RFC Errata
RFC 5801, "Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family", July 2010
Note: This RFC has been updated by RFC 9266
Source of RFC: sasl (sec)See Also: RFC 5801 w/ inline errata
Errata ID: 2768
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Simon Josefsson
Date Reported: 2011-04-06
Verifier Name: Sean Turner
Date Verified: 2011-05-12
Section 10.1 and 11. says:
Section 10.1: const gss_OID desired_mech, Section 11.1: const gss_buffer_t sasl_mech_name,
It should say:
Section 10.1: gss_const_OID desired_mech, Section 11.1: gss_const_buffer_t sasl_mech_name, Add to section 2: The normative reference to [RFC5587] is for the C types "gss_const_buffer_t" and "gss_const_OID", nothing else from that document is required to implement this document. Add new normative reference: [RFC5587] Williams, N., "Extended Generic Security Service Mechanism Inquiry APIs", RFC 5587, July 2009.
Notes:
There is a bug in the C interfaces for these functions. RFC 5587 section 3.4.6 explains the problem and specifies new types to use instead. This errata makes RFC 5801 use the corrected types.
As far as I understand, there are no technical/implementation implications caused by this change -- it merely helps the compiler check implementations better and (in some cases) it can avoid compiler warnings on application code.
A similar issue was recently discussed in the Kitten WG list.