3 .\" Copyright (c) 2005 Doug Rabson
4 .\" All rights reserved.
6 .\" Redistribution and use in source and binary forms, with or without
7 .\" modification, are permitted provided that the following conditions
9 .\" 1. Redistributions of source code must retain the above copyright
10 .\" notice, this list of conditions and the following disclaimer.
11 .\" 2. Redistributions in binary form must reproduce the above copyright
12 .\" notice, this list of conditions and the following disclaimer in the
13 .\" documentation and/or other materials provided with the distribution.
15 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 .\" The following commands are required for all man pages.
31 .Dt GSS_INQUIRE_CONTEXT 3 PRM
34 .Nm gss_inquire_context
35 .Nd Obtain information about a security context
36 .\" This next command is for sections 2 and 3 only.
41 .Fo gss_inquire_context
42 .Fa "OM_uint32 *minor_status"
43 .Fa "const gss_ctx_id_t context_handle"
44 .Fa "gss_name_t *src_name"
45 .Fa "gss_name_t *targ_name"
46 .Fa "OM_uint32 *lifetime_rec"
47 .Fa "gss_OID *mech_type"
48 .Fa "OM_uint32 *ctx_flags"
49 .Fa "int *locally_initiated"
53 Obtains information about a security context.
54 The caller must already have obtained a handle that refers to the
56 although the context need not be fully established.
58 .Bl -tag -width ".It locally_initiated"
60 Mechanism specific status code.
62 A handle that refers to the security context.
64 The name of the context initiator.
65 If the context was established using anonymous authentication,
66 and if the application invoking
67 .Fn gss_inquire_context
68 is the context acceptor,
69 an anonymous name will be returned.
70 Storage associated with this name must be freed by the application
71 after use with a call to
72 .Fn gss_release_name .
77 The name of the context acceptor.
78 Storage associated with this name must be freed by the application
79 after use with a call to
80 .Fn gss_release_name .
81 If the context acceptor did not authenticate itself,
82 and if the initiator did not specify a target name in its call to
83 .Fn gss_init_sec_context ,
91 The number of seconds for which the context will remain valid.
92 If the context has expired,
93 this parameter will be set to zero.
94 If the implementation does not support context expiration,
102 The security mechanism providing the context.
103 The returned OID will be a pointer to static storage that should be
104 treated as read-only by the application;
105 in particular the application should not attempt to free it.
110 Contains various independent flags,
111 each of which indicates that the context supports
112 (or is expected to support, if
115 a specific service option.
116 If not needed, specify
118 Symbolic names are provided for each flag,
119 and the symbolic names corresponding to the required flags should be
120 logically-ANDed with the
122 value to test whether a given option is supported by the context.
126 .Bl -tag -width "False"
128 Credentials were delegated from the initiator to the acceptor.
130 No credentials were delegated.
132 .It GSS_C_MUTUAL_FLAG
133 .Bl -tag -width "False"
135 The acceptor was authenticated to the initiator.
137 The acceptor did not authenticate itself.
139 .It GSS_C_REPLAY_FLAG
140 .Bl -tag -width "False"
142 Replay of protected messages will be detected.
144 Replayed messages will not be detected.
146 .It GSS_C_SEQUENCE_FLAG
147 .Bl -tag -width "False"
149 Out-of-sequence protected messages will be detected.
151 Out-of-sequence messages will not be detected.
154 .Bl -tag -width "False"
156 Confidentiality service may be invoked by calling
160 No confidentiality service
165 will provide message encapsulation,
166 data-origin authentication and integrity services only.
169 .Bl -tag -width "False"
171 Integrity service may be invoked by calling either
177 Per-message integrity service unavailable.
180 .Bl -tag -width "False"
182 The initiator's identity will not be revealed to the acceptor.
185 parameter (if requested) contains an anonymous internal name.
187 The initiator has been authenticated normally.
189 .It GSS_C_PROT_READY_FLAG
190 .Bl -tag -width "False"
193 (as specified by the states of the
196 .Dv GSS_C_INTEG_FLAG )
197 are available for use.
200 (as specified by the states of the
203 .Dv GSS_C_INTEG_FLAG )
204 are available only if the context is fully established
207 parameter is non-zero).
210 .Bl -tag -width "False"
212 The security context may be transferred to other processes via a call to
213 .Fn gss_export_sec_context .
215 The security context is not transferable.
218 .It locally_initiated
219 Non-zero if the invoking application is the context initiator.
224 Non-zero if the context is fully established;
225 Zero if a context-establishment token is expected from the peer
232 .Bl -tag -width ".It GSS_S_NO_CONTEXT"
234 Successful completion
236 The referenced context could not be accessed
239 .Xr gss_export_sec_context 3 ,
241 .Xr gss_init_sec_context 3 ,
242 .Xr gss_release_name 3 ,
245 .Bl -tag -width ".It RFC 2743"
247 Generic Security Service Application Program Interface Version 2, Update 1
249 Generic Security Service API Version 2 : C-bindings
254 function first appeared in
257 John Wray, Iris Associates
259 Copyright (C) The Internet Society (2000). All Rights Reserved.
261 This document and translations of it may be copied and furnished to
262 others, and derivative works that comment on or otherwise explain it
263 or assist in its implementation may be prepared, copied, published
264 and distributed, in whole or in part, without restriction of any
265 kind, provided that the above copyright notice and this paragraph are
266 included on all such copies and derivative works. However, this
267 document itself may not be modified in any way, such as by removing
268 the copyright notice or references to the Internet Society or other
269 Internet organizations, except as needed for the purpose of
270 developing Internet standards in which case the procedures for
271 copyrights defined in the Internet Standards process must be
272 followed, or as required to translate it into languages other than
275 The limited permissions granted above are perpetual and will not be
276 revoked by the Internet Society or its successors or assigns.
278 This document and the information contained herein is provided on an
279 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
280 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
281 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
282 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
283 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.