GSS-API Programming Guide

GSS-API Data Types and Values

This section covers various types of GSS-API data types and values. Certain data types that are opaque to the user, such as gss_cred_id_t or gss_name_t, are not covered here, since there is no advantage to knowing their structure. This section explains the following:

Basic GSS-API Data Types

These are some of the data types used by the GSS-API.

OM_uint32

The OM_uint32 is a platform-independent 32–bit unsigned integer.

gss_buffer_desc

This is the definition of the gss_buffer_desc and the gss_buffer_t pointer:

typedef struct gss_buffer_desc_struct {
        size_t length;
        void *value;
} gss_buffer_desc, *gss_buffer_t;

gss_OID_desc

This is the definition of the gss_OID_desc and the gss_OID pointer:

typedef struct gss_OID_desc_struct {
        OM_uint32 length;
        void*elements;
} gss_OID_desc, *gss_OID;

gss_OID_set_desc

This is the definition of the gss_OID_set_desc and the gss_OID_set pointer:

typedef struct gss_OID_set_desc_struct  {
        size_t  count;
        gss_OID elements;
} gss_OID_set_desc, *gss_OID_set;

gss_channel_bindings_struct

This is the definition of the gss_channel_bindings_struct structure and the gss_channel_bindings_t pointer:

typedef struct gss_channel_bindings_struct {
        OM_uint32 initiator_addrtype;
        gss_buffer_desc initiator_address;
        OM_uint32 acceptor_addrtype;
        gss_buffer_desc acceptor_address;
        gss_buffer_desc application_data;
} *gss_channel_bindings_t;

Name Types

A name type indicates the format of the name with which it is associated. (See Names and OIDs for more on names and name types.) The GSS-API supports the following name types, which are all gss_OID types:

Table B–5 Name Types

Name Type 

Meaning 

GSS_C_NO_NAME 

The recommended symbolic name GSS_C_NO_NAME indicates that no name is being passed within a particular value of a parameter used for the purpose of transferring names. 

GSS_C_NO_OID 

This value corresponds to a null input value instead of an actual object identifier. Where specified, it indicates interpretation of an associated name based on a mechanism-specific default printable syntax. 

GSS_C_NT_ANONYMOUS 

Provided as a means to identify anonymous names, and can be compared against in order to determine, in a mechanism-independent fashion, whether a name refers to an anonymous principal. 

GSS_C_NT_EXPORT_NAME 

A name that has been exported with the gss_export_name() function.

GSS_C_NT_HOSTBASED_SERVICE 

This name type is used to represent services associated with host computers. This name form is constructed using two elements, "service" and "hostname,” as follows: service@hostname.

GSS_C_NT_MACHINE_UID_NAME 

This name type is used to indicate a numeric user identifier corresponding to a user on a local system. Its interpretation is OS-specific. The gss_import_name() function resolves this UID into a username, which is then treated as the User Name Form.

GSS_C_NT_STRING_STRING_UID_NAME 

This name type is used to indicate a string of digits representing the numeric user identifier of a user on a local system. Its interpretation is OS-specific. This name type is similar to the Machine UID Form, except that the buffer contains a string representing the user ID. 

GSS_C_NT_USER_NAME 

A named user on a local system. Its interpretation is OS-specific. It takes the form: username.

Address Types for Channel Bindings

Table B–6 shows the possible values for the initiator_addrtype and acceptor_addrtype fields of the gss_channel_bindings_struct structure. These fields indicate the format that a name can take (for example, ARPAnet IMP address format or AppleTalk address format). Channel bindings are discussed in Channel Bindings.

Table B–6 Channel Binding Address Types

Field 

Value (Decimal) 

Address Type 

GSS_C_AF_UNSPEC 

Unspecified address type 

GSS_C_AF_LOCAL 

Host-local 

GSS_C_AF_INET 

Internet address type (example: IP) 

GSS_C_AF_IMPLINK 

ARPAnet IMP  

GSS_C_AF_PUP 

pup protocols (example: BSP) 

GSS_C_AF_CHAOS 

MIT CHAOS protocol 

GSS_C_AF_NS 

XEROX NS 

GSS_C_AF_NBS 

nbs 

GSS_C_AF_ECMA 

ECMA 

GSS_C_AF_DATAKIT 

datakit protocols 

GSS_C_AF_CCITT 

10 

CCITT 

GSS_C_AF_SNA 

11 

IBM SNA 

GSS_C_AF_DECnet 

12 

DECnet 

GSS_C_AF_DLI 

13 

Direct data link interface 

GSS_C_AF_LAT 

14 

LAT 

GSS_C_AF_HYLINK 

15 

NSC Hyperchannel 

GSS_C_AF_APPLETALK 

16 

AppleTalk 

GSS_C_AF_BSC 

17 

BISYNC 

GSS_C_AF_DSS 

18 

Distributed system services 

GSS_C_AF_OSI 

19 

OSI TP4 

GSS_C_AF_X25 

21 

X.25 

GSS_C_AF_NULLADDR 

255 

No address specified