1gss_inquire_conteGxetn(e3rGiScS)Security Services API LibrarygFsusn_citniqounisre_context(3GSS)
2
3
4

NAME

6       gss_inquire_context - obtain information about a security context
7

SYNOPSIS

9       cc [ flag... ] file... -lgss  [ library... ]
10       #include <gssapi/gssapi.h>
11
12       OM_uint32 gss_inquire_context(OM_uint32 *minor_status,
13            const gss_ctx_id_t context_handle,gss_name_t *src_name,
14            gss_name_t *targ_name, OM_uint32 *lifetime_rec,
15            gss_OID *mech_type, OM_uint32 *ctx_flags,
16            int *locally_initiated, int *open);
17
18

DESCRIPTION

20       The gss_inquire_context() function obtains information about a security
21       context. The caller must already have obtained a handle that refers  to
22       the context, although the context need not be fully established.
23

PARAMETERS

25       The parameter descriptions for gss_inquire_context() are as follows:
26
27       minor_status         A mechanism-specific status code.
28
29
30       context_handle       A handle that refers to the security context.
31
32
33       src_name             The  name of the context initiator. If the context
34                            was established  using  anonymous  authentication,
35                            and  if  the application invoking gss_inquire_con‐
36                            text() is the context acceptor, an anonymous  name
37                            is  returned.   Storage  associated with this name
38                            must be freed by the application after use with  a
39                            call  to  gss_release_name().  Specify NULL if the
40                            parameter is not required.
41
42
43       targ_name            The name of the context acceptor. Storage  associ‐
44                            ated  with this name must be freed by the applica‐
45                            tion after use with a call to  gss_release_name().
46                            If  the  context  acceptor  did  not  authenticate
47                            itself, and if the initiator  did  not  specify  a
48                            target name in its call to gss_init_sec_context(),
49                            the value GSS_C_NO_NAME is returned. Specify  NULL
50                            if the parameter is not required.
51
52
53       lifetime_rec         The  number  of seconds for which the context will
54                            remain valid. If the  context  has  expired,  this
55                            parameter will be set to zero. Specify NULL if the
56                            parameter is not required.
57
58
59       mech_type            The security mechanism providing the context.  The
60                            returned  OID  is a pointer to static storage that
61                            should be treated as read-only by the application;
62                            in  particular, the application should not attempt
63                            to free it. Specify NULL if the parameter  is  not
64                            required.
65
66
67       ctx_flags            Contains  various independent flags, each of which
68                            indicates  that  the  context  supports   (or   is
69                            expected  to support, if ctx_open is false) a spe‐
70                            cific service option. If not needed, specify NULL.
71                            Symbolic names are provided for each flag, and the
72                            symbolic names corresponding to the required flags
73                            should be logically ANDed with the ret_flags value
74                            to test whether a given option is supported by the
75                            context.  The flags are:
76
77                            GSS_C_DELEG_FLAG         If true, credentials were
78                                                     delegated from  the  ini‐
79                                                     tiator  to  the acceptor.
80                                                     If false, no  credentials
81                                                     were delegated.
82
83
84                            GSS_C_MUTUAL_FLAG        If true, the acceptor was
85                                                     authenticated to the ini‐
86                                                     tiator.   If  false,  the
87                                                     acceptor did not  authen‐
88                                                     ticate itself.
89
90
91                            GSS_C_REPLAY_FLAG        If  true,  the  replay of
92                                                     protected  messages  will
93                                                     be  detected.  If  false,
94                                                     replayed  messages   will
95                                                     not be detected.
96
97
98                            GSS_C_SEQUENCE_FLAG      If  true, out-of-sequence
99                                                     protected  messages  will
100                                                     be  detected.  If  false,
101                                                     out-of-sequence  messages
102                                                     will not be detected.
103
104
105                            GSS_C_CONF_FLAG          If   true,   confidential
106                                                     service may be invoked by
107                                                     calling               the
108                                                     gss_wrap(3GSS)   routine.
109                                                     If false, no confidential
110                                                     service   is    available
111                                                     through       gss_wrap().
112                                                     gss_wrap() provides  mes‐
113                                                     sage encapsulation, data-
114                                                     origin    authentication,
115                                                     and   integrity  services
116                                                     only.
117
118
119                            GSS_C_INTEG_FLAG         If true,  integrity  ser‐
120                                                     vice  can  be  invoked by
121                                                     calling    either     the
122                                                     gss_get_mic()    or   the
123                                                     gss_wrap()  routine.   If
124                                                     false,        per-message
125                                                     integrity   service    is
126                                                     unavailable.
127
128
129                            GSS_C_ANON_FLAG          If  true, the initiator's
130                                                     identity is not  revealed
131                                                     to   the   acceptor.  The
132                                                     src_name  parameter,   if
133                                                     requested,   contains  an
134                                                     anonymous internal  name.
135                                                     If  false,  the initiator
136                                                     has  been   authenticated
137                                                     normally.
138
139
140                            GSS_C_PROT_READY_FLAG    If  true,  the protection
141                                                     services, as specified by
142                                                     the    states    of   the
143                                                     GSS_C_CONF_FLAG       and
144                                                     GSS_C_INTEG_FLAG,     are
145                                                     available  for  use.   If
146                                                     false, they are available
147                                                     only if  the  context  is
148                                                     fully  established,  that
149                                                     is, if the open parameter
150                                                     is non-zero.
151
152
153                            GSS_C_TRANS_FLAG         If  true, resultant secu‐
154                                                     rity   context   can   be
155                                                     transferred to other pro‐
156                                                     cesses through a call  to
157                                                     gss_export_sec_context().
158                                                     If  false,  the  security
159                                                     context  is not transfer‐
160                                                     able.
161
162
163
164       locally_initiated    Non-zero if the invoking application is  the  con‐
165                            text  initiator.  Specify NULL if the parameter is
166                            not required.
167
168
169       open                 Non-zero if the context is fully established; zero
170                            if  a context-establishment token is expected from
171                            the peer application. Specify NULL if the  parame‐
172                            ter is not required.
173
174

ERRORS

176       gss_inquire_context() returns one of the following status codes:
177
178       GSS_S_COMPLETE      Successful completion.
179
180
181       GSS_S_NO_CONTEXT    The referenced context could not be accessed.
182
183
184       GSS_S_FAILURE       The  underlying  mechanism  detected  an  error for
185                           which no specific GSS status code is defined.   The
186                           mechanism-specific status code reported by means of
187                           the minor_status parameter details the error condi‐
188                           tion.
189
190

ATTRIBUTES

192       See attributes(5)  for descriptions of the following attributes:
193
194
195
196
197       ┌─────────────────────────────┬─────────────────────────────┐
198       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
199       ├─────────────────────────────┼─────────────────────────────┤
200       │Availability                 │SUNWgss (32-bit)             │
201       ├─────────────────────────────┼─────────────────────────────┤
202       │                             │SUNWgssx (64-bit)            │
203       ├─────────────────────────────┼─────────────────────────────┤
204       │MT-Level                     │Safe                         │
205       └─────────────────────────────┴─────────────────────────────┘
206

SEE ALSO

208       gss_accept_sec_context(3GSS),                   gss_context_time(3GSS),
209       gss_delete_sec_context(3GSS),             gss_export_sec_context(3GSS),
210       gss_import_sec_context(3GSS),               gss_init_sec_context(3GSS),
211       gss_process_context_token(3GSS),                        gss_wrap(3GSS),
212       gss_wrap_size_limit(3GSS), attributes(5)
213
214
215       Solaris Security for Developers Guide
216
217
218
219SunOS 5.11                        17 Jan 2003        gss_inquire_context(3GSS)
Impressum