VMS Help  —  DCE  DCE_SECURITY, API Routines, sec_key_mgmt_garbage_collect
 NAME
   sec_key_mgmt_garbage_collect - Deletes obsolete keys

 SYNOPSIS

 #include <dce/keymgmt.h>

 void sec_key_mgmt_garbage_collect(
         sec_key_mgmt_authn_service authn_service,
         void *arg,
         idl_char *principal_name,
         error_status_t *status);

 PARAMETERS

 Input

 authn_service
        Identifies the authentication protocol using this key.  The
        possible authentication protocols are as follows:

        rpc_c_authn_dce_secret
                    DCE shared-secret key authentication.

        rpc_c_authn_dce_public
                    DCE public key authentication (reserved for future
                    use).

 arg    This parameter can specify either the local key file or an
        argument to the get_key_fn key acquisition routine of the
        rpc_server_register_auth_info routine.  A value of NULL
        specifies that the default key file (DCE$LOCAL:[KRB]V5SRVTAB.;)
        should be used.  A key file name specifies that file should be
        used as the key file.  You must prepend the file's absolute
        filename with FILE: and the file must have been created with
        the rgy_edit ktadd command or the sec_key_mgmt_set_key routine.
        Any other value specifies an argument for the get_key_fn key
        acquisition routine. See the rpc_server_register_auth_info()
        reference page for more information.

 principal_name
        A pointer to a character string indicating the name of the
        principal whose key information is to be garbage collected.

 Output

 status
        A pointer to the completion status.  On successful completion,
        the routine returns error_status_ok. Otherwise, it returns an
        error.

 DESCRIPTION

 The sec_key_mgmt_garbage_collect() routine discards any obsolete key
 information for this principal.  An obsolete key is one that can only
 decode invalid tickets. As an example, consider a key that was in use
 on Monday, and was only used to encode tickets whose maximum lifetime
 was 1 day. If that key was changed at 8:00 a.m.  Tuesday morning, then
 it would become obsolete by 8:00 a.m. Wednesday morning, at which time
 there could be no valid tickets outstanding.

 FILES
   SYS$COMMON:[DCE$LIBRARY]KEYMGMT.IDL
              The idl file from which dce/keymgmt.h was derived.

 ERRORS

 sec_key_mgmt_e_authn_invalid
              The authentication protocol is not valid.

 sec_key_mgmt_e_unauthorized
              The caller is not authorized to perform the operation.

              Requested key not present.

 sec_rgy_server_unavailable
              The DCE Registry Server is unavailable.

 sec_rgy_object_not_found
              No principal was found with the given name.

 sec_login_s_no_memory
              A memory allocation error occurred.

 error_status_ok
              The call was successful.

 RELATED INFORMATION

 Functions: sec_intro
            sec_key_mgmt_delete_key
Close Help