rpc_gss_seccreate.3n (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

rpc_gss_seccreate(3N) rpc_gss_seccreate(3N)

NAME

rpc_gss_seccreate() - create a security context using the RPCSEC_GSS protocol

SYNOPSIS

#include <rpc/rpcsec_gss.h>

AUTH *rpc_gss_seccreate(

CLIENT *clnt ,

char *principal ,

char *mechanism ,

rpc_gss_service_t

service_type ,

char *qop,

rpc_gss_options_req_t *

options_req ,

rpc_gss_options_ret_t *

options_ret );

DESCRIPTION

rpc_gss_seccreate()

is used by an application to create a security context using the

RPCSEC_GSS

protocol, making use of the underlying GSS-API network layer.

rpc_gss_seccreate()

allows an

application to specify the type of security mechanism (for example, Kerberos v5), the type of service (for

example, integrity checking) and the Quality of Protection (QOP) desired for transferring data.

PARAMETERS

Information on

RPCSEC_GSS data types for parameters may be found on the rpcsec_gss (3N) manpage.

clnt This is the RPC client handle. clnt may be obtained, for example, from

clnt_create().

principal This is the identity of the server principal, speciﬁed in the form service@host , where ser-

vice is the name of the service the client wishes to access and host is the fully qualiﬁed

name of the host where the service resides (for example,

nfs@mymachine.eng.company.com

mechanism This is an ASCII string which indicates which security mechanism to use with this data.

Appropriate mechanisms may be found in the ﬁle

/etc/gss/mech

. Additionally,

rpc_gss_get_mechanisms()

returns a list of supported security mechanisms as

NULL-terminated strings.

service_type This sets the initial type of service for the session: privacy, integrity, authentication, or

none.

qop This is an ASCII string which sets the quality of protection (QOP) for the session.

Appropriate values for this string may be found in the ﬁle

/etc/gss/qop. Addition-

ally, supported QOPs are returned as NULL-terminated strings by

rpc_gss_get_mech_info()

options_req This structure contains options which are passed directly to the underlying

GSS-API

layer. If the caller speciﬁes NULL for this parameter, defaults are used.

options_ret These

GSS-API options are returned to the caller. If the caller does not need to see

these options, then it may specify NULL for this parameter.

MULTITHREAD USAGE

Thread Safe: Yes

Cancel Safe: Yes

Fork Safe: No

Async-cancel Safe: No

Async-signal Safe: No

These functions can be called safely in a multithreaded environment. They may be cancellation points in

that they call functions that are cancel points.

In a multithreaded environment, these functions are not safe to be called by a child process after

fork()

and before exec(). These functions should not be called by a multithreaded application that supports

asynchronous cancellation or asynchronous signals.

HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1

Summary of content (2 pages)

PAGE 1
rpc_gss_seccreate(3N) rpc_gss_seccreate(3N) NAME rpc_gss_seccreate() - create a security context using the RPCSEC_GSS protocol SYNOPSIS #include
PAGE 2
rpc_gss_seccreate(3N) rpc_gss_seccreate(3N) RETURN VALUE rpc_gss_seccreate() returns a security context handle (an RPC authentication handle) of type AUTH. If rpc_gss_seccreate() cannot return successfully, the application can get an error number by calling rpc_gss_get_error(). WARNINGS Contexts may be destroyed normally, with auth_destroy(). See the auth_destroy (3N) manpage. FILES /etc/gss/mech File containing valid security mechanisms. /etc/gss/qop File containing valid QOP values.