Previous section.

CDE 1.1: Remote Procedure Call
Copyright © 1997 The Open Group

Authentication, Authorisation and Protection-level Arguments

This appendix lists possible values for several arguments used by authentication-related RPC routines. The RPC API authentication-related routines are designed to be authentication and authorisation service-independent, but the values taken by some arguments to these routines are necessarily service-specific. The ISO C standard currently specifies some authentication and authorisation services, but implementations may use others, and the ISO C standard may in the future specify others. This appendix specifies argument values that are applicable to the services currently specified in the ISO C standard. The use of these values assures portability of applications to implementations that used the ISO C standard specified services.

The authn_svc Argument

The authn_svc argument is used to specify an authentication service. The following list gives the possible values for currently specified authentication services.

rpc_c_authn_none

No authentication.

rpc_c_authn_dce_secret

DCE shared-secret key authentication.

rpc_c_authn_default

DCE default authentication service (should equal one of the other defined values).

The authz_svc Argument

The authz_svc argument is used to specify an authorisation service. The following list gives the possible values for currently specified authorisation services:

rpc_c_authz_none

The server performs no authorisation. This is valid only if the authn_svc argument is rpc_c_authn_none.

rpc_c_authz_name

The server performs authorisation based on the client principal name.

rpc_c_authz_dce

The server performs authorisation using the client's DCE Privilege Attribute Certificate (PAC) or Extended PAC (EPAC), which is sent to the server with each remote procedure call made with a given binding. Typically, access is checked against DCE Access Control Lists (ACLs).

The protect_level Argument

The protect_level argument is used to specify which level of protection to apply to authenticated RPC communications. The following list gives possible values for this argument:

rpc_c_protect_level_default

Use the default protection level for the specified authentication service.

rpc_c_protect_level_none

Perform no protection.

rpc_c_protect_level_connect

The client and server identities are exchanged and cryptographically verified. Strong mutual authentication is achieved on the connection and is protected against replays. There are no protection services per PDU.

rpc_c_protect_level_call

This level offers the rpc_c_protect_level_connect services, plus integrity protection on the first fragment of each call only. This level is currently not supported by the protocol. Any request for this level will be automatically upgraded to rpc_c_protect_level_pkt.

rpc_c_protect_level_pkt

This level offers the rpc_c_protect_level_connect services, plus detection of misordering or replay of PDUs. There is no protection against PDU modification.

rpc_c_protect_level_pkt_integrity

This level offers the rpc_c_protect_level_pkt services, plus detection of PDU modification.

rpc_c_protect_level_pkt_privacy

This level offers the rpc_c_protect_level_pkt_integrity services, plus privacy of stub call arguments. Run-time and lower-layer headers are not protected by these services.

The protection-level values are listed in canonical order from the lowest to highest level of protection. However, except for the first two levels, the actual definition of each level depends on the underlying protocol, and not all levels may be provided by all protocols.

When an application calls the rpc_set_auth_info routine with a protection level that is not supported, the RPC run-time system attempts to upgrade the request to the next highest supported level.

The privs Argument

The privs argument returns a handle to the authorisation or privilege information for a client binding handle. An application must cast this value to an appropriate type for the authorisation service in use. Casts for Authorisation Information shows the appropriate casts for supported authorisation services:


For authz_svc value: privs contains this data: Use this cast:
rpc_authz_none A NULL value. None
rpc_authz_name The calling client's principal name. (unsigned_char_t *)
rpc_authz_dce The calling client's privilege attribute certificate. (sec_id_pac_t *)


Table: Casts for Authorisation Information

The server_princ_name Argument

The server_princ_name argument specifies a server principal name. The syntax of this name depends on the authentication service in use. This syntax will be specified in the DCE: Security Services specification.

The auth_identity Argument

The auth_identity argument specifies an application's authentication and authorisation credentials.

When using the rpc_c_authn_dce_secret authentication service and any authorisation service, this value must be a sec_login_handle_t.

Key Functions

When a server application calls rpc_server_register_auth_info() to register authentication information with the RPC run-time system, it specifies an authentication service, using the authn_svc argument. It may also specify a server-provided key acquisition function, using the get_key_fn argument. To specify the default key acquisition function for the authentication service specified by authn_svc, the application supplies NULL for the get_key_fn argument. The application may also supply an argument to be passed to the key acquisition function, using the arg argument.

The values of these arguments determine how the RPC run-time system behaves when it needs to acquire a key for authenticated RPC. RPC Key Acquisition for Authentication Services shows the RPC run-time system behaviour for the supported authentication services.

authn_svc get_key_fn arg Run-time Behaviour
rpc_c_authn_default Ignored NULL Uses the default method of encryption key acquisition.
rpc_c_authn_default Ignored non-NULL Uses the default method of encryption key acquisition. The specified argument is passed to the default acquisition function.
rpc_c_authn_none Ignored ignored Authentication is not performed.
rpc_c_authn_dce_secret NULL NULL Uses the default method of encryption key acquisition.
rpc_c_authn_dce_secret NULL non-NULL Uses the default method of encryption key acquisition. The specified argument is passed to the default acquisition function.
rpc_c_authn_dce_secret non-NULL NULL Uses the specified encryption key acquisition routine to obtain keys.
rpc_c_authn_dce_secret non-NULL non-NULL Uses the specified encryption key acquisition routine to obtain keys. The specified argument is passed to the acquisition function.

Table: RPC Key Acquisition for Authentication Services

Please note that the html version of this specification may contain formatting aberrations. The definitive version is available as an electronic publication on CD-ROM from The Open Group.

Contents Next section Index