[28163] in CVS-changelog-for-Kerberos-V5
krb5 commit: Don't produce context deletion token in krb5 mech
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jan 13 12:08:22 2014
Date: Mon, 13 Jan 2014 12:08:10 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201401131708.s0DH8A8c003714@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/1687f4a0763944c2cc94e8334a7865af5d588eb5
commit 1687f4a0763944c2cc94e8334a7865af5d588eb5
Author: Greg Hudson <ghudson@mit.edu>
Date: Mon Jan 13 12:02:09 2014 -0500
Don't produce context deletion token in krb5 mech
RFCs 2743 and 4121 recommend that implementations produce empty tokens
from gss_delete_sec_context, and trying to produce one can cause
gss_delete_sec_context to fail on a partially established context.
Patch from Tomas Kuthan.
ticket: 7816 (new)
src/lib/gssapi/krb5/delete_sec_context.c | 15 ---------------
1 files changed, 0 insertions(+), 15 deletions(-)
diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c
index 85db484..2bc818a 100644
--- a/src/lib/gssapi/krb5/delete_sec_context.c
+++ b/src/lib/gssapi/krb5/delete_sec_context.c
@@ -50,21 +50,6 @@ krb5_gss_delete_sec_context(minor_status, context_handle, output_token)
ctx = (krb5_gss_ctx_id_t) *context_handle;
context = ctx->k5_context;
- /* construct a delete context token if necessary */
-
- if (output_token) {
- OM_uint32 major;
- gss_buffer_desc empty;
- empty.length = 0; empty.value = NULL;
-
- if ((major = kg_seal(minor_status, *context_handle, 0,
- GSS_C_QOP_DEFAULT,
- &empty, NULL, output_token, KG_TOK_DEL_CTX))) {
- save_error_info(*minor_status, context);
- return(major);
- }
- }
-
/* free all the context state */
if (ctx->seqstate)
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
