From 04f6809ef91d2bc44308a6e3b8cb9f77dab5cd81 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Wed, 6 May 2020 00:39:35 -0400 Subject: [PATCH] Stop reporting krb5 mech from IAKERB In the IAKERB gss_init_sec_context() and gss_accept_sec_context(), always report the IAKERB mech, as IAKERB is not a negotiation mechanism. ticket: 8901 (new) --- src/lib/gssapi/krb5/iakerb.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/lib/gssapi/krb5/iakerb.c b/src/lib/gssapi/krb5/iakerb.c index 47c161ec91..5da276b4b9 100644 --- a/src/lib/gssapi/krb5/iakerb.c +++ b/src/lib/gssapi/krb5/iakerb.c @@ -816,8 +816,6 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status, } if (src_name != NULL) *src_name = GSS_C_NO_NAME; - if (mech_type != NULL) - *mech_type = (gss_OID)gss_mech_iakerb; if (ret_flags != NULL) *ret_flags = 0; if (time_rec != NULL) @@ -844,10 +842,11 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status, &exts); if (major_status == GSS_S_COMPLETE) ctx->established = 1; - if (mech_type != NULL) - *mech_type = (gss_OID)gss_mech_krb5; } + if (mech_type != NULL) + *mech_type = gss_mech_iakerb; + cleanup: if (initialContextToken && GSS_ERROR(major_status)) { iakerb_release_context(ctx); @@ -970,11 +969,7 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status, &exts); if (major_status == GSS_S_COMPLETE) ctx->established = 1; - if (actual_mech_type != NULL) - *actual_mech_type = (gss_OID)gss_mech_krb5; } else { - if (actual_mech_type != NULL) - *actual_mech_type = (gss_OID)gss_mech_iakerb; if (ret_flags != NULL) *ret_flags = 0; if (time_rec != NULL) @@ -982,6 +977,9 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status, major_status = GSS_S_CONTINUE_NEEDED; } + if (actual_mech_type != NULL) + *actual_mech_type = gss_mech_iakerb; + cleanup: if (cred_locked) k5_mutex_unlock(&kcred->lock); -- 2.47.2