{
    "content": [
        {
            "type": "text",
            "text": "# rpcsec_gss(3t) (man)\n\n**Summary:** RPCSECGSS — GSS-API based authentication for RPC\n\n**Synopsis:** #include <rpc/rpcsecgss.h>\n\n## See Also\n\n- rpc(3)\n- gssapi(3)\n\n## Section Outline\n\n- **NAME** (2 lines)\n- **SYNOPSIS** (2 lines)\n- **DESCRIPTION** (10 lines)\n- **DATA STRUCTURES** (107 lines)\n- **INDEX** (49 lines)\n- **AVAILABILITY** (2 lines)\n- **SEE ALSO** (2 lines)\n- **AUTHORS** (3 lines)\n\n## Full Content\n\n### NAME\n\nRPCSECGSS — GSS-API based authentication for RPC\n\n### SYNOPSIS\n\n#include <rpc/rpcsecgss.h>\n\n### DESCRIPTION\n\nRPCSECGSS is a security mechanism for the RPC protocol.  It uses the Generic Security Service\nAPI (GSS-API) to establish a security context between a client and a server and to ensure that\nall subsequent communication between client and server are properly authenticated.  Optionally,\nextra protection can be applied to the connection.  The integrity service uses checksums to en‐\nsure that all data sent by a peer is received without modification.  The privacy service uses\nencryption to ensure that no third party can access the data for a connection.\n\nTo use this system, an application must first use rpcgssseccreate() to establish a security\ncontext.\n\n### DATA STRUCTURES\n\nData structures used by RPCSECGSS appear below.\n\nrpcgssservicet\nThis type defines the types of security service required for rpcgssseccreate().\n\ntypedef enum {\nrpcgsssvcdefault     = 0,\nrpcgsssvcnone        = 1,\nrpcgsssvcintegrity   = 2,\nrpcgsssvcprivacy     = 3\n} rpcgssservicet;\n\nrpcgssoptionsrett\nThis structure contains various optional values which are used while creating a security\ncontext.\n\ntypedef struct {\nint             reqflags;      /* GSS request bits */\nint             timereq;       /* requested lifetime */\ngsscredidt   mycred;        /* GSS credential */\ngsschannelbindingst inputchannelbindings;\n} rpcgssoptionsreqt;\n\nrpcgssoptionsrett\nVarious details of the created security context are returned using this structure.\n\ntypedef struct {\nint             majorstatus;\nint             minorstatus;\nuint           rpcsecversion;\nint             retflags;\nint             timereq;\ngssctxidt    gsscontext;\nchar            actualmechanism[MAXGSSMECH];\n} rpcgssoptionsrett;\n\nrpcgssprincipalt\nThis type is used to refer to an client principal which is represented in GSS-API ex‐\nported name form (see gssexportname(3) for more details).  Names in this format may be\nstored in access control lists or compared with other names in exported name form.  This\nstructure is returned by rpcgssgetprincipalname() and is also referenced by the\nrpcgssrawcredt structure.\n\ntypedef struct {\nint             len;\nchar            name[1];\n} *rpcgssprincipalt;\n\nrpcgssrawcredt\nThis structure is used to access the raw credentials associated with a security context.\n\ntypedef struct {\nuint           version;        /* RPC version number */\nconst char      *mechanism;     /* security mechanism */\nconst char      *qop;           /* quality of protection */\nrpcgssprincipalt clientprincipal; /* client name */\nconst char      *svcprincipal; /* server name */\nrpcgssservicet service;      /* service type */\n} rpcgssrawcredt;\n\nrpcgssucredt\nUnix credentials which are derived form the raw credentials, accessed via\nrpcgssgetcred().\n\ntypedef struct {\nuidt           uid;            /* user ID */\ngidt           gid;            /* group ID */\nshort           gidlen;\ngidt           *gidlist;       /* list of groups */\n} rpcgssucredt;\n\nrpcgsslockt\nStructure used to enforce a particular QOP and service.\n\ntypedef struct {\nboolt          locked;\nrpcgssrawcredt *rawcred;\n} rpcgsslockt;\n\nrpcgsscallbackt\nCallback structure used by rpcgsssetcallback().\n\ntypedef struct {\nuint           program;        /* RPC program number */\nuint           version;        /* RPC version number */\n/* user defined callback */\nboolt          (*callback)(struct svcreq *req,\ngsscredidt deleg,\ngssctxidt gsscontext,\nrpcgsslockt *lock,\nvoid cookie);\n} rpcgsscallbackt;\n\nrpcgsserrort\nStructure used to return error information by rpcgssgeterror().\n\ntypedef struct {\nint             rpcgsserror;\nint             systemerror;   /* same as errno */\n} rpcgsserrort;\n\n/*\n* Values for rpcgsserror\n*/\n#define RPCGSSERSUCCESS      0       /* no error */\n#define RPCGSSERSYSTEMERROR  1       /* system error */\n\n### INDEX\n\nrpcgssseccreate(3)\nCreate a new security context\n\nrpcgsssetdefaults(3)\nSet service and quality of protection for a context\n\nrpcgssmaxdatalength(3)\nCalculate maximum client message sizes.\n\nrpcgssgeterror(3)\nGet details of the last error\n\nrpcgssmechtooid(3)\nConvert a mechanism name to the corresponding GSS-API oid.\n\nrpcgssoidtomech(3)\nConvert a GSS-API oid to a mechanism name\n\nrpcgssqoptonum(3)\nConvert a quality of protection name to the corresponding number\n\nrpcgssgetmechanisms(3)\nGet a list of security mechanisms.\n\nrpcgssgetmechinfo(3)\nReturn extra information about a security mechanism\n\nrpcgssgetversions(3)\nReturn the maximum and minimum supported versions of the RPCSECGSS protocol\n\nrpcgssisinstalled(3)\nQuery for the presence of a particular security mechanism\n\nrpcgsssetsvcname(3)\nSet the name of a service principal which matches a given RPC program plus version pair\n\nrpcgssgetcred(3)\nGet credential details for the security context of an RPC request\n\nrpcgsssetcallback(3)\nInstall a callback routine which is called on the server when new security contexts are\ncreated\n\nrpcgssgetprincipalname(3)\nCreate a client principal name from various strings\n\nrpcgsssvcmaxdatalength(3)\nCalculate maximum server message sizes.\n\n### AVAILABILITY\n\nThese functions are part of libtirpc.\n\n### SEE ALSO\n\nrpc(3), gssapi(3)\n\n### AUTHORS\n\nThis manual page was written by Doug Rabson <dfr@FreeBSD.org>.\n\nBSD                            January 26, 2010                            BSD\n\n"
        }
    ],
    "structuredContent": {
        "command": "rpcsec_gss",
        "section": "3t",
        "mode": "man",
        "summary": "RPCSECGSS — GSS-API based authentication for RPC",
        "synopsis": "#include <rpc/rpcsecgss.h>",
        "tldr_summary": null,
        "tldr_examples": [],
        "tldr_source": null,
        "flags": [],
        "examples": [],
        "see_also": [
            {
                "name": "rpc",
                "section": "3",
                "url": "https://www.chedong.com/phpMan.php/man/rpc/3/json"
            },
            {
                "name": "gssapi",
                "section": "3",
                "url": "https://www.chedong.com/phpMan.php/man/gssapi/3/json"
            }
        ],
        "section_outline": [
            {
                "name": "NAME",
                "lines": 2,
                "subsections": []
            },
            {
                "name": "SYNOPSIS",
                "lines": 2,
                "subsections": []
            },
            {
                "name": "DESCRIPTION",
                "lines": 10,
                "subsections": []
            },
            {
                "name": "DATA STRUCTURES",
                "lines": 107,
                "subsections": []
            },
            {
                "name": "INDEX",
                "lines": 49,
                "subsections": []
            },
            {
                "name": "AVAILABILITY",
                "lines": 2,
                "subsections": []
            },
            {
                "name": "SEE ALSO",
                "lines": 2,
                "subsections": []
            },
            {
                "name": "AUTHORS",
                "lines": 3,
                "subsections": []
            }
        ]
    }
}