Manualshelf

HP-UX Reference (11i v1 00/12) - 5 Miscellaneous Topics, 7 Device (Special) Files, 9 General Information, Index (vol 9)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals
71727374757677787980
__________________________________________________________________________________________________________________________________________________________________________________________________
__________________________________________________________________________________________________________________________________________________________________________________________________
STANDARD Printed by: Nora Chuang [nchuang] STANDARD
/build/1111/BRICK/man5/!!!intro.5
________________________________________________________________
___ ___
g
gssapi(5) gssapi(5)
size_t length;
void *value;
} gss_buffer_desc, *gss_buffer_t;
The length field contains the total number of bytes in the data and the value field con-
tains a pointer to the actual data.
When using the gss_buffer_t data type, the GSSAPI routine allocates storage for
any data it passes to the application. The calling application must allocate the
gss_buffer_desc object. It can initialize unused gss_buffer_desc objects
with the value GSS_C_EMPTY_BUFFER. To free the storage, the application calls
the gss_release_buffer() routine.
Object Identifier Applications use the gss_OID data type to choose a security mechanism (for exam-
ple Kerberos), and to specify name types. Select a security mechanism by using the
corresponding OIDs:
For Kerberos Version 5, specify GSS_C_OID_KRBV5_DES.
GSS_C_NULL_OID, helps to ensure the portability of the application.
The gss_OID data type contains tree-structured values defined by ISO and has the following struc-
ture:
typedef struct gss_OID_desc_struct {
OM_uint32 length;
void * elements;
} gss_OID_desc, *gss_OID;
The elements field of the structure points to the first byte of an octet string containing the ASN.1 BER
encoding of the value of the gss_OID data type. The length field contains the number of bytes in the
value.
The gss_OID_desc values returned from the GSSAPI are read-only values. The application should
not try to deallocate them.
Object Identifier Sets
The gss_OID_set data type represents one or more object identifiers. The values
of the gss_OID_set data type are used to:
Report the available mechanisms supported by GSSAPI.
Request specific mechanisms.
Indicate which mechanisms a credential supports.
The gss_OID_set data type has the following structure:
typedef struct gss_OID_set_desc_struct {
int count
gss_OID elements
} gss_OID_set_desc, *gss_OID_set;
The count field contains the number of OIDs in the set. The elements field is a
pointer to an array of gss_oid_desc objects, each describing a single OID. The
application calls the gss_release_oid_set()
routine to deallocate storage asso-
ciated with the
gss_OID_set values that the GSSAPI routines return to the appli-
cation.
Credentials
Credentials establish,or prove, the identity of an application or other principal.
The gss_cred_id_t data type is an atomic data type that identifies a GSSAPI credential data struc-
ture.
Contexts
The security context is a pair of GSSAPI data structures that contain information shared between the com-
municating applications. The information describes the cryptographic state of each application. This secu-
rity context is required for per-message security services and is created by a successful authentication
exchange.
Section 558 3 HP-UX Release 11i: December 2000
___
___