[15] in GSSAPI Development
Re: More clarifications
daemon@ATHENA.MIT.EDU (kannan@sejour.lkg.dec.com)
Tue Apr 30 00:56:18 1991
To: tytso@ATHENA.MIT.EDU
Cc: gssapi-dev@ATHENA.MIT.EDU
In-Reply-To: Your message of Fri, 26 Apr 91 17:20:59 -0400.
Date: Tue, 30 Apr 91 00:58:14 EDT
From: kannan@sejour.lkg.dec.com
Ted,
>If gss_acquire_cred is given a set of mechanisms, and it could acquire
>mechanisms for all but one of the requested mechanisms, does it: 1) set
>the return variable actual_mechs to contain the mechanisms for which it
>could successfully obtain credentials, or 2) does it return
>GSS_S_BAD_MECH?
I think acquire_cred should do option 1. Acquiring credentials for a
partial set of requested mechanisms is a feature. For example, users
may not be registered under both Kerberos and SPX. GSS_S_BAD_MECH
should probably be returned if an application requested a specific
mechanism which is not supported by a GSS implementation. If this
error is ever returned, I think the application is not written correctly.
>Also, what should it do if no credentials are returned,
>either because an empty set was passed into desired_mechs, or because
>no credentials could be found for any of the desired_mechs.
First, if an empty set is passed into desired_mechs, then the GSS
implementor decides on the security mechanism(s) being requested.
So credentials may still be returned. Second, if no credentials can
be found, GSS_S_FAILURE should be returned (according to John Wray).
I tend to agree.
>Second issue: what error code should the routine return if they were
>expecting one type of token and receive another?
>Should it just be GSS_S_FAILURE?
>You seem to have a lot of explicit error codes of other cases, but other
>cases seem to be lumped into GSS_S_FAILURE and I don't seem to see rhyme
>or reason for some of them.
I don't have a strong preference in this area. Hmm ... is the
GSS_S_DEFECTIVE_TOKEN status more appropriate in this case?
-kannan
