rpc_gss_seccreate — create a security context using the RPCSEC_GSS protocol

       This manual page was written by Doug Rabson <dfr@FreeBSD.org>.

Debian                                          January 26, 2010                            RPC_GSS_SECCREATE(3)

       The rpc_gss_seccreate() function is part of libtirpc.

       This function is used to establish a security context between an application and a remote peer using  the
       RPSEC_GSS protocol.

       rpc_gss_seccreate — create a security context using the RPCSEC_GSS protocol

       clnt         An RPC handle which is connected to the remote peer

       principal    The  name  of  the  service principal on the remote peer.  For instance, a principal such as
                    "nfs@server.example.com" might be used by an application  which  needs  to  contact  an  NFS
                    server

       mechanism    The  name  of  the  GSS_API mechanism to use for the new security context.  "kerberos_v5" is
                    currently the only supported mechanism.

       service      Type of service requested.

                    rpc_gss_svc_default    The default - typically the same as rpc_gss_svc_none.

                    rpc_gss_svc_none       RPC headers only are integrity protected by a checksum.

                    rpc_gss_svc_integrity  RPC headers and data are integrity protected by a checksum.

                    rpc_gss_svc_privacy    RPC headers are  integrity  protected  by  a  checksum  and  data  is
                                           encrypted.

       qop          The  name  of  the Quality of Protection to use for the new security context, or NULL to use
                    the default QOP.  "GSS_C_QOP_DEFAULT" is currently the only supported QOP.

       options_req  Extra security context options to be passed to the underlying GSS-API mechanism.  Pass  NULL
                    to supply default values.

       options_ret  Various  values returned by the underlying GSS-API mechanism.  Pass NULL if these values are
                    not required.

       If the security context was created successfully, a pointer to an  AUTH  structure  that  represents  the
       context  is  returned.   To use this security context for subsequent RPC calls, set clnt->cl_auth to this
       value.

rpc(3), gssapi(3), mech(5), qop(5), rpcsec_gss(3)

#include<rpc/rpcsec_gss.h>AUTH*rpc_gss_seccreate(CLIENT*clnt,  constchar*principal, constchar*mechanism, rpc_gss_service_tservice,
           constchar*qop, rpc_gss_options_req_t*options_req, rpc_gss_options_ret_t*options_ret);