#include <qkrbspnego.h> OM_uint32 qkrb_build_spnego_init_token( gss_OID_set supported_mechanisms, gss_flags_t * context_flags, gss_buffer_desc * token_for_first_mechanism, gss_buffer_desc * mechanism_list_mic, OM_uint32 format_type, gss_buffer_desc * initiator_token);Service Program Name: QSYS/QKRBSPNEGO
The qkrb_build_spnego_init_token() builds a Simple and Protected GSS-API Negotiation (SPNEGO) Initiator Token and returns the results to the caller.
No authorities are required.
The following flags are supported. All other flags will be ignored.
GSS_C_ANON_FLAG (64) | The initiator identity will not be provided to the context acceptor. |
GSS_C_CONF_FLAG (16) | Message confidentiality services are available. |
GSS_C_DELEG_FLAG (1) | Delegated credentials will be available to the context acceptor. |
GSS_C_INTEG_FLAG (32) | Message integrity services are available. |
GSS_C_MUTUAL_FLAG (2) | Mutual authentication will be performed. The gss_accept_sec_context() routine will generate an output token which the context acceptor must return to the context initiator to complete the security context setup. |
GSS_C_REPLAY_FLAG (4) | Message replay detection will be performed. |
GSS_C_SEQUENCE_FLAG (8) | Message sequence checking will be performed. |
GSS_SPNEGO_FORMAT_0 (0) | The format of the SPNEGO token built follows the syntax defined in RFC 2478. |
GSS_SPNEGO_FORMAT_1 (1) | The format of the SPNEGO token built follows the syntax defined in RFC 2478 with one exception. The mechanism_list_mic is sent as SEQUENCE/GENERAL_STRING. |
The return value is one of the following status codes:
For a description of the SPNEGO protocol, see RFC 2478 on the RFC Pages for The Simple and Protected GSS-API Negotiation Mechanism.
[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]