gssapi - Online Linux Manual PageSection : 3
Updated : Tue Nov 15 2022
Source : Version 7.8.0
Note : Heimdal GSS-API library

NAMEgssapi − Heimdal GSS-API functions

SYNOPSIS

FunctionsGSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member (OM_uint32 *minor_status, const gss_OID member_oid, gss_OID_set *oid_set)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int *conf_state, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unwrap_iov (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int *conf_state, gss_qop_t *qop_state, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov_length (OM_uint32 *minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int *conf_state, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_iov_buffer (OM_uint32 *minor_status, gss_iov_buffer_desc *iov, int iov_count)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_canonicalize_name (OM_uint32 *minor_status, gss_const_name_t input_name, const gss_OID mech_type, gss_name_t *output_name)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_status (OM_uint32 *minor_status, OM_uint32 status_value, int status_type, const gss_OID mech_type, OM_uint32 *message_context, gss_buffer_t status_string)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_name (OM_uint32 *minor_status, gss_const_name_t input_name, gss_buffer_t exported_name)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_name (OM_uint32 *minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, gss_name_t *output_name)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_init_sec_context (OM_uint32 *minor_status, gss_const_cred_id_t initiator_cred_handle, gss_ctx_id_t *context_handle, gss_const_name_t target_name, const gss_OID input_mech_type, OM_uint32 req_flags, OM_uint32 time_req, const gss_channel_bindings_t input_chan_bindings, const gss_buffer_t input_token, gss_OID *actual_mech_type, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_saslname_for_mech (OM_uint32 *minor_status, const gss_OID desired_mech, gss_buffer_t sasl_mech_name, gss_buffer_t mech_name, gss_buffer_t mech_description)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_attrs_for_mech (OM_uint32 *minor_status, gss_const_OID mech, gss_OID_set *mech_attr, gss_OID_set *known_mech_attrs)
GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL gss_oid_equal (gss_const_OID a, gss_const_OID b)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred (OM_uint32 *minor_status, gss_cred_id_t *cred_handle)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_name (OM_uint32 *minor_status, gss_name_t *input_name)
GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap (OM_uint32 *minor_status, gss_const_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int *conf_state, gss_buffer_t output_message_buffer)

Variablesgss_OID_desc GSSAPI_LIB_FUNCTION __gss_c_attr_stream_sizes_oid_desc

Detailed Description

Function Documentation

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_add_oid_set_member (OM_uint32 * minor_status, const gss_OID member_oid, gss_OID_set * oid_set)Add a oid to the oid set, function does not make a copy of the oid, so the pointer to member_oid needs to be stable for the whole time oid_set is used​. If there is a duplicate member of the oid, the new member is not added to to the set​. Parameters minor_status minor status code​.
member_oid member to add to the oid set
oid_set oid set to add the member too
Returns a gss_error code, see gss_display_status() about printing the error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_canonicalize_name (OM_uint32 * minor_status, gss_const_name_t input_name, const gss_OID mech_type, gss_name_t * output_name)gss_canonicalize_name takes a Internal Name (IN) and converts in into a mechanism specific Mechanism Name (MN)​. The input name may multiple name, or generic name types​. If the input_name if of the GSS_C_NT_USER_NAME, and the Kerberos mechanism is specified, the resulting MN type is a GSS_KRB5_NT_PRINCIPAL_NAME​. For more information about Internal names and mechanism names​. Parameters minor_status minor status code​.
input_name name to covert, unchanged by gss_canonicalize_name()​.
mech_type the type to convert Name too​.
output_name the resulting type, release with gss_release_name(), independent of input_name​.
Returns a gss_error code, see gss_display_status() about printing the error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_display_status (OM_uint32 * minor_status, OM_uint32 status_value, int status_type, const gss_OID mech_type, OM_uint32 * message_context, gss_buffer_t status_string)Convert a GSS-API status code to text Parameters minor_status minor status code
status_value status value to convert
status_type One of: GSS_C_GSS_CODE - status_value is a GSS status code, GSS_C_MECH_CODE - status_value is a mechanism status code
mech_type underlying mechanism​. Use GSS_C_NO_OID to obtain the system default​.
message_context state information to extract further messages from the status_value
status_string the allocated text representation​. Release with gss_release_buffer()
Returns a gss_error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_export_name (OM_uint32 * minor_status, gss_const_name_t input_name, gss_buffer_t exported_name)Convert a GGS-API name from internal form to contiguous string​. See also gss_import_name(), Internal names and mechanism names​. Parameters minor_status minor status code
input_name input name in internal name form
exported_name output name in contiguos string form
Returns a gss_error code, see gss_display_status() about printing the error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_import_name (OM_uint32 * minor_status, const gss_buffer_t input_name_buffer, const gss_OID input_name_type, gss_name_t * output_name)Convert a GGS-API name from contiguous string to internal form​. Type of name and their format: • GSS_C_NO_OID • GSS_C_NT_USER_NAME • GSS_C_NT_HOSTBASED_SERVICE • GSS_C_NT_EXPORT_NAME • GSS_C_NT_ANONYMOUS • GSS_KRB5_NT_PRINCIPAL_NAME See also gss_export_name(), Internal names and mechanism names​. Parameters minor_status minor status code
input_name_buffer import name buffer
input_name_type type of the import name buffer
output_name the resulting type, release with gss_release_name(), independent of input_name
Returns a gss_error code, see gss_display_status() about printing the error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_init_sec_context (OM_uint32 * minor_status, gss_const_cred_id_t initiator_cred_handle, gss_ctx_id_t * context_handle, gss_const_name_t target_name, const gss_OID input_mech_type, OM_uint32 req_flags, OM_uint32 time_req, const gss_channel_bindings_t input_chan_bindings, const gss_buffer_t input_token, gss_OID * actual_mech_type, gss_buffer_t output_token, OM_uint32 * ret_flags, OM_uint32 * time_rec)As the initiator build a context with an acceptor​. Returns in the major • GSS_S_COMPLETE - if the context if build • GSS_S_CONTINUE_NEEDED - if the caller needs to continue another round of gss_i nit_sec_context • error code - any other error code Parameters minor_status minor status code​.
initiator_cred_handle the credential to use when building the context, if GSS_C_NO_CREDENTIAL is passed, the default credential for the mechanism will be used​.
context_handle a pointer to a context handle, will be returned as long as there is not an error​.
target_name the target name of acceptor, created using gss_import_name()​. The name is can be of any name types the mechanism supports, check supported name types with gss_inquire_names_for_mech()​.
input_mech_type mechanism type to use, if GSS_C_NO_OID is used, Kerberos (GSS_KRB5_MECHANISM) will be tried​. Other available mechanism are listed in the GSS-API mechanisms section​.
req_flags flags using when building the context, see Context creation flags
time_req time requested this context should be valid in seconds, common used value is GSS_C_INDEFINITE
input_chan_bindings Channel bindings used, if not exepected otherwise, used GSS_C_NO_CHANNEL_BINDINGS
input_token input token sent from the acceptor, for the initial packet the buffer of { NULL, 0 } should be used​.
actual_mech_type the actual mech used, MUST NOT be freed since it pointing to static memory​.
output_token if there is an output token, regardless of complete, continue_needed, or error it should be sent to the acceptor
ret_flags return what flags was negotitated, caller should check if they are accetable​. For example, if GSS_C_MUTUAL_FLAG was negotiated with the acceptor or not​.
time_rec amount of time this context is valid for
Returns a gss_error code, see gss_display_status() about printing the error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_attrs_for_mech (OM_uint32 * minor_status, gss_const_OID mech, gss_OID_set * mech_attr, gss_OID_set * known_mech_attrs)List support attributes for a mech and/or all mechanisms​. Parameters minor_status minor status code
mech given together with mech_attr will return the list of attributes for mechanism, can optionally be GSS_C_NO_OID​.
mech_attr see mech parameter, can optionally be NULL, release with gss_release_oid_set()​.
known_mech_attrs all attributes for mechanisms supported, release with gss_release_oid_set()​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_inquire_saslname_for_mech (OM_uint32 * minor_status, const gss_OID desired_mech, gss_buffer_t sasl_mech_name, gss_buffer_t mech_name, gss_buffer_t mech_description)Returns different protocol names and description of the mechanism​. Parameters minor_status minor status code
desired_mech mech list query
sasl_mech_name SASL GS2 protocol name
mech_name gssapi protocol name
mech_description description of gssapi mech
Returns returns GSS_S_COMPLETE or a error code​.

GSSAPI_LIB_FUNCTION int GSSAPI_LIB_CALL gss_oid_equal (gss_const_OID a, gss_const_OID b)Compare two GSS-API OIDs with each other​. GSS_C_NO_OID matches nothing, not even it-self​. Parameters a first oid to compare
b second oid to compare
Returns non-zero when both oid are the same OID, zero when they are not the same​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_cred (OM_uint32 * minor_status, gss_cred_id_t * cred_handle)Release a credentials Its ok to release the GSS_C_NO_CREDENTIAL/NULL credential, it will return a GSS_S_COMPLETE error code​. On return cred_handle is set ot GSS_C_NO_CREDENTIAL​. Example: gss_cred_id_t cred = GSS_C_NO_CREDENTIAL; major = gss_release_cred(&minor, &cred);Parameters minor_status minor status return code, mech specific
cred_handle a pointer to the credential too release
Returns an gssapi error code

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_iov_buffer (OM_uint32 * minor_status, gss_iov_buffer_desc * iov, int iov_count)Free all buffer allocated by gss_wrap_iov() or gss_unwrap_iov() by looking at the GSS_IOV_BUFFER_FLAG_ALLOCATED flag​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_release_name (OM_uint32 * minor_status, gss_name_t * input_name)Free a name import_name can point to NULL or be NULL, or a pointer to a gss_name_t structure​. If it was a pointer to gss_name_t, the pointer will be set to NULL on success and failure​. Parameters minor_status minor status code
input_name name to free
Returns a gss_error code, see gss_display_status() about printing the error code​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_unwrap_iov (OM_uint32 * minor_status, gss_ctx_id_t context_handle, int * conf_state, gss_qop_t * qop_state, gss_iov_buffer_desc * iov, int iov_count)Decrypt or verifies the signature on the data​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap (OM_uint32 * minor_status, gss_const_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, const gss_buffer_t input_message_buffer, int * conf_state, gss_buffer_t output_message_buffer)Wrap a message using either confidentiality (encryption + signature) or sealing (signature)​. Parameters minor_status minor status code​.
context_handle context handle​.
conf_req_flag if non zero, confidentiality is requestd​.
qop_req type of protection needed, in most cases it GSS_C_QOP_DEFAULT should be passed in​.
input_message_buffer messages to wrap
conf_state returns non zero if confidentiality was honoured​.
output_message_buffer the resulting buffer, release with gss_release_buffer()​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov (OM_uint32 * minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int * conf_state, gss_iov_buffer_desc * iov, int iov_count)Encrypts or sign the data​. This is a more complicated version of gss_wrap(), it allows the caller to use AEAD data (signed header/trailer) and allow greater controll over where the encrypted data is placed​. The maximum packet size is gss_context_stream_sizes​.max_msg_size​. The caller needs provide the folloing buffers when using in conf_req_flag=1 mode: • HEADER (of size gss_context_stream_sizes​.header) { DATA or SIGN_ONLY } (optional, zero or more) PADDING (of size gss_context_stream_sizes​.blocksize, if zero padding is zero, can be omitted) TRAILER (of size gss_context_stream_sizes​.trailer) • on DCE-RPC mode, the caller can skip PADDING and TRAILER if the DATA elements is padded to a block bountry and header is of at least size gss_context_stream_sizes​.header + gss_context_stream_sizes​.trailer​. HEADER, PADDING, TRAILER will be shrunken to the size required to transmit any of them too large​. To generate gss_wrap() compatible packets, use: HEADER | DATA | PADDING | TRAILER When used in conf_req_flag=0, • HEADER (of size gss_context_stream_sizes​.header) { DATA or SIGN_ONLY } (optional, zero or more) PADDING (of size gss_context_stream_sizes​.blocksize, if zero padding is zero, can be omitted) TRAILER (of size gss_context_stream_sizes​.trailer) The input sizes of HEADER, PADDING and TRAILER can be fetched using gss_wrap_iov_length() or gss_context_query_attributes()​.

GSSAPI_LIB_FUNCTION OM_uint32 GSSAPI_LIB_CALL gss_wrap_iov_length (OM_uint32 * minor_status, gss_ctx_id_t context_handle, int conf_req_flag, gss_qop_t qop_req, int * conf_state, gss_iov_buffer_desc * iov, int iov_count)Update the length fields in iov buffer for the types: • GSS_IOV_BUFFER_TYPE_HEADER • GSS_IOV_BUFFER_TYPE_PADDING • GSS_IOV_BUFFER_TYPE_TRAILER Consider using gss_context_query_attributes() to fetch the data instead​.

Variable Documentation

gss_OID_desc GSSAPI_LIB_FUNCTION __gss_c_attr_stream_sizes_oid_descInitial value: = {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03")}Query the context for parameters​. SSPI equivalent if this function is QueryContextAttributes​. • GSS_C_ATTR_STREAM_SIZES data is a gss_context_stream_sizes​.

AuthorGenerated automatically by Doxygen for Heimdal GSS-API library from the source code​.
0
Johanes Gumabo
Data Size   :   56,952 byte
man-gss_wrap_iov.3Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   3 / 182,144
Visitor ID   :     :  
Visitor IP   :   3.17.165.235   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.

ERROR : Need New Coding :         (rof_escape_sequence|91|gssapi.3|422|\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03")}| {10, rk_UNCONST("\x2a\x86\x48\x86\xf7\x12\x01\x02\x01\x03")} )