HP-UX Reference (11i v1 05/09) - 3 Library Functions A-M (vol 6)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

451

452

453

454

455

456

457

458

459

460

gss_add_cred(3) gss_add_cred(3)

NAME

gss_add_cred( ) - adds a credential-element to a credential

SYNOPSIS

#include <gssapi.h>

OM_uint32 gss_add_cred (

OM_uint32 *minor_status,

const gss_cred_id_t input_cred_handle,

const gss_name_t desired_name,

const gss_OID desired_mech,

gss_cred_usage_t cred_usage,

OM_uint32 initiator_time_req,

OM_uint32 acceptor_time_req,

gss_cred_id_t *output_cred_handle,

gss_OID_set *actual_mechs,

OM_uint32 *initiator_time_rec,

OM_uint32 *acceptor_time_rec);

DESCRIPTION

The gss_add_cred() routine adds a credential-element to a credential. The credential-element is

identiﬁed by the name of the principal to which it refers.

If desired_name is

GSS_C_NO_NAME, the call is interpreted as a request to add a credential element that

will invoke default behavior when passed to

gss_init_sec_context()

gss_accept_sec_context()

. This routine can be used to either compose a new credential contain-

ing all credential-elements of the original in addition to the newly-acquire credential-element, or to add the

new credential- element to an existing credential. If NULL is speciﬁed for the output_cred_handle arame-

ter argument, the new credential-element will be added to the credential identiﬁed by input_cred_handle;if

a valid pointer is speciﬁed for the output_cred_handle parameter, a new credential handle will be created.

GSS_C_NO_CREDENTIAL

is speciﬁed as the input_cred_handle, gss_add_cred()

will compose a

credential based on default behavior.

Input Parameters

input_cred_handle Speciﬁes the handle to credential structure to which a credential-element will be

added. If

GSS_C_NO_CREDENTIAL

is speciﬁed, the routine will compose the new

credential based on default behavior

desired_name Speciﬁes the principal name whose credential should be acquired.

desired_mechs Speciﬁes the OID set for the security mechanism for which the new credential may

be used.

initiator_time_req Speciﬁes the number of seconds that credentials remain valid. for initiating secu-

rity contexts. This argument is ignored if the composed credentials are of type

GSS_C_ACCEPT . Specify GSS_C_INDEFINITE

to request that the credentials

have the maximum permitted initiator lifetime.

acceptor_time_req Speciﬁes the number of seconds that credentials remain valid. for accepting secu-

rity contexts. This argument is ignored if the composed credentials are of type

GSS_C_INITIATE. Specify GSS_C_INDEFINITE to request that the creden-

tials have the maximum permitted acceptor lifetime.

cred_usage Specify one of the following:

GSS_C_BOTH Speciﬁes credentials that the context initiator can use to

either initiate or accept security contexts.

GSS_C_INITIATE Speciﬁes credentials that the context initiator can use only

to initiate security contexts.

GSS_C_ACCEPT Speciﬁes credentials that the context initiator can use only

to accept security contexts.

Output Parameters

output_cred_handle The returned credential handle, containing the new credential-element and all the

credential-elements from input_cred_handle. If NULL is speciﬁed for this

HP-UX 11i Version 1: September 2005 − 1 − Hewlett-Packard Company Section 3−−411