[30795] in CVS-changelog-for-Kerberos-V5
krb5 commit: Stop reporting krb5 mech from IAKERB
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu May 7 12:19:43 2020
Date: Thu, 7 May 2020 12:19:36 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <202005071619.047GJag6014865@drugstore.mit.edu>
To: <cvs-krb5@mit.edu>
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/04f6809ef91d2bc44308a6e3b8cb9f77dab5cd81
commit 04f6809ef91d2bc44308a6e3b8cb9f77dab5cd81
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed May 6 00:39:35 2020 -0400
Stop reporting krb5 mech from IAKERB
In the IAKERB gss_init_sec_context() and gss_accept_sec_context(),
always report the IAKERB mech, as IAKERB is not a negotiation
mechanism.
ticket: 8901 (new)
src/lib/gssapi/krb5/iakerb.c | 14 ++++++--------
1 files changed, 6 insertions(+), 8 deletions(-)
diff --git a/src/lib/gssapi/krb5/iakerb.c b/src/lib/gssapi/krb5/iakerb.c
index 47c161e..5da276b 100644
--- a/src/lib/gssapi/krb5/iakerb.c
+++ b/src/lib/gssapi/krb5/iakerb.c
@@ -816,8 +816,6 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status,
}
if (src_name != NULL)
*src_name = GSS_C_NO_NAME;
- if (mech_type != NULL)
- *mech_type = (gss_OID)gss_mech_iakerb;
if (ret_flags != NULL)
*ret_flags = 0;
if (time_rec != NULL)
@@ -844,10 +842,11 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status,
&exts);
if (major_status == GSS_S_COMPLETE)
ctx->established = 1;
- if (mech_type != NULL)
- *mech_type = (gss_OID)gss_mech_krb5;
}
+ if (mech_type != NULL)
+ *mech_type = gss_mech_iakerb;
+
cleanup:
if (initialContextToken && GSS_ERROR(major_status)) {
iakerb_release_context(ctx);
@@ -970,11 +969,7 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status,
&exts);
if (major_status == GSS_S_COMPLETE)
ctx->established = 1;
- if (actual_mech_type != NULL)
- *actual_mech_type = (gss_OID)gss_mech_krb5;
} else {
- if (actual_mech_type != NULL)
- *actual_mech_type = (gss_OID)gss_mech_iakerb;
if (ret_flags != NULL)
*ret_flags = 0;
if (time_rec != NULL)
@@ -982,6 +977,9 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status,
major_status = GSS_S_CONTINUE_NEEDED;
}
+ if (actual_mech_type != NULL)
+ *actual_mech_type = gss_mech_iakerb;
+
cleanup:
if (cred_locked)
k5_mutex_unlock(&kcred->lock);
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
