Provided by: libglobus-gssapi-gsi-doc_14.20-2_all bug

NAME

       globus_gsi_gssapi_extensions_delegation - Delegation

        - Delegation Functions.

SYNOPSIS

   Functions
       OM_uint32 GSS_CALLCONV gss_accept_delegation (OM_uint32 *minor_status, const gss_ctx_id_t
           context_handle, const gss_OID_set extension_oids, const gss_buffer_set_t
           extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32
           time_req, OM_uint32 *time_rec, gss_cred_id_t *delegated_cred_handle, gss_OID
           *mech_type, gss_buffer_t output_token)
           Accept a delegated credential.
       OM_uint32 GSS_CALLCONV gss_init_delegation (OM_uint32 *minor_status, const gss_ctx_id_t
           context_handle, const gss_cred_id_t cred_handle, const gss_OID desired_mech, const
           gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const
           gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32 time_req, gss_buffer_t
           output_token)
           Initiate Delegation.

Detailed Description

       Delegation Functions.

       Functions in this section allow delegation to occur outside of the context initiation
       handshake.

Function Documentation

   OM_uint32 GSS_CALLCONV gss_accept_delegation (OM_uint32 * minor_status, const gss_ctx_id_t
       context_handle, const gss_OID_set extension_oids, const gss_buffer_set_t
       extension_buffers, const gss_buffer_t input_token, OM_uint32 req_flags, OM_uint32
       time_req, OM_uint32 * time_rec, gss_cred_id_t * delegated_cred_handle, gss_OID *
       mech_type, gss_buffer_t output_token)
       Accept a delegated credential. This functions drives the accepting side of the credential
       delegation process. It is expected to be called in tandem with the gss_init_delegation
       function.

       Parameters
           minor_status The minor status returned by this function. This parameter will be 0 upon
           success.
           context_handle The security context over which the credential is delegated.
           extension_oids A set of extension OIDs corresponding to buffers in the
           extension_buffers parameter below. May be GSS_C_NO_BUFFER_SET. Currently not used.
           extension_buffers A set of extension buffers corresponding to OIDs in the
           extension_oids parameter above. May be GSS_C_NO_BUFFER_SET. Currently not used.
           input_token The token that was produced by a prior call to gss_init_delegation.
           req_flags Flags that modify the behavior of the function. Currently only
           GSS_C_GLOBUS_SSL_COMPATIBLE is checked for. This flag results in tokens that aren't
           wrapped.
           time_req The requested period of validity (seconds) of the delegated credential.
           Currently a NO-OP.
           time_rec This parameter will contain the received period of validity of the delegated
           credential upon success. May be NULL.
           delegated_cred_handle This parameter will contain the delegated credential upon
           success.
           mech_type Returns the security mechanism upon success. Currently not implemented. May
           be NULL.
           output_token A token that should be passed to gss_init_delegation if the return value
           is GSS_S_CONTINUE_NEEDED.

       Return values
           GSS_S_COMPLETE Successful completion
           GSS_S_CONTINUE_NEEDED The function needs to be called again.
           GSS_S_FAILURE Failure

   OM_uint32 GSS_CALLCONV gss_init_delegation (OM_uint32 * minor_status, const gss_ctx_id_t
       context_handle, const gss_cred_id_t cred_handle, const gss_OID desired_mech, const
       gss_OID_set extension_oids, const gss_buffer_set_t extension_buffers, const gss_buffer_t
       input_token, OM_uint32 req_flags, OM_uint32 time_req, gss_buffer_t output_token)
       Initiate Delegation. This functions drives the initiating side of the credential
       delegation process. It is expected to be called in tandem with the gss_accept_delegation
       function.

       Parameters
           minor_status The minor status returned by this function. This parameter will be 0 upon
           success.
           context_handle The security context over which the credential is delegated.
           cred_handle The credential to be delegated. May be GSS_C_NO_CREDENTIAL in which case
           the credential associated with the security context is used.
           desired_mech The desired security mechanism. Currently not used. May be GSS_C_NO_OID.
           extension_oids A set of extension OIDs corresponding to buffers in the
           extension_buffers parameter below. The extensions specified will be added to the
           delegated credential. May be GSS_C_NO_BUFFER_SET.
           extension_buffers A set of extension buffers corresponding to OIDs in the
           extension_oids parameter above. May be GSS_C_NO_BUFFER_SET.
           input_token The token that was produced by a prior call to gss_accept_delegation. This
           parameter will be ignored the first time this function is called.
           req_flags Flags that modify the behavior of the function. Currently only
           GSS_C_GLOBUS_SSL_COMPATIBLE and GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG are checked for.
           The GSS_C_GLOBUS_SSL_COMPATIBLE flag results in tokens that aren't wrapped and
           GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG causes the delegated proxy to be limited
           (requires that no extensions are specified.
           time_req The requested period of validity (seconds) of the delegated credential.
           Passing a time_req of 0 cause the delegated credential to have the same lifetime as
           the credential that issued it.
           output_token A token that should be passed to gss_accept_delegation if the return
           value is GSS_S_CONTINUE_NEEDED.

       Return values
           GSS_S_COMPLETE Success
           GSS_S_CONTINUE_NEEDED This function needs to be called again.
           GSS_S_FAILURE upon failure

Author

       Generated automatically by Doxygen for globus_gssapi_gsi from the source code.

Version 14.20                             Tue Jul 5 202globus_gsi_gssapi_extensions_delegation(3)