[9] in GSSAPI Development
More clarifications
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Fri Apr 26 17:19:36 1991
Date: Fri, 26 Apr 91 17:18:42 -0400
From: tytso@ATHENA.MIT.EDU (Theodore Ts'o)
To: gssapi-dev@ATHENA.MIT.EDU
Reply-To: tytso@ATHENA.MIT.EDU
If gss_acquire_cred is given a set of mechanisms, and it could acquire
mechanisms for all but one of the requested mechanisms, does it: 1) set
the return variable actual_mechs to contain the mechanisms for which it
could successfully obtain credentials, or 2) does it return
GSS_S_BAD_MECH? Also, what should it do if no credentials are returned,
either because an empty set was passed into desired_mechs, or because
no credentials could be found for any of the desired_mechs.
Saying that these issues are up to the implementor's descretion is fine,
but it would be nice to state that explicitly in the C bindings. Either
that, or you should specify what really should happen in the C bindings
instead of leaving it vaguely defined.
Second issue: what error code should the routine return if they were
expecting one type of token and receive another? Suppose
gss_accept_context receives a gss_seal produced token, or gss_unseal
receives a gss_sign produced token. Should it just be GSS_S_FAILURE?
You seem to have a lot of explicit error codes of other cases, but other
cases seem to be lumped into GSS_S_FAILURE and I don't seem to see rhyme
or reason for some of them.
- Ted
