]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b7af394) | patch
Fix SPNEGO one-hop interop against old IIS
authorGreg Hudson <ghudson@mit.edu>
Tue, 10 Dec 2013 17:04:18 +0000 (12:04 -0500)
committerTom Yu <tlyu@mit.edu>
Thu, 16 Jan 2014 19:44:50 +0000 (14:44 -0500)
commit5773d47677478e7742b2ac227fbf33c0cc3260a1
treef62475c87c1d1e28e296dca73ce2124e411ad547tree | snapshot
parentb7af394a49e73e7458e850eed8f037c624ac9938commit | diff
Fix SPNEGO one-hop interop against old IIS

IIS 6.0 and similar return a zero length reponse buffer in the last
SPNEGO packet when context initiation is performed without mutual
authentication.  In this case the underlying Kerberos mechanism has
already completed successfully on the first invocation, and SPNEGO
does not expect a mech response token in the answer.  If we get an
empty mech response token when the mech is complete during
negotiation, ignore it.

[ghudson@mit.edu: small code style and commit message changes]

(cherry picked from commit 37af638b742dbd642eb70092e4f7781c3f69d86d)

ticket: 7827 (new)
version_fixed: 1.11.5
status: resolved
src/lib/gssapi/spnego/spnego_mech.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git