Class GSSAPI.Context
- Description
Class representing a security context; see RFC 2743 section 1.1.3 The user usually instantiates one of the two inheriting classes GSSAPI.InitContext or GSSAPI.AcceptContext, based on whether the context should act as initiator or acceptor for the connection. This class is instantiated directly for imported contexts.
- Note
If a Context object for a partly or completely established context is destructed, GSS_Delete_sec_context (RFC 2743 section 2.2.3) is called. That function might do blocking network I/O, which due to pike's object management might occur essentially anytime in any thread if the object isn't explicitly destructed. To avoid that, it's strongly recommended to call delete in contexts that are no longer used.
- Method
create
GSSAPI.Context GSSAPI.Context(
string
interprocess_token
,void
|int
required_services
)- Description
Creates a context by importing an inter-process token.
This wraps GSS_Import_sec_context according to RFC 2743 section 2.2.9.
- Parameter
interprocess_token
The inter-process token which has been created by export or some other GSS_Export_sec_context wrapper.
- Parameter
required_services
Bitfield of GSSAPI.*_FLAG flags specifying all services that must be provided in the context. If the context fail to provide any of them then it is closed and a GSSAPI.MissingServicesError is thrown.
GSSAPI.PROT_READY_FLAG is ignored in this parameter. The fact that a user calls a per-message function indicates that this service is required at that point, and a GSSAPI.MissingServicesError is thrown if it isn't.
- Note
It is not possible to retrieve delegated credentials from an imported context. That is a GSS-API limitation.