gssftpd and gss_acquire_cred

[Sam Hartman]

>>>>> "Ken" == Ken Hornstein <kenh at cmf.nrl.navy.mil> writes:


    Ken> - On the server, accept either.

Or ignore the address check entirely.  For the kpasswd service,
although not in general, it would be safe to do this.  The requirement
for directional addresses is to avoid replays with direction switched.
I'm fairly sure the kpasswd protocols are not vulnerable to that.