xref: /freebsd/lib/libgssapi/gss_delete_sec_context.3 (revision 608da65de9552d5678c1000776ed69da04a45983)
1.\" -*- nroff -*-
2.\"
3.\" Copyright (c) 2005 Doug Rabson
4.\" All rights reserved.
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25.\" SUCH DAMAGE.
26.\"
27.\" The following commands are required for all man pages.
28.Dd January 26, 2010
29.Dt GSS_DELETE_SEC_CONTEXT 3 PRM
30.Os
31.Sh NAME
32.Nm gss_delete_sec_context
33.Nd Discard a security context
34.\" This next command is for sections 2 and 3 only.
35.\" .Sh LIBRARY
36.Sh SYNOPSIS
37.In "gssapi/gssapi.h"
38.Ft OM_uint32
39.Fo gss_delete_sec_context
40.Fa "OM_uint32 *minor_status"
41.Fa "gss_ctx_id_t *context_handle"
42.Fa "gss_buffer_t output_token"
43.Fc
44.Sh DESCRIPTION
45Delete a security context.
46.Fn gss_delete_sec_context
47will delete the local data structures associated with the specified
48security context,
49and may generate an output_token,
50which when passed to the peer
51.Fn gss_process_context_token
52will instruct it to do likewise.
53If no token is required by the mechanism,
54the GSS-API should set the length field of the output_token (if
55provided) to zero.
56No further security services may be obtained using the context
57specified by
58.Fa context_handle .
59.Pp
60In addition to deleting established security contexts,
61.Fn gss_delete_sec_context
62must also be able to delete "half-built" security contexts resulting
63from an incomplete sequence of
64.Fn gss_init_sec_context
65/
66.Fn gss_accept_sec_context
67calls.
68.Pp
69The
70.Fa output_token
71parameter is retained for compatibility with version 1 of the GSS-API.
72It is recommended that both peer applications invoke
73.Fn gss_delete_sec_context
74passing the value
75.Dv GSS_C_NO_BUFFER
76for the
77.Fa output_token
78parameter,
79indicating that no token is required,
80and that
81.Fn gss_delete_sec_context
82should simply delete local context data structures.
83If the application does pass a valid buffer to
84.Fn gss_delete_sec_context ,
85mechanisms are encouraged to return a zero-length token,
86indicating that no peer action is necessary,
87and that no token should be transferred by the application.
88.Sh PARAMETERS
89.Bl -tag -width ".It context_handle"
90.It minor_status
91Mechanism specific status code.
92.It context_handle
93Context handle identifying context to delete.
94After deleting the context,
95the GSS-API will set this context handle to
96.Dv GSS_C_NO_CONTEXT .
97.It output_token
98Token to be sent to remote application to instruct it to also delete
99the context.
100It is recommended that applications specify
101.Dv GSS_C_NO_BUFFER
102for this parameter,
103requesting local deletion only.
104If a buffer parameter is provided by the application,
105the mechanism may return a token in it;
106mechanisms that implement only local deletion should set the length
107field of this token to zero to indicate to the application that no
108token is to be sent to the peer.
109.El
110.Sh RETURN VALUES
111.Bl -tag -width ".It context_handle"
112.It GSS_S_COMPLETE
113Successful completion
114.It GSS_S_NO_CONTEXT
115No valid context was supplied
116.El
117.Sh SEE ALSO
118.Xr gss_accept_sec_context 3 ,
119.Xr gss_init_sec_context 3 ,
120.Xr gss_process_context_token 3
121.Sh STANDARDS
122.Bl -tag -width ".It RFC 2743"
123.It RFC 2743
124Generic Security Service Application Program Interface Version 2, Update 1
125.It RFC 2744
126Generic Security Service API Version 2 : C-bindings
127.El
128.Sh HISTORY
129The
130.Nm
131function first appeared in
132.Fx 7.0 .
133.Sh AUTHORS
134John Wray, Iris Associates
135.Sh COPYRIGHT
136Copyright (C) The Internet Society (2000).  All Rights Reserved.
137.Pp
138This document and translations of it may be copied and furnished to
139others, and derivative works that comment on or otherwise explain it
140or assist in its implementation may be prepared, copied, published
141and distributed, in whole or in part, without restriction of any
142kind, provided that the above copyright notice and this paragraph are
143included on all such copies and derivative works.  However, this
144document itself may not be modified in any way, such as by removing
145the copyright notice or references to the Internet Society or other
146Internet organizations, except as needed for the purpose of
147developing Internet standards in which case the procedures for
148copyrights defined in the Internet Standards process must be
149followed, or as required to translate it into languages other than
150English.
151.Pp
152The limited permissions granted above are perpetual and will not be
153revoked by the Internet Society or its successors or assigns.
154.Pp
155This document and the information contained herein is provided on an
156"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
157TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
158BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
159HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
160MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
161