HP-UX Reference (11i v2 03/08) - 3 Library Functions A-M (vol 6)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

501

502

503

504

505

506

507

508

509

510

gss_add_cred(3) gss_add_cred(3)

NAME

gss_add_cred( ) - adds a credential-element to a credential

SYNOPSIS

#include <gssapi.h>

OM_uint32 gss_add_cred (

OM_uint32 *minor_status,

const gss_cred_id_t input_cred_handle,

const gss_name_t desired_name,

const gss_OID desired_mech,

gss_cred_usage_t cred_usage,

OM_uint32 initiator_time_req,

OM_uint32 acceptor_time_req,

gss_cred_id_t *output_cred_handle,

gss_OID_set *actual_mechs,

OM_uint32 *initiator_time_rec,

OM_uint32 *acceptor_time_rec);

DESCRIPTION

The gss_add_cred() routine adds a credential-element to a credential. The credential-element is

identiﬁed by the name of the principal to which it refers.

If desired_name is

GSS_C_NO_NAME, the call is interpreted as a request to add a credential element that

will invoke default behavior when passed to

gss_init_sec_context()

gss_accept_sec_context()

. This routine can be used to either compose a new credential contain-

ing all credential-elements of the original in addition to the newly-acquire credential-element, or to add

the new credential- element to an existing credential. If NULL is speciﬁed for the output_cred_handle

arameter argument, the new credential-element will be added to the credential identiﬁed by

input_cred_handle; if a valid pointer is speciﬁed for the output_cred_handle parameter, a new credential

handle will be created.

GSS_C_NO_CREDENTIAL

is speciﬁed as the input_cred_handle, gss_add_cred()

will compose a

credential based on default behavior.

Input Parameters

input_cred_handle Speciﬁes the handle to credential structure to which a credential-element will be

added. If

GSS_C_NO_CREDENTIAL

is speciﬁed, the routine will compose the

new credential based on default behavior

desired_name Speciﬁes the principal name whose credential should be acquired.

desired_mechs Speciﬁes the OID set for the security mechanism for which the new credential

may be used.

initiator_time_req Speciﬁes the number of seconds that credentials remain valid. for initiating secu-

rity contexts. This argument is ignored if the composed credentials are of type

GSS_C_ACCEPT. Specify GSS_C_INDEFINITE to request that the credentials

have the maximum permitted initiator lifetime.

acceptor_time_req Speciﬁes the number of seconds that credentials remain valid. for accepting secu-

rity contexts. This argument is ignored if the composed credentials are of type

GSS_C_INITIATE. Specify GSS_C_INDEFINITE to request that the creden-

tials have the maximum permitted acceptor lifetime.

cred_usage Specify one of the following:

GSS_C_BOTH Speciﬁes credentials that the context initiator can use to

either initiate or accept security contexts.

GSS_C_INITIATE Speciﬁes credentials that the context initiator can use

only to initiate security contexts.

GSS_C_ACCEPT Speciﬁes credentials that the context initiator can use

only to accept security contexts.

HP-UX 11i Version 2: August 2003 − 1 − Hewlett-Packard Company Section 3−−453