svn rev #22222: branches/krb5-1-7/src/lib/gssapi/spnego/
tlyu@MIT.EDU
tlyu at MIT.EDU
Tue Apr 14 17:07:26 EDT 2009
http://src.mit.edu/fisheye/changelog/krb5/?cs=22222
Commit By: tlyu
Log Message:
ticket: 6417
version_fixed: 1.7
pull up r22173 from trunk
------------------------------------------------------------------------
r22173 | tlyu | 2009-04-07 17:22:13 -0400 (Tue, 07 Apr 2009) | 4 lines
Changed paths:
M /trunk/src/lib/gssapi/spnego/spnego_mech.c
ticket: 6417
Apply revised patch from Apple that ensures that a REJECT token is
sent on error.
Changed Files:
U branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c
Modified: branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c
===================================================================
--- branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c 2009-04-14 21:07:24 UTC (rev 22221)
+++ branches/krb5-1-7/src/lib/gssapi/spnego/spnego_mech.c 2009-04-14 21:07:26 UTC (rev 22222)
@@ -1650,8 +1650,7 @@
&negState, &return_token);
}
cleanup:
- if (return_token == INIT_TOKEN_SEND ||
- return_token == CONT_TOKEN_SEND) {
+ if (return_token != NO_TOKEN_SEND && return_token != CHECK_MIC) {
/* For acceptor-sends-first send a tokenInit */
int tmpret;
@@ -1666,7 +1665,8 @@
return_token,
output_token);
} else {
- tmpret = make_spnego_tokenTarg_msg(negState, sc->internal_mech,
+ tmpret = make_spnego_tokenTarg_msg(negState,
+ sc ? sc->internal_mech : GSS_C_NO_OID,
&mechtok_out, mic_out,
return_token,
output_token);
@@ -3025,6 +3025,8 @@
if (outbuf == GSS_C_NO_BUFFER)
return (GSS_S_DEFECTIVE_TOKEN);
+ if (sendtoken == INIT_TOKEN_SEND && mech_wanted == GSS_C_NO_OID)
+ return (GSS_S_DEFECTIVE_TOKEN);
outbuf->length = 0;
outbuf->value = NULL;
More information about the cvs-krb5
mailing list