[krbdev.mit.edu #8358] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Tue Apr 5 23:02:52 EDT 2016
Revisit inquire_attrs_for_mech on old mechs
In gss_inquire_attrs_for_mech(), if the mech does not implement RFC
5587, return success with empty mech_attrs and known_mech_attrs sets
to indicate a lack of knowledge for all attributes. The previous
behavior of returning an error caused gss_indicate_mechs_by_attr() to
fail out in the presence of an old mechanism, in turn causing
gss_acquire_cred() and SPNEGO to break.
(cherry picked from commit 89683d1f135765e91041f3a239af865b11aaf86b)
https://github.com/krb5/krb5/commit/9e26436f2acb5fcd450f5cc1ac1f81ccbb0aa6ac
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: 9e26436f2acb5fcd450f5cc1ac1f81ccbb0aa6ac
Branch: krb5-1.14
src/lib/gssapi/mechglue/g_mechattr.c | 8 ++++++--
1 files changed, 6 insertions(+), 2 deletions(-)
More information about the krb5-bugs
mailing list