1RPC_GSS_SECCREATE(3) BSD Library Functions Manual RPC_GSS_SECCREATE(3)
2
4 rpc_gss_seccreate — create a security context using the RPCSEC_GSS proto‐
5 col
6
8 #include <rpc/rpcsec_gss.h>
9
10 AUTH *
11 rpc_gss_seccreate(CLIENT *clnt, const char *principal,
12 const char *mechanism, rpc_gss_service_t service, const char *qop,
13 rpc_gss_options_req_t *options_req,
14 rpc_gss_options_ret_t *options_ret);
15
17 This function is used to establish a security context between an applica‐
18 tion and a remote peer using the RPSEC_GSS protocol.
19
21 clnt An RPC handle which is connected to the remote peer
22
23 principal The name of the service principal on the remote peer. For
24 instance, a principal such as "nfs@server.example.com" might
25 be used by an application which needs to contact an NFS
26 server
27
28 mechanism The name of the GSS_API mechanism to use for the new secu‐
29 rity context. "kerberos_v5" is currently the only supported
30 mechanism.
31
32 service Type of service requested.
33
34 rpc_gss_svc_default The default - typically the same as
35 rpc_gss_svc_none.
36
37 rpc_gss_svc_none RPC headers only are integrity pro‐
38 tected by a checksum.
39
40 rpc_gss_svc_integrity RPC headers and data are integrity
41 protected by a checksum.
42
43 rpc_gss_svc_privacy RPC headers are integrity protected
44 by a checksum and data is encrypted.
45
46 qop The name of the Quality of Protection to use for the new
47 security context, or NULL to use the default QOP.
48 "GSS_C_QOP_DEFAULT" is currently the only supported QOP.
49
50 options_req Extra security context options to be passed to the underly‐
51 ing GSS-API mechanism. Pass NULL to supply default values.
52
53 options_ret Various values returned by the underlying GSS-API mechanism.
54 Pass NULL if these values are not required.
55
57 If the security context was created successfully, a pointer to an AUTH
58 structure that represents the context is returned. To use this security
59 context for subsequent RPC calls, set clnt->cl_auth to this value.
60
62 The rpc_gss_seccreate() function is part of libtirpc.
63
65 rpc(3), gssapi(3), mech(5), qop(5), rpcsec_gss(3)
66
68 This manual page was written by Doug Rabson <dfr@FreeBSD.org>.
69
70BSD January 26, 2010 BSD