[krbdev.mit.edu #8021] git commit
Greg Hudson via RT
rt-comment at krbdev.mit.edu
Mon Aug 10 13:38:02 EDT 2015
Limit use of IAKERB
Add the GSS_C_MA_NOT_DFLT_MECH attribute to IAKERB, and filter out
mechs with that attribute from the SPNEGO and gss_acquire_cred()
default mechanisms.
Add a -iakerb option to gss-server and pass it when performing IAKERB
tests. Also add tests using the wrong password, to verify that
gss_acquire_cred_with_password() fails with the wrong password when
using SPNEGO.
https://github.com/krb5/krb5/commit/608a65570aa868d6e03423b5de3b8f82c0bff60b
Author: Greg Hudson <ghudson at mit.edu>
Commit: 608a65570aa868d6e03423b5de3b8f82c0bff60b
Branch: master
src/appl/gss-sample/gss-server.c | 22 ++++++++--
src/appl/gss-sample/t_gss_sample.py | 60 ++++++++++++++++++++----------
src/lib/gssapi/krb5/gssapi_krb5.c | 1 +
src/lib/gssapi/mechglue/g_acquire_cred.c | 5 +-
src/lib/gssapi/spnego/spnego_mech.c | 5 +-
5 files changed, 64 insertions(+), 29 deletions(-)
More information about the krb5-bugs
mailing list