[krbdev.mit.edu #9192] git commit
Greg Hudson via RT
rt at krbdev.mit.edu
Tue Jan 20 19:45:37 EST 2026
<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=9192 >
Fix minor logic errors
In k5_externalize_auth_context(), serialize the correct field when
local_port is set. This is not a reachable bug because the function
is only accessible via gss_export_sec_context(), and the GSS library
does not set a local port. Commit
e50f46b210ddafe85cc917e2571516ade46bc65f fixed a similar bug for
remote_port.
In krb5_pac_get_types(), correct the allocation of *types_out. (The
previous code was safe in spite of its incorrectness, because the size
of a pointer is at least as big as the size of uint32_t.)
Change make_spnego_tokenTarg_msg() to return 0 on success and -1 on
failure, to match make_spnego_tokenInit_msg() and the expectations of
its call sites. Commit fdceb225f881e2b1337eebcb9a9443fa4a9be3fd is
partly to blame as it changed the return type from int to OM_uint32,
but prior to that the function still returned GSS major codes rather
than -1 on error.
https://github.com/krb5/krb5/commit/5f4e17c8e2c31201628ab260f0991e8e47c8f1d2
Author: Greg Hudson <ghudson at mit.edu>
Commit: 5f4e17c8e2c31201628ab260f0991e8e47c8f1d2
Branch: master
src/lib/gssapi/spnego/spnego_mech.c | 10 +++++-----
src/lib/krb5/krb/pac.c | 2 +-
src/lib/krb5/krb/ser_actx.c | 2 +-
3 files changed, 7 insertions(+), 7 deletions(-)
More information about the krb5-bugs
mailing list