4.1 S_DSValidateServer and S_InitSecCtx

Collectively, the S_DSValidateServer and S_InitSecCtx methods allow the client and server to mutually authenticate. These methods are used to tunnel GSS security context negotiation through the RPC interface. This protocol exchange is initiated when the client calls into its security provider via GSS to create a new security context. The security context returned is passed as the pClientBuff parameter to S_DSValidateServer.

The server calls into its security provider via GSS to accept this security buffer. The server then calls the client's S_InitSecCtx method, passing the security buffer. The client then calls its own security provider via GSS to accept and possibly modify the security buffer. If both client and server signal that they need another round of exchanges by returning SEC_I_CONTINUE_NEEDED, the process repeats with the contents of the security buffer being passed to (and potentially modified by) both client and server security providers in turn.

If either client or server signals an error via an error return code, the protocol exchange halts and the S_DSValidateServer method returns that error code to the initial caller.

When both client and server security providers signal completion via a success return code from their respective GSS calls, the protocol exchange is complete and the S_DSValidateServer method returns successfully.

Protocol exchange complete

Figure 3: Protocol exchange complete