NAME
gss_export_sec_context() — transfer a security context to another process on a single machine
SYNOPSIS
#include <gssapi.h>
- OM_uint32 gss_export_sec_context (
OM_uint32 *minor_status,
gss_ctx_id_t *context_handle,
gss_buffer_t interprocess_token)
DESCRIPTION
The
gss_export_sec_context()
deactivates the security context
for the calling process and creates an interprocess token which,
when passed to
gss_import_sec_context()
in another process, will
re-activate the context in the second process.
Only a single instantiation of a given context may be active at
any one time; a subsequent attempt by a context exporter to access
the exported security context will fail.
gss_ctx_id_t
is created
such that it is functionally identical to the original context.
If creation of the interprocess token is successful, the
implementation shall deallocate all process-wide resources
associated with the security context, and set the
context_handle
to
GSS_C_NO_CONTEXT.
The ability to transfer a security
context is indicated when the context is created, by
gss_init_sec_context()
or
gss_accept_sec_context()
setting the
GSS_C_TRANS_FLAG
bit in their
ret_flags
parameter.
Input Parameters
- context_handle
Specifies the context handle identifying the context to transfer.
- interprocess_token
Specifies the token to be transferred to target process.
Output Parameters
- minor_status
Returns a status code from the security mechanism.
STATUS CODES
The following status codes can be returned:
- GSS_S_COMPLETE
The routine was completed successfully.
- GSS_S_CONTEXT_EXPIRED
The context has expired
- GSS_S_NO_CONTEXT
The supplied context handle did not refer to a valid context.
- GSS_S_UNAVAILABLE
The operation is not supported.
AUTHOR
gss_export_sec_context()
was developed by Sun Microsystems, Inc.
SEE ALSO
gss_import_sec_context(3).
The manpages for DCE-GSSAPI are included with the DCE-CoreTools product.
To see those manpages add
/opt/dce/share/man
to
MANPATH.