Networking Services Library Functions rpc_gss_set_callback(3NSL)
NAME
rpc_gss_set_callback - specify callback for context
SYNOPSIS
#include
bool_t rpc_gss_set_callback(struct rpc_gss_callback_t *cb);
DESCRIPTION
A server may want to specify a callback routine so that itknows when a context gets first used. This user-defined
callback may be specified through the rpc_gss_set_callback()
routine. The callback routine is invoked the first time a context is used for data exchanges, after the context is established for the specified program and version.The user-defined callback routine should take the following
form:bool_t callback(struct svc_req *req, gss_cred_id_t deleg,
gss_ctx_id_t gss_context, rpc_gss_lock_t *lock, void **cookie);
PARAMETERS
rpc_gss_set_callback() takes one argument: a pointer to a
rpc_gss_callback_t structure. This structure contains the
RPC program and version number as well as a pointer to auser-defined callback() routine. (For a description of
rpc_gss_callback_t and other RPCSEC_GSS data types, see the
rpcsec_gss(3NSL) man page.)
The user-defined callback() routine itself takes the follow-
ing arguments: req Pointer to the received service request.svc_req is an RPC structure containing
information on the context of an RPC invoca-
tion, such as program, version, and tran-
sport information. deleg Delegated credentials, if any. (See NOTES, below.)gss_context GSS context (allows server to do GSS opera-
tions on the context to test for acceptance criteria). See NOTES, below.SunOS 5.11 Last change: 5 Feb 2002 1
Networking Services Library Functions rpc_gss_set_callback(3NSL)
lock This parameter is used to enforce a particu-
lar QOP and service for a session. Thisparameter points to a RPCSEC_GSS
rpc_gss_lock_t structure. When the callback
is invoked, the rpc_gss_lock_t.locked field
is set to TRUE, thus locking the context. Alocked context will reject all requests hav-
ing different values for QOP or service thanthose specified by the raw_cred field of the
rpc_gss_lock_t structure.
cookie A four-byte quantity that an application may
use in any manner it wants to - RPC does not
interpret it. (For example, the cookie could be a pointer or index to a structure that represents a context initiator.) The cookie is returned, along with the caller's credentials, with each invocation ofrpc_gss_getcred().
RETURN VALUES
rpc_gss_set_callback() returns TRUE if the use of the con-
text is accepted; false otherwise.ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:_______________________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|________________________________________|
| MT-Level | MT-Safe |
|_____________________________|________________________________________|
| Availability | system/library/security/rpcsec (32-bit)|
|_____________________________|________________________________________|
| | SUNWrsgx (64-bit) |
|_____________________________|________________________________________|
SEE ALSO
rpc(3NSL), rpc_gss_getcred(3NSL), rpcsec_gss(3NSL), attri-
butes(5) ONC+ Developer's GuideSunOS 5.11 Last change: 5 Feb 2002 2
Networking Services Library Functions rpc_gss_set_callback(3NSL)
Linn, J. RFC 2078, Generic Security Service Application Pro-
gram Interface, Version 2. Network Working Group. January 1997. NOTESIf a server does not specify a callback, all incoming con-
texts will be accepted.Because the GSS-API is not currently exposed, the deleg and
gss_context arguments are mentioned for informational pur-
poses only, and the user-defined callback function may
choose to do nothing with them.SunOS 5.11 Last change: 5 Feb 2002 3