xref: /illumos-gate/usr/src/man/man3gss/gss_inquire_cred_by_mech.3gss (revision d0b12b660e0741581d18f1f3a7d5268e0a5f1806)
te
Copyright (c) 2007, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
GSS_INQUIRE_CRED_BY_MECH 3GSS "Aug 15, 2007"
NAME
gss_inquire_cred_by_mech - obtain per-mechanism information about a credential
SYNOPSIS

cc [ flag... ] file... -lgss [ library... ]
#include <gssapi/gssapi.h>

OM_uint32 gss_inquire_cred_by_mech(OM_uint32 *minor_status,
 const gss_cred_id_t cred_handle,const gss_OID mech_type,
 gss_name_t *name, OM_uint32 *initiator_lifetime,
 OM_uint32 *acceptor_lifetime, gss_cred_usage_t *cred_usage);
PARAMETERS
acceptor_lifetime

The number of seconds that the credential is capable of accepting security contexts under the specified mechanism. If the credential can no longer be used to accept contexts, or if the credential usage for this mechanism is GSS_C_INITIATE, this parameter will be set to 0. Specify NULL if this parameter is not required.

cred_handle

A handle that refers to the target credential. Specify GSS_C_NO_CREDENTIAL to inquire about the default initiator principal.

cred_usage

How the credential may be used with the specified mechanism. The cred_usage parameter may contain one of the following values: GSS_C_INITIATE, GSS_C_ACCEPT, or GSS_C_BOTH. Specify NULL if this parameter is not required.

initiator_lifetime

The number of seconds that the credential is capable of initiating security contexts under the specified mechanism. If the credential can no longer be used to initiate contexts, or if the credential usage for this mechanism is GSS_C_ACCEPT, this parameter will be set to 0. Specify NULL if this parameter is not required.

mech_type

The mechanism for which the information should be returned.

minor_status

A mechanism specific status code.

name

The name whose identity the credential asserts. Any storage associated with this name must be freed by the application after use by a call to gss_release_name(3GSS).

DESCRIPTION

The gss_inquire_cred_by_mech() function obtains per-mechanism information about a credential.

ERRORS

The gss_inquire_cred_by_mech() function can return the following status codes: GSS_S_COMPLETE

Successful completion.

GSS_S_CREDENTIALS_EXPIRED

The credentials cannot be added because they have expired.

GSS_S_DEFECTIVE_CREDENTIAL

The referenced credentials are invalid.

GSS_S_FAILURE

The underlying mechanism detected an error for which no specific GSS status code is defined. The mechanism-specific status code reported by means of the minor_status parameter details the error condition.

GSS_S_NO_CRED

The referenced credentials cannot be accessed.

GSS_S_UNAVAILABLE

The gss_inquire_cred_by_mech() function is not available for the specified mechanism type.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
MT-Level Safe
SEE ALSO

gss_release_name(3GSS), attributes(5)

Solaris Security for Developers Guide