Documentation Home
> GSS-API Programming Guide
GSS-API Programming Guide
Book Information
Index
A
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
Preface
Chapter 1 The GSS-API: An Overview
Introduction to the GSS-API
Application Portability
Security Services
Mechanisms Available With GSS-API
RPCSEC_GSS Layer
What the GSS-API Does Not Do For You
Language Bindings
Where to Get More Information
Some Introductory Concepts
Principals
GSS-API Data Types
Integers
Strings and Similar Data
Names
Comparing Names
OIDs
Mechanisms and QOPs
Name Types
Status Codes
GSS-API Tokens
Interprocess Tokens
Programming Using the GSS-API
Overview
Credentials
Acquiring Credentials
Context Establishment
Context Initiation (Client)
Context Acceptance (Server)
Additional Context Services
Delegation
Mutual Authentication
Out-of-Sequence Detection and Replay Detection
Anonymous Authentication
Channel Bindings
Context Export and Import
Context Information
Data Protection
Message Tagging With gss_get_mic()
Message Wrapping With gss_wrap()
Wrap Size
Unwrapping and Verification
gss_unwrap()
gss_verify_mic()
Transmission Confirmation (Optional)
Context Deletion and Data Deallocation
Chapter 2 A Walk–Through of the Sample GSS-API Programs
Introduction to the Sample Programs
Client-Side GSS-API: gss-client
Overview: main() (Client)
Specifying a Non-Default Mechanism
Calling the Server
Connecting to the Server
Establishing a Context
Sending the Data
Verifying the Message
Server-Side GSS-API: gss-server
Overview: main() (Server)
Creating an OID for the Mechanism
Acquiring Credentials
Accepting a Context, Getting and Signing Data
Accepting a Context
Unwrapping the Message
Signing the Message, Sending It Back
Importing and Exporting a Context
Cleanup
Accessory Functions
Appendix A Sample C–Based GSS-API Programs
Client-Side Application
Program Headers
main()
parse_oid()
call_server()
read_file()
client_establish_context()
connect_to_server()
Server-Side Application
Program Headers
main()
createMechOid()
server_acquire_creds()
sign_server()
server_establish_context()
create_a_socket()
test_import_export_context()
timeval_subtract()
Ancillary Functions
Miscellaneous Support Functions
send_token() and recv_token()
send_token()
recv_token()
Appendix B GSS-API Reference
GSS-API Functions
Functions From Previous Versions of the GSS-API
Functions for Manipulating OIDs
Renamed Functions
GSS-API Status Codes
GSS-API Major Status Code Values
Displaying Status Codes
Status Code Macros
GSS-API Data Types and Values
Basic GSS-API Data Types
OM_uint32
gss_buffer_desc
gss_OID_desc
gss_OID_set_desc
gss_channel_bindings_struct
Name Types
Address Types for Channel Bindings
Appendix C Specifying an OID
Mechanisms and QOPs
Files Containing OID Values
The /etc/gss/mech File
The /etc/gss/qop File
gss_str_to_oid()
Constructing Mechanism OIDs
Appendix D Sun-Specific Features
Implementation-Specifc Features
Sun-Specific Functions
Human-Readable Name Syntax
Format of Anonymous Names
Implementations of Selected Data Types
Deletion of Contexts and Stored Data
Protection of Channel-Binding Information
Context Exportation and Interprocess Tokens
Types of Credentials Supported
Credential Expiration
Context Expiration
Wrap Size Limits and QOP Values
Use of minor_status Parameter
Appendix E Kerberos v5 Status Codes
Table of Kerberos v5 Status Codes
Glossary
© 2010, Oracle Corporation and/or its affiliates