GSS_PROCESS_CONTEXT_TOKEN(3GSS) Generic Security Services API Library Functions GSS_PROCESS_CONTEXT_TOKEN(3GSS)

gss_process_context_token - pass asynchronous token to security service

cc [ flag... ] file... -lgss  [ library... ]
#include <gssapi/gssapi.h>
OM_uint32 gss_process_context_token(OM_uint32 *minor_status,

const gss_ctx_id_t context_handle,const gss_buffer_t token_buffer);

The gss_process_context_token() function provides a way to pass an asynchronous token to the security service. Most context-level tokens are emitted and processed synchronously by gss_init_sec_context() and gss_accept_sec_context(), and the application is informed as to whether further tokens are expected by the GSS_C_CONTINUE_NEEDED major status bit. Occasionally, a mechanism might need to emit a context-level token at a point when the peer entity is not expecting a token. For example, the initiator's final call to gss_init_sec_context() may emit a token and return a status of GSS_S_COMPLETE, but the acceptor's call to gss_accept_sec_context() might fail. The acceptor's mechanism might want to send a token containing an error indication to the initiator, but the initiator is not expecting a token at this point, believing that the context is fully established. gss_process_context_token() provides a way to pass such a token to the mechanism at any time.

This function is provided for compatibility with the GSS-API version 1. Because gss_delete_sec_context() no longer returns a valid output_token to be sent to gss_process_context_token(), applications using a newer version of the GSS-API do not need to rely on this function.

The parameter descriptions for gss_process_context_token() are as follows:

minor_status

A mechanism-specific status code.

context_handle

Context handle of context on which token is to be processed.

token_buffer

Token to process.

gss_process_context_token() returns one of the following status codes:

GSS_S_COMPLETE

Successful completion.

GSS_S_DEFECTIVE_TOKEN

Indicates that consistency checks performed on the token failed.

GSS_S_NO_CONTEXT

The context_handle did not refer to a valid context.

GSS_S_FAILURE

The underlying mechanism detected an error for which no specific GSS status code is defined. The mechanism-specific status code reported by means of the minor_status parameter details the error condition.

See attributes(7) for descriptions of the following attributes:

ATTRIBUTE TYPE ATTRIBUTE VALUE
MT Level Safe

gss_accept_sec_context(3GSS), gss_delete_sec_context(3GSS), gss_init_sec_context(3GSS), attributes(7)

Solaris Security for Developers Guide

January 15, 2003 OmniOS