Function

gss_accept_sec_context

Accepts a security context initiated by a peer.

Declaration

OM_uint32 gss_accept_sec_context(OM_uint32 *minor_status, gss_ctx_id_t  _Nonnull *context_handle, gss_cred_id_t acceptor_cred_handle, gss_buffer_t input_token, gss_channel_bindings_t input_chan_bindings, gss_name_t  _Nullable *src_name, gss_OID  _Nullable *mech_type, gss_buffer_t output_token, OM_uint32 *ret_flags, OM_uint32 *time_rec, gss_cred_id_t  _Nullable *delegated_cred_handle);

Parameters

minor_status

A pointer to the secondary status result that provides additional information in case of failure.

context_handle

A pointer the function uses to return the context. Pass GSS_C_NO_CONTEXT for first call and use the value returned by the first call in continuation calls. Release the context's resources using the gss_delete_sec_context function when you are done with it.

acceptor_cred_handle

The credential claimed by the acceptor. Specify GSS_C_NO_CREDENTIAL to use the default credential.

input_token

The token obtained from the peer.

input_chan_bindings

Channel bindings to use. Pass GSS_C_NO_CHANNEL_BINDINGS if channel bindings are not used.

src_name

A pointer the function uses to return the authenticated name of the context initiator. Specify NULL to ignore this output.

mech_type

A pointer the function uses to return the mechanism used by the context. Do not free this object because it is held in static memory. Specify NULL to ignore this output.

output_token

A buffer the function fills with a token to transmit to the peer. If the buffer length is zero, there is no token to pass. Otherwise, free the token buffer's memory using gss_release_buffer when you are done with it.

ret_flags

A pointer the function uses to return the flags supported by the context. See Context Services for a list of possible values. Specify NULL to ignore this output.

time_rec

A pointer the function uses to return the number of seconds for which the context is valid. Specify NULL to ignore this output.

delegated_cred_handle

A pointer the function uses to return the credentials of the initiator. The function returns GSS_C_NO_CREDENTIAL unless the ret_flags parameter includes GSS_C_DELEG_FLAG. If the credential exists, release its memory with gss_release_cred when you are done with it.

See Also

Creation and Deletion

gss_init_sec_context

Initiates a security context with a peer.

gss_delete_sec_context

Deletes a security context.

gss_release_cred

Releases the memory of a credential.

gss_process_context_token

Processes a token from a peer asynchronously.

gss_set_sec_context_option

Sets an option on a context.