Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ gssdce_set_cred_context_ownership(3sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

gssdce_set_cred_context_ownership(3sec)  —  Subroutines

NAME

gssdce_set_cred_context_ownership — Changes the ownership of a DCE credential’s login context

Synopsis

OM_uint32  gssdce_set_cred_context_ownership(
OM_uint32 ∗minor_status,
gss_cred_id_t credential_handle,
int ownership);

Parameters

Input

credential_handle
Specifies the handle of the DCE credential to be modified.

ownershipSpecifies the owner of the DCE credential.  Specify one of the following:

GSSDCE_C_OWNWERSHIP_GSSAPI
Specifies that the credential’s login context is owned by the generic security service application programming interface (GSSAPI).

GSSDCE_C_OWNERSHIP_APPLICATION
Specifies that the credential’s login context is owned by the application.

Output

minor_status
Returns a status code from the security mechanism.

Description

The gssdce_set_cred_context_ownership() routine modifies the ownership of a DCE credential’s login context. INIT type and BOTH type credentials have DCE login contexts.  Normally, these internal login contexts are deleted when the credential is released (when the application calls the gss_release_cred() routine).  However, for credentials created by the gssdce_cred_to_login_context() and credentials passsed to the gsscdce_cred_to_login_context()routine, the application may have an external reference to the credential’s login context and may still be using the login context.  The GSSAPI will not delete internal login contexts of these credentials when they are released. 

This routine allows the application to modify the ownership of a credential’s login context.  If ownership is changed to  GSSDCE_C_OWNERSHIP_GSSAPI, the login context is deleted when GSSAPI releases the credential.  If ownership is changed to GSSDCE_C_OWNERSHIP_APPLICATION, the application is responsible for deleting the login context.  DCE credential login contexts that are owned by an application must not be deleted until the credential is released since the GSSAPI may still need to access the credential’s login context. 

Related Information

Functions: gss_acquire_cred(3sec), gss_release_buffer(3sec), gssdce_cred_to_login_context(3sec). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026