Generated from ./../../../tcl/swig/gssapi.i with ROBODoc v4.99.6 on Mon Jun 05 10:37:52 2006

TABLE OF CONTENTS


[Functions] gssapi/gss_accept_delegation

[top][index]

NAME

gss_accept_delegation

SYNOPSIS

package require gssapi

gss_accept_delegation context_handle extension_oids extension_buffers input_token req_flags time_req delegated_cred_handle mech_type output_token

DESCRIPTION

The gss_accept_delegation command

RETURN VALUE

On success gss_accept_delegation returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_accept_delegation ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_init_delegation


[Functions] gssapi/gss_accept_sec_context

[top][index]

NAME

gss_accept_sec_context

SYNOPSIS

package require gssapi

gss_accept_sec_context context_handle acceptor_cred_handle input_token input_chan_bindings src_name mech_type output_token delegated_cred_handle

DESCRIPTION

The gss_accept_sec_context command accepts a security context created by the context initiator.

RETURN VALUE

On success gss_accept_sec_context returns major-status code, minor_status code, a bit mask containing independent flags representing services that have been requested by the initiating application and the number of seconds remaining before the context is no longer valid. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_accept_sec_context $accept_context $gss_c_no_credential $send_tok $gss_c_no_channel_bindings $source_name $mech_type $recv_tok $gss_c_no_credential ] maj_stat min_stat ret_flags time_rec

BUGS

None

TODO

None

SEE ALSO

gss_init_sec_context, gss_delete_sec_context


[Functions] gssapi/gss_acquire_cred

[top][index]

NAME

gss_acquire_cred

SYNOPSIS

package require gssapi

gss_acquire_cred desired_name time_req desired_mechs cred_usage output_cred_handle actual_mechs

DESCRIPTION

The gss_acquire_cred command allows an application to acquire a GSS credential. The application can then use the credential with the gss_init_sec_context and gss_accept_sec_context commands.

RETURN VALUE

On success gss_acquire_cred returns major-status code, minor_status code and actual number of seconds for which the returned credentials will remain valid. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_acquire_cred NULL $GSS_C_INDEFINITE $gss_c_no_oid_set $GSS_C_BOTH $cred_handle NULL ] maj_stat min_stat time_rec

BUGS

None

TODO

None

SEE ALSO

gss_release_cred, gss_inquire_cred, gss_init_sec_context, gss_accept_sec_context


[Functions] gssapi/gss_add_buffer_set_member

[top][index]

NAME

gss_add_buffer_set_member

SYNOPSIS

package require gssapi

gss_add_buffer_set_member member_buffer buffer_set

DESCRIPTION

The gss_add_buffer_set_member command adds a buffer to a buffer set.

RETURN VALUE

On success gss_add_buffer_set_member returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_add_buffer_set_member $member_buffer $buffer_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_create_empty_buffer_set, gss_release_buffer_set


[Functions] gssapi/gss_add_cred

[top][index]

NAME

gss_add_cred

SYNOPSIS

package require gssapi

gss_add_cred input_cred_handle desired_name mech_type cred_usage init_time_req accept_time_req output_cred_handle actual_mechs

DESCRIPTION

The gss_add_cred command adds a credential element to an existing GSS credential. The credential must not already contain an element for the mechanism. A GSS credential must contain an element for each mechanism that will be used for contexts that are initiated or accepted using the credential.

RETURN VALUE

On success gss_add_cred returns major-status code, minor_status code, the initiate expiration time in seconds and the accept expiration time in seconds. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_add_cred $input_cred_handle $desired_name $gss_c_null_oid $GSS_C_BOTH $GSS_C_INDEFINITE $GSS_C_INDEFINITE $output_cred_handle $actual_mechs ] maj_stat min_stat init_time_rec accept_time_rec

BUGS

None

TODO

None

SEE ALSO

gss_acquire_cred, gss_release_cred, gss_inquire_cred


[Functions] gssapi/gss_add_oid_set_member

[top][index]

NAME

gss_add_oid_set_member

SYNOPSIS

package require gssapi

gss_add_oid_set_member member_oid oid_set

DESCRIPTION

The gss_add_oid_set_member command adds a new OID to an existing OID set.

RETURN VALUE

On success gss_add_oid_set_member returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_add_oid_set_member $GSS_C_NT_USER_NAME $oid_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_indicate_mechs, gss_create_empty_oid_set, gss_test_oid_set_member, gss_release_oid_set


[Functions] gssapi/gss_canonicalize_name

[top][index]

NAME

gss_canonicalize_name

SYNOPSIS

package require gssapi

gss_canonicalize_name input_name mech_type output_name

DESCRIPTION

The gss_canonicalize_name command takes a GSS internal name that contains multiple internal representations and returns a new GSS internal name with a single name representation that corresponds to the specified security mechanism.

RETURN VALUE

On success gss_canonicalize_name returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_canonicalize_name $input_name $mech_type $output_name ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_compare_name

[top][index]

NAME

gss_compare_name

SYNOPSIS

package require gssapi

gss_compare_name name1 name2

DESCRIPTION

The gss_compare_name command allows an application to compare two internal names to determine whether they refer to the same object. The two names must have an internal representation format in common to be comparable. The names are considered not equal if either name denotes an anonymous principal.

RETURN VALUE

On success gss_compare_name returns major-status code, minor_status code and 1 if the names refer to the same object or 0 otherwise. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_compare_name $target_name $alias_name ] maj_stat min_stat name_equal

BUGS

None

TODO

None


[Functions] gssapi/gss_context_time

[top][index]

NAME

gss_context_time

SYNOPSIS

package require gssapi

gss_context_time context_handle

DESCRIPTION

The gss_context_time command checks the specified security context and returns the number of seconds that the context remains valid. The returned value is GSS_C_INDEFINITE if the context does not have an expiration time.

RETURN VALUE

On success gss_context_time returns major-status code, minor_status code, and the number of seconds that the context remains valid. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_context_time $context_handle ] maj_stat min_stat time_rec

BUGS

None

TODO

None


[Functions] gssapi/gss_create_empty_buffer_set

[top][index]

NAME

gss_create_empty_buffer_set

SYNOPSIS

package require gssapi

gss_create_empty_buffer_set buffer_set

DESCRIPTION

The gss_create_empty_buffer_set command creates an empty buffer set, to which membersmay be subsequently be added using the gss_add_buffer_set_member command.

RETURN VALUE

On success gss_create_empty_buffer_set returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_create_empty_buffer_set $buffer_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_add_buffer_set_member, gss_release_buffer_set


[Functions] gssapi/gss_create_empty_oid_set

[top][index]

NAME

gss_create_empty_oid_set

SYNOPSIS

package require gssapi

gss_create_empty_oid_set oid_set

DESCRIPTION

The gss_create_empty_oid_set command creates a new, empty OID set. Members can be added to the OID set by calling the gss_add_oid_set_member command. The OID set should be released when it is no longer needed by calling the gss_release_oid_set.

RETURN VALUE

On success gss_create_empty_oid_set returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_create_empty_oid_set $oid_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_indicate_mechs, gss_add_oid_set_member, gss_test_oid_set_member, gss_release_oid_set


[Functions] gssapi/gss_delete_sec_context

[top][index]

NAME

gss_delete_sec_context

SYNOPSIS

package require gssapi

gss_delete_sec_context context_handle output_token

DESCRIPTION

The gss_delete_sec_context command deletes one end of a security context. It also deletes the local data structures associated with the security context. When it deletes the context, the command can generate a token. The application must then pass this token to the partner application. The partner application calls the gss_process_context_token command to process the token and complete the process of deleting the security context.

RETURN VALUE

On success gss_delete_sec_context returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_delete_sec_context $context_handle $output_token ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_init_sec_context, gss_accept_sec_context


[Functions] gssapi/gss_display_name

[top][index]

NAME

gss_display_name

SYNOPSIS

package require gssapi

gss_display_name input_name output_name_buffer output_name_type

DESCRIPTION

The gss_display_name command returns the textual representation of an opaque internal name. The syntax of the text representation is determined by the mechanism that was used to convert the name.

RETURN VALUE

On success gss_display_name returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_display_name $input_name $output_name_buffer $output_name_type ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_display_status

[top][index]

NAME

gss_display_status

SYNOPSIS

package require gssapi

gss_display_status status_value status_type mech_type status_string

DESCRIPTION

The gss_display_status command provides an application with a textual representation of a GSS or mechanism status code. The returned message can then be displayed to the user or written to a log file.

RETURN VALUE

On success gss_display_status returns major-status code, minor_status code, message context and the text message for the status value. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_display_status $status_value $GSS_C_GSS_CODE $gss_c_null_oid ] maj_stat min_stat message_context status_string

BUGS

None

TODO

None


[Functions] gssapi/gss_duplicate_name

[top][index]

NAME

gss_duplicate_name

SYNOPSIS

package require gssapi

gss_duplicate_name src_name dest_name

DESCRIPTION

The gss_duplicate_name command creates a duplicate of a GSS internal name.

RETURN VALUE

On success gss_duplicate_name returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_name_t_value $src_name ] src_name_addr_value

lassign [ gss_duplicate_name $src_name_addr_value $dest_name ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_export_cred

[top][index]

NAME

gss_export_cred

SYNOPSIS

package require gssapi

gss_export_cred cred_handle desired_mech option_req output_buffer

DESCRIPTION

The gss_export_cred command creates a credential token for a GSS-API credential. This credential token can then be given to another process on the same system or on a different system. This second process calls gss_import_cred command to create a GSS-API credential from the credential token. In order to use the credential on a different system, the security mechanism must allow the credential to be used from any system.

RETURN VALUE

On success gss_export_cred returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_cred_id_t_value $delegated_cred_handle ] delegated_cred_handle_addr_value

lassign [ gss_export_cred $delegated_cred_handle_addr_value $gss_c_null_oid 0 $send_tok ] maj_stat min_stat time_rec

BUGS

None

TODO

None

SEE ALSO

gss_release_cred, gss_acquire_cred, gss_inquire_cred, gss_import_cred


[Functions] gssapi/gss_export_name

[top][index]

NAME

gss_export_name

SYNOPSIS

package require gssapi

gss_export_name input_name exported_name

DESCRIPTION

The gss_export_name command creates an opaque token for a mechanism name.

RETURN VALUE

On success gss_export_name returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_export_name $input_name $exported_name ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_export_sec_context

[top][index]

NAME

gss_export_sec_context

SYNOPSIS

package require gssapi

gss_export_sec_context context_handle interprocess_token

DESCRIPTION

The gss_export_sec_context command creates a context token for a GSS-API security context. This context token can then be given to another process on the same system. This second process calls gss_import_sec_context command to create a GSS-API security context from the context token. Upon successful completion of gss_export_sec_context, the security context is no longer available for use by the current process. The security context token created by one implementation of GSS-API cannot be used with a different implementation of GSS-API.

RETURN VALUE

On success gss_export_sec_context returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_buffer_t_value $context_token ] context_token_addr_value

lassign [ gss_export_sec_context $init_context $context_token_addr_value ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_import_sec_context


[Functions] gssapi/gss_get_mic

[top][index]

NAME

gss_get_mic

SYNOPSIS

package require gssapi

gss_get_mic context_handle qop_req message_buffer message_token

DESCRIPTION

The gss_get_mic command generates a cryptographic signature for a message and returns this signature in a token that can be sent to a partner application. The partner application then calls the gss_verify_mic command to validate the signature.

RETURN VALUE

On success gss_get_mic returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_get_mic $context_handle $GSS_C_QOP_DEFAULT $message_buffer $message_token ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_verify_mic


[Functions] gssapi/gss_import_cred

[top][index]

NAME

gss_import_cred

SYNOPSIS

package require gssapi

gss_import_cred cred_handle desired_mech option_req import_buffer time_req

DESCRIPTION

The gss_import_cred command accepts a credential token created by the gss_export_cred command and creates a GSS-API credential.

RETURN VALUE

On success gss_import_cred returns major-status code, minor_status code and actual number of seconds for which the credential is valid. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_import_cred $imported_cred_handle $gss_c_null_oid 0 $send_tok 0 ] maj_stat min_stat time_rec

BUGS

None

TODO

None

SEE ALSO

gss_release_cred, gss_acquire_cred, gss_inquire_cred, gss_export_cred


[Functions] gssapi/gss_import_name

[top][index]

NAME

gss_import_name

SYNOPSIS

package require gssapi

gss_import_name input_name_buffer input_name_type output_name

DESCRIPTION

The gss_import_name command converts a printable name to the GSS internal format. The gss_name_t object created by this command can then be used as input to other GSS routines. The gss_name_t object created by the gss_import_name command contains an internal representation for each of the supported security mechanisms.

RETURN VALUE

On success gss_import_name returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_import_name $input_name_buffer $input_name_type $output_name ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_import_sec_context

[top][index]

NAME

gss_import_sec_context

SYNOPSIS

package require gssapi

gss_import_sec_context interprocess_token context_handle

DESCRIPTION

The gss_import_sec_context command accepts a security context token created by the gss_export_sec_context command and creates a GSS-API security context. Since the security context contains message sequencing information, it is usually not feasible to create multiple security contexts from a single context token.

RETURN VALUE

On success gss_import_sec_context returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_buffer_t_value $context_token ] context_token_addr_value

lassign [ gss_export_sec_context $context_token_addr_value $init_context ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_import_sec_context


[Functions] gssapi/gss_indicate_mechs

[top][index]

NAME

gss_indicate_mechs

SYNOPSIS

package require gssapi

gss_indicate_mechs oid_set

DESCRIPTION

The gss_indicate_mechs command allows an application to determine which security mechanisms are available on the local system.

RETURN VALUE

On success gss_indicate_mechs returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_indicate_mechs $oid_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_create_empty_oid_set, gss_add_oid_set_member, gss_test_oid_set_member, gss_release_oid_set


[Functions] gssapi/gss_init_delegation

[top][index]

NAME

gss_init_delegation

SYNOPSIS

package require gssapi

gss_init_delegation context_handle cred_handle desired_mech extension_oids extension_buffers input_token req_flags time_req output_token

DESCRIPTION

The gss_init_delegation command

RETURN VALUE

On success gss_init_delegation returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_init_delegation ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_accept_delegation


[Functions] gssapi/gss_init_sec_context

[top][index]

NAME

gss_init_sec_context

SYNOPSIS

package require gssapi

gss_init_sec_context cred_handle context_handle target_name mech_type req_flags time_req input_chan_bindings input_token actual_mech_type output_token

DESCRIPTION

The gss_init_sec_context command initiates a security context for use by two communicating applications.

RETURN VALUE

On success gss_init_sec_context returns major-status code, minor_status code, a bit mask containing independent flags indicating which GSS services are available for the context and the number of seconds for which the context will remain valid. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_cred_id_t_value $cred_handle ] cred_handle_addr_value

lassign [ gss_inquire_cred $cred_handle_addr_value $target_name NULL NULL ] maj_stat min_stat lifetime

lassign [ p_gss_name_t_value $target_name ] target_name_addr_value

lassign [ gss_init_sec_context $cred_handle_addr_value $init_context $target_name_addr_value $gss_c_null_oid 0 0 $gss_c_no_channel_bindings $gss_c_no_buffer NULL $send_tok ] maj_stat min_stat ret_flags time_rec

BUGS

None

TODO

None

SEE ALSO

gss_delete_sec_context, gss_accept_sec_context, gss_inquire_cred, p_gss_cred_id_t_value, p_gss_name_t_value


[Functions] gssapi/gss_inquire_context

[top][index]

NAME

gss_inquire_context

SYNOPSIS

package require gssapi

gss_inquire_context context_handle source_name target_name mech_type

DESCRIPTION

The gss_inquire_context command returns information about a security context to the calling application.

RETURN VALUE

On success gss_inquire_context returns major-status code, minor_status code, the number of seconds for which the context remains valid, a bit mask containing independent flags indicating which GSS services are available for the context, 1 if the context was initiated locally or 0 otherwise, and 1 if context establishment has been completed or 0 otherwise. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_ctx_id_t_value $accept_context ] accept_context_addr_value

lassign [ gss_inquire_context $accept_context_addr_value $source_name $target_name $mech_type ] maj_stat min_stat lifetime ctx_flags locally_initiated open

BUGS

None

TODO

None


[Functions] gssapi/gss_inquire_cred

[top][index]

NAME

gss_inquire_cred

SYNOPSIS

package require gssapi

gss_inquire_cred cred_handle name cred_usage mechanisms

DESCRIPTION

The gss_inquire_cred command returns information about a GSS credential to the calling application. If GSS_C_NO_CREDENTIAL is specified for the cred_handle parameter, the default security mechanism is used to process the request.

RETURN VALUE

On success gss_acquire_cred returns major-status code, minor_status code and actual number of seconds for which the returned credentials will remain valid. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ p_gss_cred_id_t_value $cred_handle ] cred_handle_addr_value

lassign [ gss_inquire_cred $cred_handle_addr_value $target_name NULL NULL ] maj_stat min_stat lifetime

BUGS

None

TODO

None

SEE ALSO

gss_release_cred, gss_acquire_cred


[Functions] gssapi/gss_inquire_cred_by_mech

[top][index]

NAME

gss_inquire_cred_by_mech

SYNOPSIS

package require gssapi

gss_inquire_cred_by_mech cred_handle mech_type name cred_usage

DESCRIPTION

The gss_inquire_cred_by_mech command returns information about a GSS credential for a single security mechanism. The information is obtained using the specified security mechanism.

RETURN VALUE

On success gss_inquire_cred_by_mech returns major-status code, minor_status code, the number of seconds for which the credential remains valid for initiating contexts and the number of seconds for which the credential remains valid for accepting contexts. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_inquire_cred_by_mech $cred_handle $mech_type $name $cred_usage ] maj_stat min_stat initiator_lifetime acceptor_lifetime

BUGS

None

TODO

None


[Functions] gssapi/gss_inquire_cred_by_oid

[top][index]

NAME

gss_inquire_cred_by_oid

SYNOPSIS

package require gssapi

gss_inquire_cred_by_oid cred_handle desired_object data_set

DESCRIPTION

The gss_inquire_cred_by_oid command gives applications a means to retrieve arbitrary data about a credential.

RETURN VALUE

On success gss_inquire_cred_by_oid returns major-status code, minor_status code and a set of octet string corresponding to the data associated with the desired_object. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_inquire_cred_by_oid $cred_handle $oid $data_set ] maj_stat min_stat lifetime

BUGS

None

TODO

None

SEE ALSO

gss_inquire_sec_context_by_oid


[Functions] gssapi/gss_inquire_mechs_for_name

[top][index]

NAME

gss_inquire_mechs_for_name

SYNOPSIS

package require gssapi

gss_inquire_mechs_for_name input_name mech_types

DESCRIPTION

The gss_inquire_mechs_for_name command returns the mechanisms with which a name may be processed.

RETURN VALUE

On success gss_inquire_names_for_mech returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_inquire_mechs_for_name $input_name $mech_types ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_inquire_names_for_mech

[top][index]

NAME

gss_inquire_names_for_mech

SYNOPSIS

package require gssapi

gss_inquire_names_for_mech mechanism name_types

DESCRIPTION

The gss_inquire_names_for_mech command returns the name types supported by a security mechanism.

RETURN VALUE

On success gss_inquire_names_for_mech returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_inquire_names_for_mech $mechanism $name_types ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_inquire_sec_context_by_oid

[top][index]

NAME

gss_inquire_sec_context_by_oid

SYNOPSIS

package require gssapi

gss_inquire_sec_context_by_oid context_handle desired_object data_set

DESCRIPTION

The gss_inquire_sec_context_by_oid command gives applications a means to retrieve arbitrary data about a security context.

RETURN VALUE

On success gss_inquire_sec_context_by_oid returns major-status code, minor_status code and a set of octet string corresponding to the data associated with the desired_object. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_inquire_sec_context_by_oid $context_handle $oid $data_set ] maj_stat min_stat lifetime

BUGS

None

TODO

None

SEE ALSO

gss_inquire_cred_by_oid


[Functions] gssapi/gss_process_context_token

[top][index]

NAME

gss_process_context_token

SYNOPSIS

package require gssapi

gss_process_context_token context_handle token_buffer

DESCRIPTION

The gss_process_context_token command processes a context token received from the partner application.

RETURN VALUE

On success gss_process_context_token returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_process_context_token $context_handle $token_buffer ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_accept_sec_context


[Functions] gssapi/gss_release_buffer

[top][index]

NAME

gss_release_buffer

SYNOPSIS

package require gssapi

gss_release_buffer buffer

DESCRIPTION

The gss_release_buffer command releases storage associated with a gss_buffer_t buffer. The gss_buffer_desc structure itself is not released.

RETURN VALUE

On success gss_release_buffer returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_release_buffer $buffer ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_release_buffer_set

[top][index]

NAME

gss_release_buffer_set

SYNOPSIS

package require gssapi

gss_release_buffer_set buffer_set

DESCRIPTION

The gss_release_buffer_set command releases the storage assocaiated with a set of octet string allocated by gss_add_buffer_set_member.

RETURN VALUE

On success gss_release_buffer_set returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_release_buffer_set $buffer_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_create_empty_buffer_set, gss_add_buffer_set_member


[Functions] gssapi/gss_release_cred

[top][index]

NAME

gss_release_cred

SYNOPSIS

package require gssapi

gss_release_cred cred_handle

DESCRIPTION

The gss_release_cred command releases the local data structures associated with a GSS credential. If gss_c_no_credential is specified for the cred_handle parameter, no credential is released and gss_s_complete is returned for the major status return value.

RETURN VALUE

On success gss_release_cred returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_release_cred $cred_handle ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_acquire_cred


[Functions] gssapi/gss_release_name

[top][index]

NAME

gss_release_name

SYNOPSIS

package require gssapi

gss_release_name input_name

DESCRIPTION

The gss_release_name command releases storage associated with a gss_name_t internal name.

RETURN VALUE

On success gss_release_name returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_release_name $input_name ] maj_stat min_stat

BUGS

None

TODO

None


[Functions] gssapi/gss_release_oid_set

[top][index]

NAME

gss_release_oid_set

SYNOPSIS

package require gssapi

gss_release_oid_set oid_set

DESCRIPTION

The gss_release_oid_set command releases storage associated with a gss_oid_set object.

RETURN VALUE

On success gss_release_oid_set returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_release_oid_set $oid_set ] maj_stat min_stat

BUGS

None

TODO

None

SEE ALSO

gss_indicate_mechs, gss_create_empty_oid_set, gss_add_oid_set_member, gss_test_oid_set_member


[Functions] gssapi/gss_set_sec_context_option

[top][index]

NAME

gss_set_sec_context_option

SYNOPSIS

package require gssapi

gss_set_sec_context_option context_handle oid_of_desired_option value_of_option

DESCRIPTION

The gss_set_sec_context_option command sets options on a security context prior to establishing it.

RETURN VALUE

On success gss_set_sec_context_option returns major-status code and minor_status code. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_set_sec_context_option $context_handle $oid $oid_value ] maj_stat min_stat lifetime

BUGS

None

TODO

None


[Functions] gssapi/gss_test_oid_set_member

[top][index]

NAME

gss_test_oid_set_member

SYNOPSIS

package require gssapi

gss_test_oid_set_member member_oid oid_set

DESCRIPTION

The gss_test_oid_set_member command checks an oid set to see if a specified oid is a member of the set.

RETURN VALUE

On success gss_test_oid_set_member returns major-status code, minor_status code and 1 if the OID is a member of the OID set or otherwise, it is set to zero. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_test_oid_set_member $GSS_C_NT_USER_NAME $oid_set ] maj_stat min_stat is_present

BUGS

None

TODO

None

SEE ALSO

gss_indicate_mechs, gss_create_empty_oid_set, gss_add_oid_set_member, gss_release_oid_set


[Functions] gssapi/gss_unwrap

[top][index]

NAME

gss_unwrap

SYNOPSIS

package require gssapi

gss_unwrap context_handle input_message_buffer output_message_buffer

DESCRIPTION

The gss_unwrap command unwraps a message sealed by the gss_wrap command and verifies the embedded signature. The conf_state return parameter indicates whether or not the message has been encrypted.

RETURN VALUE

On success gss_unwrap returns major-status code, minor_status code, the level of confidentiality that was applied to the message and the quality of protection that was applied to the message. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_unwrap $context_handle $input_message_buffer $output_message_buffer ] maj_stat min_stat conf_state qop_state

BUGS

None

TODO

None

SEE ALSO

gss_wrap, gss_wrap_size_limit


[Functions] gssapi/gss_verify_mic

[top][index]

NAME

gss_verify_mic

SYNOPSIS

package require gssapi

gss_verify_mic context_handle message_buffer token_buffer

DESCRIPTION

The gss_verify_mic command verifies that the cryptographic signature for a message is correct. This ensures that the message has not been modified since the signature was generated.

RETURN VALUE

On success gss_verify_mic returns major-status code, minor_status code and the quality of protection that was applied to the message. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_verify_mic $context_handle $message_buffer $token_buffer ] maj_stat min_stat qop_state

BUGS

None

TODO

None

SEE ALSO

gss_get_mic


[Functions] gssapi/gss_wrap

[top][index]

NAME

gss_wrap

SYNOPSIS

package require gssapi

gss_wrap context_handle confidentiality_requested quality_of_protection_requested input_message_buffer output_message_buffer

DESCRIPTION

The gss_wrap command cryptographically signs and optionally encrypts a message. The token returned in the output_message_buffer parameter contains both the signature and the message. This token is then sent to the partner application that calls the gss_unwrap command to extract the original message and verify its authenticity.

RETURN VALUE

On success gss_wrap returns major-status code, minor_status code and the level of confidentiality that was applied to the message. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_wrap $context_handle 1 $GSS_C_QOP_DEFAULT $input_message_buffer $output_message_buffer ] maj_stat min_stat conf_state

BUGS

None

TODO

None

SEE ALSO

gss_unwrap, gss_wrap_size_limit


[Functions] gssapi/gss_wrap_size_limit

[top][index]

NAME

gss_wrap_size_limit

SYNOPSIS

package require gssapi

gss_wrap_size_limit context_handle confidentiality_requested quality_of_protection_requested size_req

DESCRIPTION

The gss_wrap_size_limit command determines the largest message that can be processed by the gss_wrap command without exceeding the specified output token size.

RETURN VALUE

On success gss_wrap_size_limit returns major-status code, minor_status code and the maximum message size that can be processed without exceeding the specified maximum token size. If no errors occur, the command returns a major status value of GSS_S_COMPLETE. On error, this command will raise an error and must be caught using the appropriate catch command.

EXAMPLE

lassign [ gss_wrap_size_limit $context_handle 1 $GSS_C_QOP_DEFAULT 1012 ] maj_stat min_stat max_size

BUGS

None

TODO

None

SEE ALSO

gss_wrap