Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   20441 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

rpc_gss_seccreate(3NSNetworking Services Library Functirpc_gss_seccreate(3NSL)

NAME
       rpc_gss_seccreate - create a security context using the RPCSEC_GSS pro‐
       tocol

SYNOPSIS
       #include <rpc/rpcsec_gss.h>

       AUTH  *rpc_gss_seccreate(CLIENT *clnt, char *principal, char *mechanism,
	    rpc_gss_service_t service_type, char *qop,
	    rpc_gss_options_req_t *options_req,
	    rpc_gss_options_ret_t *options_ret);

DESCRIPTION
       rpc_gss_seccreate() is used by an appliction to create a security  con‐
       text  using  the RPCSEC_GSS protocol, making use of the underlying GSS-
       API network layer.   rpc_gss_seccreate() allows an application to spec‐
       ify the type of security mechanism (for example, Kerberos v5), the type
       of service (for example, integrity checking), and the Quality  of  Pro‐
       tection (QOP) desired for transferring data.

PARAMETERS
       Information  on	 RPCSEC_GSS  data types for parameters may be found on
       the rpcsec_gss(3NSL) man page.

       clnt	       This is the RPC client handle. clnt  may	 be  obtained,
		       for example, from clnt_create().

       principal       This is the identity of the server principal, specified
		       in the form  service@host, where service is the name of
		       the service the client wishes to access and host is the
		       fully qualified name of	the  host  where  the  service
		       resides — for example, nfs@mymachine.eng.company.com.

       mechanism       This  is an ASCII string which indicates which security
		       mechanism to use with this  data.   Appropriate	mecha‐
		       nisms may be found in the file /etc/gss/mech; addition‐
		       ally, rpc_gss_get_mechanisms() returns a list  of  sup‐
		       ported	 security   mechanisms	 (as   null-terminated
		       strings).

       service_type    This sets the initial type of service for the session —
		       privacy, integrity, authentication, or none.

       qop	       This  is an ASCII string which sets the quality of pro‐
		       tection (QOP) for the session. Appropriate  values  for
		       this  string  may  be  found  in the file /etc/gss/qop.
		       Additionally, supported QOPs are returned (as null-ter‐
		       minated strings) by rpc_gss_get_mech_info().

       options_req     This   structure	 contains  options  which  are	passed
		       directly to the underlying GSS_API layer.  If the call‐
		       er  specifies  NULL  for	 this  parameter, defaults are
		       used. (See  NOTES, below.)

       options_ret     These GSS-API options are returned to  the  caller.  If
		       the  caller does not need to see these options, then it
		       may  specify  NULL  for	this  parameter.  (See	NOTES,
		       below.)

RETURN VALUES
       rpc_gss_seccreate() returns a security context handle (an RPC authenti‐
       cation handle) of type AUTH. If rpc_gss_seccreate() cannot return  suc‐
       cessfully,   the	 application  can  get	an  error  number  by  calling
       rpc_gss_get_error().

FILES
       /etc/gss/mech	File containing valid security mechanisms

       /etc/gss/qop	File containing valid QOP values.

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────────────────┐
       │      ATTRIBUTE TYPE	     │		  ATTRIBUTE VALUE	       │
       ├─────────────────────────────┼─────────────────────────────────────────┤
       │MT-Level		     │MT-Safe				       │
       ├─────────────────────────────┼─────────────────────────────────────────┤
       │Availability		     │system/library/security/rpcsec (32-bits) │
       ├─────────────────────────────┼─────────────────────────────────────────┤
       │			     │SUNWrsgx (64-bits)		       │
       └─────────────────────────────┴─────────────────────────────────────────┘

SEE ALSO
       auth_destroy(3NSL),	   rpc(3NSL),	      rpc_gss_get_error(3NSL),
       rpc_gss_get_mechanisms(3NSL),	rpcsec_gss(3NSL),   mech(4),   qop(4),
       attributes(5)

       ONC+ Developer's Guide

       Linn, J. RFC 2743, Generic Security Service Application Program	Inter‐
       face Version 2, Update 1. Network Working Group. January 2000.

NOTES
       Contexts	  may	be   destroyed	normally,  with	  auth_destroy().  See
       auth_destroy(3NSL)

SunOS 5.11			  29 Jun 2001	       rpc_gss_seccreate(3NSL)

Vote for polarhome