[krbdev.mit.edu #6936] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Mon Jan 9 16:23:44 EST 2012
Pull up r25591, r25604 from trunk
------------------------------------------------------------------------
r25604 | ghudson | 2011-12-27 01:39:07 -0500 (Tue, 27 Dec 2011) | 4 lines
ticket: 6936
Fix an unlikely memory leak in r25591
------------------------------------------------------------------------
r25591 | ghudson | 2011-12-16 18:19:01 -0500 (Fri, 16 Dec 2011) | 14 lines
ticket: 6936
target_version: 1.10
tags: pullup
Do mech fallback for first SPNEGO context token
When producing the first SPNEGO security context token, if the first
mechanism's init_sec_context fails, fall back to a later mechanism.
This fixes a regression in 1.10 for SPNEGO initiators using non-krb5
credentials. The identity selection work causes errors to be deferred
from krb5's acquire_cred in some cases, which means SPNEGO doesn't see
an error until it tries the krb5 init_sec_context.
http://src.mit.edu/fisheye/changelog/krb5/?cs=25628
Commit By: tlyu
Revision: 25628
Changed Files:
U branches/krb5-1-10/src/lib/gssapi/spnego/spnego_mech.c
More information about the krb5-bugs
mailing list