通过 GSS-API 可导出和导入上下文。使用这些活动可以在多进程程序中的不同进程之间共享上下文。sign_server() 包含一个概念证明函数 test_import_export_context(),用于说明如何导出和导入上下文。test_import_export_context() 不在进程之间传递上下文。test_import_export_context() 而是会显示导出所需的时间,然后导入上下文。虽然 test_import_export_context() 是一个虚构的函数,但可用于指示如何使用 GSS-API 导入和导出函数。test_import_export_context() 还可以指示如何使用时间戳来处理上下文。
test_import_export_context() 的源代码如以下示例所示。
int test_import_export_context(context)
gss_ctx_id_t *context;
{
OM_uint32 min_stat, maj_stat;
gss_buffer_desc context_token, copied_token;
struct timeval tm1, tm2;
/*
* Attempt to save and then restore the context.
*/
gettimeofday(&tm1, (struct timezone *)0);
maj_stat = gss_export_sec_context(&min_stat, context, &context_token);
if (maj_stat != GSS_S_COMPLETE) {
display_status("exporting context", maj_stat, min_stat);
return 1;
}
gettimeofday(&tm2, (struct timezone *)0);
if (verbose && log)
fprintf(log, "Exported context: %d bytes, %7.4f seconds\n",
context_token.length, timeval_subtract(&tm2, &tm1));
copied_token.length = context_token.length;
copied_token.value = malloc(context_token.length);
if (copied_token.value == 0) {
fprintf(log, "Couldn't allocate memory to copy context token.\n");
return 1;
}
memcpy(copied_token.value, context_token.value, copied_token.length);
maj_stat = gss_import_sec_context(&min_stat, &copied_token, context);
if (maj_stat != GSS_S_COMPLETE) {
display_status("importing context", maj_stat, min_stat);
return 1;
}
free(copied_token.value);
gettimeofday(&tm1, (struct timezone *)0);
if (verbose && log)
fprintf(log, "Importing context: %7.4f seconds\n",
timeval_subtract(&tm1, &tm2));
(void) gss_release_buffer(&min_stat, &context_token);
return 0;
}