[krbdev.mit.edu #3206] gss_acquire_cred with GSS_C_BOTH or
mattias.karlsson@sungard.com via RT
rt-comment at krbdev.mit.edu
Wed May 19 13:50:53 EDT 2010
Hi
I ran into the problem stated below. I can't find any bug number or
status of this issue? Is it solved? The workaround seems quite messy.
Mattias
--//--
Sam Hartman (see below) suggested I report this as a bug. It has been
there
for a long time, and I understand Heimdal does not have this problem.
Synopsis: When a cred cache is not available, and a keytab cred is
available, gss_acquire_cred should obtain an initiator cred cache
based on the keytab cred when GSS_C_BOTH or GSS_C_INITIATE flag is set.
See RFC 1964, June 1996, Section 3
fourth paragraph.
Severity:
Probably not high, because there is
a somewhat kludgy workaround that many of us use:
run a cron or background process that repeatedly generates a
cred cache from a keytab.
(e.g., "kinit -k -t" or API equivilent)
--//--
More information about the krb5-bugs
mailing list