NAME [Toc] [Back]
gss_inquire_context() - obtain information about a security context
SYNOPSIS [Toc] [Back]
OM_uint32 gss_inquire_context (
const gss_ctx_id_t context_handle,
DESCRIPTION [Toc] [Back]
The gss_inquire_context() routine provides information about the
security context to the calling application. The calling application
must first have called the gss_acquire_cred() routine for a handle for
Input Parameters [Toc] [Back]
context_handle A handle that refers to the security context.
Output Parameters [Toc] [Back]
src_name The name of the context initiator. If the
context was established using anonymous
authentication, and if the application invoking
gss_inquire_context() is the context acceptor,
an anonymous name will be returned. Specify
NULL if not required.
context_handle The name of the context acceptor. If the
context acceptor did not authenticate itself,
and if the initiator did not specify a target
name in its call to gss_init_sec_context(), the
value GSS_C_NO_NAME will be returned. Specify
NULL if not required.
lifetime_rec Returns the number of seconds for which the
credential will remain valid. If the credential
expired, the parameter returns a 0 (zero). If
there is no credential expiration, the parameter
returns the value GSS_C_INDEFINITE. If an
expiration time is not required, specify NULL.
targ_name The name of the context acceptor. Storage
associated with this name must be freed by the
application after use with a call to
Hewlett-Packard Company - 1 - HP-UX 11i Version 2: August 2003
mech_type The security mechanism providing the context.
Specify NULL if not required
ctx_flags Specifies independent flags, each of which
requests that the context support a service
option. The following symbolic names are
provided to correspond to each flag. The
symbolic names should be logically ORed to form
a bit-mask value.
GSS_C_DELEG_FLAG. The True/False values are:
True Credentials were delegated to the
False No credentials were delegated.
GSS_C_MUTUAL_FLAG. The True/False values are:
True The context acceptor has been asked
to authenticate itself.
False The context initiator has not been
asked to authenticates itself.
GSS_C_REPLAY_FLAG. The True/False values are:
True Replayed signed or sealed messages
will be detected.
False Replayed messages will not be
GSS_C_SEQUENCE_FLAG. The True/False values are:
True Out-of-sequence signed or sealed
messages will be detected.
False Out-of-sequence signed or sealed
messages will not be detected.
GSS_C_CONF_FLAG. The True/False values are:
True Request that confidentiality
service be made available
False No per-message confidentiality
service is required.
Hewlett-Packard Company - 2 - HP-UX 11i Version 2: August 2003
GSS_C_INTEG_FLAG. The True/False values are:
True Request that integrity service be
be made available
False No per-message integrity service is
GSS_C_ANON_FLAG. The True/False values are:
True Do not reveal the initiator's
identity to the acceptor.
False Authenticate normally.
cred_usage Returns one of the following values describing
how the application can use the credential:
GSS_C_INITIATE [Toc] [Back]
If no usage information is required, specify
mechs returns a set of security mechanisms supported
by the credential. Specify NULL if not
minor_status Returns a status code from the security
STATUS CODES [Toc] [Back]
The following status codes can be returned:
GSS_S_COMPLETE The routine was completed successfully.
GSS_S_NO_CONTEXT The referenced context could not be accessed.
GSS_S_DEFECTIVE_CREDENTIAL [Toc] [Back]
The credentials were invalid.
GSS_S_FAILURE The routine failed. Check the minor_status
parameter for details.
GSS_S_NO_CRED The routine could not access the credentials.
AUTHOR [Toc] [Back]
gss_inquire_context() was developed by Sun Microsystems, Inc.
Hewlett-Packard Company - 3 - HP-UX 11i Version 2: August 2003
SEE ALSO [Toc] [Back]
The manpages for DCE-GSSAPI are included with the DCE-CoreTools
product. To see those manpages add /opt/dce/share/man to MANPATH.
Hewlett-Packard Company - 4 - HP-UX 11i Version 2: August 2003 [ Back ]