RPC_GSS_SECCREATE
Section: C Library Functions (3)
Page Index
BSD mandoc
NAME
rpc_gss_seccreate
- create a security context using the RPCSEC_GSS protocol
SYNOPSIS
In rpc/rpcsec_gss.h
Ft AUTH *
Fo rpc_gss_seccreate
Fa CLIENT *clnt
Fa const char *principal
Fa const char *mechanism
Fa rpc_gss_service_t service
Fa const char *qop
Fa rpc_gss_options_req_t *options_req
Fa rpc_gss_options_ret_t *options_ret
Fc
DESCRIPTION
This function is used to establish a security context between an
application and a remote peer using the RPSEC_GSS protocol.
PARAMETERS
- clnt
-
An RPC handle which is connected to the remote peer
- principal
-
The name of the service principal on the remote peer.
For instance, a principal such as
Qq nfs@server.example.com
might be used by an application which needs to contact an NFS server
- mechanism
-
The name of the GSS_API mechanism to use for the new security context.
"kerberos_v5" is currently the only supported mechanism.
- service
-
Type of service requested.
- rpc_gss_svc_default
-
The default - typically the same as
rpc_gss_svc_none
- rpc_gss_svc_none
-
RPC headers only are integrity protected by a checksum.
- rpc_gss_svc_integrity
-
RPC headers and data are integrity protected by a checksum.
- rpc_gss_svc_privacy
-
RPC headers are integrity protected by a checksum and data is encrypted.
- qop
-
The name of the Quality of Protection to use for the new security context,
or NULL to use the default QOP.
"GSS_C_QOP_DEFAULT" is currently the only supported QOP.
- options_req
-
Extra security context options to be passed to the underlying GSS-API
mechanism.
Pass
NULL
to supply default values.
- options_ret
-
Various values returned by the underlying GSS-API mechanism.
Pass
NULL
if these values are not required.
RETURN VALUES
If the security context was created successfully, a pointer to an
Vt AUTH
structure that represents the context is returned.
To use this security context for subsequent RPC calls, set
clnt->cl_auth
to this value.
AVAILABILITY
The
Fn rpc_gss_seccreate
function is part of libtirpc.
SEE ALSO
rpc(3),
gssapi(3),
mech(5),
qop(5),
rpcsec_gss3
AUTHORS
This
manual page was written by
An Doug Rabson Aq
dfr@FreeBSD.org .