xref: /freebsd/lib/libgssapi/gss_process_context_token.3 (revision fa9896e082a1046ff4fbc75fcba4d18d1f2efc19) 
1c0b9f4feSDoug Rabson.\" -*- nroff -*-
2c0b9f4feSDoug Rabson.\"
3c0b9f4feSDoug Rabson.\" Copyright (c) 2005 Doug Rabson
4c0b9f4feSDoug Rabson.\" All rights reserved.
5c0b9f4feSDoug Rabson.\"
6c0b9f4feSDoug Rabson.\" Redistribution and use in source and binary forms, with or without
7c0b9f4feSDoug Rabson.\" modification, are permitted provided that the following conditions
8c0b9f4feSDoug Rabson.\" are met:
9c0b9f4feSDoug Rabson.\" 1. Redistributions of source code must retain the above copyright
10c0b9f4feSDoug Rabson.\"    notice, this list of conditions and the following disclaimer.
11c0b9f4feSDoug Rabson.\" 2. Redistributions in binary form must reproduce the above copyright
12c0b9f4feSDoug Rabson.\"    notice, this list of conditions and the following disclaimer in the
13c0b9f4feSDoug Rabson.\"    documentation and/or other materials provided with the distribution.
14c0b9f4feSDoug Rabson.\"
15c0b9f4feSDoug Rabson.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16c0b9f4feSDoug Rabson.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17c0b9f4feSDoug Rabson.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18c0b9f4feSDoug Rabson.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19c0b9f4feSDoug Rabson.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20c0b9f4feSDoug Rabson.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21c0b9f4feSDoug Rabson.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22c0b9f4feSDoug Rabson.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23c0b9f4feSDoug Rabson.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24c0b9f4feSDoug Rabson.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25c0b9f4feSDoug Rabson.\" SUCH DAMAGE.
26c0b9f4feSDoug Rabson.\"
27c0b9f4feSDoug Rabson.\" The following commands are required for all man pages.
28d76ba3efSGavin Atkinson.Dd January 26, 2010
29c0b9f4feSDoug Rabson.Dt GSS_PROCESS_CONTEXT_TOKEN 3 PRM
30aa12cea2SUlrich Spörlein.Os
31c0b9f4feSDoug Rabson.Sh NAME
32c0b9f4feSDoug Rabson.Nm gss_process_context_token
33c0b9f4feSDoug Rabson.Nd Process a token on a security context from a peer application
34c0b9f4feSDoug Rabson.\" This next command is for sections 2 and 3 only.
35c0b9f4feSDoug Rabson.\" .Sh LIBRARY
36c0b9f4feSDoug Rabson.Sh SYNOPSIS
37c0b9f4feSDoug Rabson.In "gssapi/gssapi.h"
38c0b9f4feSDoug Rabson.Ft OM_uint32
39c0b9f4feSDoug Rabson.Fo gss_process_context_token
40c0b9f4feSDoug Rabson.Fa "OM_uint32 *minor_status"
41c0b9f4feSDoug Rabson.Fa "const gss_ctx_id_t context_handle"
42c0b9f4feSDoug Rabson.Fa "const gss_buffer_t token_buffer"
43c0b9f4feSDoug Rabson.Fc
44c0b9f4feSDoug Rabson.Sh DESCRIPTION
45c0b9f4feSDoug RabsonProvides a way to pass an asynchronous token to the security service.
46c0b9f4feSDoug RabsonMost context-level tokens are emitted and processed synchronously by
47c0b9f4feSDoug Rabson.Fn gss_init_sec_context
48c0b9f4feSDoug Rabsonand
49c0b9f4feSDoug Rabson.Fn gss_accept_sec_context ,
50c0b9f4feSDoug Rabsonand the application is informed as to whether further tokens are
51c0b9f4feSDoug Rabsonexpected by the
52c0b9f4feSDoug Rabson.Dv GSS_C_CONTINUE_NEEDED
53c0b9f4feSDoug Rabsonmajor status bit.
54c0b9f4feSDoug RabsonOccasionally,
55c0b9f4feSDoug Rabsona mechanism may need to emit a context-level token at a point when the
56c0b9f4feSDoug Rabsonpeer entity is not expecting a token.
57c0b9f4feSDoug RabsonFor example,
58c0b9f4feSDoug Rabsonthe initiator's final call to
59c0b9f4feSDoug Rabson.Fn gss_init_sec_context
60c0b9f4feSDoug Rabsonmay emit a token and return a status of
61c0b9f4feSDoug Rabson.Dv GSS_S_COMPLETE ,
62c0b9f4feSDoug Rabsonbut the acceptor's call to
63c0b9f4feSDoug Rabson.Fn gss_accept_sec_context
64c0b9f4feSDoug Rabsonmay fail.
65c0b9f4feSDoug RabsonThe acceptor's mechanism may wish to send a token containing an error
66c0b9f4feSDoug Rabsonindication to the initiator,
67c0b9f4feSDoug Rabsonbut the initiator is not expecting a token at this point,
68c0b9f4feSDoug Rabsonbelieving that the context is fully established.
69c0b9f4feSDoug Rabson.Fn gss_process_context_token
70c0b9f4feSDoug Rabsonprovides a way to pass such a token to the mechanism at any time.
71c0b9f4feSDoug Rabson.Sh PARAMETERS
726a557179SJoel Dahl.Bl -tag -width ".It context_handle"
73c0b9f4feSDoug Rabson.It minor_status
74c0b9f4feSDoug RabsonMechanism specific status code.
75c0b9f4feSDoug Rabson.It context_handle
76c0b9f4feSDoug RabsonContext handle of context on which token is to be processed.
77c0b9f4feSDoug Rabson.It token_buffer
78c0b9f4feSDoug RabsonToken to process.
79c0b9f4feSDoug Rabson.El
80c0b9f4feSDoug Rabson.Sh RETURN VALUES
816a557179SJoel Dahl.Bl -tag -width ".It GSS_S_DEFECTIVE_TOKEN"
82c0b9f4feSDoug Rabson.It GSS_S_COMPLETE
83c0b9f4feSDoug RabsonSuccessful completion
84c0b9f4feSDoug Rabson.It GSS_S_DEFECTIVE_TOKEN
85c0b9f4feSDoug RabsonIndicates that consistency checks performed on the token failed
86c0b9f4feSDoug Rabson.It GSS_S_NO_CONTEXT
87c0b9f4feSDoug RabsonThe
88c0b9f4feSDoug Rabson.Fa context_handle
89c0b9f4feSDoug Rabsondid not refer to a valid context
90c0b9f4feSDoug Rabson.El
91c0b9f4feSDoug Rabson.Sh SEE ALSO
92*25e6e9e6SJoel Dahl.Xr gss_accept_sec_context 3 ,
93*25e6e9e6SJoel Dahl.Xr gss_init_sec_context 3
94c0b9f4feSDoug Rabson.Sh STANDARDS
956a557179SJoel Dahl.Bl -tag -width ".It RFC 2743"
96c0b9f4feSDoug Rabson.It RFC 2743
97c0b9f4feSDoug RabsonGeneric Security Service Application Program Interface Version 2, Update 1
98c0b9f4feSDoug Rabson.It RFC 2744
99c0b9f4feSDoug RabsonGeneric Security Service API Version 2 : C-bindings
100c0b9f4feSDoug Rabson.El
101c0b9f4feSDoug Rabson.Sh HISTORY
102c0b9f4feSDoug RabsonThe
103c0b9f4feSDoug Rabson.Nm
104d76ba3efSGavin Atkinsonfunction first appeared in
105c0b9f4feSDoug Rabson.Fx 7.0 .
106c0b9f4feSDoug Rabson.Sh AUTHORS
107c0b9f4feSDoug RabsonJohn Wray, Iris Associates
10860b9f20aSDoug Rabson.Sh COPYRIGHT
10960b9f20aSDoug RabsonCopyright (C) The Internet Society (2000).  All Rights Reserved.
11060b9f20aSDoug Rabson.Pp
11160b9f20aSDoug RabsonThis document and translations of it may be copied and furnished to
11260b9f20aSDoug Rabsonothers, and derivative works that comment on or otherwise explain it
11360b9f20aSDoug Rabsonor assist in its implementation may be prepared, copied, published
11460b9f20aSDoug Rabsonand distributed, in whole or in part, without restriction of any
11560b9f20aSDoug Rabsonkind, provided that the above copyright notice and this paragraph are
11660b9f20aSDoug Rabsonincluded on all such copies and derivative works.  However, this
11760b9f20aSDoug Rabsondocument itself may not be modified in any way, such as by removing
11860b9f20aSDoug Rabsonthe copyright notice or references to the Internet Society or other
11960b9f20aSDoug RabsonInternet organizations, except as needed for the purpose of
12060b9f20aSDoug Rabsondeveloping Internet standards in which case the procedures for
12160b9f20aSDoug Rabsoncopyrights defined in the Internet Standards process must be
12260b9f20aSDoug Rabsonfollowed, or as required to translate it into languages other than
12360b9f20aSDoug RabsonEnglish.
12460b9f20aSDoug Rabson.Pp
12560b9f20aSDoug RabsonThe limited permissions granted above are perpetual and will not be
12660b9f20aSDoug Rabsonrevoked by the Internet Society or its successors or assigns.
12760b9f20aSDoug Rabson.Pp
12860b9f20aSDoug RabsonThis document and the information contained herein is provided on an
12960b9f20aSDoug Rabson"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
13060b9f20aSDoug RabsonTASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
13160b9f20aSDoug RabsonBUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
13260b9f20aSDoug RabsonHEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
13360b9f20aSDoug RabsonMERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
134