871
862
Two distinct representations are defined for names:
873
864
* An internal form. This is the GSS-API "native" format for names,
874
represented by the implementation-specific `gss_name_t' type. It
875
is opaque to GSS-API callers. A single `gss_name_t' object may
865
represented by the implementation-specific 'gss_name_t' type. It
866
is opaque to GSS-API callers. A single 'gss_name_t' object may
876
867
contain multiple names from different namespaces, but all names
877
868
should refer to the same entity. An example of such an internal
878
869
name would be the name returned from a call to the
879
`gss_inquire_cred' routine, when applied to a credential
880
containing credential elements for multiple authentication
881
mechanisms employing different namespaces. This `gss_name_t'
882
object will contain a distinct name for the entity for each
883
authentication mechanism.
870
'gss_inquire_cred' routine, when applied to a credential containing
871
credential elements for multiple authentication mechanisms
872
employing different namespaces. This 'gss_name_t' object will
873
contain a distinct name for the entity for each authentication
885
For GSS-API implementations supporting multiple namespaces,
886
objects of type `gss_name_t' must contain sufficient information to
876
For GSS-API implementations supporting multiple namespaces, objects
877
of type 'gss_name_t' must contain sufficient information to
887
878
determine the namespace to which each primitive name belongs.
889
* Mechanism-specific contiguous octet-string forms. A format
890
capable of containing a single name (from a single namespace).
891
Contiguous string names are always accompanied by an object
892
identifier specifying the namespace to which the name belongs, and
893
their format is dependent on the authentication mechanism that
894
employs the name. Many, but not all, contiguous string names will
895
be printable, and may therefore be used by GSS-API applications for
880
* Mechanism-specific contiguous octet-string forms. A format capable
881
of containing a single name (from a single namespace). Contiguous
882
string names are always accompanied by an object identifier
883
specifying the namespace to which the name belongs, and their
884
format is dependent on the authentication mechanism that employs
885
the name. Many, but not all, contiguous string names will be
886
printable, and may therefore be used by GSS-API applications for
896
887
communication with their users.
898
Routines (`gss_import_name' and `gss_display_name') are provided to
899
convert names between contiguous string representations and the
900
internal `gss_name_t' type. `gss_import_name' may support multiple
901
syntaxes for each supported namespace, allowing users the freedom to
902
choose a preferred name representation. `gss_display_name' should use an
889
Routines ('gss_import_name' and 'gss_display_name') are provided to
890
convert names between contiguous string representations and the internal
891
'gss_name_t' type. 'gss_import_name' may support multiple syntaxes for
892
each supported namespace, allowing users the freedom to choose a
893
preferred name representation. 'gss_display_name' should use an
903
894
implementation-chosen printable syntax for each supported name-type.
905
If an application calls `gss_display_name', passing the internal
906
name resulting from a call to `gss_import_name', there is no guarantee
907
the resulting contiguous string name will be the same as the original
908
imported string name. Nor do name-space identifiers necessarily
909
survive unchanged after a journey through the internal name-form. An
910
example of this might be a mechanism that authenticates X.500 names,
911
but provides an algorithmic mapping of Internet DNS names into X.500.
912
That mechanism's implementation of `gss_import_name' might, when
913
presented with a DNS name, generate an internal name that contained
914
both the original DNS name and the equivalent X.500 name.
915
Alternatively, it might only store the X.500 name. In the latter case,
916
`gss_display_name' would most likely generate a printable X.500 name,
917
rather than the original DNS name.
896
If an application calls 'gss_display_name', passing the internal name
897
resulting from a call to 'gss_import_name', there is no guarantee the
898
resulting contiguous string name will be the same as the original
899
imported string name. Nor do name-space identifiers necessarily survive
900
unchanged after a journey through the internal name-form. An example of
901
this might be a mechanism that authenticates X.500 names, but provides
902
an algorithmic mapping of Internet DNS names into X.500. That
903
mechanism's implementation of 'gss_import_name' might, when presented
904
with a DNS name, generate an internal name that contained both the
905
original DNS name and the equivalent X.500 name. Alternatively, it
906
might only store the X.500 name. In the latter case, 'gss_display_name'
907
would most likely generate a printable X.500 name, rather than the
919
910
The process of authentication delivers to the context acceptor an
920
911
internal name. Since this name has been authenticated by a single
921
912
mechanism, it contains only a single name (even if the internal name
922
presented by the context initiator to `gss_init_sec_context' had
913
presented by the context initiator to 'gss_init_sec_context' had
923
914
multiple components). Such names are termed internal mechanism names,
924
or "MN"s and the names emitted by `gss_accept_sec_context' are always
925
of this type. Since some applications may require MNs without wanting
926
to incur the overhead of an authentication operation, a second
927
function, `gss_canonicalize_name', is provided to convert a general
928
internal name into an MN.
915
or "MN"s and the names emitted by 'gss_accept_sec_context' are always of
916
this type. Since some applications may require MNs without wanting to
917
incur the overhead of an authentication operation, a second function,
918
'gss_canonicalize_name', is provided to convert a general internal name
930
921
Comparison of internal-form names may be accomplished via the
931
`gss_compare_name' routine, which returns true if the two names being
922
'gss_compare_name' routine, which returns true if the two names being
932
923
compared refer to the same entity. This removes the need for the
933
924
application program to understand the syntaxes of the various printable
934
925
names that a given GSS-API implementation may support. Since GSS-API
935
926
assumes that all primitive names contained within a given internal name
936
refer to the same entity, `gss_compare_name' can return true if the two
937
names have at least one primitive name in common. If the
938
implementation embodies knowledge of equivalence relationships between
939
names taken from different namespaces, this knowledge may also allow
940
successful comparison of internal names containing no overlapping
927
refer to the same entity, 'gss_compare_name' can return true if the two
928
names have at least one primitive name in common. If the implementation
929
embodies knowledge of equivalence relationships between names taken from
930
different namespaces, this knowledge may also allow successful
931
comparison of internal names containing no overlapping primitive
943
934
When used in large access control lists, the overhead of invoking
944
`gss_import_name' and `gss_compare_name' on each name from the ACL may
935
'gss_import_name' and 'gss_compare_name' on each name from the ACL may
945
936
be prohibitive. As an alternative way of supporting this case, GSS-API
946
937
defines a special form of the contiguous string name which may be
947
compared directly (e.g. with memcmp()). Contiguous names suitable for
948
comparison are generated by the `gss_export_name' routine, which
938
compared directly (e.g. with memcmp()). Contiguous names suitable for
939
comparison are generated by the 'gss_export_name' routine, which
949
940
requires an MN as input. Exported names may be re- imported by the
950
`gss_import_name' routine, and the resulting internal name will also be
951
an MN. The `gss_OID' constant `GSS_C_NT_EXPORT_NAME' indentifies the
941
'gss_import_name' routine, and the resulting internal name will also be
942
an MN. The 'gss_OID' constant 'GSS_C_NT_EXPORT_NAME' indentifies the
952
943
"export name" type, and the value of this constant is given in Appendix
953
A. Structurally, an exported name object consists of a header
954
containing an OID identifying the mechanism that authenticated the
955
name, and a trailer containing the name itself, where the syntax of the
956
trailer is defined by the individual mechanism specification. The
957
precise format of an export name is defined in the language-independent
958
GSS-API specification [GSSAPI].
944
A. Structurally, an exported name object consists of a header containing
945
an OID identifying the mechanism that authenticated the name, and a
946
trailer containing the name itself, where the syntax of the trailer is
947
defined by the individual mechanism specification. The precise format
948
of an export name is defined in the language-independent GSS-API
949
specification [GSSAPI].
960
Note that the results obtained by using `gss_compare_name' will in
951
Note that the results obtained by using 'gss_compare_name' will in
961
952
general be different from those obtained by invoking
962
`gss_canonicalize_name' and `gss_export_name', and then comparing the
953
'gss_canonicalize_name' and 'gss_export_name', and then comparing the
963
954
exported names. The first series of operation determines whether two
964
955
(unauthenticated) names identify the same principal; the second whether
965
956
a particular mechanism would authenticate them as the same principal.
966
957
These two operations will in general give the same results only for MNs.
968
The `gss_name_t' datatype should be implemented as a pointer type.
959
The 'gss_name_t' datatype should be implemented as a pointer type.
969
960
To allow the compiler to aid the application programmer by performing
970
961
type-checking, the use of (void *) is discouraged. A pointer to an
971
962
implementation-defined type is the preferred choice.
973
Storage is allocated by routines that return `gss_name_t' values. A
974
procedure, `gss_release_name', is provided to free storage associated
964
Storage is allocated by routines that return 'gss_name_t' values. A
965
procedure, 'gss_release_name', is provided to free storage associated
975
966
with an internal-form name.
977
968
3.2.6 Channel Bindings
4514
4484
If your document contains nontrivial examples of program code, we
4515
recommend releasing these examples in parallel under your choice of
4516
free software license, such as the GNU General Public License, to
4517
permit their use in free software.
4520
File: gss.info, Node: GNU GPL, Prev: GNU Free Documentation License, Up: Copying Information
4522
B.2 GNU General Public License
4523
==============================
4525
Version 3, 29 June 2007
4527
Copyright (C) 2007 Free Software Foundation, Inc. `http://fsf.org/'
4529
Everyone is permitted to copy and distribute verbatim copies of this
4530
license document, but changing it is not allowed.
4535
The GNU General Public License is a free, copyleft license for software
4536
and other kinds of works.
4538
The licenses for most software and other practical works are designed
4539
to take away your freedom to share and change the works. By contrast,
4540
the GNU General Public License is intended to guarantee your freedom to
4541
share and change all versions of a program--to make sure it remains
4542
free software for all its users. We, the Free Software Foundation, use
4543
the GNU General Public License for most of our software; it applies
4544
also to any other work released this way by its authors. You can apply
4545
it to your programs, too.
4547
When we speak of free software, we are referring to freedom, not
4548
price. Our General Public Licenses are designed to make sure that you
4549
have the freedom to distribute copies of free software (and charge for
4550
them if you wish), that you receive source code or can get it if you
4551
want it, that you can change the software or use pieces of it in new
4552
free programs, and that you know you can do these things.
4554
To protect your rights, we need to prevent others from denying you
4555
these rights or asking you to surrender the rights. Therefore, you
4556
have certain responsibilities if you distribute copies of the software,
4557
or if you modify it: responsibilities to respect the freedom of others.
4559
For example, if you distribute copies of such a program, whether
4560
gratis or for a fee, you must pass on to the recipients the same
4561
freedoms that you received. You must make sure that they, too, receive
4562
or can get the source code. And you must show them these terms so they
4565
Developers that use the GNU GPL protect your rights with two steps:
4566
(1) assert copyright on the software, and (2) offer you this License
4567
giving you legal permission to copy, distribute and/or modify it.
4569
For the developers' and authors' protection, the GPL clearly explains
4570
that there is no warranty for this free software. For both users' and
4571
authors' sake, the GPL requires that modified versions be marked as
4572
changed, so that their problems will not be attributed erroneously to
4573
authors of previous versions.
4575
Some devices are designed to deny users access to install or run
4576
modified versions of the software inside them, although the
4577
manufacturer can do so. This is fundamentally incompatible with the
4578
aim of protecting users' freedom to change the software. The
4579
systematic pattern of such abuse occurs in the area of products for
4580
individuals to use, which is precisely where it is most unacceptable.
4581
Therefore, we have designed this version of the GPL to prohibit the
4582
practice for those products. If such problems arise substantially in
4583
other domains, we stand ready to extend this provision to those domains
4584
in future versions of the GPL, as needed to protect the freedom of
4587
Finally, every program is threatened constantly by software patents.
4588
States should not allow patents to restrict development and use of
4589
software on general-purpose computers, but in those that do, we wish to
4590
avoid the special danger that patents applied to a free program could
4591
make it effectively proprietary. To prevent this, the GPL assures that
4592
patents cannot be used to render the program non-free.
4594
The precise terms and conditions for copying, distribution and
4595
modification follow.
4597
TERMS AND CONDITIONS
4598
====================
4602
"This License" refers to version 3 of the GNU General Public
4605
"Copyright" also means copyright-like laws that apply to other
4606
kinds of works, such as semiconductor masks.
4608
"The Program" refers to any copyrightable work licensed under this
4609
License. Each licensee is addressed as "you". "Licensees" and
4610
"recipients" may be individuals or organizations.
4612
To "modify" a work means to copy from or adapt all or part of the
4613
work in a fashion requiring copyright permission, other than the
4614
making of an exact copy. The resulting work is called a "modified
4615
version" of the earlier work or a work "based on" the earlier work.
4617
A "covered work" means either the unmodified Program or a work
4618
based on the Program.
4620
To "propagate" a work means to do anything with it that, without
4621
permission, would make you directly or secondarily liable for
4622
infringement under applicable copyright law, except executing it
4623
on a computer or modifying a private copy. Propagation includes
4624
copying, distribution (with or without modification), making
4625
available to the public, and in some countries other activities as
4628
To "convey" a work means any kind of propagation that enables other
4629
parties to make or receive copies. Mere interaction with a user
4630
through a computer network, with no transfer of a copy, is not
4633
An interactive user interface displays "Appropriate Legal Notices"
4634
to the extent that it includes a convenient and prominently visible
4635
feature that (1) displays an appropriate copyright notice, and (2)
4636
tells the user that there is no warranty for the work (except to
4637
the extent that warranties are provided), that licensees may
4638
convey the work under this License, and how to view a copy of this
4639
License. If the interface presents a list of user commands or
4640
options, such as a menu, a prominent item in the list meets this
4645
The "source code" for a work means the preferred form of the work
4646
for making modifications to it. "Object code" means any
4647
non-source form of a work.
4649
A "Standard Interface" means an interface that either is an
4650
official standard defined by a recognized standards body, or, in
4651
the case of interfaces specified for a particular programming
4652
language, one that is widely used among developers working in that
4655
The "System Libraries" of an executable work include anything,
4656
other than the work as a whole, that (a) is included in the normal
4657
form of packaging a Major Component, but which is not part of that
4658
Major Component, and (b) serves only to enable use of the work
4659
with that Major Component, or to implement a Standard Interface
4660
for which an implementation is available to the public in source
4661
code form. A "Major Component", in this context, means a major
4662
essential component (kernel, window system, and so on) of the
4663
specific operating system (if any) on which the executable work
4664
runs, or a compiler used to produce the work, or an object code
4665
interpreter used to run it.
4667
The "Corresponding Source" for a work in object code form means all
4668
the source code needed to generate, install, and (for an executable
4669
work) run the object code and to modify the work, including
4670
scripts to control those activities. However, it does not include
4671
the work's System Libraries, or general-purpose tools or generally
4672
available free programs which are used unmodified in performing
4673
those activities but which are not part of the work. For example,
4674
Corresponding Source includes interface definition files
4675
associated with source files for the work, and the source code for
4676
shared libraries and dynamically linked subprograms that the work
4677
is specifically designed to require, such as by intimate data
4678
communication or control flow between those subprograms and other
4681
The Corresponding Source need not include anything that users can
4682
regenerate automatically from other parts of the Corresponding
4685
The Corresponding Source for a work in source code form is that
4688
2. Basic Permissions.
4690
All rights granted under this License are granted for the term of
4691
copyright on the Program, and are irrevocable provided the stated
4692
conditions are met. This License explicitly affirms your unlimited
4693
permission to run the unmodified Program. The output from running
4694
a covered work is covered by this License only if the output,
4695
given its content, constitutes a covered work. This License
4696
acknowledges your rights of fair use or other equivalent, as
4697
provided by copyright law.
4699
You may make, run and propagate covered works that you do not
4700
convey, without conditions so long as your license otherwise
4701
remains in force. You may convey covered works to others for the
4702
sole purpose of having them make modifications exclusively for
4703
you, or provide you with facilities for running those works,
4704
provided that you comply with the terms of this License in
4705
conveying all material for which you do not control copyright.
4706
Those thus making or running the covered works for you must do so
4707
exclusively on your behalf, under your direction and control, on
4708
terms that prohibit them from making any copies of your
4709
copyrighted material outside their relationship with you.
4711
Conveying under any other circumstances is permitted solely under
4712
the conditions stated below. Sublicensing is not allowed; section
4713
10 makes it unnecessary.
4715
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
4717
No covered work shall be deemed part of an effective technological
4718
measure under any applicable law fulfilling obligations under
4719
article 11 of the WIPO copyright treaty adopted on 20 December
4720
1996, or similar laws prohibiting or restricting circumvention of
4723
When you convey a covered work, you waive any legal power to forbid
4724
circumvention of technological measures to the extent such
4725
circumvention is effected by exercising rights under this License
4726
with respect to the covered work, and you disclaim any intention
4727
to limit operation or modification of the work as a means of
4728
enforcing, against the work's users, your or third parties' legal
4729
rights to forbid circumvention of technological measures.
4731
4. Conveying Verbatim Copies.
4733
You may convey verbatim copies of the Program's source code as you
4734
receive it, in any medium, provided that you conspicuously and
4735
appropriately publish on each copy an appropriate copyright notice;
4736
keep intact all notices stating that this License and any
4737
non-permissive terms added in accord with section 7 apply to the
4738
code; keep intact all notices of the absence of any warranty; and
4739
give all recipients a copy of this License along with the Program.
4741
You may charge any price or no price for each copy that you convey,
4742
and you may offer support or warranty protection for a fee.
4744
5. Conveying Modified Source Versions.
4746
You may convey a work based on the Program, or the modifications to
4747
produce it from the Program, in the form of source code under the
4748
terms of section 4, provided that you also meet all of these
4751
a. The work must carry prominent notices stating that you
4752
modified it, and giving a relevant date.
4754
b. The work must carry prominent notices stating that it is
4755
released under this License and any conditions added under
4756
section 7. This requirement modifies the requirement in
4757
section 4 to "keep intact all notices".
4759
c. You must license the entire work, as a whole, under this
4760
License to anyone who comes into possession of a copy. This
4761
License will therefore apply, along with any applicable
4762
section 7 additional terms, to the whole of the work, and all
4763
its parts, regardless of how they are packaged. This License
4764
gives no permission to license the work in any other way, but
4765
it does not invalidate such permission if you have separately
4768
d. If the work has interactive user interfaces, each must display
4769
Appropriate Legal Notices; however, if the Program has
4770
interactive interfaces that do not display Appropriate Legal
4771
Notices, your work need not make them do so.
4773
A compilation of a covered work with other separate and independent
4774
works, which are not by their nature extensions of the covered
4775
work, and which are not combined with it such as to form a larger
4776
program, in or on a volume of a storage or distribution medium, is
4777
called an "aggregate" if the compilation and its resulting
4778
copyright are not used to limit the access or legal rights of the
4779
compilation's users beyond what the individual works permit.
4780
Inclusion of a covered work in an aggregate does not cause this
4781
License to apply to the other parts of the aggregate.
4783
6. Conveying Non-Source Forms.
4785
You may convey a covered work in object code form under the terms
4786
of sections 4 and 5, provided that you also convey the
4787
machine-readable Corresponding Source under the terms of this
4788
License, in one of these ways:
4790
a. Convey the object code in, or embodied in, a physical product
4791
(including a physical distribution medium), accompanied by the
4792
Corresponding Source fixed on a durable physical medium
4793
customarily used for software interchange.
4795
b. Convey the object code in, or embodied in, a physical product
4796
(including a physical distribution medium), accompanied by a
4797
written offer, valid for at least three years and valid for
4798
as long as you offer spare parts or customer support for that
4799
product model, to give anyone who possesses the object code
4800
either (1) a copy of the Corresponding Source for all the
4801
software in the product that is covered by this License, on a
4802
durable physical medium customarily used for software
4803
interchange, for a price no more than your reasonable cost of
4804
physically performing this conveying of source, or (2) access
4805
to copy the Corresponding Source from a network server at no
4808
c. Convey individual copies of the object code with a copy of
4809
the written offer to provide the Corresponding Source. This
4810
alternative is allowed only occasionally and noncommercially,
4811
and only if you received the object code with such an offer,
4812
in accord with subsection 6b.
4814
d. Convey the object code by offering access from a designated
4815
place (gratis or for a charge), and offer equivalent access
4816
to the Corresponding Source in the same way through the same
4817
place at no further charge. You need not require recipients
4818
to copy the Corresponding Source along with the object code.
4819
If the place to copy the object code is a network server, the
4820
Corresponding Source may be on a different server (operated
4821
by you or a third party) that supports equivalent copying
4822
facilities, provided you maintain clear directions next to
4823
the object code saying where to find the Corresponding Source.
4824
Regardless of what server hosts the Corresponding Source, you
4825
remain obligated to ensure that it is available for as long
4826
as needed to satisfy these requirements.
4828
e. Convey the object code using peer-to-peer transmission,
4829
provided you inform other peers where the object code and
4830
Corresponding Source of the work are being offered to the
4831
general public at no charge under subsection 6d.
4834
A separable portion of the object code, whose source code is
4835
excluded from the Corresponding Source as a System Library, need
4836
not be included in conveying the object code work.
4838
A "User Product" is either (1) a "consumer product", which means
4839
any tangible personal property which is normally used for personal,
4840
family, or household purposes, or (2) anything designed or sold for
4841
incorporation into a dwelling. In determining whether a product
4842
is a consumer product, doubtful cases shall be resolved in favor of
4843
coverage. For a particular product received by a particular user,
4844
"normally used" refers to a typical or common use of that class of
4845
product, regardless of the status of the particular user or of the
4846
way in which the particular user actually uses, or expects or is
4847
expected to use, the product. A product is a consumer product
4848
regardless of whether the product has substantial commercial,
4849
industrial or non-consumer uses, unless such uses represent the
4850
only significant mode of use of the product.
4852
"Installation Information" for a User Product means any methods,
4853
procedures, authorization keys, or other information required to
4854
install and execute modified versions of a covered work in that
4855
User Product from a modified version of its Corresponding Source.
4856
The information must suffice to ensure that the continued
4857
functioning of the modified object code is in no case prevented or
4858
interfered with solely because modification has been made.
4860
If you convey an object code work under this section in, or with,
4861
or specifically for use in, a User Product, and the conveying
4862
occurs as part of a transaction in which the right of possession
4863
and use of the User Product is transferred to the recipient in
4864
perpetuity or for a fixed term (regardless of how the transaction
4865
is characterized), the Corresponding Source conveyed under this
4866
section must be accompanied by the Installation Information. But
4867
this requirement does not apply if neither you nor any third party
4868
retains the ability to install modified object code on the User
4869
Product (for example, the work has been installed in ROM).
4871
The requirement to provide Installation Information does not
4872
include a requirement to continue to provide support service,
4873
warranty, or updates for a work that has been modified or
4874
installed by the recipient, or for the User Product in which it
4875
has been modified or installed. Access to a network may be denied
4876
when the modification itself materially and adversely affects the
4877
operation of the network or violates the rules and protocols for
4878
communication across the network.
4880
Corresponding Source conveyed, and Installation Information
4881
provided, in accord with this section must be in a format that is
4882
publicly documented (and with an implementation available to the
4883
public in source code form), and must require no special password
4884
or key for unpacking, reading or copying.
4886
7. Additional Terms.
4888
"Additional permissions" are terms that supplement the terms of
4889
this License by making exceptions from one or more of its
4890
conditions. Additional permissions that are applicable to the
4891
entire Program shall be treated as though they were included in
4892
this License, to the extent that they are valid under applicable
4893
law. If additional permissions apply only to part of the Program,
4894
that part may be used separately under those permissions, but the
4895
entire Program remains governed by this License without regard to
4896
the additional permissions.
4898
When you convey a copy of a covered work, you may at your option
4899
remove any additional permissions from that copy, or from any part
4900
of it. (Additional permissions may be written to require their own
4901
removal in certain cases when you modify the work.) You may place
4902
additional permissions on material, added by you to a covered work,
4903
for which you have or can give appropriate copyright permission.
4905
Notwithstanding any other provision of this License, for material
4906
you add to a covered work, you may (if authorized by the copyright
4907
holders of that material) supplement the terms of this License
4910
a. Disclaiming warranty or limiting liability differently from
4911
the terms of sections 15 and 16 of this License; or
4913
b. Requiring preservation of specified reasonable legal notices
4914
or author attributions in that material or in the Appropriate
4915
Legal Notices displayed by works containing it; or
4917
c. Prohibiting misrepresentation of the origin of that material,
4918
or requiring that modified versions of such material be
4919
marked in reasonable ways as different from the original
4922
d. Limiting the use for publicity purposes of names of licensors
4923
or authors of the material; or
4925
e. Declining to grant rights under trademark law for use of some
4926
trade names, trademarks, or service marks; or
4928
f. Requiring indemnification of licensors and authors of that
4929
material by anyone who conveys the material (or modified
4930
versions of it) with contractual assumptions of liability to
4931
the recipient, for any liability that these contractual
4932
assumptions directly impose on those licensors and authors.
4934
All other non-permissive additional terms are considered "further
4935
restrictions" within the meaning of section 10. If the Program as
4936
you received it, or any part of it, contains a notice stating that
4937
it is governed by this License along with a term that is a further
4938
restriction, you may remove that term. If a license document
4939
contains a further restriction but permits relicensing or
4940
conveying under this License, you may add to a covered work
4941
material governed by the terms of that license document, provided
4942
that the further restriction does not survive such relicensing or
4945
If you add terms to a covered work in accord with this section, you
4946
must place, in the relevant source files, a statement of the
4947
additional terms that apply to those files, or a notice indicating
4948
where to find the applicable terms.
4950
Additional terms, permissive or non-permissive, may be stated in
4951
the form of a separately written license, or stated as exceptions;
4952
the above requirements apply either way.
4956
You may not propagate or modify a covered work except as expressly
4957
provided under this License. Any attempt otherwise to propagate or
4958
modify it is void, and will automatically terminate your rights
4959
under this License (including any patent licenses granted under
4960
the third paragraph of section 11).
4962
However, if you cease all violation of this License, then your
4963
license from a particular copyright holder is reinstated (a)
4964
provisionally, unless and until the copyright holder explicitly
4965
and finally terminates your license, and (b) permanently, if the
4966
copyright holder fails to notify you of the violation by some
4967
reasonable means prior to 60 days after the cessation.
4969
Moreover, your license from a particular copyright holder is
4970
reinstated permanently if the copyright holder notifies you of the
4971
violation by some reasonable means, this is the first time you have
4972
received notice of violation of this License (for any work) from
4973
that copyright holder, and you cure the violation prior to 30 days
4974
after your receipt of the notice.
4976
Termination of your rights under this section does not terminate
4977
the licenses of parties who have received copies or rights from
4978
you under this License. If your rights have been terminated and
4979
not permanently reinstated, you do not qualify to receive new
4980
licenses for the same material under section 10.
4982
9. Acceptance Not Required for Having Copies.
4984
You are not required to accept this License in order to receive or
4985
run a copy of the Program. Ancillary propagation of a covered work
4986
occurring solely as a consequence of using peer-to-peer
4987
transmission to receive a copy likewise does not require
4988
acceptance. However, nothing other than this License grants you
4989
permission to propagate or modify any covered work. These actions
4990
infringe copyright if you do not accept this License. Therefore,
4991
by modifying or propagating a covered work, you indicate your
4992
acceptance of this License to do so.
4994
10. Automatic Licensing of Downstream Recipients.
4996
Each time you convey a covered work, the recipient automatically
4997
receives a license from the original licensors, to run, modify and
4998
propagate that work, subject to this License. You are not
4999
responsible for enforcing compliance by third parties with this
5002
An "entity transaction" is a transaction transferring control of an
5003
organization, or substantially all assets of one, or subdividing an
5004
organization, or merging organizations. If propagation of a
5005
covered work results from an entity transaction, each party to that
5006
transaction who receives a copy of the work also receives whatever
5007
licenses to the work the party's predecessor in interest had or
5008
could give under the previous paragraph, plus a right to
5009
possession of the Corresponding Source of the work from the
5010
predecessor in interest, if the predecessor has it or can get it
5011
with reasonable efforts.
5013
You may not impose any further restrictions on the exercise of the
5014
rights granted or affirmed under this License. For example, you
5015
may not impose a license fee, royalty, or other charge for
5016
exercise of rights granted under this License, and you may not
5017
initiate litigation (including a cross-claim or counterclaim in a
5018
lawsuit) alleging that any patent claim is infringed by making,
5019
using, selling, offering for sale, or importing the Program or any
5024
A "contributor" is a copyright holder who authorizes use under this
5025
License of the Program or a work on which the Program is based.
5026
The work thus licensed is called the contributor's "contributor
5029
A contributor's "essential patent claims" are all patent claims
5030
owned or controlled by the contributor, whether already acquired or
5031
hereafter acquired, that would be infringed by some manner,
5032
permitted by this License, of making, using, or selling its
5033
contributor version, but do not include claims that would be
5034
infringed only as a consequence of further modification of the
5035
contributor version. For purposes of this definition, "control"
5036
includes the right to grant patent sublicenses in a manner
5037
consistent with the requirements of this License.
5039
Each contributor grants you a non-exclusive, worldwide,
5040
royalty-free patent license under the contributor's essential
5041
patent claims, to make, use, sell, offer for sale, import and
5042
otherwise run, modify and propagate the contents of its
5043
contributor version.
5045
In the following three paragraphs, a "patent license" is any
5046
express agreement or commitment, however denominated, not to
5047
enforce a patent (such as an express permission to practice a
5048
patent or covenant not to sue for patent infringement). To
5049
"grant" such a patent license to a party means to make such an
5050
agreement or commitment not to enforce a patent against the party.
5052
If you convey a covered work, knowingly relying on a patent
5053
license, and the Corresponding Source of the work is not available
5054
for anyone to copy, free of charge and under the terms of this
5055
License, through a publicly available network server or other
5056
readily accessible means, then you must either (1) cause the
5057
Corresponding Source to be so available, or (2) arrange to deprive
5058
yourself of the benefit of the patent license for this particular
5059
work, or (3) arrange, in a manner consistent with the requirements
5060
of this License, to extend the patent license to downstream
5061
recipients. "Knowingly relying" means you have actual knowledge
5062
that, but for the patent license, your conveying the covered work
5063
in a country, or your recipient's use of the covered work in a
5064
country, would infringe one or more identifiable patents in that
5065
country that you have reason to believe are valid.
5067
If, pursuant to or in connection with a single transaction or
5068
arrangement, you convey, or propagate by procuring conveyance of, a
5069
covered work, and grant a patent license to some of the parties
5070
receiving the covered work authorizing them to use, propagate,
5071
modify or convey a specific copy of the covered work, then the
5072
patent license you grant is automatically extended to all
5073
recipients of the covered work and works based on it.
5075
A patent license is "discriminatory" if it does not include within
5076
the scope of its coverage, prohibits the exercise of, or is
5077
conditioned on the non-exercise of one or more of the rights that
5078
are specifically granted under this License. You may not convey a
5079
covered work if you are a party to an arrangement with a third
5080
party that is in the business of distributing software, under
5081
which you make payment to the third party based on the extent of
5082
your activity of conveying the work, and under which the third
5083
party grants, to any of the parties who would receive the covered
5084
work from you, a discriminatory patent license (a) in connection
5085
with copies of the covered work conveyed by you (or copies made
5086
from those copies), or (b) primarily for and in connection with
5087
specific products or compilations that contain the covered work,
5088
unless you entered into that arrangement, or that patent license
5089
was granted, prior to 28 March 2007.
5091
Nothing in this License shall be construed as excluding or limiting
5092
any implied license or other defenses to infringement that may
5093
otherwise be available to you under applicable patent law.
5095
12. No Surrender of Others' Freedom.
5097
If conditions are imposed on you (whether by court order,
5098
agreement or otherwise) that contradict the conditions of this
5099
License, they do not excuse you from the conditions of this
5100
License. If you cannot convey a covered work so as to satisfy
5101
simultaneously your obligations under this License and any other
5102
pertinent obligations, then as a consequence you may not convey it
5103
at all. For example, if you agree to terms that obligate you to
5104
collect a royalty for further conveying from those to whom you
5105
convey the Program, the only way you could satisfy both those
5106
terms and this License would be to refrain entirely from conveying
5109
13. Use with the GNU Affero General Public License.
5111
Notwithstanding any other provision of this License, you have
5112
permission to link or combine any covered work with a work licensed
5113
under version 3 of the GNU Affero General Public License into a
5114
single combined work, and to convey the resulting work. The terms
5115
of this License will continue to apply to the part which is the
5116
covered work, but the special requirements of the GNU Affero
5117
General Public License, section 13, concerning interaction through
5118
a network will apply to the combination as such.
5120
14. Revised Versions of this License.
5122
The Free Software Foundation may publish revised and/or new
5123
versions of the GNU General Public License from time to time.
5124
Such new versions will be similar in spirit to the present
5125
version, but may differ in detail to address new problems or
5128
Each version is given a distinguishing version number. If the
5129
Program specifies that a certain numbered version of the GNU
5130
General Public License "or any later version" applies to it, you
5131
have the option of following the terms and conditions either of
5132
that numbered version or of any later version published by the
5133
Free Software Foundation. If the Program does not specify a
5134
version number of the GNU General Public License, you may choose
5135
any version ever published by the Free Software Foundation.
5137
If the Program specifies that a proxy can decide which future
5138
versions of the GNU General Public License can be used, that
5139
proxy's public statement of acceptance of a version permanently
5140
authorizes you to choose that version for the Program.
5142
Later license versions may give you additional or different
5143
permissions. However, no additional obligations are imposed on any
5144
author or copyright holder as a result of your choosing to follow a
5147
15. Disclaimer of Warranty.
5149
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
5150
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE
5151
COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS"
5152
WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
5153
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
5154
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE
5155
RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.
5156
SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL
5157
NECESSARY SERVICING, REPAIR OR CORRECTION.
5159
16. Limitation of Liability.
5161
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
5162
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES
5163
AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU
5164
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
5165
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE
5166
THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA
5167
BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
5168
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
5169
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF
5170
THE POSSIBILITY OF SUCH DAMAGES.
5172
17. Interpretation of Sections 15 and 16.
5174
If the disclaimer of warranty and limitation of liability provided
5175
above cannot be given local legal effect according to their terms,
5176
reviewing courts shall apply local law that most closely
5177
approximates an absolute waiver of all civil liability in
5178
connection with the Program, unless a warranty or assumption of
5179
liability accompanies a copy of the Program in return for a fee.
5182
END OF TERMS AND CONDITIONS
5183
===========================
5185
How to Apply These Terms to Your New Programs
5186
=============================================
5188
If you develop a new program, and you want it to be of the greatest
5189
possible use to the public, the best way to achieve this is to make it
5190
free software which everyone can redistribute and change under these
5193
To do so, attach the following notices to the program. It is safest
5194
to attach them to the start of each source file to most effectively
5195
state the exclusion of warranty; and each file should have at least the
5196
"copyright" line and a pointer to where the full notice is found.
5198
ONE LINE TO GIVE THE PROGRAM'S NAME AND A BRIEF IDEA OF WHAT IT DOES.
5199
Copyright (C) YEAR NAME OF AUTHOR
5201
This program is free software: you can redistribute it and/or modify
5202
it under the terms of the GNU General Public License as published by
5203
the Free Software Foundation, either version 3 of the License, or (at
5204
your option) any later version.
5206
This program is distributed in the hope that it will be useful, but
5207
WITHOUT ANY WARRANTY; without even the implied warranty of
5208
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5209
General Public License for more details.
5211
You should have received a copy of the GNU General Public License
5212
along with this program. If not, see `http://www.gnu.org/licenses/'.
5214
Also add information on how to contact you by electronic and paper
5217
If the program does terminal interaction, make it output a short
5218
notice like this when it starts in an interactive mode:
5220
PROGRAM Copyright (C) YEAR NAME OF AUTHOR
5221
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
5222
This is free software, and you are welcome to redistribute it
5223
under certain conditions; type `show c' for details.
5225
The hypothetical commands `show w' and `show c' should show the
5226
appropriate parts of the General Public License. Of course, your
5227
program's commands might be different; for a GUI interface, you would
5230
You should also get your employer (if you work as a programmer) or
5231
school, if any, to sign a "copyright disclaimer" for the program, if
5232
necessary. For more information on this, and how to apply and follow
5233
the GNU GPL, see `http://www.gnu.org/licenses/'.
5235
The GNU General Public License does not permit incorporating your
5236
program into proprietary programs. If your program is a subroutine
5237
library, you may consider it more useful to permit linking proprietary
5238
applications with the library. If this is what you want to do, use the
5239
GNU Lesser General Public License instead of this License. But first,
5240
please read `http://www.gnu.org/philosophy/why-not-lgpl.html'.
4485
recommend releasing these examples in parallel under your choice of free
4486
software license, such as the GNU General Public License, to permit
4487
their use in free software.
5243
4490
File: gss.info, Node: Concept Index, Next: API Index, Prev: Copying Information, Up: Top
5302
4550
* gss: Invoking gss. (line 6)
5303
4551
* gss_accept_sec_context: Context-Level Routines.
5305
4553
* gss_acquire_cred: Credential Management.
5307
4555
* gss_add_cred: Credential Management.
5309
4557
* gss_add_oid_set_member: Miscellaneous Routines.
5311
4559
* GSS_CALLING_ERROR: Error Handling. (line 119)
5312
* gss_canonicalize_name: Name Manipulation. (line 222)
5313
* gss_check_version: Extended GSS API. (line 14)
5314
* gss_compare_name: Name Manipulation. (line 112)
4560
* gss_canonicalize_name: Name Manipulation. (line 219)
4561
* gss_check_version: Extended GSS API. (line 13)
4562
* gss_compare_name: Name Manipulation. (line 109)
5315
4563
* gss_context_time: Context-Level Routines.
5317
4565
* gss_create_empty_oid_set: Miscellaneous Routines.
5319
4567
* gss_decapsulate_token: Miscellaneous Routines.
5321
4569
* gss_delete_sec_context: Context-Level Routines.
5323
* gss_display_name: Name Manipulation. (line 71)
4571
* gss_display_name: Name Manipulation. (line 68)
5324
4572
* gss_display_status: Miscellaneous Routines.
5326
* gss_duplicate_name: Name Manipulation. (line 285)
4574
* gss_duplicate_name: Name Manipulation. (line 283)
5327
4575
* gss_encapsulate_token: Miscellaneous Routines.
5329
4577
* GSS_ERROR: Error Handling. (line 119)
5330
* gss_export_name: Name Manipulation. (line 252)
4578
* gss_export_name: Name Manipulation. (line 250)
5331
4579
* gss_export_sec_context: Context-Level Routines.
5333
4581
* gss_get_mic: Per-Message Routines.
5335
* gss_import_name: Name Manipulation. (line 30)
4583
* gss_import_name: Name Manipulation. (line 27)
5336
4584
* gss_import_sec_context: Context-Level Routines.
5338
4586
* gss_indicate_mechs: Miscellaneous Routines.
5340
4588
* gss_init_sec_context: Context-Level Routines.
5342
4590
* gss_inquire_context: Context-Level Routines.
5344
4592
* gss_inquire_cred: Credential Management.
5346
4594
* gss_inquire_cred_by_mech: Credential Management.
5348
* gss_inquire_mech_for_saslname: SASL GS2 Routines. (line 12)
5349
* gss_inquire_mechs_for_name: Name Manipulation. (line 182)
5350
* gss_inquire_names_for_mech: Name Manipulation. (line 162)
5351
* gss_inquire_saslname_for_mech: SASL GS2 Routines. (line 39)
4596
* gss_inquire_mechs_for_name: Name Manipulation. (line 179)
4597
* gss_inquire_mech_for_saslname: SASL GS2 Routines. (line 9)
4598
* gss_inquire_names_for_mech: Name Manipulation. (line 159)
4599
* gss_inquire_saslname_for_mech: SASL GS2 Routines. (line 35)
5352
4600
* gss_oid_equal: Miscellaneous Routines.
5354
4602
* gss_process_context_token: Context-Level Routines.
5356
4604
* gss_release_buffer: Miscellaneous Routines.
5358
4606
* gss_release_cred: Credential Management.
5360
* gss_release_name: Name Manipulation. (line 142)
4608
* gss_release_name: Name Manipulation. (line 140)
5361
4609
* gss_release_oid_set: Miscellaneous Routines.
5363
4611
* GSS_ROUTINE_ERROR: Error Handling. (line 119)
4612
* GSS_SUPPLEMENTARY_INFO: Error Handling. (line 119)
5364
4613
* GSS_S_...: Error Handling. (line 44)
5365
* GSS_SUPPLEMENTARY_INFO: Error Handling. (line 119)
5366
4614
* gss_test_oid_set_member: Miscellaneous Routines.
5368
4616
* gss_unwrap: Per-Message Routines.
5370
* gss_userok: Extended GSS API. (line 28)
4618
* gss_userok: Extended GSS API. (line 26)
5371
4619
* gss_verify_mic: Per-Message Routines.
5373
4621
* gss_wrap: Per-Message Routines.
5375
4623
* gss_wrap_size_limit: Context-Level Routines.
5382
Node: Introduction2061
5383
Node: Getting Started2939
5385
Node: GSS-API Overview4715
5386
Node: Supported Platforms8424
5387
Node: Commercial Support10970
5388
Node: Downloading and Installing11859
5389
Node: Bug Reports12912
5390
Node: Contributing14292
5391
Node: Planned Features16404
5392
Node: Preparation17018
5394
Node: Initialization19236
5395
Node: Version Check19802
5396
Node: Building the source20739
5397
Node: Out of Memory handling22594
5398
Node: Standard GSS API22908
5399
Node: Simple Data Types23694
5400
Ref: Object Identifiers26461
5401
Node: Complex Data Types29067
5402
Node: Optional Parameters43220
5403
Node: Error Handling44452
5404
Node: Credential Management53250
5405
Ref: gss_acquire_cred54194
5406
Ref: gss_add_cred59175
4630
Node: Introduction2055
4631
Node: Getting Started2932
4633
Node: GSS-API Overview4707
4634
Node: Supported Platforms8417
4635
Node: Commercial Support10969
4636
Node: Downloading and Installing11856
4637
Node: Bug Reports12909
4638
Node: Contributing14289
4639
Node: Planned Features16400
4640
Node: Preparation17014
4642
Node: Initialization19232
4643
Node: Version Check19799
4644
Node: Building the source20736
4645
Node: Out of Memory handling22591
4646
Node: Standard GSS API22905
4647
Node: Simple Data Types23691
4648
Ref: Object Identifiers26458
4649
Node: Complex Data Types29064
4650
Node: Optional Parameters43223
4651
Node: Error Handling44455
4652
Node: Credential Management53254
4653
Ref: gss_acquire_cred54198
4654
Ref: gss_add_cred59182
5407
4655
Ref: gss_inquire_cred67190
5408
4656
Ref: gss_inquire_cred_by_mech69186
5409
Ref: gss_release_cred71820
5410
Node: Context-Level Routines72575
5411
Ref: gss_init_sec_context73920
5412
Ref: gss_accept_sec_context89939
5413
Ref: gss_delete_sec_context103044
5414
Ref: gss_process_context_token105594
5415
Ref: gss_context_time107284
5416
Ref: gss_inquire_context108108
5417
Ref: gss_wrap_size_limit113653
5418
Ref: gss_export_sec_context116330
5419
Ref: gss_import_sec_context119596
5420
Node: Per-Message Routines120709
5421
Ref: gss_get_mic121822
5422
Ref: gss_verify_mic123684
5423
Ref: gss_wrap125824
5424
Ref: gss_unwrap128084
5425
Node: Name Manipulation130635
5426
Ref: gss_import_name131787
5427
Ref: gss_display_name133506
5428
Ref: gss_compare_name135218
5429
Ref: gss_release_name136277
5430
Ref: gss_inquire_names_for_mech136854
5431
Ref: gss_inquire_mechs_for_name137544
5432
Ref: gss_canonicalize_name139287
5433
Ref: gss_export_name140592
5434
Ref: gss_duplicate_name141847
5435
Node: Miscellaneous Routines142699
5436
Ref: gss_add_oid_set_member143976
5437
Ref: gss_display_status145289
5438
Ref: gss_indicate_mechs148972
5439
Ref: gss_release_buffer149617
5440
Ref: gss_release_oid_set150603
5441
Ref: gss_create_empty_oid_set151426
5442
Ref: gss_test_oid_set_member152249
5443
Ref: gss_encapsulate_token153146
5444
Ref: gss_decapsulate_token154280
5445
Ref: gss_oid_equal155438
5446
Node: SASL GS2 Routines155964
5447
Ref: gss_inquire_mech_for_saslname156170
5448
Ref: gss_inquire_saslname_for_mech157071
5449
Node: Extended GSS API158420
5450
Ref: gss_check_version158785
5451
Ref: gss_userok159246
5452
Node: Invoking gss159745
5453
Node: Acknowledgements160742
5454
Node: Criticism of GSS160965
5455
Node: Copying Information167001
5456
Node: GNU Free Documentation License167318
5457
Node: GNU GPL192464
5458
Node: Concept Index230027
5459
Node: API Index233143
4657
Ref: gss_release_cred71818
4658
Node: Context-Level Routines72573
4659
Ref: gss_init_sec_context73918
4660
Ref: gss_accept_sec_context89886
4661
Ref: gss_delete_sec_context102971
4662
Ref: gss_process_context_token105520
4663
Ref: gss_context_time107210
4664
Ref: gss_inquire_context108034
4665
Ref: gss_wrap_size_limit113562
4666
Ref: gss_export_sec_context116240
4667
Ref: gss_import_sec_context119503
4668
Node: Per-Message Routines120616
4669
Ref: gss_get_mic121729
4670
Ref: gss_verify_mic123592
4671
Ref: gss_wrap125732
4672
Ref: gss_unwrap127993
4673
Node: Name Manipulation130544
4674
Ref: gss_import_name131696
4675
Ref: gss_display_name133415
4676
Ref: gss_compare_name135127
4677
Ref: gss_release_name136187
4678
Ref: gss_inquire_names_for_mech136764
4679
Ref: gss_inquire_mechs_for_name137454
4680
Ref: gss_canonicalize_name139197
4681
Ref: gss_export_name140502
4682
Ref: gss_duplicate_name141760
4683
Node: Miscellaneous Routines142613
4684
Ref: gss_add_oid_set_member143890
4685
Ref: gss_display_status145205
4686
Ref: gss_indicate_mechs148890
4687
Ref: gss_release_buffer149535
4688
Ref: gss_release_oid_set150520
4689
Ref: gss_create_empty_oid_set151343
4690
Ref: gss_test_oid_set_member152166
4691
Ref: gss_encapsulate_token153063
4692
Ref: gss_decapsulate_token154197
4693
Ref: gss_oid_equal155355
4694
Node: SASL GS2 Routines155881
4695
Ref: gss_inquire_mech_for_saslname156087
4696
Ref: gss_inquire_saslname_for_mech156988
4697
Node: Extended GSS API158337
4698
Ref: gss_check_version158702
4699
Ref: gss_userok159162
4700
Node: Invoking gss159660
4701
Node: Acknowledgements164618
4702
Node: Criticism of GSS164841
4703
Node: Copying Information170876
4704
Node: GNU Free Documentation License171122
4705
Node: Concept Index196232
4706
Node: API Index199421