Man Linux: Main Page and Category List

NAME

       gss_inquire_context - API function

SYNOPSIS

       #include <gss.h>

       OM_uint32    gss_inquire_context(OM_uint32    *   minor_status,   const
       gss_ctx_id_t  context_handle,  gss_name_t  *  src_name,  gss_name_t   *
       targ_name,  OM_uint32  * lifetime_rec, gss_OID * mech_type, OM_uint32 *
       ctx_flags, int * locally_initiated, int * open);

ARGUMENTS

       OM_uint32 * minor_status
                   (Integer, modify) Mechanism specific status code.

       const gss_ctx_id_t context_handle
                   (gss_ctx_id_t, read) A handle that refers to the
                     security context.

       gss_name_t * src_name
                   (gss_name_t, modify, optional) The name of the context
                     initiator.   If  the  context   was   established   using
                   anonymous
                     authentication, and if the application invoking
                     gss_inquire_context is the context acceptor, an anonymous
                   name
                     will be returned.  Storage associated with this name must
                   be
                     freed by the application after use with a call to
                     gss_release_name().  Specify NULL if not required.

       gss_name_t * targ_name
                   (gss_name_t, modify, optional) The name of the context
                     acceptor.   Storage  associated  with  this  name must be
                   freed by the
                     application after use with a call to  gss_release_name().
                   If the
                     context acceptor did not authenticate itself, and if the
                     initiator did not specify a target name in its call to
                     gss_init_sec_context(),  the  value GSS_C_NO_NAME will be
                   returned.
                     Specify NULL if not required.

       OM_uint32 * lifetime_rec
                   (Integer, modify, optional) The number of seconds
                     for which the context will remain valid.  If the  context
                   has
                     expired, this parameter will be set to zero.  If the
                     implementation  does  not support context expiration, the
                   value
                     GSS_C_INDEFINITE will be returned.  Specify NULL  if  not
                   required.

       gss_OID * mech_type
                   (gss_OID, modify, optional) The security mechanism
                     providing  the  context.   The  returned  OID  will  be a
                   pointer to
                     static storage that should be treated as read-only by the
                     application;  in  particular  the  application should not
                   attempt to
                     free it.  Specify NULL if not required.

       OM_uint32 * ctx_flags
                   (bit-mask, modify, optional) Contains various
                     independent flags,  each  of  which  indicates  that  the
                   context
                     supports  (or  is  expected  to  support,  if ctx_open is
                   false) a
                     specific service option.  If not  needed,  specify  NULL.
                   Symbolic
                     names are provided for each flag, and the symbolic names
                     corresponding   to   the   required   flags   should   be
                   logically-ANDed
                     with the ret_flags value to test whether a  given  option
                   is
                     supported by the context.  See below for the flags.

       int * locally_initiated
                   (Boolean, modify) Non-zero if the invoking
                     application  is  the  context initiator.  Specify NULL if
                   not
                     required.

       int * open  (Boolean, modify) Non-zero if the context is fully
                     established; Zero if  a  context-establishment  token  is
                   expected
                     from the peer application.  Specify NULL if not required.

DESCRIPTION

       Obtains information about a security context.  The caller must  already
       have obtained a handle that refers to the context, although the context
       need not be fully established.

       The ‘ctx_flags‘ values:

       ‘GSS_C_DELEG_FLAG‘:: - True  -  Credentials  were  delegated  from  the
       initiator to the acceptor.  - False - No credentials were delegated.

       ‘GSS_C_MUTUAL_FLAG‘::  -  True  - The acceptor was authenticated to the
       initiator.  - False - The acceptor did not authenticate itself.

       ‘GSS_C_REPLAY_FLAG‘:: - True - replay of  protected  messages  will  be
       detected.  - False - replayed messages will not be detected.

       ‘GSS_C_SEQUENCE_FLAG‘::  -  True  -  out-of-sequence protected messages
       will be detected.  - False  -  out-of-sequence  messages  will  not  be
       detected.

       ‘GSS_C_CONF_FLAG‘::  - True - Confidentiality service may be invoked by
       calling gss_wrap routine.  - False - No  confidentiality  service  (via
       gss_wrap)  available.  gss_wrap  will  provide  message  encapsulation,
       data-origin authentication and integrity services only.

       ‘GSS_C_INTEG_FLAG‘:: - True -  Integrity  service  may  be  invoked  by
       calling either gss_get_mic or gss_wrap routines.  - False - Per-message
       integrity service unavailable.

       ‘GSS_C_ANON_FLAG‘:: - True -  The  initiator’s  identity  will  not  be
       revealed  to  the  acceptor.   The  src_name  parameter  (if requested)
       contains an anonymous internal name.  - False - The initiator has  been
       authenticated normally.

       ‘GSS_C_PROT_READY_FLAG‘:: - True - Protection services (as specified by
       the states of the GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG)  are  available
       for  use.  - False - Protection services (as specified by the states of
       the GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG) are  available  only  if  the
       context  is fully established (i.e. if the open parameter is non-zero).

       ‘GSS_C_TRANS_FLAG‘:: - True - The resultant  security  context  may  be
       transferred  to other processes via a call to gss_export_sec_context().
       - False - The security context is not transferable.

RETURN VALUE

       ‘GSS_S_COMPLETE‘: Successful completion.

       ‘GSS_S_NO_CONTEXT‘: The referenced context could not be accessed.

REPORTING BUGS

       Report bugs to <bug-gss@gnu.org>.  GNU Generic  Security  Service  home
       page: http://www.gnu.org/software/gss/ General help using GNU software:
       http://www.gnu.org/gethelp/

COPYRIGHT

       Copyright © 2003-2010 Simon Josefsson.
       Copying and distribution of this file, with  or  without  modification,
       are  permitted  in  any  medium  without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO

       The full documentation for gss is maintained as a Texinfo  manual.   If
       the  info  and  gss  programs  are properly installed at your site, the
       command

              info gss

       should give you access to the complete manual.