In addition to deleting established security contexts, gss_delete_sec_context() must also be able to delete "half-built" security contexts resulting from an incomplete sequence of gss_init_sec_context() / gss_accept_sec_context() calls.
The output_token parameter is retained for compatibility with version 1 of the GSS-API. It is recommended that both peer applications invoke gss_delete_sec_context() passing the value GSS_C_NO_BUFFER for the output_token parameter, indicating that no token is required, and that gss_delete_sec_context() should simply delete local context data structures. If the application does pass a valid buffer to gss_delete_sec_context(), mechanisms are encouraged to return a zero-length token, indicating that no peer action is necessary, and that no token should be transferred by the application.
|Mechanism specific status code.
|Context handle identifying context to delete. After deleting the context, the GSS-API will set this context handle to GSS_C_NO_CONTEXT.
|Token to be sent to remote application to instruct it to also delete the context. It is recommended that applications specify GSS_C_NO_BUFFER for this parameter, requesting local deletion only. If a buffer parameter is provided by the application, the mechanism may return a token in it; mechanisms that implement only local deletion should set the length field of this token to zero to indicate to the application that no token is to be sent to the peer.
|No valid context was supplied
|Generic Security Service Application Program Interface Version 2, Update 1
|Generic Security Service API Version 2 : C-bindings
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|January 26, 2010
|F U cn rd dis U mst uz Unix.