[16428] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[krbdev.mit.edu #8846] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Mon Dec 9 18:25:01 2019

From: "Greg Hudson via RT" <rt@KRBDEV-PROD-APP-1.mit.edu>
In-Reply-To: 
Message-ID: <rt-4.4.4-3056-1575933879-22.8846-5-0@mit.edu>
To: "AdminCc of krbdev.mit.edu Ticket #8846":;
Date: Mon, 09 Dec 2019 18:24:39 -0500
MIME-Version: 1.0
Reply-To: rt@KRBDEV-PROD-APP-1.mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krb5-bugs-bounces@mit.edu


<URL: https://krbdev.mit.edu/rt/Ticket/Display.html?id=8846 >


Fix SPNEGO fallback context handling

In init_ctx_call_init(), if gss_init_sec_context() fails while
producing the first SPNEGO initiator token, we remove the first
candidate mechanism from sc->mech_set and try again.  If
sc->ctx_handle is present after the error (more likely after commit
56f7b1bc95a2a3eeb420e069e7655fb181ade5cf), we must clear it before
falling back or it will cause subsequent attempts to fail.

(cherry picked from commit 40ecfad10dd36700028ff0f3d0d79ce7925fe545)

https://github.com/krb5/krb5/commit/206edea3b1e10bfef331d7e03dcb1e1b55c40d79
Author: Greg Hudson <ghudson@mit.edu>
Commit: 206edea3b1e10bfef331d7e03dcb1e1b55c40d79
Branch: krb5-1.17
 src/lib/gssapi/spnego/spnego_mech.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
https://mailman.mit.edu/mailman/listinfo/krb5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16428] in Kerberos-V5-bugs

[krbdev.mit.edu #8846] git commit

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)Mon Dec 9 18:25:01 2019

daemon@ATHENA.MIT.EDU (Greg Hudson via RT)
Mon Dec 9 18:25:01 2019