[krbdev.mit.edu #8284] git commit

Tom Yu via RT rt-comment at krbdev.mit.edu
Mon Nov 30 13:11:16 EST 2015


Fix SPNEGO context import

The patches for CVE-2015-2695 did not implement a SPNEGO
gss_import_sec_context() function, under the erroneous belief that an
exported SPNEGO context would be tagged with the underlying context
mechanism.  Implement it now to allow SPNEGO contexts to be
successfully exported and imported after establishment.

(cherry picked from commit 222b09f6e2f536354555f2a0dedfe29fc10c01d6)
(cherry picked from commit 8e10a780fd3bfefd1ba08ca1552e8d0677917454)

https://github.com/krb5/krb5/commit/aae39008de0402cc516150225de4d8feef62b2da
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: aae39008de0402cc516150225de4d8feef62b2da
Branch: krb5-1.13
 src/lib/gssapi/spnego/spnego_mech.c |   33 +++++++++++++++++++++++++++------
 1 files changed, 27 insertions(+), 6 deletions(-)



More information about the krb5-bugs mailing list