Thread-safe libraries
Sam Hartman
hartmans at MIT.EDU
Wed Feb 25 15:14:53 EST 2004
>>>>> "Cesar" == Cesar Garcia <Cesar.Garcia at morganstanley.com> writes:
Cesar> wrt to gssapi and 1.3.1 ...
Cesar> Since we're pointing out lack of replay cache detection,
Cesar> note that if acquiring creds for GSS_C_NO_NAME, then no
Cesar> replay cache is used. (specifically looking at 1.3.1 -
Cesar> lib/gssapi/krb5/acquire_cred.c)
I think that's false. I believe that krb5_rd_req will end up setting
up a rcache later.
I don't have time to go look through the code now though, but I wrote
it and at least intended that a replay cache would get used even
though it does not get stored in the GSSAPI credentials structure.
More information about the Kerberos
mailing list