rfc2744.txt

<VC++网络游戏建摸与实现>源代码

   delegation may only be provided at the explicit request of the
   application.

4.2. Mutual authentication

   Usually, a context acceptor will require that a context initiator
   authenticate itself so that the acceptor may make an access-control
   decision prior to performing a service for the initiator.  In some
   cases, the initiator may also request that the acceptor authenticate
   itself.  GSS-API allows the initiating application to request this
   mutual authentication service by setting a flag when calling
   gss_init_sec_context.

   The initiating application is informed as to whether or not the
   context acceptor has authenticated itself.  Note that some mechanisms
   may not support mutual authentication, and other mechanisms may
   always perform mutual authentication, whether or not the initiating
   application requests it.  In particular, mutual authentication my be
   required by some mechanisms in order to support replay or out-of-
   sequence message detection, and for such mechanisms a request for
   either of these services will automatically enable mutual
   authentication.











Wray                        Standards Track                    [Page 22]

RFC 2744                 GSS-API V2: C-bindings             January 2000


4.3. Replay and out-of-sequence detection

   The GSS-API may provide detection of mis-ordered message once a
   security context has been established.  Protection may be applied to
   messages by either application, by calling either gss_get_mic or
   gss_wrap, and verified by the peer application by calling
   gss_verify_mic or gss_unwrap.

   gss_get_mic calculates a cryptographic MIC over an application
   message, and returns that MIC in a token.  The application should
   pass both the token and the message to the peer application, which
   presents them to gss_verify_mic.

   gss_wrap calculates a cryptographic MIC of an application message,
   and places both the MIC and the message inside a single token.  The
   Application should pass the token to the peer application, which
   presents it to gss_unwrap to extract the message and verify the MIC.

   Either pair of routines may be capable of detecting out-of-sequence
   message delivery, or duplication of messages. Details of such mis-
   ordered messages are indicated through supplementary status bits in
   the major status code returned by gss_verify_mic or gss_unwrap.  The
   relevant supplementary bits are:

   GSS_S_DUPLICATE_TOKEN - The token is a duplicate of one that has
                    already been received and processed.  Only
                    contexts that claim to provide replay detection
                    may set this bit.
   GSS_S_OLD_TOKEN - The token is too old to determine whether or
                    not it is a duplicate.  Contexts supporting
                    out-of-sequence detection but not replay
                    detection should always set this bit if
                    GSS_S_UNSEQ_TOKEN is set; contexts that support
                    replay detection should only set this bit if the
                    token is so old that it cannot be checked for
                    duplication.
   GSS_S_UNSEQ_TOKEN - A later token has already been processed.
   GSS_S_GAP_TOKEN - An earlier token has not yet been received.

   A mechanism need not maintain a list of all tokens that have been
   processed in order to support these status codes.  A typical
   mechanism might retain information about only the most recent "N"
   tokens processed, allowing it to distinguish duplicates and missing
   tokens within the most recent "N" messages; the receipt of a token
   older than the most recent "N" would result in a GSS_S_OLD_TOKEN
   status.





Wray                        Standards Track                    [Page 23]

RFC 2744                 GSS-API V2: C-bindings             January 2000


4.4. Anonymous Authentication

   In certain situations, an application may wish to initiate the
   authentication process to authenticate a peer, without revealing its
   own identity.  As an example, consider an application providing
   access to a database containing medical information, and offering
   unrestricted access to the service.  A client of such a service might
   wish to authenticate the service (in order to establish trust in any
   information retrieved from it), but might not wish the service to be
   able to obtain the client's identity (perhaps due to privacy concerns
   about the specific inquiries, or perhaps simply to avoid being placed
   on mailing-lists).

   In normal use of the GSS-API, the initiator's identity is made
   available to the acceptor as a result of the context establishment
   process.  However, context initiators may request that their identity
   not be revealed to the context acceptor. Many mechanisms do not
   support anonymous authentication, and for such mechanisms the request
   will not be honored.  An authentication token will be still be
   generated, but the application is always informed if a requested
   service is unavailable, and has the option to abort context
   establishment if anonymity is valued above the other security
   services that would require a context to be established.

   In addition to informing the application that a context is
   established anonymously (via the ret_flags outputs from
   gss_init_sec_context and gss_accept_sec_context), the optional
   src_name output from gss_accept_sec_context and gss_inquire_context
   will, for such contexts, return a reserved internal-form name,
   defined by the implementation.

   When presented to gss_display_name, this reserved internal-form name
   will result in a printable name that is syntactically distinguishable
   from any valid principal name supported by the implementation,
   associated with a name-type object identifier with the value
   GSS_C_NT_ANONYMOUS, whose value us given in Appendix A.  The
   printable form of an anonymous name should be chosen such that it
   implies anonymity, since this name may appear in, for example, audit
   logs.  For example, the string "<anonymous>" might be a good choice,
   if no valid printable names supported by the implementation can begin
   with "<" and end with ">".

4.5. Confidentiality

   If a context supports the confidentiality service, gss_wrap may be
   used to encrypt application messages.  Messages are selectively
   encrypted, under the control of the conf_req_flag input parameter to
   gss_wrap.



Wray                        Standards Track                    [Page 24]

RFC 2744                 GSS-API V2: C-bindings             January 2000


4.6. Inter-process context transfer

   GSS-API V2 provides routines (gss_export_sec_context and
   gss_import_sec_context) which allow a security context to be
   transferred between processes on a single machine.  The most common
   use for such a feature is a client-server design where the server is
   implemented as a single process that accepts incoming security
   contexts, which then launches child processes to deal with the data
   on these contexts.  In such a design, the child processes must have
   access to the security context data structure created within the
   parent by its call to gss_accept_sec_context so that they can use
   per-message protection services and delete the security context when
   the communication session ends.

   Since the security context data structure is expected to contain
   sequencing information, it is impractical in general to share a
   context between processes.  Thus GSS-API provides a call
   (gss_export_sec_context) that the process which currently owns the
   context can call to declare that it has no intention to use the
   context subsequently, and to create an inter-process token containing
   information needed by the adopting process to successfully import the
   context.  After successful completion of gss_export_sec_context, the
   original security context is made inaccessible to the calling process
   by GSS-API, and any context handles referring to this context are no
   longer valid.  The originating process transfers the inter-process
   token to the adopting process, which passes it to
   gss_import_sec_context, and a fresh gss_ctx_id_t is created such that
   it is functionally identical to the original context.

   The inter-process token may contain sensitive data from the original
   security context (including cryptographic keys). Applications using
   inter-process tokens to transfer security contexts must take
   appropriate steps to protect these tokens in transit.

   Implementations are not required to support the inter-process
   transfer of security contexts.  The ability to transfer a security
   context is indicated when the context is created, by
   gss_init_sec_context or gss_accept_sec_context setting the
   GSS_C_TRANS_FLAG bit in their ret_flags parameter.

4.7. The use of incomplete contexts

   Some mechanisms may allow the per-message services to be used before
   the context establishment process is complete.  For example, a
   mechanism may include sufficient information in its initial context-
   level token for the context acceptor to immediately decode messages
   protected with gss_wrap or gss_get_mic.  For such a mechanism, the
   initiating application need not wait until subsequent context-level



Wray                        Standards Track                    [Page 25]

RFC 2744                 GSS-API V2: C-bindings             January 2000


   tokens have been sent and received before invoking the per-message
   protection services.

   The ability of a context to provide per-message services in advance
   of complete context establishment is indicated by the setting of the
   GSS_C_PROT_READY_FLAG bit in the ret_flags parameter from
   gss_init_sec_context and gss_accept_sec_context. Applications wishing
   to use per-message protection services on partially-established
   contexts should check this flag before attempting to invoke gss_wrap
   or gss_get_mic.

5. GSS-API Routine Descriptions

   In addition to the explicit major status codes documented here, the
   code GSS_S_FAILURE may be returned by any routine, indicating an
   implementation-specific or mechanism-specific error condition,
   further details of which are reported via the minor_status parameter.

5.1. gss_accept_sec_context

   OM_uint32 gss_accept_sec_context (
     OM_uint32           *minor_status,
     gss_ctx_id_t        *context_handle,
     const gss_cred_id_t acceptor_cred_handle,
     const gss_buffer_t  input_token_buffer,
     const gss_channel_bindings_t  input_chan_bindings,
     const gss_name_t    *src_name,
     gss_OID             *mech_type,
     gss_buffer_t        output_token,
     OM_uint32           *ret_flags,
     OM_uint32           *time_rec,
     gss_cred_id_t       *delegated_cred_handle)

   Purpose:

   Allows a remotely initiated security context between the application
   and a remote peer to be established.  The routine may return a
   output_token which should be transferred to the peer application,
   where the peer application will present it to gss_init_sec_context.
   If no token need be sent, gss_accept_sec_context will indicate this
   by setting the length field of the output_token argument to zero.  To
   complete the context establishment, one or more reply tokens may be
   required from the peer application; if so, gss_accept_sec_context
   will return a status flag of GSS_S_CONTINUE_NEEDED, in which case it
   should be called again when the reply token is received from the peer
   application, passing the token to gss_accept_sec_context via the
   input_token parameters.




Wray                        Standards Track                    [Page 26]

RFC 2744                 GSS-API V2: C-bindings             January 2000


   Portable applications should be constructed to use the token length
   and return status to determine whether a token needs to be sent or
   waited for.  Thus a typical portable caller should always invoke
   gss_accept_sec_context within a loop:

   gss_ctx_id_t context_hdl = GSS_C_NO_CONTEXT;

   do {
     receive_token_from_peer(input_token);
     maj_stat = gss_accept_sec_context(&min_stat,
                                       &context_hdl,
                                       cred_hdl,
                                       input_token,
                                       input_bindings,
                                       &client_name,
                                       &mech_type,
                                       output_token,
                                       &ret_flags,
                                       &time_rec,
                                       &deleg_cred);
     if (GSS_ERROR(maj_stat)) {
       report_error(maj_stat, min_stat);
     };
     if (output_token->length != 0) {
       send_token_to_peer(output_token);

       gss_release_buffer(&min_stat, output_token);
     };
     if (GSS_ERROR(maj_stat)) {
       if (context_hdl != GSS_C_NO_CONTEXT)
         gss_delete_sec_context(&min_stat,
                                &context_hdl,
                                GSS_C_NO_BUFFER);
       break;
     };
   } while (maj_stat & GSS_S_CONTINUE_NEEDED);