table of contents
other versions
- wheezy-backports 11.13-3~bpo70+1
- jessie 11.13-3
- testing 12.13-1
- unstable 12.13-2
Delegation(3) | globus_gssapi_gsi | Delegation(3) |
NAME¶
Delegation - Delegation Functions.Functions¶
OM_uint32 GSS_CALLCONV gss_accept_delegation (OM_uint32 *minor_status, const gss_ctx_id_t context_handle, const gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32 time_req, OM_uint32 *time_rec, gss_cred_id_t *delegated_cred_handle, gss_OID *mech_type, gss_buffer_t output_token)
Detailed Description¶
Delegation Functions.Function Documentation¶
OM_uint32 GSS_CALLCONV gss_accept_delegation (OM_uint32 *minor_status, const gss_ctx_id_tcontext_handle, const gss_OID_setextension_oids, const gss_buffer_set_textension_buffers, const gss_buffer_tinput_token, OM_uint32req_flags, OM_uint32time_req, OM_uint32 *time_rec, gss_cred_id_t *delegated_cred_handle, gss_OID *mech_type, gss_buffer_toutput_token)¶
Accept a delegated credential. This functions drives the accepting side of the credential delegation process. It is expected to be called in tandem with the gss_init_delegation function. Parameters:minor_status The minor status returned
by this function. This parameter will be 0 upon success.
context_handle The security context over which the credential is
delegated.
extension_oids A set of extension OIDs corresponding to buffers in the
extension_buffers parameter below. May be GSS_C_NO_BUFFER_SET. Currently not
used.
extension_buffers A set of extension buffers corresponding to OIDs in the
extension_oids parameter above. May be GSS_C_NO_BUFFER_SET. Currently not
used.
input_token The token that was produced by a prior call to
gss_init_delegation.
req_flags Flags that modify the behavior of the function. Currently only
GSS_C_GLOBUS_SSL_COMPATIBLE is checked for. This flag results in tokens that
aren't wrapped.
time_req The requested period of validity (seconds) of the delegated
credential. Currently a NO-OP.
time_rec This parameter will contain the received period of validity of
the delegated credential upon success. May be NULL.
delegated_cred_handle This parameter will contain the delegated
credential upon success.
mech_type Returns the security mechanism upon success. Currently not
implemented. May be NULL.
output_token A token that should be passed to gss_init_delegation if the
return value is GSS_S_CONTINUE_NEEDED.
Return values:
GSS_S_COMPLETE Successful completion
GSS_S_CONTINUE_NEEDED The function needs to be called again.
GSS_S_FAILURE Failure
OM_uint32 GSS_CALLCONV gss_init_delegation (OM_uint32 *minor_status, const gss_ctx_id_tcontext_handle, const gss_cred_id_tcred_handle, const gss_OIDdesired_mech, const gss_OID_setextension_oids, const gss_buffer_set_textension_buffers, const gss_buffer_tinput_token, OM_uint32req_flags, OM_uint32time_req, gss_buffer_toutput_token)¶
Initiate Delegation. This functions drives the initiating side of the credential delegation process. It is expected to be called in tandem with the gss_accept_delegation function. Parameters:minor_status The minor status returned
by this function. This parameter will be 0 upon success.
context_handle The security context over which the credential is
delegated.
cred_handle The credential to be delegated. May be GSS_C_NO_CREDENTIAL in
which case the credential associated with the security context is used.
desired_mech The desired security mechanism. Currently not used. May be
GSS_C_NO_OID.
extension_oids A set of extension OIDs corresponding to buffers in the
extension_buffers parameter below. The extensions specified will be added to
the delegated credential. May be GSS_C_NO_BUFFER_SET.
extension_buffers A set of extension buffers corresponding to OIDs in the
extension_oids parameter above. May be GSS_C_NO_BUFFER_SET.
input_token The token that was produced by a prior call to
gss_accept_delegation. This parameter will be ignored the first time this
function is called.
req_flags Flags that modify the behavior of the function. Currently only
GSS_C_GLOBUS_SSL_COMPATIBLE and GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG are
checked for. The GSS_C_GLOBUS_SSL_COMPATIBLE flag results in tokens that
aren't wrapped and GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG causes the delegated
proxy to be limited (requires that no extensions are specified.
time_req The requested period of validity (seconds) of the delegated
credential. Passing a time_req of 0 cause the delegated credential to have the
same lifetime as the credential that issued it.
output_token A token that should be passed to gss_accept_delegation if
the return value is GSS_S_CONTINUE_NEEDED.
Return values:
GSS_S_COMPLETE Success
GSS_S_CONTINUE_NEEDED This function needs to be called again.
GSS_S_FAILURE upon failure
Author¶
Generated automatically by Doxygen for globus_gssapi_gsi from the source code.Mon Oct 5 2015 | Version 11.13 |