svn rev #25682: branches/krb5-1-10/src/lib/gssapi/krb5/
tlyu@MIT.EDU
tlyu at MIT.EDU
Fri Feb 10 16:19:10 EST 2012
http://src.mit.edu/fisheye/changelog/krb5/?cs=25682
Commit By: tlyu
Log Message:
ticket: 7084
version_fixed: 1.10.1
status: resolved
Pull up r25666 from trunk
------------------------------------------------------------------------
r25666 | ghudson | 2012-01-31 16:35:34 -0500 (Tue, 31 Jan 2012) | 12 lines
ticket: 7084
subject: Don't check mech in krb5_gss_inquire_cred_by_mech
target_version: 1.10.1
tags: pullup
krb5_gss_inquire_cred_by_mech checks its mech argument against two of
the four mechs a krb5 cred might have (the krb5 mech and the old krb5
mech, but not the wrong Microsoft mech or the IAKERB mech), so would
spuriously fail for the other two mechs. There is no reason to check
the mechanism if we assume a reasonable mechglue is interpreting
application gss_inquire_cred_by_mech calls, so just remove the check.
Changed Files:
U branches/krb5-1-10/src/lib/gssapi/krb5/inq_cred.c
Modified: branches/krb5-1-10/src/lib/gssapi/krb5/inq_cred.c
===================================================================
--- branches/krb5-1-10/src/lib/gssapi/krb5/inq_cred.c 2012-02-10 21:19:07 UTC (rev 25681)
+++ branches/krb5-1-10/src/lib/gssapi/krb5/inq_cred.c 2012-02-10 21:19:10 UTC (rev 25682)
@@ -224,16 +224,6 @@
OM_uint32 lifetime;
OM_uint32 mstat;
- /*
- * We only know how to handle our own creds.
- */
- if ((mech_type != GSS_C_NULL_OID) &&
- !g_OID_equal(gss_mech_krb5_old, mech_type) &&
- !g_OID_equal(gss_mech_krb5, mech_type)) {
- *minor_status = 0;
- return(GSS_S_NO_CRED);
- }
-
cred = (krb5_gss_cred_id_t) cred_handle;
mstat = krb5_gss_inquire_cred(minor_status,
cred_handle,
More information about the cvs-krb5
mailing list