gss_accept_sec_contextand channel binding in ftp
huaraz at btinternet.com
Fri Jun 4 15:25:15 EDT 2004
ftp client ftp
GSS_C_NO_CHANNEL_BINDINGS channel binding set
channel binding set
channel binding set channel
binding set OK if binding is
In the past case 2 and 3 failed. Is this an error in gss_accept_sec_context
"Markus Moeller" <huaraz at btinternet.com> wrote in message
news:loom.20040604T154031-39 at post.gmane.org...
> I noticed that from MIT version 1.2.4 to 1.3.1 the gss_accept_sec_context
> has changed in ftpd.c. It is now set to use always
> I also noticed that changing the channel bindings in gss_init_sec_context
> the client doesn't create an error I would expect.
> I also see a different behaviour in my proftpd mod_gss module. If the
> uses gss_init_sec_context with GSS_C_NO_CHANNEL_BINDINGS, the channel
> settings in gss_accept_sec_context on the server are ignored (e.g if the
> server uses channel bindings with application data set and the client used
> GSS_C_NO_CHANNEL_BINDINGS the client can login)
> Is this intention ??
> Kerberos mailing list Kerberos at mit.edu
More information about the Kerberos