skip book previous and next navigation links
go up to top of book: HP Open Source Security for OpenVMS Volume 3:... HP Open Source Security for OpenVMS Volume 3:...
go to beginning of chapter: GSSAPI (Generic Security Services Application... GSSAPI (Generic Security Services Application...
go to previous page: gss_export_name Convert an internal mechanism name to export form gss_export_name Convert an internal mechanism name to export...
go to next page: gss_get_mic Generate a cryptographic MIC for a messagegss_get_mic Generate a cryptographic MIC for a message
end of book navigation links

gss_export_sec_context -- Transfer a security context to another process 



C Prototype 

OM_uint32 gss_export_sec_context(
       OM_uint32             *minor_status,
       gss_ctx_id_t          *context_handle,
       gss_buffer_t          interprocess_token );

Arguments 

minor_status
(output)		 An implementation-specific status code.
context_handle (input/output)
 The context handle identifying the context to transfer.
interprocess_token (output)
 The token to be transferred to the target process. Storage associated with this token must be freed by the application after use with a call to gss_release_buffer.

Description 

This routine is provided to support the sharing of work between multiple processes. It will typically be used by the context acceptor, in an application where a single process receives incoming connection requests and accepts security contexts over them, then passes the established context to one or more other processes for message exchange. The gss_export_sec_context routine deactivates the security context for the calling process and creates an interprocess token which, when passed to gss_import_sec_context in another process, will re-activate the context in the second process. Only a single instantiation of a given context may be active at any one time; a subsequent attempt by a context exporter to access the exported security context will fail.

The implementation may constrain the set of processes by which the interprocess token may be imported, either as a function of local security policy, or as a result of implementation decisions. For example, some implementations may constrain contexts to be passed only between processes that run under the same account, or which are part of the same process group.

The interprocess token may contain security-sensitive information (for example, cryptographic keys).

If the creation of the interprocess token is successful, all process-wide resources associated with the security context will be deallocated, and the context_handle will be set to GSS_C_NO_CONTEXT.

Return Values 

This routine returns one of the following GSS status codes:

GSS_S_COMPLETE
Successful completion.
GSS_S_CONTEXT_EXPIRED
 The context has expired.
GSS_S_NO_CONTEXT
 The context was invalid.
GSS_S_UNAVAILABLE
 The operation is not supported.

go to previous page: gss_export_name Convert an internal mechanism name to export form gss_export_name Convert an internal mechanism name to export...
go to next page: gss_get_mic Generate a cryptographic MIC for a messagegss_get_mic Generate a cryptographic MIC for a message