]> git.ipfire.org Git - thirdparty/krb5.git/commit
projects / thirdparty / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 69c8e20) | patch
Fix GSS krb5 GSS_C_DELEG_FLAG ret_flags result
authorGreg Hudson <ghudson@mit.edu>
Fri, 8 Aug 2014 20:50:38 +0000 (16:50 -0400)
committerTom Yu <tlyu@mit.edu>
Tue, 12 Aug 2014 21:51:33 +0000 (17:51 -0400)
commit7b4bf661ecc39459f78665a356858de9f6daaabc
tree3fc06e33e69eec8a601ae142d006a9f67477a81etree
parent69c8e20b18577781e17c5959e23514134dfb5755commit | diff
Fix GSS krb5 GSS_C_DELEG_FLAG ret_flags result

The krb5 gss_accept_sec_context could erroneously return
GSS_C_DELEG_FLAG in ret_flags if either:

* The token included the GSS_C_DELEG_FLAG but did not include at least
  28 bytes in the authenticator checksum.
* The initial token included the GSS_C_DELEG_FLAG but a DCE-style
  exchange was performed.

Fix both of these cases.

(cherry picked from commit d899084e24555dc8fd091eb08187ca2a45a08324)

ticket: 7987
version_fixed: 1.13
status: resolved
src/lib/gssapi/krb5/accept_sec_context.c diff | blob | blame | history
Mirror of https://github.com/krb5/krb5.git