gss_delete_sec_context(3gss) [opensolaris man page]
gss_delete_sec_context(3GSS) Generic Security Services API Library Functions gss_delete_sec_context(3GSS)NAME
gss_delete_sec_context - delete a GSS-API security context
SYNOPSIS
cc [ flag... ] file... -lgss [ library... ]
#include <gssapi/gssapi.h>
OM_uint32 gss_delete_sec_context(OM_uint32 *minor_status,
gss_ctx_id_t *context_handle,gss_buffer_t output_token);
DESCRIPTION
Use the gss_delete_sec_context() function to delete a security context. The gss_delete_sec_context() function will delete the local data
structures associated with the specified security context. You may not obtain further security services that use the context specified by
context_handle.
In addition to deleting established security contexts, gss_delete_sec_context() will delete any half-built security contexts that result
from incomplete sequences of calls to gss_init_sec_context(3GSS) and gss_accept_sec_context(3GSS).
The Solaris implementation of the GSS-API retains the output_token parameter for compatibility with version 1 of the GSS-API. Both peer
applications should invoke gss_delete_sec_context(), passing the value GSS_C_NO_BUFFER to the output_token parameter; this indicates that
no token is required. If the application passes a valid buffer to gss_delete_sec_context(), it will return a zero-length token, indicating
that no token should be transferred by the application.
PARAMETERS
The parameter descriptions for gss_delete_sec_context() follow:
minor_status A mechanism specific status code.
context_handle Context handle identifying specific context to delete. After deleting the context, the GSS-API will set context_handle to
GSS_C_NO_CONTEXT.
output_token A token to be sent to remote applications that instructs them to delete the context.
ERRORS
gss_delete_sec_context() may return the following status codes:
GSS_S_COMPLETE Successful completion.
GSS_S_NO_CONTEXT No valid context was supplied.
GSS_S_FAILURE The underlying mechanism detected an error for which no specific GSS status code is defined. The mechanism-specific
status code reported by means of the minor_status parameter details the error condition.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWgss (32-bit) |
+-----------------------------+-----------------------------+
| |SUNWgssx (64-bit) |
+-----------------------------+-----------------------------+
|MT-Level |Safe |
+-----------------------------+-----------------------------+
SEE ALSO gss_accept_sec_context(3GSS), gss_init_sec_context(3GSS), attributes(5)
Solaris Security for Developers Guide
SunOS 5.11 15 jan 2003 gss_delete_sec_context(3GSS)
Check Out this Related Man Page
GSS_DELETE_SEC_CONTEXT(3) Programmer's Manual GSS_DELETE_SEC_CONTEXT(3)NAME
gss_delete_sec_context -- Discard a security context
SYNOPSIS
#include <gssapi/gssapi.h>
OM_uint32
gss_delete_sec_context(OM_uint32 *minor_status, gss_ctx_id_t *context_handle, gss_buffer_t output_token);
DESCRIPTION
Delete a security context. gss_delete_sec_context() will delete the local data structures associated with the specified security context,
and may generate an output_token, which when passed to the peer gss_process_context_token() will instruct it to do likewise. If no token is
required by the mechanism, the GSS-API should set the length field of the output_token (if provided) to zero. No further security services
may be obtained using the context specified by context_handle.
In addition to deleting established security contexts, gss_delete_sec_context() must also be able to delete "half-built" security contexts
resulting from an incomplete sequence of gss_init_sec_context() / gss_accept_sec_context() calls.
The output_token parameter is retained for compatibility with version 1 of the GSS-API. It is recommended that both peer applications invoke
gss_delete_sec_context() passing the value GSS_C_NO_BUFFER for the output_token parameter, indicating that no token is required, and that
gss_delete_sec_context() should simply delete local context data structures. If the application does pass a valid buffer to
gss_delete_sec_context(), mechanisms are encouraged to return a zero-length token, indicating that no peer action is necessary, and that no
token should be transferred by the application.
PARAMETERS
minor_status Mechanism specific status code.
context_handle Context handle identifying context to delete. After deleting the context, the GSS-API will set this context handle to
GSS_C_NO_CONTEXT.
output_token Token to be sent to remote application to instruct it to also delete the context. It is recommended that applications spec-
ify GSS_C_NO_BUFFER for this parameter, requesting local deletion only. If a buffer parameter is provided by the applica-
tion, the mechanism may return a token in it; mechanisms that implement only local deletion should set the length field of
this token to zero to indicate to the application that no token is to be sent to the peer.
RETURN VALUES
GSS_S_COMPLETE Successful completion
GSS_S_NO_CONTEXT
No valid context was supplied
SEE ALSO gss_accept_sec_context(3), gss_init_sec_context(3), gss_process_context_token(3)STANDARDS
RFC 2743 Generic Security Service Application Program Interface Version 2, Update 1
RFC 2744 Generic Security Service API Version 2 : C-bindings
HISTORY
The gss_delete_sec_context function first appeared in FreeBSD 7.0.
AUTHORS
John Wray, Iris Associates
COPYRIGHT
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, pro-
vided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself
may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organiza-
tions, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet
Standards process must be followed, or as required to translate it into languages other than English.
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
BSD January 26, 2010 BSD