svcadm(8)을 검색하려면 섹션에서 8 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
rpc_gss_seccreate(3c)
Standard C Library Functions rpc_gss_seccreate(3C)
NAME
rpc_gss_seccreate - create a security context using the RPCSEC_GSS pro‐
tocol
SYNOPSIS
#include <rpc/rpcsec_gss.h>
AUTH *rpc_gss_seccreate(CLIENT *clnt, char *principal, char *mechanism,
rpc_gss_service_t service_type, char *qop,
rpc_gss_options_req_t *options_req,
rpc_gss_options_ret_t *options_ret);
DESCRIPTION
rpc_gss_seccreate() is used by an application to create a security con‐
text using the RPCSEC_GSS protocol, making use of the underlying GSS-
API network layer. rpc_gss_seccreate() allows an application to specify
the type of security mechanism (for example, Kerberos v5), the type of
service (for example, integrity checking), and the Quality of Protec‐
tion (QOP) desired for transferring data.
PARAMETERS
Information on RPCSEC_GSS data types for parameters may be found on the
rpcsec_gss(3C) man page.
clnt This is the RPC client handle. clnt may be obtained,
for example, from clnt_create().
principal This is the identity of the server principal, specified
in the form service@host, where service is the name of
the service the client wishes to access and host is the
fully qualified name of the host where the service
resides, for example, nfs@mymachine.eng.example.com.
mechanism This is an ASCII string which indicates which security
mechanism to use with this data. Appropriate mechanisms
may be found in the file /etc/gss/mech; additionally,
rpc_gss_get_mechanisms() returns a list of supported
security mechanisms (as null-terminated strings).
service_type This sets the initial type of service for the session —
privacy, integrity, authentication, or none.
qop This is an ASCII string which sets the quality of pro‐
tection (QOP) for the session. Appropriate values for
this string may be found in the file /etc/gss/qop.
Additionally, supported QOPs are returned (as null-ter‐
minated strings) by rpc_gss_get_mech_info().
options_req This structure contains options which are passed
directly to the underlying GSS_API layer. If the caller
specifies NULL for this parameter, defaults are used.
(See NOTES, below.)
options_ret These GSS-API options are returned to the caller. If
the caller does not need to see these options, then it
may specify NULL for this parameter. (See NOTES,
below.)
RETURN VALUES
rpc_gss_seccreate() returns a security context handle (an RPC authenti‐
cation handle) of type AUTH. If rpc_gss_seccreate() cannot return suc‐
cessfully, the application can get an error number by calling
rpc_gss_get_error().
FILES
/etc/gss/mech File containing valid security mechanisms
/etc/gss/qop File containing valid QOP values.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Availabilitysystem/library/security/rpcsec _ MT-Lev‐
elMT-Safe
SEE ALSO
auth_destroy(3C), rpc(3C), rpc_gss_get_error(3C), rpc_gss_get_mecha‐
nisms(3C), rpcsec_gss(3C), mech(5), qop(5), attributes(7)
ONC+ RPC Developer's Guide
Linn, J. RFC 2743, Generic Security Service Application Program Inter‐
face Version 2, Update 1. Network Working Group. January 2000.
NOTES
Contexts may be destroyed normally, with auth_destroy(). See
auth_destroy(3C).
Oracle Solaris 11.4 4 Dec 2019 rpc_gss_seccreate(3C)