db2secProcessServerPrincipalName API - Process service principal name returned from server

The db2secProcessServerPrincipalName API processes the service principal name returned from the server and returns the principal name in the gss_name_t internal format to be used with the gss_init_sec_context API.

The db2secProcessServerPrincipalName API also processes the service principal name cataloged with the database directory when Kerberos authentication is used. Ordinarily, this conversion uses the gss_import_name API. After the context is established, the gss_name_t object is freed through the call to gss_release_name API. The db2secProcessServerPrincipalName API returns the value DB2SEC_PLUGIN_OK if the gssName parameter points to a valid GSS name; a DB2SEC_PLUGIN_BAD_PRINCIPAL_NAME error code is returned if the principal name is invalid.

API and data structure syntax

     SQL_API_RC ( SQL_API_FN *db2secProcessServerPrincipalName)
                           ( const char *name,
                             db2int32 namelen,
                             gss_name_t *gssName,
                             char       **errormsg,
                             db2int32 *errormsglen );

db2secProcessServerPrincipalName API parameters

name: Input. Text name of the service principal in GSS_C_NT_USER_NAME format; for example, service/host@REALM.
namelen: Input. Length in bytes of the name parameter value.
gssName: Output. Pointer to the output service principal name in the GSS-API internal format.
errormsg: Output. A pointer to the address of an ASCII error message string allocated by the plug-in that can be returned in this parameter if the db2secProcessServerPrincipalName API execution is not successful.
errormsglen: Output. A pointer to an integer that indicates the length in bytes of the error message string in errormsg parameter.