1RPC_GSS_SECCREATE(3)     BSD Library Functions Manual     RPC_GSS_SECCREATE(3)
2

NAME

4     rpc_gss_seccreate — create a security context using the RPCSEC_GSS proto‐
5     col
6

SYNOPSIS

8     #include <rpc/rpcsec_gss.h>
9
10     AUTH *
11     rpc_gss_seccreate(CLIENT *clnt, const char *principal,
12         const char *mechanism, rpc_gss_service_t service, const char *qop,
13         rpc_gss_options_req_t *options_req,
14         rpc_gss_options_ret_t *options_ret);
15

DESCRIPTION

17     This function is used to establish a security context between an applica‐
18     tion and a remote peer using the RPSEC_GSS protocol.
19

PARAMETERS

21     clnt         An RPC handle which is connected to the remote peer
22
23     principal    The name of the service principal on the remote peer.  For
24                  instance, a principal such as "nfs@server.example.com" might
25                  be used by an application which needs to contact an NFS
26                  server
27
28     mechanism    The name of the GSS_API mechanism to use for the new secu‐
29                  rity context.  "kerberos_v5" is currently the only supported
30                  mechanism.
31
32     service      Type of service requested.
33
34                  rpc_gss_svc_default    The default - typically the same as
35                                         rpc_gss_svc_none.
36
37                  rpc_gss_svc_none       RPC headers only are integrity pro‐
38                                         tected by a checksum.
39
40                  rpc_gss_svc_integrity  RPC headers and data are integrity
41                                         protected by a checksum.
42
43                  rpc_gss_svc_privacy    RPC headers are integrity protected
44                                         by a checksum and data is encrypted.
45
46     qop          The name of the Quality of Protection to use for the new
47                  security context, or NULL to use the default QOP.
48                  "GSS_C_QOP_DEFAULT" is currently the only supported QOP.
49
50     options_req  Extra security context options to be passed to the underly‐
51                  ing GSS-API mechanism.  Pass NULL to supply default values.
52
53     options_ret  Various values returned by the underlying GSS-API mechanism.
54                  Pass NULL if these values are not required.
55

RETURN VALUES

57     If the security context was created successfully, a pointer to an AUTH
58     structure that represents the context is returned.  To use this security
59     context for subsequent RPC calls, set clnt->cl_auth to this value.
60

AVAILABILITY

62     The rpc_gss_seccreate() function is part of libtirpc.
63

SEE ALSO

65     rpc(3), gssapi(3), mech(5), qop(5), rpcsec_gss(3)
66

AUTHORS

68     This manual page was written by Doug Rabson <dfr@FreeBSD.org>.
69
70BSD                            January 26, 2010                            BSD
Impressum