krb5-libs/1022: accept_sec_context() specifies principal to rd_req()
hartmans at MIT.EDU
Mon Apr 8 13:51:00 EDT 2002
This patch seems wrong because it ignores a principal name that was
supplied. It seems that allowing gss_accept_sec_context to work with
a default credential (as gss_init_sec_context does), or to allow
gss_acquire_creds to take a default name would be preferable to your proposed solution.
I'd be interested in a patch to this problem, but I don't feel
comfortable with a patch that throws away information from the
application when it is supplied. Just as krb5_rd_req has a fourth
argument, GSSAPI should respect the service name when provided.
More information about the krbdev