[krbdev.mit.edu #1365] Remove caching of default initiator GSS credential data
Nicolas Williams via RT
rt-comment at krbdev.mit.edu
Sat Mar 1 16:29:15 EST 2003
There is no need for gss_inquire_cred(GSS_C_NO_CREDENTIAL) to have any
sort of predictable outputs; its outputs should always reflect the
current state of the user's ccache, and not that of the user's ccache at
the time that GSS_C_NO_CREDENTIAL is first referred to.
Applications that need to know details of the default credential used to
initiate some context, such as initiator name or credential lifetime,
can get the information by inquiring the context and should not assume
that the outputs of gss_inquire_cred(GSS_C_NO_CREDENTIAL) will reflect
the same values as used during the initiation of any one context.
Please remove this cache.
More information about the krb5-bugs
mailing list