friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.apis_5.4.0.1/gss_inquire_context.htm

287 lines
7.8 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
<title>gss_inquire_context()--Get Information About Security Context</title>
<!-- Begin Header Records ========================================== -->
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<!-- Change History: -->
<!-- Edited by Kersten Jan 02 -->
<!-- Created by Kent Hofer for V5R1 -->
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
</head>
<body>
<!-- End Header Records -->
<!--Java sync-link-->
<script type="text/javascript" language="javascript" src="../rzahg/synch.js">
</script>
<a name="Top_of_page"></a>
<h2>gss_inquire_context()--Get Information About Security Context</h2>
<div class="box" style="width: 70%;">
<br>
&nbsp;&nbsp;Syntax
<pre>
#include &lt;gssapi.h&gt;
OM_uint32 gss_inquire_context (
OM_uint32 * <em>minor_status</em>,
gss_ctx_id_t <em>context_handle</em>,
gss_name_t * <em>source_name</em>,
gss_name_t * <em>target_name</em>,
OM_uint32 * <em>lifetime</em>,
gss_OID * <em>mech_type</em>,
gss_flags_t * <em>ret_flags</em>,
int * <em>local</em>,
int * <em>open</em>);
</pre>
&nbsp;&nbsp;Service Program Name: QSYS/QKRBGSS<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Default public authority: *USE<br>
<!-- iddvc RMBR -->
<br>
&nbsp;&nbsp;Threadsafe: Yes<br>
<!-- iddvc RMBR -->
<br>
</div>
<p>The <strong>gss_inquire_context()</strong> function returns information
about a security context to the calling application.</p>
<br>
<h3>Parameters</h3>
<dl>
<dt><strong>minor_status</strong>&nbsp;&nbsp;(Output)</dt>
<dd>A status code from the security mechanism.<br>
<br>
</dd>
<dt><strong>context_handle</strong>&nbsp;&nbsp;(Input)</dt>
<dd>The handle for the security context.<br>
<br>
</dd>
<dt><strong>source_name</strong>&nbsp;&nbsp;(Output)</dt>
<dd>The principal name associated with the context initiator. Specify
<strong>NULL</strong> for this parameter if the principal name is not
required.<br>
<br>
</dd>
<dt><strong>target_name</strong>&nbsp;&nbsp;(Output)</dt>
<dd>The principal name associated with the context acceptor. Specify
<strong>NULL</strong> for this parameter if the principal name is not
required.<br>
<br>
</dd>
<dt><strong>lifetime</strong>&nbsp;&nbsp;(Output)</dt>
<dd>The number of seconds for which the context remains valid. Specify
<strong>NULL</strong> for this parameter if the context lifetime is not
required. The returned value is <strong>GSS_C_INDEFINITE</strong> if the
security mechanism does not support context expiration.<br>
<br>
</dd>
<dt><strong>mech_type</strong>&nbsp;&nbsp;(Output)</dt>
<dd>The mechanism used to create the security context. The gss_OID value
returned for this parameter points to read-only storage and must not be
released by the application. Specify <strong>NULL</strong> for this parameter
if the mechanism type is not required.<br>
<br>
</dd>
<dt><strong>ret_flags</strong>&nbsp;&nbsp;(Output)</dt>
<dd>A bit mask containing independent flags indicating which GSS services are
available for the context. Specify <strong>NULL</strong> for this parameter if
the available service flags are not required. The following symbolic
definitions are provided to test the individual flags and should be logically
ANDed with the value of <em>ret_flags</em> to test whether the context supports
the service options:<br>
<br>
<table cellpadding="5">
<!-- cols="30 70" -->
<tr>
<td align="left" valign="top"><em>GSS_C_ANON_FLAG</em></td>
<td align="left" valign="top">The initiator identity will not be provided to
the context acceptor.</td>
</tr>
<tr>
<td align="left" valign="top"><em>GSS_C_CONF_FLAG</em></td>
<td align="left" valign="top">Message confidentiality services are
available.</td>
</tr>
<tr>
<td align="left" valign="top"><em>GSS_C_DELEG_FLAG</em></td>
<td align="left" valign="top">Delegated credentials will be available to the
context acceptor.</td>
</tr>
<tr>
<td align="left" valign="top"><em>GSS_C_INTEG_FLAG</em></td>
<td align="left" valign="top">Message integrity services are available.</td>
</tr>
<tr>
<td align="left" valign="top"><em>GSS_C_MUTUAL_FLAG</em></td>
<td align="left" valign="top">Mutual authentication will be performed. The
<strong>gss_accept_sec_context()</strong> routine will generate an output token
which the context acceptor must return to the context initiator to complete the
security context setup.</td>
</tr>
<tr>
<td align="left" valign="top" nowrap><em>GSS_C_PROT_READY_FLAG</em></td>
<td align="left" valign="top">Protection services, as specified by the states
of the <strong>GSS_C_CONF_FLAG</strong> and <strong>GSS_C_INTEG_FLAG</strong>,
are available for use even if the context is not fully established. Otherwise,
protection services are available for use only if value returned by the
<em>open</em> parameter is TRUE.</td>
</tr>
<tr>
<td align="left" valign="top"><em>GSS_C_REPLAY_FLAG</em></td>
<td align="left" valign="top">Message replay detection will be performed.</td>
</tr>
<tr>
<td align="left" valign="top"><em>GSS_C_SEQUENCE_FLAG</em></td>
<td align="left" valign="top">Message sequence checking will be performed.</td>
</tr>
</table>
<br>
<br>
</dd>
<dt><strong>local</strong>&nbsp;&nbsp;(Output)</dt>
<dd><strong>TRUE</strong> if the context was initiated locally and
<strong>FALSE</strong> otherwise. Specify <strong>NULL</strong> for this
parameter if the local indication is not required.<br>
<br>
</dd>
<dt><strong>open</strong>&nbsp;&nbsp;(Output)</dt>
<dd><strong>TRUE</strong> if context establishment has been completed and
<strong>FALSE</strong> otherwise. Specify <strong>NULL</strong> for this
parameter if the open indication is not required.</dd>
</dl>
<br>
<h3>Return Value</h3>
<p>The return value is one of the following status codes:</p>
<dl>
<dt><strong>GSS_S_COMPLETE</strong></dt>
<dd>The routine completed successfully.<br>
<br>
</dd>
<dt><strong>GSS_S_CONTEXT_EXPIRED</strong></dt>
<dd>The referenced context has expired.<br>
<br>
</dd>
<dt><strong>GSS_S_FAILURE</strong></dt>
<dd>The routine failed for reasons that are not defined at the GSS level. The
<em>minor_status</em> return parameter contains a mechanism-dependent error
code describing the reason for the failure.<br>
<br>
</dd>
<dt><strong>GSS_S_NO_CONTEXT</strong></dt>
<dd>The context handle provided by the caller does not refer to a valid
security context.</dd>
</dl>
<br>
<h3>Authorities</h3>
<table border width="80%">
<tr>
<th align="left" valign="bottom">Object Referred to</th>
<th align="center" valign="bottom">Data Authority Required</th>
</tr>
<tr>
<td align="left" valign="top">Each directory in the path name preceding the
configuration file</td>
<td align="center" valign="top">*X</td>
</tr>
<tr>
<td align="left" valign="top">Configuration file</td>
<td align="center" valign="top">*R</td>
</tr>
</table>
<br>
<br>
<h3>Error Messages</h3>
<table width="100%">
<tr>
<th align="left" valign="top">Message ID</th>
<th align="left" valign="top">Error Message Text</th>
</tr>
<tr>
<td width="15%" valign="top">CPE3418 E</td>
<td width="85%" valign="top">Possible APAR condition or hardware failure.</td>
</tr>
</table>
<br>
<hr>
API introduced: V5R1
<hr>
<center>
<table cellpadding="2" cellspacing="2">
<tr align="center">
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
"sec.htm">Security APIs</a> <br>
<a href="unix.htm">UNIX-Type APIs</a> | <a href="aplist.htm">APIs by
category</a> </td>
</tr>
</table>
</center>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink