Provided by: libglobus-gss-assist-doc_12.6-1_all bug

NAME

       globus_gss_assist_context - Security Context Management

        - Security Context Creation and Use.

SYNOPSIS

   Functions
       OM_uint32 globus_gss_assist_accept_sec_context (OM_uint32 *minor_status, gss_ctx_id_t
           *context_handle, const gss_cred_id_t cred_handle, char **src_name_char, OM_uint32
           *ret_flags, int *user_to_user_flag, int *token_status, gss_cred_id_t
           *delegated_cred_handle, int(*gss_assist_get_token)(void *, void **, size_t *), void
           *gss_assist_get_context, int(*gss_assist_send_token)(void *, void *, size_t), void
           *gss_assist_send_context)
           Accept a Security Context.
       OM_uint32 globus_gss_assist_accept_sec_context_async (OM_uint32 *minor_status,
           gss_ctx_id_t *context_handle, const gss_cred_id_t cred_handle, char **src_name_char,
           OM_uint32 *ret_flags, int *user_to_user_flag, void *input_buffer, size_t
           input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp, gss_cred_id_t
           *delegated_cred_handle)
           Accept a Security Context Without Blocking.
       OM_uint32 globus_gss_assist_export_sec_context (OM_uint32 *minor_status, gss_ctx_id_t
           *context_handle, int *token_status, int fdp, FILE *fperr)
       OM_uint32 globus_gss_assist_import_sec_context (OM_uint32 *minor_status, gss_ctx_id_t
           *context_handle, int *token_status, int fdp, FILE *fperr)
       OM_uint32 globus_gss_assist_init_sec_context (OM_uint32 *minor_status, const gss_cred_id_t
           cred_handle, gss_ctx_id_t *context_handle, char *target_name_char, OM_uint32
           req_flags, OM_uint32 *ret_flags, int *token_status, int(*gss_assist_get_token)(void *,
           void **, size_t *), void *gss_assist_get_context, int(*gss_assist_send_token)(void *,
           void *, size_t), void *gss_assist_send_context)
       OM_uint32 globus_gss_assist_init_sec_context_async (OM_uint32 *minor_status, const
           gss_cred_id_t cred_handle, gss_ctx_id_t *context_handle, char *target_name_char,
           OM_uint32 req_flags, OM_uint32 *ret_flags, void *input_buffer, size_t
           input_buffer_len, void **output_bufferp, size_t *output_buffer_lenp)
       OM_uint32 globus_gss_assist_will_handle_restrictions (OM_uint32 *minor_status,
           gss_ctx_id_t *context_handle)
       OM_uint32 globus_gss_assist_get_unwrap (OM_uint32 *minor_status, const gss_ctx_id_t
           context_handle, char **data, size_t *length, int *token_status,
           int(*gss_assist_get_token)(void *, void **, size_t *), void *gss_assist_get_context,
           FILE *fperr)
           Get Unwrap.

Detailed Description

       Security Context Creation and Use.

       The functions in this section are used to create security contexts and send and receive
       messages sent over them. They use the functions provided by Token Transport or user-
       supplied functions to communicate security tokens over the context, looping over continue
       results from the GSSAPI as needed.

Function Documentation

   OM_uint32 globus_gss_assist_accept_sec_context (OM_uint32 * minor_status, gss_ctx_id_t *
       context_handle, const gss_cred_id_t cred_handle, char ** src_name_char, OM_uint32 *
       ret_flags, int * user_to_user_flag, int * token_status, gss_cred_id_t *
       delegated_cred_handle, int(*)(void *, void **, size_t *) gss_assist_get_token, void *
       gss_assist_get_context, int(*)(void *, void *, size_t) gss_assist_send_token, void *
       gss_assist_send_context)
       Accept a Security Context. This routine accepts a GSSAPI security context and is called by
       the gram_gatekeeper. It isolates the GSSAPI from the rest of the gram code.

       Initialize a GSSAPI security connection. Used by the server. The context_handle is
       returned, and there is one for each connection. This routine will take cake of the looping
       and token processing, using the supplied get_token and send_token routines.

       Parameters
           minor_status GSSAPI return code
           context_handle pointer to returned context.
           cred_handle the cred handle obtained by acquire_cred.
           src_name_char Pointer to char string representation of the client which contacted the
           server. Maybe NULL if not wanted. Should be freed when done.
           ret_flags Pointer to which services are available after the connection is established.
           Maybe NULL if not wanted. We will also use this to pass in flags to the globus version
           of GSSAPI
           user_to_user_flag Pointer to flag to be set if the src_name is the same as our name.
           (Following are particular to this assist routine)
           token_status assist routine get/send token status
           delegated_cred_handle pointer to be set to the credential delegated by the client if
           delegation occurs during the security handshake
           gss_assist_get_token a get token routine
           gss_assist_get_context first arg for the get token routine
           gss_assist_send_token a send token routine
           gss_assist_send_context first arg for the send token routine

       Returns
           GSS_S_COMPLETE on success Other GSSAPI errors on failure.

   OM_uint32 globus_gss_assist_accept_sec_context_async (OM_uint32 * minor_status, gss_ctx_id_t *
       context_handle, const gss_cred_id_t cred_handle, char ** src_name_char, OM_uint32 *
       ret_flags, int * user_to_user_flag, void * input_buffer, size_t input_buffer_len, void **
       output_bufferp, size_t * output_buffer_lenp, gss_cred_id_t * delegated_cred_handle)
       Accept a Security Context Without Blocking. This is an asynchronous version of the
       globus_gss_assist_accept_sec_context() function. Instead of looping itself it passes in
       and out the read and written buffers and the calling application is responsible for doing
       the I/O directly.

       Parameters
           minor_status GSSAPI return code
           context_handle pointer to returned context.
           cred_handle the cred handle obtained by acquire_cred.
           src_name_char Pointer to char string representation of the client which contacted the
           server. Maybe NULL if not wanted. Should be freed when done.
           ret_flags Pointer to which services are available after the connection is established.
           Maybe NULL if not wanted. We will also use this to pass in flags to the Globus version
           of GSSAPI
           user_to_user_flag Pointer to flag to be set if the src_name is the same as our name.
           input_buffer pointer to a buffer received from peer.
           input_buffer_len length of the buffer input_buffer.
           output_bufferp pointer to a pointer which will be filled in with a pointer to an
           allocated block of memory. If non-NULL the contents of this block should be written to
           the peer where they will be fed into the globus_gss_assist_init_sec_context_async()
           function.
           output_buffer_lenp pointer to an integer which will be filled in with the length of
           the allocated output buffer pointed to by *output_bufferp.
           delegated_cred_handle pointer to be set to the credential delegated by the client if
           delegation occurs during the security handshake

       Returns
           GSS_S_COMPLETE on successful completion when this function does not need to be called
           again.

       GSS_S_CONTINUE_NEEDED when *output_bufferp should be sent to the peer and a new
       input_buffer read and this function called again.

       Other GSSAPI errors on failure.

   OM_uint32 globus_gss_assist_export_sec_context (OM_uint32 * minor_status, gss_ctx_id_t *
       context_handle, int * token_status, int fdp, FILE * fperr)
       Export the security context from a file

       Parameters
           minor_status GSSAPI return code. This is a Globus Error code (or GLOBUS_SUCCESS) cast
           to a OM_uint32 pointer. If an error has occurred, the resulting error (from calling
           globus_error_get on this variable) needs to be freed by the caller
           context_handle The context to export
           token_status Errors that occurred while reading from the file
           fdp the file descriptor pointing to a file containing the security context
           fperr FILE * to write error messages

       Returns
           the major status

   OM_uint32 globus_gss_assist_get_unwrap (OM_uint32 * minor_status, const gss_ctx_id_t
       context_handle, char ** data, size_t * length, int * token_status, int(*)(void *, void **,
       size_t *) gss_assist_get_token, void * gss_assist_get_context, FILE * fperr)
       Get Unwrap. Gets a token using the specific tokenizing functions, and performs the GSS
       unwrap of that token

       See also
           gss_unwrap

       Parameters
           minor_status GSSAPI return code,

       See also
           gss_unwrap

       Parameters
           context_handle the context
           data pointer to be set to the unwrapped application data. This must be freed by the
           caller.
           length pointer to be set to the length of the data byte array.
           token_status assist routine get/send token status
           gss_assist_get_token a detokenizing routine
           gss_assist_get_context first arg for above routine
           fperr error stream to print to

       Returns
           GSS_S_COMPLETE on success Other gss errors on failure.

   OM_uint32 globus_gss_assist_import_sec_context (OM_uint32 * minor_status, gss_ctx_id_t *
       context_handle, int * token_status, int fdp, FILE * fperr)
       Import the security context from a file

       Parameters
           minor_status GSSAPI return code. This is a Globus Error code (or GLOBUS_SUCCESS) cast
           to a OM_uint32 pointer. If an error has occurred, the resulting error (from calling
           globus_error_get on this variable) needs to be freed by the caller
           context_handle The imported context
           token_status Errors that occurred while reading from the file
           fdp the file descriptor pointing to a file containing the security context
           fperr FILE * to write error messages

       Returns
           the major status

   OM_uint32 globus_gss_assist_init_sec_context (OM_uint32 * minor_status, const gss_cred_id_t
       cred_handle, gss_ctx_id_t * context_handle, char * target_name_char, OM_uint32 req_flags,
       OM_uint32 * ret_flags, int * token_status, int(*)(void *, void **, size_t *)
       gss_assist_get_token, void * gss_assist_get_context, int(*)(void *, void *, size_t)
       gss_assist_send_token, void * gss_assist_send_context)
       Initialize a GSSAPI security connection. Used by the client. The context_handle is
       returned, and there is one for each connection. This routine will take cake of the looping
       and token processing, using the supplied get_token and send_token routines.

       Parameters
           minor_status GSSAPI return code. The new minor_status is a globus_result_t cast to an
           OM_uint32. If the call was successful, the minor status is equivalent to
           GLOBUS_SUCCESS. Otherwise, it is a globus error object ID that can be passed to
           globus_error_get to get the error object. The error object needs to be freed with
           globus_object_free.
           cred_handle the cred handle obtained by acquire_cred.
           context_handle pointer to returned context.
           target_name_char char string representation of the server to be contacted.
           req_flags request flags, such as GSS_C_DELEG_FLAG for delegation and the
           GSS_C_MUTUAL_FLAG for mutual authentication.
           ret_flags Pointer to which services are available after the connection is established.
           Maybe NULL if not wanted.

       The following are particular to this assist routine:

       Parameters
           token_status the assist routine's get/send token status
           gss_assist_get_token function pointer for getting the token
           gss_assist_get_context first argument passed to the gss_assist_get_token function
           gss_assist_send_token function pointer for setting the token
           gss_assist_send_context first argument passed to the gss_assist_set_token function
           pointer

       Returns
           The major status

   OM_uint32 globus_gss_assist_init_sec_context_async (OM_uint32 * minor_status, const
       gss_cred_id_t cred_handle, gss_ctx_id_t * context_handle, char * target_name_char,
       OM_uint32 req_flags, OM_uint32 * ret_flags, void * input_buffer, size_t input_buffer_len,
       void ** output_bufferp, size_t * output_buffer_lenp)
       This is an asynchronous version of the globus_gss_assist_init_sec_context() function.
       Instead of looping itself it passes in and out the read and written buffers and the
       calling application is responsible for doing the I/O directly.

       Parameters
           minor_status GSSAPI return code. The new minor status is a globus_result_t cast to a
           OM_uint32. If an error occurred (GSS_ERROR(major_status)) the minor_status is a globus
           error object id. The error object can be obtained via globus_error_get and should be
           destroyed with globus_object_free when no longer needed. If no error occurred, the
           minor status is equal to GLOBUS_SUCCESS.
           cred_handle the cred handle obtained by acquire_cred.
           context_handle pointer to returned context.
           target_name_char char string representation of the server to be contacted.
           req_flags request flags, such as GSS_C_DELEG_FLAG for delegation and the
           GSS_C_MUTUAL_FLAG for mutual authentication.
           ret_flags Pointer to which services are available after the connection is established.
           Maybe NULL if not wanted.
           input_buffer pointer to a buffer received from peer. Should be NULL on first call.
           input_buffer_len length of the buffer input_buffer. Should be zero on first call.
           output_bufferp pointer to a pointer which will be filled in with a pointer to an
           allocated block of memory. If non-NULL the contents of this block should be written to
           the peer where they will be fed into the globus_gss_assist_accept_sec_context_async()
           function.
           output_buffer_lenp pointer to an integer which will be filled in with the length of
           the allocated output buffer pointed to by *output_bufferp.

       Returns
           GSS_S_COMPLETE on successful completion when this function does not need to be called
           again.

       GSS_S_CONTINUE_NEEDED when *output_bufferp should be sent to the peer and a new
       input_buffer read and this function called again.

       Other gss errors on failure.

   OM_uint32 globus_gss_assist_will_handle_restrictions (OM_uint32 * minor_status, gss_ctx_id_t *
       context_handle)
       Sets the context to handle restrictions

       Parameters
           minor_status the resulting minor status from setting the context handle
           context_handle the context handle to set the minor status of

       Returns
           the major status from setting the context

Author

       Generated automatically by Doxygen for globus_gss_assist from the source code.