1gss_inquire_conteGxetn(e3rGiScS)Security Services API LibrarygFsusn_citniqounisre_context(3GSS)
2
3
4
6 gss_inquire_context - obtain information about a security context
7
9 cc [ flag... ] file... -lgss [ library... ]
10 #include <gssapi/gssapi.h>
11
12 OM_uint32 gss_inquire_context(OM_uint32 *minor_status,
13 const gss_ctx_id_t context_handle,gss_name_t *src_name,
14 gss_name_t *targ_name, OM_uint32 *lifetime_rec,
15 gss_OID *mech_type, OM_uint32 *ctx_flags,
16 int *locally_initiated, int *open);
17
18
20 The gss_inquire_context() function obtains information about a security
21 context. The caller must already have obtained a handle that refers to
22 the context, although the context need not be fully established.
23
25 The parameter descriptions for gss_inquire_context() are as follows:
26
27 minor_status A mechanism-specific status code.
28
29
30 context_handle A handle that refers to the security context.
31
32
33 src_name The name of the context initiator. If the context
34 was established using anonymous authentication,
35 and if the application invoking gss_inquire_con‐
36 text() is the context acceptor, an anonymous name
37 is returned. Storage associated with this name
38 must be freed by the application after use with a
39 call to gss_release_name(). Specify NULL if the
40 parameter is not required.
41
42
43 targ_name The name of the context acceptor. Storage associ‐
44 ated with this name must be freed by the applica‐
45 tion after use with a call to gss_release_name().
46 If the context acceptor did not authenticate
47 itself, and if the initiator did not specify a
48 target name in its call to gss_init_sec_context(),
49 the value GSS_C_NO_NAME is returned. Specify NULL
50 if the parameter is not required.
51
52
53 lifetime_rec The number of seconds for which the context will
54 remain valid. If the context has expired, this
55 parameter will be set to zero. Specify NULL if the
56 parameter is not required.
57
58
59 mech_type The security mechanism providing the context. The
60 returned OID is a pointer to static storage that
61 should be treated as read-only by the application;
62 in particular, the application should not attempt
63 to free it. Specify NULL if the parameter is not
64 required.
65
66
67 ctx_flags Contains various independent flags, each of which
68 indicates that the context supports (or is
69 expected to support, if ctx_open is false) a spe‐
70 cific service option. If not needed, specify NULL.
71 Symbolic names are provided for each flag, and the
72 symbolic names corresponding to the required flags
73 should be logically ANDed with the ret_flags value
74 to test whether a given option is supported by the
75 context. The flags are:
76
77 GSS_C_DELEG_FLAG If true, credentials were
78 delegated from the ini‐
79 tiator to the acceptor.
80 If false, no credentials
81 were delegated.
82
83
84 GSS_C_MUTUAL_FLAG If true, the acceptor was
85 authenticated to the ini‐
86 tiator. If false, the
87 acceptor did not authen‐
88 ticate itself.
89
90
91 GSS_C_REPLAY_FLAG If true, the replay of
92 protected messages will
93 be detected. If false,
94 replayed messages will
95 not be detected.
96
97
98 GSS_C_SEQUENCE_FLAG If true, out-of-sequence
99 protected messages will
100 be detected. If false,
101 out-of-sequence messages
102 will not be detected.
103
104
105 GSS_C_CONF_FLAG If true, confidential
106 service may be invoked by
107 calling the
108 gss_wrap(3GSS) routine.
109 If false, no confidential
110 service is available
111 through gss_wrap().
112 gss_wrap() provides mes‐
113 sage encapsulation, data-
114 origin authentication,
115 and integrity services
116 only.
117
118
119 GSS_C_INTEG_FLAG If true, integrity ser‐
120 vice can be invoked by
121 calling either the
122 gss_get_mic() or the
123 gss_wrap() routine. If
124 false, per-message
125 integrity service is
126 unavailable.
127
128
129 GSS_C_ANON_FLAG If true, the initiator's
130 identity is not revealed
131 to the acceptor. The
132 src_name parameter, if
133 requested, contains an
134 anonymous internal name.
135 If false, the initiator
136 has been authenticated
137 normally.
138
139
140 GSS_C_PROT_READY_FLAG If true, the protection
141 services, as specified by
142 the states of the
143 GSS_C_CONF_FLAG and
144 GSS_C_INTEG_FLAG, are
145 available for use. If
146 false, they are available
147 only if the context is
148 fully established, that
149 is, if the open parameter
150 is non-zero.
151
152
153 GSS_C_TRANS_FLAG If true, resultant secu‐
154 rity context can be
155 transferred to other pro‐
156 cesses through a call to
157 gss_export_sec_context().
158 If false, the security
159 context is not transfer‐
160 able.
161
162
163
164 locally_initiated Non-zero if the invoking application is the con‐
165 text initiator. Specify NULL if the parameter is
166 not required.
167
168
169 open Non-zero if the context is fully established; zero
170 if a context-establishment token is expected from
171 the peer application. Specify NULL if the parame‐
172 ter is not required.
173
174
176 gss_inquire_context() returns one of the following status codes:
177
178 GSS_S_COMPLETE Successful completion.
179
180
181 GSS_S_NO_CONTEXT The referenced context could not be accessed.
182
183
184 GSS_S_FAILURE The underlying mechanism detected an error for
185 which no specific GSS status code is defined. The
186 mechanism-specific status code reported by means of
187 the minor_status parameter details the error condi‐
188 tion.
189
190
192 See attributes(5) for descriptions of the following attributes:
193
194
195
196
197 ┌─────────────────────────────┬─────────────────────────────┐
198 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
199 ├─────────────────────────────┼─────────────────────────────┤
200 │Availability │SUNWgss (32-bit) │
201 ├─────────────────────────────┼─────────────────────────────┤
202 │ │SUNWgssx (64-bit) │
203 ├─────────────────────────────┼─────────────────────────────┤
204 │MT-Level │Safe │
205 └─────────────────────────────┴─────────────────────────────┘
206
208 gss_accept_sec_context(3GSS), gss_context_time(3GSS),
209 gss_delete_sec_context(3GSS), gss_export_sec_context(3GSS),
210 gss_import_sec_context(3GSS), gss_init_sec_context(3GSS),
211 gss_process_context_token(3GSS), gss_wrap(3GSS),
212 gss_wrap_size_limit(3GSS), attributes(5)
213
214
215 Solaris Security for Developers Guide
216
217
218
219SunOS 5.11 17 Jan 2003 gss_inquire_context(3GSS)