DCE/RPC GSSAPI
SaNtosh kuLkarni
santosh.yesoptus at gmail.com
Wed Feb 27 08:02:03 EST 2013
Does DCE/RPC support GSS-Negotiation with a MSRPC based RPC server?
I am trying to develop a DCE-RPC based client(linux ) which talks to a
MSRPC based server running on Windows.
I configured the DCE/RPC build with --enable gss-negotiate.
The security nego flow on the linux rpc client is as follows
unsigned32 authn_protocol = rpc_c_authn_gss_negotiate;
unsigned32 authn_level = rpc_c_authn_level_pkt_privacy;
rpc_binding_set_auth_info (xxxx_IfHandle, (unsigned_char_p_t)principal,
authn_level,
authn_protocol,NULL,
rpc_c_authz_name, &st);
if (st != rpc_s_ok) {
dce_error_inq_text(st, error_text, &error_inq_st);
fprintf(stderr, "Cannot set security authorization for
server %s: %s\n", entry_name, error_text);
}
Is there anything else that needs to be done.I have developed a similar
windows client which works fine.But when i use the same security api
coding flow and set the protocol and auth level it fails on linux with the
following
[pid: 020951] [time: 000001] [thread: 099547a8] STATE CLIENT ASSOC:
0x9954610 state->INIT_WAIT event->REJ_CONF
[pid: 020951] [time: 000001] [thread: 099547a8] [file: cnrcvr.c, line:
1259]
[pid: 020951] [time: 000001] [thread: 099547a8] (rpc__mem_free) type 23 @
0xb6900468
[pid: 020951] [time: 000001] [thread: 099547a8] [file: rpcmem.c, line:
171]
[pid: 020951] [time: 000001] [thread: 099547a8] STATE CLIENT ASSOC:
0x9954610 new state->CLOSED
[pid: 020951] [time: 000001] [thread: 099547a8] [file: cnrcvr.c, line:
1259]
[pid: 020951] [time: 000001] [thread: 09919008] CN: call_rep->0x994e400
assoc->0x9954610 desc->0x994e258 presentation negotiation failed st =
16c9a046
[pid: 020951] [time: 000001] [thread: 09919008] [file: cnassoc.c, line:
819]
[pid: 020951] [time: 000001] [thread: 09919008] (rpc__cn_call_start) STATE
CLIENT CALL: 0 new state->CALL_FAILED_DNE
I would be grateful if anyone could guide me on this.Thanks!
--
*Regards,
Santosh*
More information about the krbdev
mailing list