|RPC_GSS_GET_PRINCIPAL_NAME(3NSL)||Networking Services Library Functions||RPC_GSS_GET_PRINCIPAL_NAME(3NSL)|
rpc_gss_get_principal_name - Get principal names at server
#include <rpc/rpcsec_gss.h> bool_t rpc_gss_get_principal_name(rpc_gss_principal_t *principal,
char *mech, char *name, char *node, char *domain);
Servers need to be able to operate on a client's principal name. Such a name is stored by the server as a rpc_gss_principal_t structure, an opaque byte string which can be used either directly in access control lists or as database indices which can be used to look up a UNIX credential. A server may, for example, need to compare a principal name it has received with the principal name of a known entity, and to do that, it must be able to generate rpc_gss_principal_t structures from known entities.
rpc_gss_get_principal_name() takes as input a security mechanism, a pointer to a rpc_gss_principal_t structure, and several parameters which uniquely identify an entity on a network: a user or service name, a node name, and a domain name. From these parameters it constructs a unique, mechanism-dependent principal name of the rpc_gss_principal_t structure type.
How many of the identifying parameters (name, node, and domain) are necessary to specify depends on the mechanism being used. For example, Kerberos V5 requires only a user name but can accept a node and domain name. An application can choose to set unneeded parameters to NULL.
Information on RPCSEC_GSS data types for parameters may be found on the rpcsec_gss(3NSL) man page.
rpc_gss_get_principal_name() returns TRUE if it is successful; otherwise, use rpc_gss_get_error() to get the error associated with the failure.
See attributes(7) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
ONC+ Developer's Guide
Linn, J. RFC 2078, Generic Security Service Application Program Interface, Version 2. Network Working Group. January 1997.
|November 22, 2021||OmniOS|