qkrb_build_spnego_target_token()--Build a SPNEGO Target Token

Syntax

 #include <qkrbspnego.h>

 OM_uint32 qkrb_build_spnego_target_token(
     gss_buffer_desc    * negotiation_result,
     gss_OID_desc       * supported_mechanism,
     gss_buffer_desc    * response_token,
     gss_buffer_desc    * mechanism_list_mic,
     OM_uint32            format_type, 
     gss_buffer_desc    * target_response_token);

  Service Program Name: QSYS/QKRBSPNEGO
  Default Public Authority: *USE

  Threadsafe: Yes

The qkrb_build_spnego_target_token() builds a Simple and Protected GSS-API Negotiation (SPNEGO) Target Token and returns the results to the caller.

Authorities

No authorities are required.

Parameters

negotiation_result (Input)

Result of the SPNEGO negotiation exchange, specified by the target. Possible values are:

GSS_SPNEGO_ACCEPT_COMPLETED (0x00)	The target accepts the preferred security mechanism, and the context is established for the mechanism.
GSS_SPNEGO_ACCEPT_INCOMPLETE (0x01)	The target accepts one of the proposed security mechanisms and further exchanges are necessary.
GSS_SPNEGO_REJECTED (0x02)	The target rejects all the proposed security mechanisms.

supported_mechanism (Input)

The supported mechanism to be added to the target token. Specify GSS_C_NO_BUFFER if there is no supported mechanism.

response_token (Input)

The response token to be added to the target token. Specify GSS_C_NO_BUFFER if there is no response token.

mechanism_list_mic (Input)

The mechanism list MIC to be added to the target token. Specify GSS_C_NO_BUFFER if there is no mechanism list MIC.

format_type (Input)

The format to follow when building the SPNEGO token. Possible values are:

GSS_SPNEGO_FORMAT_0 (0)	The format of the SPNEGO token built follows the syntax defined in RFC 2478.
GSS_SPNEGO_FORMAT_1 (1)	The format of the SPNEGO token built follows the syntax defined in RFC 2478 with one exception. The mechanism_list_mic is sent as SEQUENCE/GENERAL_STRING.

target_response_token (Output)

The target token built from the input information. The application should release the target token when it is no longer needed by calling the gss_release_buffer() routine.

Return Value

The return value is one of the following status codes:

GSS_SPNEGO_SUCCESS (0): The routine completed successfully.
GSS_SPNEGO_UNEXPECTED_ERR (1): The routine failed for unexpected reasons. Check the joblog for errors.
GSS_SPNEGO_NOMEM (2): Memory allocation failed.

Related Information

For a description of the SPNEGO protocol, see RFC 2478 on the RFC Pages Link outside information center for The Simple and Protected GSS-API Negotiation Mechanism.

API introduced: V5R4

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]