- Method name
GSSAPI.Name name(void|string mech)
int cred_usage(void|string mech)
int(0..)|Int.inf init_lifetime(string mech)
int(0..)|Int.inf accept_lifetime(string mech)
Functions to query various properties about the credentials.
These wrap GSS_Inquire_cred according to RFC 2743 section 2.1.3 if mech is not given, and GSS_Inquire_cred_by_mech according to section 2.1.5 otherwise.
- Parameter mech
If this is given then the credential for that specific mechanism is queried. mech contains the OID of the mechanism on dotted-decimal form.
Some of the query functions can only be used for a specific mechanism, in which case mech is required. Some can only be used on the credentials in general, and the mech argument is not applicable. Some can be used both ways, and then mech is optional.
name (void|string mech) Returns the name of the identity that the credential(s) assert. If mech is given then the returned name is a Mechanism Name (MN).
If mech is not given then the returned usage value reflects the union of the capabilities in all credentials.
mechs() Returns the set of mechanisms supported by the credential. The returned value is a multiset of strings with OIDs on dotted-decimal form.
lifetime() Returns the shortest validity lifetime left in any of the mechanisms that are part of the credentials, for either initiator or acceptor use.
Returns zero if some part of the credentials has expired.
init_lifetime (string mech) Returns the validity lifetime left for initiator use.
Returns zero if the credential has expired for this use or if its usage is GSSAPI.ACCEPT.
accept_lifetime (string mech) Returns the validity lifetime left for acceptor use.
Returns zero if the credential has expired for this use or if its usage is GSSAPI.INITIATE.
RFC 2743 doesn't preclude that these functions might block on network connections to remote authentication servers.