How do I query the max token size from GSS-API?
Sam Hartman
hartmans at MIT.EDU
Fri Dec 4 15:44:51 EST 2009
>>>>> "Matthew" == Matthew M DeLoera <mdeloera at exacq.com> writes:
Matthew> Is there any equivalent in GSS-API? Right now I have 1024
Matthew> hardcoded in my code, but I'd like to dynamically query
Matthew> it. Or, is there some well-known max size that I should
Matthew> hardcode?
No, GSS-API does not provide a guaranteed maximum. There is
wrap_size_limit for getting the expansion of a given per-message token,
but there is nothing for context tokens. In general, you should
dynamically resize based on what you get over the network. Note that if
you are generating a token, then gss-api will allocate the memory for
you.
1024 is definitely too small for Kerberos context tokens.
More information about the krbdev
mailing list