gss_import_name()--Convert Printable Name to GSS Internal Format

Syntax

 #include <gssapi.h>

 OM_uint32 gss_import_name(
     OM_uint32 *    minor_status,
     gss_buffer_t   input_name_buffer,  
     gss_OID      input_name_type,
     gss_name_t *   output_name);

  Service Program Name: QSYS/QKRBGSS

  Default public authority: *USE

  Threadsafe: Yes

The gss_import_name() function converts a printable name to the GSS internal format. The gss_name_t object created by this routine can then be used as input to other GSS routines. The gss_name_t object created by the gss_import_name() routine contains an internal representation for each of the supported security mechanisms.

Not every coded character set identifier (CCSID) contains the '@' character; however, alternative CCSID values often are available. For example, instead of using Greece 423, run the job with a default CCSID of 875.

Parameters

minor_status (Output)

A status code from the security mechanism.

input_name_buffer (Input)

The buffer containing the name to convert.

input_name_type (Input)

The object identifier for the type of printable name.

The following name types are supported:

GSS_C_NO_OID

The default name type. For the IBM^® i implementation of GSS, the default is GSS_C_NT_USER_NAME.

GSS_C_NT_USER_NAME

For the Kerberos mechanism, this is assumed to be the name of a Kerberos principal in the format principal@realm.

GSS_C_NT_HOSTBASED_SERVICE

A service that is related to a particular host. For the Kerberos mechanism, the service name is specified as service@host. The service name is mapped to the principal service/primary-host@realm using the krb5_sname_to_principal() function. The primary host name must be associated with a Kerberos realm to map the service name to the proper principal.

GSS_C_NT_HOSTBASED_SERVICE_X

A service that is related to a particular host. This is the same as GSS_C_NT_HOSTBASED_SERVICE and should not be used by new applications.

gss_nt_krb5_name

A Kerberos name in the format principal@realm. This name type is valid only for the Kerberos mechanism.

gss_nt_krb5_principal

A krb5_principal created by the krb5_parse_name() routine. This name type is valid only for the Kerberos mechanism.

output_name (Output)

The name in the GSS internal format. The internal format contains an internal representation for each of the supported security mechanisms.

Return Value

The return value is one of the following status codes:

GSS_S_BAD_NAME: The input name is not formatted properly or is not valid.
GSS_S_BAD_NAMETYPE: The name type specified by the input_name_type parameter is not valid.
GSS_S_COMPLETE: The routine completed successfully.
GSS_S_FAILURE: The routine failed for reasons that are not defined at the GSS level. The minor_status return parameter contains a mechanism-dependent error code describing the reason for the failure.

Authorities

Object Referred to

Data Authority Required

Each directory in the path name preceding the configuration file

Configuration file

Error Messages

Message ID

Error Message Text

CPE3418 E

Possible APAR condition or hardware failure.

API introduced: V5R1

[ Back to top | Security APIs | UNIX-Type APIs | APIs by category ]