.TH "globus_gsi_gssapi_extensions_delegation" 3 "Tue Jul 5 2022" "Version 14.20" "globus_gssapi_gsi" \" -*- nroff -*-
.ad l
.nh
.SH NAME
globus_gsi_gssapi_extensions_delegation \- Delegation
.PP
 \- Delegation Functions\&.  

.SH SYNOPSIS
.br
.PP
.SS "Functions"

.in +1c
.ti -1c
.RI "OM_uint32 GSS_CALLCONV \fBgss_accept_delegation\fP (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32 time_req, OM_uint32 *time_rec, gss_cred_id_t *delegated_cred_handle, gss_OID *mech_type, gss_buffer_t output_token)"
.br
.RI "Accept a delegated credential\&. "
.ti -1c
.RI "OM_uint32 GSS_CALLCONV \fBgss_init_delegation\fP (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_cred_id_t cred_handle, const gss_OID desired_mech, const gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32 time_req, gss_buffer_t output_token)"
.br
.RI "Initiate Delegation\&. "
.in -1c
.SH "Detailed Description"
.PP 
Delegation Functions\&. 

Functions in this section allow delegation to occur outside of the context initiation handshake\&. 
.SH "Function Documentation"
.PP 
.SS "OM_uint32 GSS_CALLCONV gss_accept_delegation (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32 time_req, OM_uint32 * time_rec, gss_cred_id_t * delegated_cred_handle, gss_OID * mech_type, gss_buffer_t output_token)"

.PP
Accept a delegated credential\&. This functions drives the accepting side of the credential delegation process\&. It is expected to be called in tandem with the gss_init_delegation function\&.
.PP
\fBParameters\fP
.RS 4
\fIminor_status\fP The minor status returned by this function\&. This parameter will be 0 upon success\&. 
.br
\fIcontext_handle\fP The security context over which the credential is delegated\&. 
.br
\fIextension_oids\fP A set of extension OIDs corresponding to buffers in the extension_buffers parameter below\&. May be GSS_C_NO_BUFFER_SET\&. Currently not used\&. 
.br
\fIextension_buffers\fP A set of extension buffers corresponding to OIDs in the extension_oids parameter above\&. May be GSS_C_NO_BUFFER_SET\&. Currently not used\&. 
.br
\fIinput_token\fP The token that was produced by a prior call to gss_init_delegation\&. 
.br
\fIreq_flags\fP Flags that modify the behavior of the function\&. Currently only GSS_C_GLOBUS_SSL_COMPATIBLE is checked for\&. This flag results in tokens that aren't wrapped\&. 
.br
\fItime_req\fP The requested period of validity (seconds) of the delegated credential\&. Currently a NO-OP\&. 
.br
\fItime_rec\fP This parameter will contain the received period of validity of the delegated credential upon success\&. May be NULL\&. 
.br
\fIdelegated_cred_handle\fP This parameter will contain the delegated credential upon success\&. 
.br
\fImech_type\fP Returns the security mechanism upon success\&. Currently not implemented\&. May be NULL\&. 
.br
\fIoutput_token\fP A token that should be passed to gss_init_delegation if the return value is GSS_S_CONTINUE_NEEDED\&. 
.RE
.PP
\fBReturn values\fP
.RS 4
\fIGSS_S_COMPLETE\fP Successful completion 
.br
\fIGSS_S_CONTINUE_NEEDED\fP The function needs to be called again\&. 
.br
\fIGSS_S_FAILURE\fP Failure 
.RE
.PP

.SS "OM_uint32 GSS_CALLCONV gss_init_delegation (OM_uint32 * minor_status, const gss_ctx_id_t context_handle, const gss_cred_id_t cred_handle, const gss_OID desired_mech, const gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32 time_req, gss_buffer_t output_token)"

.PP
Initiate Delegation\&. This functions drives the initiating side of the credential delegation process\&. It is expected to be called in tandem with the gss_accept_delegation function\&.
.PP
\fBParameters\fP
.RS 4
\fIminor_status\fP The minor status returned by this function\&. This parameter will be 0 upon success\&. 
.br
\fIcontext_handle\fP The security context over which the credential is delegated\&. 
.br
\fIcred_handle\fP The credential to be delegated\&. May be GSS_C_NO_CREDENTIAL in which case the credential associated with the security context is used\&. 
.br
\fIdesired_mech\fP The desired security mechanism\&. Currently not used\&. May be GSS_C_NO_OID\&. 
.br
\fIextension_oids\fP A set of extension OIDs corresponding to buffers in the extension_buffers parameter below\&. The extensions specified will be added to the delegated credential\&. May be GSS_C_NO_BUFFER_SET\&. 
.br
\fIextension_buffers\fP A set of extension buffers corresponding to OIDs in the extension_oids parameter above\&. May be GSS_C_NO_BUFFER_SET\&. 
.br
\fIinput_token\fP The token that was produced by a prior call to gss_accept_delegation\&. This parameter will be ignored the first time this function is called\&. 
.br
\fIreq_flags\fP Flags that modify the behavior of the function\&. Currently only GSS_C_GLOBUS_SSL_COMPATIBLE and GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG are checked for\&. The GSS_C_GLOBUS_SSL_COMPATIBLE flag results in tokens that aren't wrapped and GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG causes the delegated proxy to be limited (requires that no extensions are specified\&.
.br
\fItime_req\fP The requested period of validity (seconds) of the delegated credential\&. Passing a time_req of 0 cause the delegated credential to have the same lifetime as the credential that issued it\&. 
.br
\fIoutput_token\fP A token that should be passed to gss_accept_delegation if the return value is GSS_S_CONTINUE_NEEDED\&. 
.RE
.PP
\fBReturn values\fP
.RS 4
\fIGSS_S_COMPLETE\fP Success 
.br
\fIGSS_S_CONTINUE_NEEDED\fP This function needs to be called again\&. 
.br
\fIGSS_S_FAILURE\fP upon failure 
.RE
.PP

.SH "Author"
.PP 
Generated automatically by Doxygen for globus_gssapi_gsi from the source code\&.