Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

gss_export_sec_context(3)	      gss	     gss_export_sec_context(3)

NAME
       gss_export_sec_context - API function

SYNOPSIS
       #include <gss.h>

       OM_uint32 gss_export_sec_context(OM_uint32 * minor_status, gss_ctx_id_t
       * context_handle, gss_buffer_t interprocess_token);

ARGUMENTS
       OM_uint32 * minor_status
		   (Integer, modify) Mechanism specific status code.

       gss_ctx_id_t * context_handle
		   (gss_ctx_id_t, modify) Context handle identifying
		     the context to transfer.

       gss_buffer_t interprocess_token
		   (buffer, opaque, modify) Token to be
		     transferred to target process.  Storage  associated  with
		   this
		     token  must  be freed by the application after use with a
		   call to
		     gss_release_buffer().

DESCRIPTION
       Provided to support the sharing of  work	 between  multiple  processes.
       This  routine  will  typically  be  used by the context-acceptor, in an
       application  where  a  single  process  receives	 incoming   connection
       requests	 and  accepts  security	 contexts  over	 them, then passes the
       established  context  to	 one  or  more	other  processes  for  message
       exchange. gss_export_sec_context() deactivates the security context for
       the calling process and	creates	 an  interprocess  token  which,  when
       passed  to  gss_import_sec_context in another process, will re-activate
       the context in the second process. Only a  single  instantiation	 of  a
       given  context may be active at any one time; a subsequent attempt by a
       context exporter to access the exported security context will fail.

       The implementation may constrain the set	 of  processes	by  which  the
       interprocess token may be imported, either as a function of local secu‐
       rity policy, or as a result of implementation decisions.	 For  example,
       some  implementations  may constrain contexts to be passed only between
       processes that run under the same account, or which  are	 part  of  the
       same process group.

       The  interprocess token may contain security-sensitive information (for
       example cryptographic keys).  While mechanisms are encouraged to either
       avoid placing such sensitive information within interprocess tokens, or
       to encrypt the token before returning it to the application, in a typi‐
       cal  object-library  GSS-API  implementation  this may not be possible.
       Thus the application must take care to protect the interprocess	token,
       and ensure that any process to which the token is transferred is trust‐
       worthy.

       If creation of the interprocess token is successful, the implementation
       shall  deallocate  all process-wide resources associated with the secu‐
       rity context, and set the context_handle to GSS_C_NO_CONTEXT.   In  the
       event  of  an  error that makes it impossible to complete the export of
       the security context, the implementation must not return	 an  interpro‐
       cess  token, and should strive to leave the security context referenced
       by the context_handle parameter untouched.  If this is  impossible,  it
       is  permissible	for the implementation to delete the security context,
       providing it also sets the context_handle  parameter  to	 GSS_C_NO_CON‐
       TEXT.

RETURN VALUE
       `GSS_S_COMPLETE`: Successful completion.

       `GSS_S_CONTEXT_EXPIRED`: The context has expired.

       `GSS_S_NO_CONTEXT`: The context was invalid.

       `GSS_S_UNAVAILABLE`: The operation is not supported.

REPORTING BUGS
       Report  bugs  to	 <bug-gss@gnu.org>.  GNU Generic Security Service home
       page: http://www.gnu.org/software/gss/ General help using GNU software:
       http://www.gnu.org/gethelp/

COPYRIGHT
       Copyright © 2003-2013 Simon Josefsson.
       Copying	and  distribution  of this file, with or without modification,
       are permitted in any medium  without  royalty  provided	the  copyright
       notice and this notice are preserved.

SEE ALSO
       The  full  documentation for gss is maintained as a Texinfo manual.  If
       the info and gss programs are properly installed at your site, the com‐
       mand

	      info gss

       should give you access to the complete manual.

gss				     1.0.3	     gss_export_sec_context(3)

Vote for polarhome