[krbdev.mit.edu #7987] git commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Tue Aug 12 18:23:15 EDT 2014
Fix GSS krb5 GSS_C_DELEG_FLAG ret_flags result
The krb5 gss_accept_sec_context could erroneously return
GSS_C_DELEG_FLAG in ret_flags if either:
* The token included the GSS_C_DELEG_FLAG but did not include at least
28 bytes in the authenticator checksum.
* The initial token included the GSS_C_DELEG_FLAG but a DCE-style
exchange was performed.
Fix both of these cases.
(cherry picked from commit d899084e24555dc8fd091eb08187ca2a45a08324)
https://github.com/krb5/krb5/commit/7b4bf661ecc39459f78665a356858de9f6daaabc
Author: Greg Hudson <ghudson at mit.edu>
Committer: Tom Yu <tlyu at mit.edu>
Commit: 7b4bf661ecc39459f78665a356858de9f6daaabc
Branch: krb5-1.13
src/lib/gssapi/krb5/accept_sec_context.c | 19 ++++++++++---------
1 files changed, 10 insertions(+), 9 deletions(-)
More information about the krb5-bugs
mailing list