GSP
Quick Navigator
Search Site

Linux VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages

Manual Reference Pages  - GSS_ACQUIRE_CRED (3)

NAME
gss_accept_sec_context, gss_acquire_cred, gss_add_cred, gss_add_oid_set_member, gss_canonicalize_name, gss_compare_name, gss_context_time, gss_create_empty_oid_set, gss_delete_sec_context, gss_display_name, gss_display_status, gss_duplicate_name, gss_export_name, gss_export_sec_context, gss_get_mic, gss_import_name, gss_import_sec_context, gss_indicate_mechs, gss_init_sec_context, gss_inquire_context, gss_inquire_cred, gss_inquire_cred_by_mech, gss_inquire_mechs_for_name, gss_inquire_names_for_mech, gss_krb5_copy_ccache, gss_krb5_compat_des3_mic, gss_process_context_token, gss_release_buffer, gss_release_cred, gss_release_name, gss_release_oid_set, gss_seal, gss_sign, gss_test_oid_set_member, gss_unseal, gss_unwrap, gss_verify, gss_verify_mic, gss_wrap, gss_wrap_size_limit - Generic Security Service Application Program Interface library

CONTENTS

Library
Synopsis
Description
See Also

LIBRARY
GSS-API library (libgssapi, -lgssapi)

SYNOPSIS

.In gssapi.h

OM_uint32
.Fo gss_accept_sec_context OM_uint32 * minor_status gss_ctx_id_t * context_handle const gss_cred_id_t acceptor_cred_handle const gss_buffer_t input_token_buffer const gss_channel_bindings_t input_chan_bindings gss_name_t * src_name gss_OID * mech_type gss_buffer_t output_token OM_uint32 * ret_flags OM_uint32 * time_rec gss_cred_id_t * delegated_cred_handle
.Fc

OM_uint32
.Fo gss_acquire_cred OM_uint32 * minor_status const gss_name_t desired_name OM_uint32 time_req const gss_OID_set desired_mechs gss_cred_usage_t cred_usage gss_cred_id_t * output_cred_handle gss_OID_set * actual_mechs OM_uint32 * time_rec
.Fc OM_uint32
.Fo gss_add_oid_set_member OM_uint32 * minor_status const gss_OID member_oid gss_OID_set * oid_set
.Fc OM_uint32
.Fo gss_canonicalize_name OM_uint32 * minor_status const gss_name_t input_name const gss_OID mech_type gss_name_t * output_name
.Fc OM_uint32
.Fo gss_compare_name OM_uint32 * minor_status const gss_name_t name1 const gss_name_t name2 int * name_equal
.Fc OM_uint32
.Fo gss_context_time OM_uint32 * minor_status const gss_ctx_id_t context_handle OM_uint32 * time_rec
.Fc OM_uint32
.Fo gss_create_empty_oid_set OM_uint32 * minor_status gss_OID_set * oid_set
.Fc OM_uint32
.Fo gss_delete_sec_context OM_uint32 * minor_status gss_ctx_id_t * context_handle gss_buffer_t output_token
.Fc OM_uint32
.Fo gss_display_name OM_uint32 * minor_status const gss_name_t input_name gss_buffer_t output_name_buffer gss_OID * output_name_type
.Fc OM_uint32
.Fo gss_display_status OM_uint32 *minor_status OM_uint32 status_value int status_type const gss_OID mech_type OM_uint32 *message_context gss_buffer_t status_string
.Fc OM_uint32
.Fo gss_duplicate_name OM_uint32 * minor_status const gss_name_t src_name gss_name_t * dest_name
.Fc OM_uint32
.Fo gss_export_name OM_uint32 * minor_status const gss_name_t input_name gss_buffer_t exported_name
.Fc OM_uint32
.Fo gss_export_sec_context OM_uint32 * minor_status gss_ctx_id_t * context_handle gss_buffer_t interprocess_token
.Fc OM_uint32
.Fo gss_get_mic OM_uint32 * minor_status const gss_ctx_id_t context_handle gss_qop_t qop_req const gss_buffer_t message_buffer gss_buffer_t message_token
.Fc OM_uint32
.Fo gss_import_name OM_uint32 * minor_status, const gss_buffer_t input_name_buffer const gss_OID input_name_type gss_name_t * output_name
.Fc OM_uint32
.Fo gss_import_sec_context OM_uint32 * minor_status const gss_buffer_t interprocess_token gss_ctx_id_t * context_handle
.Fc OM_uint32
.Fo gss_indicate_mechs OM_uint32 * minor_status gss_OID_set * mech_set
.Fc OM_uint32
.Fo gss_init_sec_context OM_uint32 * minor_status const gss_cred_id_t initiator_cred_handle gss_ctx_id_t * context_handle const gss_name_t target_name const gss_OID mech_type OM_uint32 req_flags OM_uint32 time_req const gss_channel_bindings_t input_chan_bindings const gss_buffer_t input_token gss_OID * actual_mech_type gss_buffer_t output_token OM_uint32 * ret_flags OM_uint32 * time_rec
.Fc OM_uint32
.Fo gss_inquire_context OM_uint32 * minor_status const gss_ctx_id_t context_handle gss_name_t * src_name gss_name_t * targ_name OM_uint32 * lifetime_rec gss_OID * mech_type OM_uint32 * ctx_flags int * locally_initiated int * open_context
.Fc OM_uint32
.Fo gss_inquire_cred OM_uint32 * minor_status const gss_cred_id_t cred_handle gss_name_t * name OM_uint32 * lifetime gss_cred_usage_t * cred_usage gss_OID_set * mechanisms
.Fc OM_uint32
.Fo gss_inquire_cred_by_mech
.Fc OM_uint32
.Fo gss_inquire_mechs_for_name
.Fc OM_uint32
.Fo gss_inquire_names_for_mech
.Fc OM_uint32
.Fo gss_krb5_copy_ccache OM_uint32 *minor gss_cred_id_t cred krb5_ccache out
.Fc OM_uint32
.Fo gss_krb5_compat_des3_mic OM_uint32 * minor_status gss_ctx_id_t context_handle int onoff
.Fc OM_uint32
.Fo gss_process_context_token
.Fc OM_uint32
.Fo gss_release_buffer OM_uint32 * minor_status gss_buffer_t buffer
.Fc OM_uint32
.Fo gss_release_cred OM_uint32 * minor_status gss_cred_id_t * cred_handle
.Fc OM_uint32
.Fo gss_release_name OM_uint32 * minor_status gss_name_t * input_name
.Fc
.Fo gss_release_oid_set OM_uint32 * minor_status gss_OID_set * set
.Fc OM_uint32
.Fo gss_seal OM_uint32 * minor_status gss_ctx_id_t context_handle int conf_req_flag int qop_req gss_buffer_t input_message_buffer int * conf_state gss_buffer_t output_message_buffer
.Fc OM_uint32
.Fo gss_sign OM_uint32 * minor_status gss_ctx_id_t context_handle int qop_req gss_buffer_t message_buffer gss_buffer_t message_token
.Fc OM_uint32
.Fo gss_test_oid_set_member OM_uint32 * minor_status const gss_OID member const gss_OID_set set int * present
.Fc OM_uint32
.Fo gss_unseal OM_uint32 * minor_status gss_ctx_id_t context_handle gss_buffer_t input_message_buffer gss_buffer_t output_message_buffer int * conf_state int * qop_state
.Fc OM_uint32
.Fo gss_unwrap OM_uint32 * minor_status const gss_ctx_id_t context_handle const gss_buffer_t input_message_buffer gss_buffer_t output_message_buffer int * conf_state gss_qop_t * qop_state
.Fc OM_uint32
.Fo gss_verify OM_uint32 * minor_status gss_ctx_id_t context_handle gss_buffer_t message_buffer gss_buffer_t token_buffer int * qop_state
.Fc OM_uint32
.Fo gss_verify_mic OM_uint32 * minor_status const gss_ctx_id_t context_handle const gss_buffer_t message_buffer const gss_buffer_t token_buffer gss_qop_t * qop_state
.Fc
.Fo gss_wrap OM_uint32 * minor_status const gss_ctx_id_t context_handle int conf_req_flag gss_qop_t qop_req const gss_buffer_t input_message_buffer int * conf_state gss_buffer_t output_message_buffer
.Fc OM_uint32
.Fo gss_wrap_size_limit OM_uint32 * minor_status const gss_ctx_id_t context_handle int conf_req_flag gss_qop_t qop_req OM_uint32 req_output_size OM_uint32 * max_input_size
.Fc

DESCRIPTION
Generic Security Service API (GSS-API) version 2, and its C binding, is described in RFC2743 and RFC2744. Version 1 (deprecated) of the C binding is described in RFC1509.

Heimdals GSS-API implementation supports the following mechanisms

  • GSS_KRB5_MECHANISM

GSS-API have generic name types that all mechanism are supposed to implement (if possible)

  • GSS_C_NT_USER_NAME
  • GSS_C_NT_MACHINE_UID_NAME
  • GSS_C_NT_STRING_UID_NAME
  • GSS_C_NT_HOSTBASED_SERVICE
  • GSS_C_NT_ANONYMOUS
  • GSS_C_NT_EXPORT_NAME

GSS-API implementations that supports Kerberos 5 have some additional name types

  • GSS_KRB5_NT_PRINCIPAL_NAME
  • GSS_KRB5_NT_USER_NAME
  • GSS_KRB5_NT_MACHINE_UID_NAME
  • GSS_KRB5_NT_STRING_UID_NAME

gss_display_name takes the gss name in input_name and put a printable form in output_name_buffer. output_name_buffer should be freed when done using gss_release_buffer. output_name_type can either be NULL or a pointer to a gss_OID and will in the later case contain the OID type of the name. The name should only be used for printing. Access control should be done with the result of gss_export_name.

gss_sign, gss_verify, gss_seal, and gss_unseal are part of the GSS-API V1 interface and are obsolete. The functions should not be used for new applications. They are provided so that version 1 applications can link against the library.

gss_krb5_copy_ccache is an extension to the GSS-API API. The function will extract the krb5 credential that are transfered from the initiator to the acceptor when using token delegation in the Kerberos mechanism. The acceptor receives the delegated token in the last argument to gss_accept_sec_context.

gss_krb5_compat_des3_mic turns on or off the compatibly with older version of Heimdal using des3 get and verify mic, this is way to programmatically set the [gssapi]broken_des3_mic and [gssapi]correct_des3_mic flags (see COMPATIBILITY section in gssapi(3)). If the CPP symbol GSS_C_KRB5_COMPAT_DES3_MIC is present, gss_krb5_compat_des3_mic exists. gss_krb5_compat_des3_mic will be removed in a later version of the GSS-API library.

SEE ALSO
krb5(3), krb5_ccache(3), gssapi(3), kerberos(8)
Search for    or go to Top of page |  Section 3 |  Main Index

April 2, 2003 GSS_ACQUIRE_CRED (3) HEIMDAL

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.