svn rev #25666: trunk/src/lib/gssapi/krb5/
ghudson@MIT.EDU
ghudson at MIT.EDU
Tue Jan 31 16:35:35 EST 2012
http://src.mit.edu/fisheye/changelog/krb5/?cs=25666
Commit By: ghudson
Log Message:
ticket: 7084
subject: Don't check mech in krb5_gss_inquire_cred_by_mech
target_version: 1.10.1
tags: pullup
krb5_gss_inquire_cred_by_mech checks its mech argument against two of
the four mechs a krb5 cred might have (the krb5 mech and the old krb5
mech, but not the wrong Microsoft mech or the IAKERB mech), so would
spuriously fail for the other two mechs. There is no reason to check
the mechanism if we assume a reasonable mechglue is interpreting
application gss_inquire_cred_by_mech calls, so just remove the check.
Changed Files:
U trunk/src/lib/gssapi/krb5/inq_cred.c
Modified: trunk/src/lib/gssapi/krb5/inq_cred.c
===================================================================
--- trunk/src/lib/gssapi/krb5/inq_cred.c 2012-01-27 21:27:47 UTC (rev 25665)
+++ trunk/src/lib/gssapi/krb5/inq_cred.c 2012-01-31 21:35:34 UTC (rev 25666)
@@ -224,16 +224,6 @@
OM_uint32 lifetime;
OM_uint32 mstat;
- /*
- * We only know how to handle our own creds.
- */
- if ((mech_type != GSS_C_NULL_OID) &&
- !g_OID_equal(gss_mech_krb5_old, mech_type) &&
- !g_OID_equal(gss_mech_krb5, mech_type)) {
- *minor_status = 0;
- return(GSS_S_NO_CRED);
- }
-
cred = (krb5_gss_cred_id_t) cred_handle;
mstat = krb5_gss_inquire_cred(minor_status,
cred_handle,
More information about the cvs-krb5
mailing list