GSS_DELETE_SEC_CONTEXT(3)               FreeBSD Library Functions Manual (prm)

NAME
     gss_delete_sec_context - Discard a security context

SYNOPSIS
     #include <gssapi/gssapi.h>

     OM_uint32
     gss_delete_sec_context(OM_uint32 *minor_status,
         gss_ctx_id_t *context_handle, gss_buffer_t output_token);

DESCRIPTION
     Delete a security context.  gss_delete_sec_context() will delete the
     local data structures associated with the specified security context, and
     may generate an output_token, which when passed to the peer
     gss_process_context_token() will instruct it to do likewise.  If no token
     is required by the mechanism, the GSS-API should set the length field of
     the output_token (if provided) to zero.  No further security services may
     be obtained using the context specified by context_handle.

     In addition to deleting established security contexts,
     gss_delete_sec_context() must also be able to delete "half-built"
     security contexts resulting from an incomplete sequence of
     gss_init_sec_context() / gss_accept_sec_context() calls.

     The output_token parameter is retained for compatibility with version 1
     of the GSS-API.  It is recommended that both peer applications invoke
     gss_delete_sec_context() passing the value GSS_C_NO_BUFFER for the
     output_token parameter, indicating that no token is required, and that
     gss_delete_sec_context() should simply delete local context data
     structures.  If the application does pass a valid buffer to
     gss_delete_sec_context(), mechanisms are encouraged to return a zero-
     length token, indicating that no peer action is necessary, and that no
     token should be transferred by the application.

PARAMETERS
     minor_status        Mechanism specific status code.

     context_handle      Context handle identifying context to delete.  After
                         deleting the context, the GSS-API will set this
                         context handle to GSS_C_NO_CONTEXT.

     output_token        Token to be sent to remote application to instruct it
                         to also delete the context.  It is recommended that
                         applications specify GSS_C_NO_BUFFER for this
                         parameter, requesting local deletion only.  If a
                         buffer parameter is provided by the application, the
                         mechanism may return a token in it; mechanisms that
                         implement only local deletion should set the length
                         field of this token to zero to indicate to the
                         application that no token is to be sent to the peer.

RETURN VALUES
     GSS_S_COMPLETE      Successful completion

     GSS_S_NO_CONTEXT    No valid context was supplied

SEE ALSO
     gss_accept_sec_context(3), gss_init_sec_context(3),
     gss_process_context_token(3)

STANDARDS
     RFC 2743      Generic Security Service Application Program Interface
                   Version 2, Update 1

     RFC 2744      Generic Security Service API Version 2 : C-bindings

HISTORY
     The gss_delete_sec_context function first appeared in FreeBSD 7.0.

AUTHORS
     John Wray, Iris Associates

COPYRIGHT
     Copyright (C) The Internet Society (2000).  All Rights Reserved.

     This document and translations of it may be copied and furnished to
     others, and derivative works that comment on or otherwise explain it or
     assist in its implementation may be prepared, copied, published and
     distributed, in whole or in part, without restriction of any kind,
     provided that the above copyright notice and this paragraph are included
     on all such copies and derivative works.  However, this document itself
     may not be modified in any way, such as by removing the copyright notice
     or references to the Internet Society or other Internet organizations,
     except as needed for the purpose of developing Internet standards in
     which case the procedures for copyrights defined in the Internet
     Standards process must be followed, or as required to translate it into
     languages other than English.

     The limited permissions granted above are perpetual and will not be
     revoked by the Internet Society or its successors or assigns.

     This document and the information contained herein is provided on an "AS
     IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
     FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
     LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
     INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
     FITNESS FOR A PARTICULAR PURPOSE.

FreeBSD 13.1-RELEASE-p6        January 26, 2010        FreeBSD 13.1-RELEASE-p6