1rpc_gss_seccreate(3NSLN)etworking Services Library Functiornpsc_gss_seccreate(3NSL)
2
3
4

NAME

6       rpc_gss_seccreate - create a security context using the RPCSEC_GSS pro‐
7       tocol
8

SYNOPSIS

10       #include <rpc/rpcsec_gss.h>
11
12       AUTH  *rpc_gss_seccreate(CLIENT *clnt, char *principal, char *mechanism,
13            rpc_gss_service_t service_type, char *qop,
14            rpc_gss_options_req_t *options_req,
15            rpc_gss_options_ret_t *options_ret);
16
17

DESCRIPTION

19       rpc_gss_seccreate() is used by an appliction to create a security  con‐
20       text  using  the RPCSEC_GSS protocol, making use of the underlying GSS-
21       API network layer.   rpc_gss_seccreate() allows an application to spec‐
22       ify the type of security mechanism (for example, Kerberos v5), the type
23       of service (for example, integrity checking), and the Quality  of  Pro‐
24       tection (QOP) desired for transferring data.
25

PARAMETERS

27       Information  on   RPCSEC_GSS  data types for parameters may be found on
28       the rpcsec_gss(3NSL) man page.
29
30       clnt            This is the RPC client handle. clnt  may  be  obtained,
31                       for example, from clnt_create().
32
33
34       principal       This is the identity of the server principal, specified
35                       in the form  service@host, where service is the name of
36                       the service the client wishes to access and host is the
37                       fully qualified name of  the  host  where  the  service
38                       resides — for example, nfs@mymachine.eng.company.com.
39
40
41       mechanism       This  is an ASCII string which indicates which security
42                       mechanism to use with this  data.   Appropriate  mecha‐
43                       nisms may be found in the file /etc/gss/mech; addition‐
44                       ally, rpc_gss_get_mechanisms() returns a list  of  sup‐
45                       ported    security   mechanisms   (as   null-terminated
46                       strings).
47
48
49       service_type    This sets the initial type of service for the session —
50                       privacy, integrity, authentication, or none.
51
52
53       qop             This  is an ASCII string which sets the quality of pro‐
54                       tection (QOP) for the session. Appropriate  values  for
55                       this  string  may  be  found  in the file /etc/gss/qop.
56                       Additionally, supported QOPs are returned (as null-ter‐
57                       minated strings) by rpc_gss_get_mech_info().
58
59
60       options_req     This   structure  contains  options  which  are  passed
61                       directly to the underlying GSS_API layer.  If the call‐
62                       er  specifies  NULL  for  this  parameter, defaults are
63                       used. (See  NOTES, below.)
64
65
66       options_ret     These GSS-API options are returned to  the  caller.  If
67                       the  caller does not need to see these options, then it
68                       may  specify  NULL  for  this  parameter.  (See  NOTES,
69                       below.)
70
71

RETURN VALUES

73       rpc_gss_seccreate() returns a security context handle (an RPC authenti‐
74       cation handle) of type AUTH. If rpc_gss_seccreate() cannot return  suc‐
75       cessfully,   the  application  can  get  an  error  number  by  calling
76       rpc_gss_get_error().
77

FILES

79       /etc/gss/mech    File containing valid security mechanisms
80
81
82       /etc/gss/qop     File containing valid QOP values.
83
84

ATTRIBUTES

86       See attributes(5) for descriptions of the following attributes:
87
88
89
90
91       ┌─────────────────────────────┬─────────────────────────────┐
92       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
93       ├─────────────────────────────┼─────────────────────────────┤
94       │MT-Level                     │MT-Safe                      │
95       ├─────────────────────────────┼─────────────────────────────┤
96       │Availability                 │SUNWrsg (32-bits)            │
97       ├─────────────────────────────┼─────────────────────────────┤
98       │                             │SUNWrsgx (64-bits)           │
99       └─────────────────────────────┴─────────────────────────────┘
100

SEE ALSO

102       auth_destroy(3NSL),         rpc(3NSL),         rpc_gss_get_error(3NSL),
103       rpc_gss_get_mechanisms(3NSL),    rpcsec_gss(3NSL),   mech(4),   qop(4),
104       attributes(5)
105
106
107       ONC+ Developer's Guide
108
109
110       Linn, J. RFC 2743, Generic Security Service Application Program  Inter‐
111       face Version 2, Update 1. Network Working Group. January 2000.
112

NOTES

114       Contexts   may   be   destroyed  normally,  with   auth_destroy().  See
115       auth_destroy(3NSL)
116
117
118
119SunOS 5.11                        29 Jun 2001          rpc_gss_seccreate(3NSL)
Impressum