.TH "globus_xio_gsi_driver" 3 "Version 5.4" "globus_xio_gsi_driver" \" -*- nroff -*- .ad l .nh .SH NAME globus_xio_gsi_driver \- Globus XIO GSI Driver .PP \- Globus XIO GSI Driver\&. .SH SYNOPSIS .br .PP .SS "Typedefs" .in +1c .ti -1c .RI "typedef void(* \fBglobus_xio_gsi_delegation_init_callback_t\fP) (globus_result_t result, void *user_arg)" .br .ti -1c .RI "typedef void(* \fBglobus_xio_gsi_delegation_accept_callback_t\fP) (globus_result_t result, gss_cred_id_t delegated_cred, OM_uint32 time_rec, void *user_arg)" .br .in -1c .SS "Enumerations" .in +1c .ti -1c .RI "enum \fBglobus_xio_gsi_error_t\fP { \fBGLOBUS_XIO_GSI_ERROR_INVALID_PROTECTION_LEVEL\fP, \fBGLOBUS_XIO_GSI_ERROR_WRAP_GSSAPI\fP, \fBGLOBUS_XIO_GSI_ERROR_EMPTY_TARGET_NAME\fP, \fBGLOBUS_XIO_GSI_ERROR_EMPTY_HOST_NAME\fP, \fBGLOBUS_XIO_GSI_AUTHORIZATION_FAILED\fP, \fBGLOBUS_XIO_GSI_ERROR_TOKEN_TOO_BIG\fP }" .br .ti -1c .RI "enum \fBglobus_xio_gsi_cmd_t\fP { \fBGLOBUS_XIO_GSI_SET_CREDENTIAL\fP, \fBGLOBUS_XIO_GSI_GET_CREDENTIAL\fP, \fBGLOBUS_XIO_GSI_SET_GSSAPI_REQ_FLAGS\fP, \fBGLOBUS_XIO_GSI_GET_GSSAPI_REQ_FLAGS\fP, \fBGLOBUS_XIO_GSI_SET_PROXY_MODE\fP, \fBGLOBUS_XIO_GSI_GET_PROXY_MODE\fP, \fBGLOBUS_XIO_GSI_SET_AUTHORIZATION_MODE\fP, \fBGLOBUS_XIO_GSI_GET_AUTHORIZATION_MODE\fP, \fBGLOBUS_XIO_GSI_SET_DELEGATION_MODE\fP, \fBGLOBUS_XIO_GSI_GET_DELEGATION_MODE\fP, \fBGLOBUS_XIO_GSI_SET_SSL_COMPATIBLE\fP, \fBGLOBUS_XIO_GSI_SET_ANON\fP, \fBGLOBUS_XIO_GSI_SET_WRAP_MODE\fP, \fBGLOBUS_XIO_GSI_GET_WRAP_MODE\fP, \fBGLOBUS_XIO_GSI_SET_BUFFER_SIZE\fP, \fBGLOBUS_XIO_GSI_GET_BUFFER_SIZE\fP, \fBGLOBUS_XIO_GSI_SET_PROTECTION_LEVEL\fP, \fBGLOBUS_XIO_GSI_GET_PROTECTION_LEVEL\fP, \fBGLOBUS_XIO_GSI_GET_TARGET_NAME\fP, \fBGLOBUS_XIO_GSI_SET_TARGET_NAME\fP, \fBGLOBUS_XIO_GSI_GET_CONTEXT\fP, \fBGLOBUS_XIO_GSI_GET_DELEGATED_CRED\fP, \fBGLOBUS_XIO_GSI_GET_PEER_NAME\fP, \fBGLOBUS_XIO_GSI_GET_LOCAL_NAME\fP, \fBGLOBUS_XIO_GSI_INIT_DELEGATION\fP, \fBGLOBUS_XIO_GSI_REGISTER_INIT_DELEGATION\fP, \fBGLOBUS_XIO_GSI_ACCEPT_DELEGATION\fP, \fBGLOBUS_XIO_GSI_REGISTER_ACCEPT_DELEGATION\fP, \fBGLOBUS_XIO_GSI_FORCE_SERVER_MODE\fP, \fBGLOBUS_XIO_GSI_SET_ALLOW_MISSING_SIGNING_POLICY\fP, \fBGLOBUS_XIO_GSI_GET_ALLOW_MISSING_SIGNING_POLICY\fP, \fBGLOBUS_XIO_GSI_SET_CREDENTIALS_DIR\fP, \fBGLOBUS_XIO_GSI_SET_APPLICATION_PROTOCOLS\fP }" .br .ti -1c .RI "enum \fBglobus_xio_gsi_protection_level_t\fP { \fBGLOBUS_XIO_GSI_PROTECTION_LEVEL_NONE\fP, \fBGLOBUS_XIO_GSI_PROTECTION_LEVEL_INTEGRITY\fP, \fBGLOBUS_XIO_GSI_PROTECTION_LEVEL_PRIVACY\fP }" .br .ti -1c .RI "enum \fBglobus_xio_gsi_delegation_mode_t\fP { \fBGLOBUS_XIO_GSI_DELEGATION_MODE_NONE\fP, \fBGLOBUS_XIO_GSI_DELEGATION_MODE_LIMITED\fP, \fBGLOBUS_XIO_GSI_DELEGATION_MODE_FULL\fP }" .br .ti -1c .RI "enum \fBglobus_xio_gsi_proxy_mode_t\fP { \fBGLOBUS_XIO_GSI_PROXY_MODE_FULL\fP, \fBGLOBUS_XIO_GSI_PROXY_MODE_LIMITED\fP, \fBGLOBUS_XIO_GSI_PROXY_MODE_MANY\fP }" .br .ti -1c .RI "enum \fBglobus_xio_gsi_authorization_mode_t\fP { \fBGLOBUS_XIO_GSI_NO_AUTHORIZATION\fP, \fBGLOBUS_XIO_GSI_SELF_AUTHORIZATION\fP, \fBGLOBUS_XIO_GSI_IDENTITY_AUTHORIZATION\fP, \fBGLOBUS_XIO_GSI_HOST_AUTHORIZATION\fP }" .br .in -1c .SS "Functions" .in +1c .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIAL\fP, gss_cred_id_t credential)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIAL\fP, gss_cred_id_t credential)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_CREDENTIAL\fP, gss_cred_id_t *credential)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_GET_CREDENTIAL\fP, gss_cred_id_t *credential)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_GSSAPI_REQ_FLAGS\fP, OM_uint32 req_flags)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_GSSAPI_REQ_FLAGS\fP, OM_uint32 *req_flags)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_PROXY_MODE\fP, \fBglobus_xio_gsi_proxy_mode_t\fP proxy_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_PROXY_MODE\fP, \fBglobus_xio_gsi_proxy_mode_t\fP *proxy_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_AUTHORIZATION_MODE\fP, \fBglobus_xio_gsi_authorization_mode_t\fP authz_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_AUTHORIZATION_MODE\fP, \fBglobus_xio_gsi_authorization_mode_t\fP *authz_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_DELEGATION_MODE\fP, \fBglobus_xio_gsi_delegation_mode_t\fP delegation_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_DELEGATION_MODE\fP, \fBglobus_xio_gsi_delegation_mode_t\fP *delegation_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_SSL_COMPATIBLE\fP, globus_bool_t ssl_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_ANON\fP, globus_bool_t anon_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_WRAP_MODE\fP, globus_bool_t wrap_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_WRAP_MODE\fP, globus_bool_t *wrap_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_BUFFER_SIZE\fP, globus_size_t buffer_size)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_BUFFER_SIZE\fP, globus_size_t *buffer_size)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_PROTECTION_LEVEL\fP, \fBglobus_xio_gsi_protection_level_t\fP protection_level)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_PROTECTION_LEVEL\fP, \fBglobus_xio_gsi_protection_level_t\fP *protection_level)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_TARGET_NAME\fP, gss_name_t *target_name)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_TARGET_NAME\fP, gss_name_t target_name)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_GET_CONTEXT\fP, gss_ctx_id_t *context)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_GET_DELEGATED_CRED\fP, gss_cred_id_t *credential)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_GET_PEER_NAME\fP, gss_name_t *peer_name)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_GET_LOCAL_NAME\fP, gss_name_t *local_name)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_INIT_DELEGATION\fP, gss_cred_id_t credential, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_REGISTER_INIT_DELEGATION\fP, gss_cred_id_t credential, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req, \fBglobus_xio_gsi_delegation_init_callback_t\fP callback, void *callback_arg)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_ACCEPT_DELEGATION\fP, gss_cred_id_t *credential, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_REGISTER_ACCEPT_DELEGATION\fP, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req, \fBglobus_xio_gsi_delegation_accept_callback_t\fP callback, void *callback_arg)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_FORCE_SERVER_MODE\fP, globus_bool_t server_mode)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_ALLOW_MISSING_SIGNING_POLICY\fP, globus_bool_t allow)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_GET_ALLOW_MISSING_SIGNING_POLICY\fP, globus_bool_t *allow)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIALS_DIR\fP, const char *directory)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIALS_DIR\fP, const char *directory)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_attr_cntl\fP (attr, driver, \fBGLOBUS_XIO_GSI_SET_APPLICATION_PROTOCOLS\fP, char **protocols)" .br .ti -1c .RI "globus_result_t \fBglobus_xio_gsi_handle_cntl\fP (handle, driver, \fBGLOBUS_XIO_GSI_SET_APPLICATION_PROTOCOLS\fP, char **protocols)" .br .in -1c .SH "Detailed Description" .PP Globus XIO GSI Driver\&. .SH "Opening/Closing" .PP An XIO handle with the gsi driver can be created with either globus_xio_handle_create () or globus_xio_server_register_accept ()\&. .PP If the handle is created with globus_xio_server_register_accept (), the globus_xio_register_open () call will proceed to accept a GSSAPI security context\&. Upon successful completion of the open (after the open callback has been called) the application may proceed to read or write data associated with the GSI session\&. .PP If the handle is created with globus_xio_handle_create (), then the XIO handle will implement the client-side (init) of the GSSAPI call sequence and establish a security context with the accepting side indicated by the contact_string passed to globus_xio_register_open ()\&. .SH "Reading/Writing" .PP The GSI driver behaves similar to the underlying transport driver with respect to reads and writes, except for the try-read and try-write operations (ie\&. waitforbytes ==0) which always return immediately\&. This is due to the fact that the security layer needs to read and write tokens of a certain minimal size and thus needs to rely on the underlying transport to handle greater than 0 reads/write which is not possible in 'try' mode\&. .SH "Server" .PP globus_xio_server_create() causes a new transport-specific listener socket to be created to handle new GSI connections\&. globus_xio_server_register_accept() will accept a new connection for processing\&. globus_xio_server_register_close() cleans up the internal resources associated with the http server and calls close on the listener\&. .PP All accepted handles inherit all GSI-specific attributes set in the attr to globus_xio_server_create(), but can be overridden with the attr to globus_xio_register_open()\&. Furthermore, accepted handles will use the GSSAPI accept security context call unless explicitly overridden during the globus_xio_register_open() call ( GLOBUS_XIO_GSI_FORCE_SERVER_MODE)\&. .SH "Environment Variables" .PP The gsi driver uses the following environment variables .IP "\(bu" 2 X509_USER_PROXY .IP "\(bu" 2 X509_USER_CERT .IP "\(bu" 2 X509_USER_KEY .IP "\(bu" 2 X509_CERT_DIR .PP .PP For details see \fCGlobus: GSI Environment Variables\fP .SH "Attributes and Cntls" .PP GSI driver specific attrs and cntls .PP \fBSee also\fP .RS 4 globus_xio_attr_cntl () .PP globus_xio_handle_cntl () .RE .PP .SH "Error Types" .PP The GSI driver uses mostly GSSAPI calls, so it generally just wraps the underlying GSSAPI errors or uses generic XIO errors\&. .PP \fBSee also\fP .RS 4 globus_xio_driver_error_match () .PP globus_error_gssapi_match () .PP globus_error_match_openssl_error () .RE .PP .SH "Typedef Documentation" .PP .SS "typedef void(* globus_xio_gsi_delegation_accept_callback_t) (globus_result_t result, gss_cred_id_t delegated_cred, OM_uint32 time_rec, void *user_arg)" Globus XIO GSI init delegation callback .SS "typedef void(* globus_xio_gsi_delegation_init_callback_t) (globus_result_t result, void *user_arg)" Globus XIO GSI init delegation callback .SH "Enumeration Type Documentation" .PP .SS "enum \fBglobus_xio_gsi_authorization_mode_t\fP" Globus XIO GSI authorization modes .PP \fBEnumerator\fP .in +1c .TP \fB\fIGLOBUS_XIO_GSI_NO_AUTHORIZATION \fP\fP Do not perform any authorization\&. This will cause a error when used in conjunction with delegation on the init/client side\&. .TP \fB\fIGLOBUS_XIO_GSI_SELF_AUTHORIZATION \fP\fP Authorize the peer if the peer has the same identity as ourselves .TP \fB\fIGLOBUS_XIO_GSI_IDENTITY_AUTHORIZATION \fP\fP Authorize the peer if the peer identity matches the identity set in the target name\&. .TP \fB\fIGLOBUS_XIO_GSI_HOST_AUTHORIZATION \fP\fP Authorize the peer if the identity of the peer matches the identity of the peer hostname\&. .SS "enum \fBglobus_xio_gsi_cmd_t\fP" GSI driver specific cntls .PP \fBEnumerator\fP .in +1c .TP \fB\fIGLOBUS_XIO_GSI_SET_CREDENTIAL \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP, \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_CREDENTIAL \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP, \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_GSSAPI_REQ_FLAGS \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_GSSAPI_REQ_FLAGS \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_PROXY_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_PROXY_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_AUTHORIZATION_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_AUTHORIZATION_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_DELEGATION_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_DELEGATION_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_SSL_COMPATIBLE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_ANON \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_WRAP_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_WRAP_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_BUFFER_SIZE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_BUFFER_SIZE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_PROTECTION_LEVEL \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_PROTECTION_LEVEL \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_TARGET_NAME \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_TARGET_NAME \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_CONTEXT \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_DELEGATED_CRED \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_PEER_NAME \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_LOCAL_NAME \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_INIT_DELEGATION \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_REGISTER_INIT_DELEGATION \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_ACCEPT_DELEGATION \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_REGISTER_ACCEPT_DELEGATION \fP\fP See usage for: \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_FORCE_SERVER_MODE \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_ALLOW_MISSING_SIGNING_POLICY \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_GET_ALLOW_MISSING_SIGNING_POLICY \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_CREDENTIALS_DIR \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP, \fBglobus_xio_gsi_handle_cntl \fP .TP \fB\fIGLOBUS_XIO_GSI_SET_APPLICATION_PROTOCOLS \fP\fP See usage for: \fBglobus_xio_gsi_attr_cntl \fP, \fBglobus_xio_gsi_handle_cntl \fP .SS "enum \fBglobus_xio_gsi_delegation_mode_t\fP" Globus XIO GSI delegation modes .PP \fBEnumerator\fP .in +1c .TP \fB\fIGLOBUS_XIO_GSI_DELEGATION_MODE_NONE \fP\fP No delegation .TP \fB\fIGLOBUS_XIO_GSI_DELEGATION_MODE_LIMITED \fP\fP Delegate a limited proxy .TP \fB\fIGLOBUS_XIO_GSI_DELEGATION_MODE_FULL \fP\fP Delegate a full proxy .SS "enum \fBglobus_xio_gsi_error_t\fP" GSI driver specific error types .PP \fBEnumerator\fP .in +1c .TP \fB\fIGLOBUS_XIO_GSI_ERROR_INVALID_PROTECTION_LEVEL \fP\fP Indicates that the established context does not meet the required protection level .TP \fB\fIGLOBUS_XIO_GSI_ERROR_WRAP_GSSAPI \fP\fP Wraps a GSSAPI error .TP \fB\fIGLOBUS_XIO_GSI_ERROR_EMPTY_TARGET_NAME \fP\fP Indicates that GLOBUS_XIO_GSI_IDENTITY_AUTHORIZATION is set but that the target name is empty .TP \fB\fIGLOBUS_XIO_GSI_ERROR_EMPTY_HOST_NAME \fP\fP Indicates that GLOBUS_XIO_GSI_HOST_AUTHORIZATION is set but that no host name is available .TP \fB\fIGLOBUS_XIO_GSI_AUTHORIZATION_FAILED \fP\fP Indicates that the peer is not authorized .TP \fB\fIGLOBUS_XIO_GSI_ERROR_TOKEN_TOO_BIG \fP\fP Indicates the token being read is too big\&. Usually happens when someone tries to establish a non secure session with a endpoint that expects security .SS "enum \fBglobus_xio_gsi_protection_level_t\fP" Globus XIO GSI protection levels .PP \fBEnumerator\fP .in +1c .TP \fB\fIGLOBUS_XIO_GSI_PROTECTION_LEVEL_NONE \fP\fP No security .TP \fB\fIGLOBUS_XIO_GSI_PROTECTION_LEVEL_INTEGRITY \fP\fP Messages are signed .TP \fB\fIGLOBUS_XIO_GSI_PROTECTION_LEVEL_PRIVACY \fP\fP Messages are signed and encrypted .SS "enum \fBglobus_xio_gsi_proxy_mode_t\fP" Globus XIO GSI proxy modes .PP \fBEnumerator\fP .in +1c .TP \fB\fIGLOBUS_XIO_GSI_PROXY_MODE_FULL \fP\fP Accept only full proxies .TP \fB\fIGLOBUS_XIO_GSI_PROXY_MODE_LIMITED \fP\fP Accept full proxies and limited proxies if they are the only limited proxy in the cert chain\&. .TP \fB\fIGLOBUS_XIO_GSI_PROXY_MODE_MANY \fP\fP Accept both full and limited proxies unconditionally .SH "Function Documentation" .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_FORCE_SERVER_MODE\fP, globus_bool_t server_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Force the server mode setting\&. .PP This explicitly sets the directionality of context establishment and delegation\&. .PP \fBParameters\fP .RS 4 \fIserver_mode\fP The server mode\&. .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_ALLOW_MISSING_SIGNING_POLICY\fP, globus_bool_t * allow)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the allow missing signing policy flag .PP \fBParameters\fP .RS 4 \fIallow\fP The flag currently set .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_AUTHORIZATION_MODE\fP, \fBglobus_xio_gsi_authorization_mode_t\fP * authz_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the authorization mode .PP \fBParameters\fP .RS 4 \fIauthz_mode\fP The authorization mode that is currently in effect .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_BUFFER_SIZE\fP, globus_size_t * buffer_size)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the read buffer size .PP The read buffer is used for buffering wrapped data, is initialized with a default size of 128K and scaled dynamically to always be able to fit whole tokens\&. .PP \fBParameters\fP .RS 4 \fIbuffer_size\fP The size of the read buffer .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_CREDENTIAL\fP, gss_cred_id_t * credential)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the credential to be used .PP \fBParameters\fP .RS 4 \fIcredential\fP The credential that is currently set\&. This will only return a credential if a credential was explicitly set prior to this call\&. It will not return any credential automatically acquired during context initialization\&. .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_DELEGATION_MODE\fP, \fBglobus_xio_gsi_delegation_mode_t\fP * delegation_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the delegation mode .PP \fBParameters\fP .RS 4 \fIdelegation_mode\fP The delegation mode currently in effect .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_GSSAPI_REQ_FLAGS\fP, OM_uint32 * req_flags)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the GSSAPI req_flags to be used .PP \fBParameters\fP .RS 4 \fIreq_flags\fP The req flags currently in effect .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_PROTECTION_LEVEL\fP, \fBglobus_xio_gsi_protection_level_t\fP * protection_level)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the protection level .PP \fBParameters\fP .RS 4 \fIprotection_level\fP The current protection level .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_PROXY_MODE\fP, \fBglobus_xio_gsi_proxy_mode_t\fP * proxy_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the proxy mode .PP \fBParameters\fP .RS 4 \fIproxy_mode\fP The proxy mode that is currently in effect .RE .PP \fBNote\fP .RS 4 Changing the proxy mode changes the req_flags .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_TARGET_NAME\fP, gss_name_t * target_name)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the expected peer name .PP \fBParameters\fP .RS 4 \fItarget_name\fP The expected peer name .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_GET_WRAP_MODE\fP, globus_bool_t * wrap_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the wrapping mode .PP This mode determines whether tokens will be wrapped with a Globus IO style header or not\&. .PP \fBParameters\fP .RS 4 \fIwrap_mode\fP The wrapping mode currently in use\&. .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_ALLOW_MISSING_SIGNING_POLICY\fP, globus_bool_t allow)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the allow missing signing policy flag .PP \fBParameters\fP .RS 4 \fIallow\fP The flag setting to use .RE .PP \fBNote\fP .RS 4 Changing this flag changes the req_flags .br .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_ANON\fP, globus_bool_t anon_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Do anonymous authentication .PP \fBParameters\fP .RS 4 \fIanon_mode\fP The ssl compatibility mode to use .RE .PP \fBNote\fP .RS 4 Changing the ssl compatibility mode changes the req_flags and the wrapping mode .br .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_APPLICATION_PROTOCOLS\fP, char ** protocols)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the list of application protocols to negotiate during TLS handshake\&. This uses tht TLS ALPN extension\&. .PP \fBParameters\fP .RS 4 \fIprotocols\fP An array of protocol names\&. The array must be terminated by a NULL pointer\&. .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_AUTHORIZATION_MODE\fP, \fBglobus_xio_gsi_authorization_mode_t\fP authz_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the authorization mode .PP \fBParameters\fP .RS 4 \fIauthz_mode\fP The authorization mode to set .RE .PP string opt: \fCauth='none'|'self'|'host'|'id'\fP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_BUFFER_SIZE\fP, globus_size_t buffer_size)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the read buffer size .PP The read buffer is used for buffering wrapped data, is initialized with a default size of 128K and scaled dynamically to always be able to fit whole tokens\&. .PP \fBParameters\fP .RS 4 \fIbuffer_size\fP The size of the read buffer .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIAL\fP, gss_cred_id_t credential)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the credential to be used .PP \fBParameters\fP .RS 4 \fIcredential\fP The credential to set\&. The credential structure needs to remain valid for the lifetime of any XIO data structure it is used by\&. .RE .PP \fBNote\fP .RS 4 If this is called with the handle_cntl, there must be no outstanding operations on the handle\&. .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIALS_DIR\fP, const char * directory)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the directory for credentials to use when accepting a security context\&. This is used when a service requires different credentials based on the SNI TLS extension\&. .PP \fBParameters\fP .RS 4 \fIdirectory\fP The path to the directory containing credentials\&. string opt: \fCcredentials_dir=\fIstring\fP\fP .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_DELEGATION_MODE\fP, \fBglobus_xio_gsi_delegation_mode_t\fP delegation_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the delegation mode .PP \fBParameters\fP .RS 4 \fIdelegation_mode\fP The delegation mode to use .RE .PP \fBNote\fP .RS 4 Changing the delegation mode changes the req_flags .br .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_GSSAPI_REQ_FLAGS\fP, OM_uint32 req_flags)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the GSSAPI req_flags to be used .PP \fBParameters\fP .RS 4 \fIreq_flags\fP The req_flags to set .RE .PP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_PROTECTION_LEVEL\fP, \fBglobus_xio_gsi_protection_level_t\fP protection_level)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the protection level .PP \fBParameters\fP .RS 4 \fIprotection_level\fP The protection level to set .RE .PP \fBNote\fP .RS 4 Changing the proxy mode changes the req_flags .RE .PP string opt: \fCprotection='none'|'private'|'integrity'\fP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_PROXY_MODE\fP, \fBglobus_xio_gsi_proxy_mode_t\fP proxy_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the proxy mode .PP \fBParameters\fP .RS 4 \fIproxy_mode\fP The proxy mode to set .RE .PP \fBNote\fP .RS 4 Changing the proxy mode changes the req_flags .RE .PP string opt: \fCproxy='many'|'full'|'limited'\fP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_SSL_COMPATIBLE\fP, globus_bool_t ssl_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Make the on the wire protocol SSL compatible\&. .PP This implies no wrapping of security tokens and no delegation .PP \fBParameters\fP .RS 4 \fIssl_mode\fP The ssl compatibility mode to use .RE .PP \fBNote\fP .RS 4 Changing the ssl compatibility mode changes the req_flags .br .RE .PP string opt: \fCssl_compatible='true'|'false'\fP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_TARGET_NAME\fP, gss_name_t target_name)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the expected peer name .PP \fBParameters\fP .RS 4 \fItarget_name\fP The expected peer name .RE .PP string opt: \fCsubject=\fIstring\fP\fP .SS "globus_result_t globus_xio_gsi_attr_cntl (attr, driver, \fBGLOBUS_XIO_GSI_SET_WRAP_MODE\fP, globus_bool_t wrap_mode)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the wrapping mode .PP This mode determines whether tokens will be wrapped with a Globus IO style header or not\&. .PP \fBParameters\fP .RS 4 \fIwrap_mode\fP The wrapping mode to use .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_ACCEPT_DELEGATION\fP, gss_cred_id_t * credential, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Accept delegation-at-any-time process .PP \fBParameters\fP .RS 4 \fIcredential\fP The delegated GSS credential .br \fIrestriction_oids\fP The OIDS for X\&.509 extensions to embed in the delegated credential .br \fIrestriction_buffers\fP The corresponding bodies for the X\&.509 extensions .br \fItime_req\fP The requested lifetime of the delegated credential .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_GET_CONTEXT\fP, gss_ctx_id_t * context)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the GSS context .PP \fBParameters\fP .RS 4 \fIcontext\fP The GSS context .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_GET_CREDENTIAL\fP, gss_cred_id_t * credential)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the credential to be used .PP \fBParameters\fP .RS 4 \fIcredential\fP The credential that is currently set\&. This will only return a credential if a credential was explicitly set prior to this call\&. It will not return any credential automatically acquired during context initialization\&. .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_GET_DELEGATED_CRED\fP, gss_cred_id_t * credential)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the delegated credential .PP \fBParameters\fP .RS 4 \fIcredential\fP The delegated credential .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_GET_LOCAL_NAME\fP, gss_name_t * local_name)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the GSS name associated with the local credentials .PP \fBParameters\fP .RS 4 \fIlocal_name\fP The GSS name of the local credentials .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_GET_PEER_NAME\fP, gss_name_t * peer_name)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Get the name of the peer .PP \fBParameters\fP .RS 4 \fIpeer_name\fP The GSS name of the peer\&. .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_INIT_DELEGATION\fP, gss_cred_id_t credential, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Initialize delegation-at-any-time process .PP \fBParameters\fP .RS 4 \fIcredential\fP The GSS credential to delegate .br \fIrestriction_oids\fP The OIDs for X\&.509 extensions to embed in the delegated credential .br \fIrestriction_buffers\fP The corresponding bodies for the X\&.509 extensions .br \fItime_req\fP The lifetime of the delegated credential .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_REGISTER_ACCEPT_DELEGATION\fP, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req, \fBglobus_xio_gsi_delegation_accept_callback_t\fP callback, void * callback_arg)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Accept non-blocking delegation-at-any-time process .PP \fBParameters\fP .RS 4 \fIrestriction_oids\fP The OIDS for X\&.509 extensions to embed in the delegated credential .br \fIrestriction_buffers\fP The corresponding bodies for the X\&.509 extensions .br \fItime_req\fP The lifetime of the delegated credential .br \fIcallback\fP The callback to call when the operation completes .br \fIcallback_arg\fP The arguments to pass to the callback .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_REGISTER_INIT_DELEGATION\fP, gss_cred_id_t credential, gss_OID_set restriction_oids, gss_buffer_set_t restriction_buffers, OM_uint32 time_req, \fBglobus_xio_gsi_delegation_init_callback_t\fP callback, void * callback_arg)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Initialize non-blocking delegation-at-any-time process .PP \fBParameters\fP .RS 4 \fIcredential\fP The GSS credential to delegate .br \fIrestriction_oids\fP The OIDS for X\&.509 extensions to embed in the delegated credential .br \fIrestriction_buffers\fP The corresponding bodies for the X\&.509 extensions .br \fItime_req\fP The lifetime of the delegated credential .br \fIcallback\fP The callback to call when the operation completes .br \fIcallback_arg\fP The arguments to pass to the callback .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_SET_APPLICATION_PROTOCOLS\fP, char ** protocols)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the list of application protocols to negotiate during TLS handshake\&. This uses tht TLS ALPN extension\&. .PP \fBParameters\fP .RS 4 \fIprotocols\fP An array of protocol names\&. The array must be terminated by a NULL pointer\&. .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIAL\fP, gss_cred_id_t credential)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the credential to be used .PP \fBParameters\fP .RS 4 \fIcredential\fP The credential to set\&. The credential structure needs to remain valid for the lifetime of any XIO data structure it is used by\&. .RE .PP \fBNote\fP .RS 4 If this is called with the handle_cntl, there must be no outstanding operations on the handle\&. .RE .PP .SS "globus_result_t globus_xio_gsi_handle_cntl (handle, driver, \fBGLOBUS_XIO_GSI_SET_CREDENTIALS_DIR\fP, const char * directory)" This is an overloaded member function, provided for convenience\&. It differs from the above function only in what argument(s) it accepts\&. Set the directory for credentials to use when accepting a security context\&. This is used when a service requires different credentials based on the SNI TLS extension\&. .PP \fBParameters\fP .RS 4 \fIdirectory\fP The path to the directory containing credentials\&. string opt: \fCcredentials_dir=\fIstring\fP\fP .RE .PP .SH "Author" .PP Generated automatically by Doxygen for globus_xio_gsi_driver from the source code\&.