[AFS3-std] New version of rxgk draft

[Simon Wilkinson]

On 10 Dec 2011, at 20:21, Jeffrey Hutzelman wrote:

> While that's all true, in practice it turns out to be very useful for
> troubleshooting to return this information, even though the values are
> not standardized.

Now I think of it, I recall that we had a very similar discussion during =
the standardisation of SSH's GSSAPI support. Rather than rehash all of =
that again here, I'll accept that the minor_status can be useful in the =
Kerberos case, although for reasons that aren't entirely standardised.

So, I propose changing the signature of GSSNegotiate to the following:

       GSSNegotiate(IN RXGK_StartParams *client_start,
                    IN RXGK_Token *input_token_buffer,
                    IN RXGK_Token *opaque_in,
                    OUT RXGK_Token *output_token_buffer,
                    OUT RXGK_Token *opaque_out,
                    OUT afs_uint32 *gss_minor_status,
		    OUT afs_uint23 *gss_minor_status,
                    OUT RXGK_Token *rxgk_info) =3D 1;

And modifying the parameter definitions to:

   gss_major_status  The major status code output by the server's call =
to
         gss_accept_sec_context

   gss_minor_status  The minor status code returned by=20
         gss_accept_sec_context. Implementors should note that minor =
status
         codes are not portable between GSSAPI implementations.

Does that seem reasonable?

>>=20
>> Yes. Sadly there isn't a good reference document describing RX
>=20
> I'd be very interested in seeing a volunteer to pick that up, sand off
> the rough spots, and get it published. =20

Mike Meffie did some work on this, and sent the outcome to this group =
back in 2009. I don't think that document went anywhere - it certainly =
doesn't seem to have been submitted to the Internet Drafts repository, =
and the copy he linked to is no longer available. Mike, perhaps you =
could publish what you had?

Cheers,

Simon.