.

			GSS_C_CONF_FLAG

			    True   Confidentiality service may be invoked by
				   calling gss_wrap() routine.

			    False  No confidentiality service (via gss_wrap())
				   available.  gss_wrap() will provide message
				   encapsulation, data-origin authentication
				   and integrity services only.

			GSS_C_INTEG_FLAG

			    True   Integrity service may be invoked by calling
				   either gss_get_mic()	or gss_wrap() rou-
				   tines.

			    False  Per-message integrity service unavailable.

			GSS_C_ANON_FLAG

			    True   The initiator's identity will not be	re-
				   vealed to the acceptor.  The	src_name pa-
				   rameter (if requested) contains an anony-
				   mous	internal name.

			    False  The initiator has been authenticated	nor-
				   mally.

			GSS_C_PROT_READY_FLAG

			    True   Protection services (as specified by	the
				   states of the GSS_C_CONF_FLAG and
				   GSS_C_INTEG_FLAG) are available for use.

			    False  Protection services (as specified by	the
				   states of the GSS_C_CONF_FLAG and
				   GSS_C_INTEG_FLAG) are available only	if the
				   context is fully established	(i.e. if the
				   open	parameter is non-zero).

			GSS_C_TRANS_FLAG

			    True   The security	context	may be transferred to
				   other processes via a call to
				   gss_export_sec_context().

			    False  The security	context	is not transferable.

     locally_initiated	Non-zero if the	invoking application is	the context
			initiator.  Specify NULL if not	required.

     open		Non-zero if the	context	is fully established; Zero if
			a context-establishment	token is expected from the
			peer application.  Specify NULL	if not required.

RETURN VALUES
     GSS_S_COMPLETE    Successful completion

     GSS_S_NO_CONTEXT  The referenced context could not	be accessed

SEE ALSO
     gss_export_sec_context(3),	gss_get_mic(3),	gss_init_sec_context(3),
     gss_release_name(3), gss_wrap(3)

STANDARDS
     RFC 2743  Generic Security	Service	Application Program Interface Version
	       2, Update 1

     RFC 2744  Generic Security	Service	API Version 2 :	C-bindings

HISTORY
     The gss_inquire_context function first appeared in	FreeBSD	7.0.

AUTHORS
     John Wray,	Iris Associates

COPYRIGHT
     Copyright (C) The Internet	Society	(2000).	 All Rights Reserved.

     This document and translations of it may be copied	and furnished to oth-
     ers, and derivative works that comment on or otherwise explain it or as-
     sist in its implementation	may be prepared, copied, published and dis-
     tributed, in whole	or in part, without restriction	of any kind, provided
     that the above copyright notice and this paragraph	are included on	all
     such copies and derivative	works.	However, this document itself may not
     be	modified in any	way, such as by	removing the copyright notice or ref-
     erences to	the Internet Society or	other Internet organizations, except
     as	needed for the purpose of developing Internet standards	in which case
     the procedures for	copyrights defined in the Internet Standards process
     must be followed, or as required to translate it into languages other
     than English.

     The limited permissions granted above are perpetual and will not be re-
     voked by the Internet Society or its successors or	assigns.

     This document and the information contained herein	is provided on an "AS
     IS" basis and THE INTERNET	SOCIETY	AND THE	INTERNET ENGINEERING TASK
     FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR	IMPLIED, INCLUDING BUT NOT
     LIMITED TO	ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
     INFRINGE ANY RIGHTS OR ANY	IMPLIED	WARRANTIES OF MERCHANTABILITY OR FIT-
     NESS FOR A	PARTICULAR PURPOSE.

BSD			       January 26, 2010				   BSD

NAME | SYNOPSIS | DESCRIPTION | PARAMETERS | RETURN VALUES | SEE ALSO | STANDARDS | HISTORY | AUTHORS | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=gss_inquire_context&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help