1gss_store_cred(3GGSeSn)eric Security Services API Library Functgisosn_sstore_cred(3GSS)
2
3
4
6 gss_store_cred - store a credential in the current credential store
7
9 cc [ flag... ] file... -lgss [ library... ]
10 #include <gssapi/gssapi.h>
11
12 OM_uint32 gss_store_cred(OM_uint32 *minor_status,
13 const gss_cred_id_t input_cred, const gss_cred_usage_t cred_usage,
14 const gss_OID desired_mech, OM_uint32 overwrite_cred,
15 OM_uint32 default_cred, gss_OID_set *elements_stored,
16 gss_cred_usage_t *cred_usage_stored);
17
18
20 The parameter descriptions for gss_store_cred() follow:
21
22 input_cred The credential to be stored.
23
24
25 cred_usage This parameter specifies whether to store an ini‐
26 tiator, an acceptor, or both usage components of a
27 credential.
28
29
30 desired_mech The mechanism-specific component of a credential
31 to be stored. If GSS_C_NULL_OID is specified, the
32 gss_store_cred() function attempts to store all
33 the elements of the given input_cred_handle.
34
35 The gss_store_cred() function is not atomic when
36 storing multiple elements of a credential. All
37 delegated credentials, however, contain a single
38 element.
39
40
41 overwrite_cred A boolean that indicates whether to overwrite
42 existing credentials in the current store for the
43 same principal as that of the input_cred_handle. A
44 non-zero value indicates that credentials are
45 overwritten. A zero value indicates that creden‐
46 tials are not overwritten.
47
48
49 default_cred A boolean that indicates whether to set the prin‐
50 cipal name of the input_cred_handle parameter as
51 the default of the current credential store. A
52 non-zero value indicates that the principal name
53 is set as the default. A zero value indicates that
54 the principal name is not set as the default. The
55 default principal of a credential store matches
56 GSS_C_NO_NAME as the desired_name input parameter
57 for gss_store_cred(3GSS).
58
59
60 elements_stored The set of mechanism OIDs for which
61 input_cred_handle elements have been stored.
62
63
64 cred_usage_stored The stored input_cred_handle usage elements: ini‐
65 tiator, acceptor, or both.
66
67
68 minor_status Minor status code that is specific to one of the
69 following: the mechanism identified by the
70 desired_mech_element parameter, or the element of
71 a single mechanism in the input_cred_handle. In
72 all other cases, minor_status has an undefined
73 value on return.
74
75
77 The gss_store_cred() function stores a credential in the the current
78 GSS-API credential store for the calling process. Input credentials can
79 be re-acquired through gss_add_cred(3GSS) and gss_acquire_cred(3GSS).
80
81
82 The gss_store_cred() function is specifically intended to make dele‐
83 gated credentials available to a user's login session.
84
85
86 The gss_accept_sec_context() function can return a delegated GSS-API
87 credential to its caller. The function does not store delegated creden‐
88 tials to be acquired through gss_add_cred(3GSS). Delegated credentials
89 can be used only by a receiving process unless they are made available
90 for acquisition by calling the gss_store_cred() function.
91
92
93 The Solaris Operating System supports a single GSS-API credential store
94 per user. The current GSS-API credential store of a process is deter‐
95 mined by its effective UID.
96
97
98 In general, acceptor applications should switch the current credential
99 store by changing the effective UID before storing a delegated creden‐
100 tial.
101
103 The gss_store_cred() can return the following status codes:
104
105 GSS_S_COMPLETE
106
107 Successful completion.
108
109
110 GSS_S_CREDENTIALS_EXPIRED
111
112 The credentials could not be stored because they have expired.
113
114
115 GSS_S_CALL_INACCESSIBLE_READ
116
117 No input credentials were given.
118
119
120 GSS_S_UNAVAILABLE
121
122 The credential store is unavailable.
123
124
125 GSS_S_DUPLICATE_ELEMENT
126
127 The credentials could not be stored because the overwrite_cred
128 input parameter was set to false (0) and the input_cred parameter
129 conflicts with a credential in the current credential store.
130
131
132 GSS_S_FAILURE
133
134 The underlying mechanism detected an error for which no specific
135 GSS status code is defined. The mechanism-specific status code
136 reported by means of the minor_status parameter details the error
137 condition.
138
139
141 See attributes(5) for descriptions of the following attributes:
142
143
144
145
146 ┌─────────────────────────────┬─────────────────────────────┐
147 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
148 ├─────────────────────────────┼─────────────────────────────┤
149 │Interface Stability │Unstable │
150 ├─────────────────────────────┼─────────────────────────────┤
151 │MT-Level │Safe │
152 └─────────────────────────────┴─────────────────────────────┘
153
155 gss_accept_sec_context(3GSS), gss_acquire_cred(3GSS),
156 gss_add_cred(3GSS), gss_init_sec_context(3GSS), gss_inquire_cred(3GSS),
157 gss_release_cred(3GSS), gss_release_oid_set(3GSS), attributes(5)
158
159
160 Solaris Security for Developers Guide
161
162
163
164SunOS 5.11 30 Jun 2005 gss_store_cred(3GSS)