gssdce_login_context_to_cred(3sec) — Subroutines
NAME
gssdce_login_context_to_cred — Creates a GSSAPI credential handle for a context initiator or context acceptor from a DCE login context
Synopsis
OM_uint32 gssdce_login_context_to_cred(
OM_uint32 ∗minor_status,
sec_login_handle_t login_context,
OM_uint32 lifetime_req,
OID_set desired_mechs,
cred_id_t ∗output_cred_handle,
OID_set ∗actual_mechs,
OM_uint32 lifetime_rec);
Parameters
Input
login_context
Specifies the DCE login context handle. To use the default login context handle, specify NULL.
lifetime_req
Specifies the number of seconds that the credential should remain valid.
desired_mechs
Specifies the object identifier (OID) set for the security mechanism to use with the credential, as follows:
DCE security
Specify GSS_C_NULL_OID_SET.
KerberosSpecify GSSDCE_C_OID_KRBV5_DES.
Both DCE security and Kerberos
Specify GSSDCE_C_OID_DCE_KRBV5_DES and GSSDCE_C_OID_KRBV5_DES.
To help ensure portability of your application, use the default security mechanism by specifying GSS_C_NULL_OID_SET.
Output
output_cred_handle
Returns the credential handle.
actual_mechs
Returns the set specifying the security mechanisms with which the credential can be used. The set can contain one or both of the following:
•GSSDCE_C_OID_DCE_KRBV5_DES (for DCE security)
•GSSDCE_C_OID_KRBV5_DES (for Kerberos)
lifetime_rec
Returns the number of seconds that the credential will remain valid.
minor_status
Returns a status code from the security mechanism.
Description
The gssdce_login_context_to_cred() routine creates a generic security service application programming interface (GSSAPI) credential handle for the context initiator or context acceptor from a DCE login context. The routine creates a credential that can be used to initiate or acquire a security context. Use this routine if you need to create a GSSAPI credential for delegation.
Status Codes
The following describes a partial list of codes (messages) that might be returned. Refer to the OSF DCE Problem Determination Guide for complete descriptions of all messages. The following status codes can be returned:
GSS_S_COMPLETE
The routine was completed successfully.
GSS_S_DEFECTIVE_CREDENTIAL
The credential is defective in some way.
GSS_S_NO_CRED
The routine requested the default login context, but no default login context was available.
GSS_S_FAILURE
The routine failed. Check the minor_status parameter for details.
Related Information
Functions: gss_acquire_cred(3sec), gssdce_cred_to_login_context(3sec).