Developer's Guide to Oracle® Solaris 11 Security

Exit Print View

Updated: July 2014

Establishing a Security Context With the Server

After the connection is made, call_server() uses the function client_establish_context() to create the security context, as follows:

if (client_establish_context(s, service-name, deleg-flag, oid, &context,
                                  &ret-flags) < 0) {
          (void) close(s);
          return -1;
  • s is a file descriptor that represents the connection that is established by connect_to_server().

  • service-name is the requested network service.

  • deleg-flag specifies whether the server can act as a proxy for the client.

  • oid is the mechanism.

  • context is the context to be created.

  • ret-flags is an int that specifies any flags to be returned by the GSS-API function gss_init_sec_context().

    The client_establish_context() performs the following tasks:

  • Translates the service name into internal GSSAPI format

  • Performs a loop of token exchanges between the client and the server until the security context is complete