[30334] in Kerberos
Re: Sequence numbering after export and import of context
daemon@ATHENA.MIT.EDU (Markus Moeller)
Sun Oct 5 18:14:36 2008
To: kerberos@mit.edu
From: "Markus Moeller" <huaraz@moeller.plus.com>
Date: Sun, 5 Oct 2008 23:13:00 +0100
Message-ID: <gcbe6d$mem$1@ger.gmane.org>
Mime-Version: 1.0
X-Complaints-To: usenet@ger.gmane.org
In-Reply-To: <20081005210159.GN1157@Sun.COM>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Thank you for the replies.
I get an GSS: error: "The token was a duplicate of an earlier token" and
debugging on the client shows that it received seq 0 but expected 1. So I
need to dig a bit further what my server processes do. Is the following OK :
client <-> server main process establishes context -> export_context
client <-> child 1 import_context -> unwrap + wrap (seq 0) ->
export_context
client <-> child 2 import_context -> unwrap + wrap (seq 1)-> cleanup
Markus
"Nicolas Williams" <Nicolas.Williams@sun.com> wrote in message
news:20081005210159.GN1157@Sun.COM...
> On Sun, Oct 05, 2008 at 12:51:11PM +0100, Markus Moeller wrote:
>> I have an application which initializes the security context in one
>> process
>> does some gss_wrap/gss_unwrap calls and then exports the context to hand
>> it
>> over to another process which imports the context and continues the
>> gss_wrap/gss_unwrap. Would the second process restart sequencing at 0 or
>> continuing from where the context was exported ?
>
> The latter is what should happen.
>
> Nico
> --
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
