System i: Programming Secure Sockets APIs - IBM

More documents

Recommendations

Info

Error Messages Message ID Error Message Text CPE3418 E Possible APAR condition or hardware failure. CPF9872 E Program or service program &1 in library &2 ended. Reason code &3. CPFA081 E Unable to set return value or error code. Usage Notes 1. You must do a gsk_secure_soc_close() if a prior gsk_secure_soc_open() was successful. Related Information v “gsk_secure_soc_init()—Negotiate a secure session”—Negotiate a secure session v “gsk_secure_soc_misc()—Perform miscellaneous functions for a secure session” on page 41—Perform miscellaneous functions for a secure session v “gsk_secure_soc_open()—Get a handle for a secure session” on page 44—Get a handle for a secure session v “gsk_strerror()—Retrieve GSKit runtime error message” on page 62—Retrieve GSK runtime error message API introduced: V5R1 Top | UNIX-Type APIs | APIs by category gsk_secure_soc_init()—Negotiate a secure session Syntax #include int gsk_secure_soc_init(gsk_handle my_session_handle); Service Program Name: QSYS/QSOSSLSR Default Public Authority: *USE Threadsafe: Yes The gsk_secure_soc_init() function is used to negotiate a secure session, using the attributes set for the SSL environment and the secure session. This API does the SSL handshake to the remote peer; upon successful completion, you have a secure session established. Parameters my_session_handle (Input) The handle for this secure session that was obtained through the gsk_secure_soc_open() API call. Authorities Authorization of *R (allow access to the object) to the certificate store file and its associated files is required. Authorization of *X (allow use of the object) to each directory of the path name of the certificate store file and its associated files is required. Return Value gsk_secure_soc_init() returns an integer. Possible values are: 38 System i: Programming Secure Sockets APIs
[GSK_OK] gsk_secure_soc_init() was successful. [GSK_INVALID_HANDLE] The handle specified was not valid. [GSK_KEYRING_OPEN_ERROR] Certificate store file could not be opened. [GSK_ERROR_BAD_KEYFILE_LABEL] The specified certificate store label is not valid. [GSK_ERROR_BAD_V3_CIPHER] An SSLV3 or TLSV1 cipher suite was specified that is not valid. [GSK_ERROR_BAD_V2_CIPHER] An SSLV2 cipher suite was specified that is not valid. [GSK_ERROR_NO_CIPHERS] No ciphers available or no ciphers were specified. [GSK_ERROR_NO_CERTIFICATE] No certificate is available for SSL processing. [GSK_ERROR_BAD_CERTIFICATE] The certificate is bad. [SSL_ERROR_NOT_TRUSTED_ROOT] The certificate is not signed by a trusted certificate authority. [GSK_KEYFILE_CERT_EXPIRED] The validity time period of the certificate has expired. [GSK_ERROR_BAD_MESSAGE] A badly formatted message was received. [GSK_ERROR_UNSUPPORTED] Operation is not supported by SSL. [GSK_ERROR_BAD_PEER] The peer system is not recognized. [GSK_ERROR_CLOSED] The SSL session ended. [GSK_ERROR_CERT_VALIDATION] The certificate is not valid or was rejected by the GSK_CERT_VALIDATION_CALLBACK program. [GSK_AS400_ERROR_NO_INITIALIZE] A successful gsk_environment_init() was not previously called with this handle. [GSK_AS400_ERROR_TIMED_OUT] The value specified for the handshake timeout expired before the handshake completed. [GSK_AS400_ERROR_NOT_TCP] The socket descriptor type is not SOCK_STREAM or the address family is not AF_INET or AF_INET6. [GSK_AS400_ERROR_ALREADY_SECURE] The socket descriptor is already in use by another secure session. [GSK_INSUFFICIENT_STORAGE] Unable to allocate storage for the requested operation. Secure Sockets APIs 39
Page 1: System i Programming Secure Sockets
Page 4 and 5: Note Before using this information
Page 6 and 7: Related Information . . . . . . . .
Page 8 and 9: vi System i: Programming Secure Soc
Page 10 and 11: APIs These are the APIs for this ca
Page 12 and 13: ufID (Input) The following values c
Page 14 and 15: v GSK_CONNECT_CIPHER_SPEC v GSK_SID
Page 16 and 17: [GSK_INSUFFICIENT_STORAGE] Not able
Page 18 and 19: gsk_attribute_get_enum()—Get enum
Page 20 and 21: secure session does not start, and
Page 22 and 23: API introduced: V5R1 Top | UNIX-Typ
Page 24 and 25: v GSK_FD v GSK_HANDSHAKE_TIMEOUT v
Page 26 and 27: [GSK_INVALID_STATE] One of the foll
Page 28 and 29: 8. If GSK_OS400_APPLICATION_ID is s
Page 30 and 31: if validation fails because the cer
Page 32 and 33: gsk_attribute_set_enum()—Set enum
Page 34 and 35: active secure sessions will continu
Page 36 and 37: gsk_attribute_set_numeric_value()
Page 38 and 39: v GSK_V3_SIDCACHE_SIZE v GSK_LDAP_S
Page 40 and 41: v “gsk_secure_soc_init()—Negoti
Page 42 and 43: [ETERM] Operation terminated. If an
Page 44 and 45: 2. v GSK_SESSION_TYPE set to GSK_CL
Page 48 and 49: [GSK_AS400_ERROR_INVALID_POINTER] T
Page 50 and 51: attributes. In most cases, as resul
Page 52 and 53: Error Messages Message ID Error Mes
Page 54 and 55: v “gsk_secure_soc_misc()—Perfor
Page 56 and 57: matched sets. If a client applicati
Page 58 and 59: Authorities Authorization of *R (al
Page 60 and 61: gsk_secure_soc_startRecv()—Start
Page 62 and 63: The handle specified was not valid.
Page 64 and 65: v “gsk_secure_soc_misc()—Perfor
Page 66 and 67: Authorities No authorization is req
Page 68 and 69: 6. Socket option SO_SNDTIMEO is not
Page 70 and 71: [EPIPE] [EUNATCH] The specified des
Page 72 and 73: Example The following example shows
Page 74 and 75: Qlg_Path_Name_T *keyringFileName (i
Page 76 and 77: v The CCSID specified in the keyrin
Page 78 and 79: unsigned protocol; /* SSL protocol
Page 80 and 81: Service Program Name: QSOSSLSR Defa
Page 82 and 83: Related Information v “SSL_Create
Page 84 and 85: unsigned int cipherSuiteListLen The
Page 86 and 87: [EBADF] [EBUSY] Permission denied.
Page 88 and 89: ignore attempts by applications to
Page 90 and 91: C Constant System Value TLS_RSA_WIT
Page 92 and 93: ignore attempts by applications to
Page 94 and 95: v Use the system default cipher spe
Page 96 and 97:
An error occurred in SSL processing
Page 98 and 99:
Parameters int sslreturnvalue (Inpu
Page 100 and 101:
Parameters SSLHandle* handle (input
Page 102 and 103:
[EUNATCH] [EUNKNOWN] The protocol r
Page 104 and 105:
Authorities No authorization is req
Page 106 and 107:
struct SSLHandleStr { /* SSLHandleS
Page 108 and 109:
Error Messages Message ID Error Mes
Page 110 and 111:
Name of Header File Name of File in
Page 112 and 113:
Name Value Text Details ENOTWRITE 3
Page 114 and 115:
Name Value Text Details EHOSTDOWN 3
Page 116 and 117:
Name Value Text Details EISDIR 3471
Page 118 and 119:
Name Value Text Details EBADFID 351
Page 120 and 121:
CONDITIONS OF MERCHANTABILITY, FITN
Page 122 and 123:
IBM Corporation Software Interopera
Page 124 and 125:
SAA SecureWay SOM System i System i
Page 126:
118 System i: Programming Secure So
show all

System i: Programming Secure Sockets APIs - IBM

Create successful ePaper yourself

Delete template?

Save as template?