Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ sec_key_mgmt_garbage_collect(3sec) — DCE 3.1

Media Vault

Software Library

Restoration Projects

Artifacts Sought

sec_key_mgmt_garbage_collect(3sec)  —  Subroutines

NAME

sec_key_mgmt_garbage_collect — Deletes obsolete keys

Synopsis

void sec_key_mgmt_garbage_collect(
sec_key_mgmt_authn_service authn_service,
void ∗arg,
idl_char ∗principal_name,
error_status_t ∗status);

Parameters

Input

authn_service
Identifies the authentication protocol using this key.  The possible authentication protocols are as follows:

rpc_c_authn_dce_secret
DCE shared-secret key authentication.

rpc_c_authn_dce_public
DCE public key authentication (reserved for future use).

argThis parameter can specify either the local key file or an argument to the get_key_fn key acquisition routine of the rpc_server_register_auth_info routine. 

A value of NULL specifies that the default key file (/krb/v5srvtab) should be used.  A key filename specifies that file should be used as the key file.  You must prepend the file’s absolute filename with FILE: and the file must have been created with the rgy_edit ktadd command or the sec_key_mgmt_set_key routine. 

Any other value specifies an argument for the get_key_fn key acquisition routine.  See the rpc_server_register_auth_info() reference page for more information. 

principal_name
A pointer to a character string indicating the name of the principal whose key information is to be garbage collected.

Output

statusA pointer to the completion status.  On successful completion, the routine returns error_status_ok.  Otherwise, it returns an error. 

Description

The sec_key_mgmt_garbage_collect() routine discards any obsolete key information for this principal.  An obsolete key is one that can only decode invalid tickets.  As an example, consider a key that was in use on Monday, and was only used to encode tickets whose maximum lifetime was 1 day.  If that key was changed at 8:00 a.m.  Tuesday morning, then it would become obsolete by 8:00 a.m.  Wednesday morning, at which time there could be no valid tickets outstanding. 

Files

/usr/include/dce/keymgmt.idl
The idl file from which dce/keymgmt.h was derived. 

Errors

The following describes a partial list of errors that might be returned.  Refer to the OSF DCE Problem Determination Guide for complete descriptions of all error messages. 

sec_key_mgmt_e_authn_invalid
The authentication protocol is not valid.

sec_key_mgmt_e_unauthorized
The caller is not authorized to perform the operation.

sec_key_mgmt_e_key_unavailable
Requested key not present.

sec_rgy_server_unavailable
The DCE registry server is unavailable.

sec_rgy_object_not_found
No principal was found with the given name.

sec_login_s_no_memory
A memory allocation error occurred.

error_status_ok
The call was successful.

Related Information

Functions: sec_intro(3sec), sec_key_mgmt_delete_key(3sec). 

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026