gss_accept_sec_context & rcache

Jeffrey Hutzelman jhutz at
Mon May 29 12:55:14 EDT 2006

On Monday, May 29, 2006 01:05:47 PM +0200 Rainer Weikusat 
<rainer.weikusat at> wrote:

> Is there a particular reason why gss_accept_sec_context
> returns GSS_S_FAILURE/ KRB5_RC_REPLAY for duplicate
> initiator tokens instead of GSS_S_DUPLICATE_TOKEN?

Because GSS_S_DUPLICATE_TOKEN means that a duplicate per-message token was 
received when message replay detection is enabled.  It does not apply to 
context negotiation.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA

More information about the krbdev mailing list