.TH "globus_gss_assist_context" 3 "Wed Feb 27 2019" "Version 12.2" "globus_gss_assist" \" -*- nroff -*- .ad l .nh .SH NAME globus_gss_assist_context \- Security Context Creation and Use\&. .SH SYNOPSIS .br .PP .SS "Functions" .in +1c .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_accept_sec_context\fP (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, const gss_cred_id_t cred_handle, char **src_name_char, OM_uint32 *ret_flags, int *user_to_user_flag, int *token_status, gss_cred_id_t *delegated_cred_handle, int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context, int(*gss_assist_send_token)(void *, void *, size_t), void *gss_assist_send_context)" .br .RI "Accept a Security Context\&. " .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_accept_sec_context_async\fP (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, const gss_cred_id_t cred_handle, char **src_name_char, OM_uint32 *ret_flags, int *user_to_user_flag, void *input_buffer, size_t input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp, gss_cred_id_t *delegated_cred_handle)" .br .RI "Accept a Security Context Without Blocking\&. " .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_export_sec_context\fP (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, int *token_status, int fdp, FILE *fperr)" .br .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_import_sec_context\fP (OM_uint32 *minor_status, gss_ctx_id_t *context_handle, int *token_status, int fdp, FILE *fperr)" .br .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_init_sec_context\fP (OM_uint32 *minor_status, const gss_cred_id_t cred_handle, gss_ctx_id_t *context_handle, char *target_name_char, OM_uint32 req_flags, OM_uint32 *ret_flags, int *token_status, int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context, int(*gss_assist_send_token)(void *, void *, size_t), void *gss_assist_send_context)" .br .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_init_sec_context_async\fP (OM_uint32 *minor_status, const gss_cred_id_t cred_handle, gss_ctx_id_t *context_handle, char *target_name_char, OM_uint32 req_flags, OM_uint32 *ret_flags, void *input_buffer, size_t input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp)" .br .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_will_handle_restrictions\fP (OM_uint32 *minor_status, gss_ctx_id_t *context_handle)" .br .ti -1c .RI "OM_uint32 \fBglobus_gss_assist_get_unwrap\fP (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, char **data, size_t *length, int *token_status, int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context, FILE *fperr)" .br .RI "Get Unwrap\&. " .in -1c .SH "Detailed Description" .PP Security Context Creation and Use\&. The functions in this section are used to create security contexts and send and receive messages sent over them\&. They use the functions provided by \fBToken Transport\fP or user-supplied functions to communicate security tokens over the context, looping over continue results from the GSSAPI as needed\&. .SH "Function Documentation" .PP .SS "OM_uint32 globus_gss_assist_accept_sec_context (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, const gss_cred_id_t cred_handle, char ** src_name_char, OM_uint32 * ret_flags, int * user_to_user_flag, int * token_status, gss_cred_id_t * delegated_cred_handle, int(*)(void *, void **, size_t *) gss_assist_get_token, void * gss_assist_get_context, int(*)(void *, void *, size_t) gss_assist_send_token, void * gss_assist_send_context)" .PP Accept a Security Context\&. This routine accepts a GSSAPI security context and is called by the gram_gatekeeper\&. It isolates the GSSAPI from the rest of the gram code\&. .PP Initialize a GSSAPI security connection\&. Used by the server\&. The context_handle is returned, and there is one for each connection\&. This routine will take cake of the looping and token processing, using the supplied get_token and send_token routines\&. .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code .br \fIcontext_handle\fP pointer to returned context\&. .br \fIcred_handle\fP the cred handle obtained by acquire_cred\&. .br \fIsrc_name_char\fP Pointer to char string representation of the client which contacted the server\&. Maybe NULL if not wanted\&. Should be freed when done\&. .br \fIret_flags\fP Pointer to which services are available after the connection is established\&. Maybe NULL if not wanted\&. We will also use this to pass in flags to the globus version of GSSAPI .br \fIuser_to_user_flag\fP Pointer to flag to be set if the src_name is the same as our name\&. (Following are particular to this assist routine) .br \fItoken_status\fP assist routine get/send token status .br \fIdelegated_cred_handle\fP pointer to be set to the credential delegated by the client if delegation occurs during the security handshake .br \fIgss_assist_get_token\fP a get token routine .br \fIgss_assist_get_context\fP first arg for the get token routine .br \fIgss_assist_send_token\fP a send token routine .br \fIgss_assist_send_context\fP first arg for the send token routine .RE .PP \fBReturns:\fP .RS 4 GSS_S_COMPLETE on success Other GSSAPI errors on failure\&. .RE .PP .SS "OM_uint32 globus_gss_assist_accept_sec_context_async (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, const gss_cred_id_t cred_handle, char ** src_name_char, OM_uint32 * ret_flags, int * user_to_user_flag, void * input_buffer, size_t input_buffer_len, void ** output_bufferp, size_t * output_buffer_lenp, gss_cred_id_t * delegated_cred_handle)" .PP Accept a Security Context Without Blocking\&. This is a asynchronous version of the \fBglobus_gss_assist_accept_sec_context()\fP function\&. Instead of looping itself it passes in and out the read and written buffers and the calling application is responsible for doing the I/O directly\&. .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code .br \fIcontext_handle\fP pointer to returned context\&. .br \fIcred_handle\fP the cred handle obtained by acquire_cred\&. .br \fIsrc_name_char\fP Pointer to char string representation of the client which contacted the server\&. Maybe NULL if not wanted\&. Should be freed when done\&. .br \fIret_flags\fP Pointer to which services are available after the connection is established\&. Maybe NULL if not wanted\&. We will also use this to pass in flags to the Globus version of GSSAPI .br \fIuser_to_user_flag\fP Pointer to flag to be set if the src_name is the same as our name\&. .br \fIinput_buffer\fP pointer to a buffer received from peer\&. .br \fIinput_buffer_len\fP length of the buffer input_buffer\&. .br \fIoutput_bufferp\fP pointer to a pointer which will be filled in with a pointer to a allocated block of memory\&. If non-NULL the contents of this block should be written to the peer where they will be fed into the \fBglobus_gss_assist_init_sec_context_async()\fP function\&. .br \fIoutput_buffer_lenp\fP pointer to an integer which will be filled in with the length of the allocated output buffer pointed to by *output_bufferp\&. .br \fIdelegated_cred_handle\fP pointer to be set to the credential delegated by the client if delegation occurs during the security handshake .RE .PP \fBReturns:\fP .RS 4 GSS_S_COMPLETE on successful completion when this function does not need to be called again\&. .RE .PP GSS_S_CONTINUE_NEEDED when *output_bufferp should be sent to the peer and a new input_buffer read and this function called again\&. .PP Other GSSAPI errors on failure\&. .SS "OM_uint32 globus_gss_assist_export_sec_context (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, int * token_status, int fdp, FILE * fperr)" Export the security context from a file .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code\&. This is a Globus Error code (or GLOBUS_SUCCESS) cast to a OM_uint32 pointer\&. If an error has occurred, the resulting error (from calling globus_error_get on this variable) needs to be freed by the caller .br \fIcontext_handle\fP The context to export .br \fItoken_status\fP Errors that occurred while reading from the file .br \fIfdp\fP the file descriptor pointing to a file containing the security context .br \fIfperr\fP FILE * to write error messages .RE .PP \fBReturns:\fP .RS 4 the major status .RE .PP .SS "OM_uint32 globus_gss_assist_get_unwrap (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, char ** data, size_t * length, int * token_status, int(*)(void *, void **, size_t *) gss_assist_get_token, void * gss_assist_get_context, FILE * fperr)" .PP Get Unwrap\&. Gets a token using the specific tokenizing functions, and performs the GSS unwrap of that token .PP \fBSee also:\fP .RS 4 gss_unwrap .RE .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code, .RE .PP \fBSee also:\fP .RS 4 gss_unwrap .RE .PP \fBParameters:\fP .RS 4 \fIcontext_handle\fP the context .br \fIdata\fP pointer to be set to the unwrapped application data\&. This must be freed by the caller\&. .br \fIlength\fP pointer to be set to the length of the \fIdata\fP byte array\&. .br \fItoken_status\fP assist routine get/send token status .br \fIgss_assist_get_token\fP a detokenizing routine .br \fIgss_assist_get_context\fP first arg for above routine .br \fIfperr\fP error stream to print to .RE .PP \fBReturns:\fP .RS 4 GSS_S_COMPLETE on sucess Other gss errors on failure\&. .RE .PP .SS "OM_uint32 globus_gss_assist_import_sec_context (OM_uint32 * minor_status, gss_ctx_id_t * context_handle, int * token_status, int fdp, FILE * fperr)" Import the security context from a file .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code\&. This is a Globus Error code (or GLOBUS_SUCCESS) cast to a OM_uint32 pointer\&. If an error has occurred, the resulting error (from calling globus_error_get on this variable) needs to be freed by the caller .br \fIcontext_handle\fP The imported context .br \fItoken_status\fP Errors that occurred while reading from the file .br \fIfdp\fP the file descriptor pointing to a file containing the security context .br \fIfperr\fP FILE * to write error messages .RE .PP \fBReturns:\fP .RS 4 the major status .RE .PP .SS "OM_uint32 globus_gss_assist_init_sec_context (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, gss_ctx_id_t * context_handle, char * target_name_char, OM_uint32 req_flags, OM_uint32 * ret_flags, int * token_status, int(*)(void *, void **, size_t *) gss_assist_get_token, void * gss_assist_get_context, int(*)(void *, void *, size_t) gss_assist_send_token, void * gss_assist_send_context)" Initialize a GSSAPI security connection\&. Used by the client\&. The context_handle is returned, and there is one for each connection\&. This routine will take cake of the looping and token processing, using the supplied get_token and send_token routines\&. .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code\&. The new minor_status is a globus_result_t cast to an OM_uint32\&. If the call was successful, the minor status is equivalent to GLOBUS_SUCCESS\&. Otherwise, it is a globus error object ID that can be passed to globus_error_get to get the error object\&. The error object needs to be freed with globus_object_free\&. .br \fIcred_handle\fP the cred handle obtained by acquire_cred\&. .br \fIcontext_handle\fP pointer to returned context\&. .br \fItarget_name_char\fP char string representation of the server to be contacted\&. .br \fIreq_flags\fP request flags, such as GSS_C_DELEG_FLAG for delegation and the GSS_C_MUTUAL_FLAG for mutual authentication\&. .br \fIret_flags\fP Pointer to which services are available after the connection is established\&. Maybe NULL if not wanted\&. .RE .PP The following are particular to this assist routine: .PP \fBParameters:\fP .RS 4 \fItoken_status\fP the assist routine's get/send token status .br \fIgss_assist_get_token\fP function pointer for getting the token .br \fIgss_assist_get_context\fP first argument passed to the gss_assist_get_token function .br \fIgss_assist_send_token\fP function pointer for setting the token .br \fIgss_assist_send_context\fP first argument passed to the gss_assist_set_token function pointer .RE .PP \fBReturns:\fP .RS 4 The major status .RE .PP .SS "OM_uint32 globus_gss_assist_init_sec_context_async (OM_uint32 * minor_status, const gss_cred_id_t cred_handle, gss_ctx_id_t * context_handle, char * target_name_char, OM_uint32 req_flags, OM_uint32 * ret_flags, void * input_buffer, size_t input_buffer_len, void ** output_bufferp, size_t * output_buffer_lenp)" This is a asynchronous version of the \fBglobus_gss_assist_init_sec_context()\fP function\&. Instead of looping itself it passes in and out the read and written buffers and the calling application is responsible for doing the I/O directly\&. .PP \fBParameters:\fP .RS 4 \fIminor_status\fP GSSAPI return code\&. The new minor status is a globus_result_t cast to a OM_uint32\&. If an error occurred (GSS_ERROR(major_status)) the minor_status is a globus error object id\&. The error object can be obtained via globus_error_get and should be destroyed with globus_object_free when no longer needed\&. If no error occurred, the minor status is equal to GLOBUS_SUCCESS\&. .br \fIcred_handle\fP the cred handle obtained by acquire_cred\&. .br \fIcontext_handle\fP pointer to returned context\&. .br \fItarget_name_char\fP char string representation of the server to be contacted\&. .br \fIreq_flags\fP request flags, such as GSS_C_DELEG_FLAG for delegation and the GSS_C_MUTUAL_FLAG for mutual authentication\&. .br \fIret_flags\fP Pointer to which services are available after the connection is established\&. Maybe NULL if not wanted\&. .br \fIinput_buffer\fP pointer to a buffer received from peer\&. Should be NULL on first call\&. .br \fIinput_buffer_len\fP length of the buffer input_buffer\&. Should be zero on first call\&. .br \fIoutput_bufferp\fP pointer to a pointer which will be filled in with a pointer to a allocated block of memory\&. If non-NULL the contents of this block should be written to the peer where they will be fed into the gss_assist_init_sec_context_async() function\&. .br \fIoutput_buffer_lenp\fP pointer to an integer which will be filled in with the length of the allocated output buffer pointed to by *output_bufferp\&. .RE .PP \fBReturns:\fP .RS 4 GSS_S_COMPLETE on successful completion when this function does not need to be called again\&. .RE .PP GSS_S_CONTINUE_NEEDED when *output_bufferp should be sent to the peer and a new input_buffer read and this function called again\&. .PP Other gss errors on failure\&. .SS "OM_uint32 globus_gss_assist_will_handle_restrictions (OM_uint32 * minor_status, gss_ctx_id_t * context_handle)" Sets the context to handle restrictions .PP \fBParameters:\fP .RS 4 \fIminor_status\fP the resulting minor status from setting the context handle .br \fIcontext_handle\fP the context handle to set the minor status of .RE .PP \fBReturns:\fP .RS 4 the major status from setting the context .RE .PP .SH "Author" .PP Generated automatically by Doxygen for globus_gss_assist from the source code\&.