[2643] in Kerberos-V5-bugs
krb5-libs/352: gss_init_sec_context doesn't accept all forms of null buffer
daemon@ATHENA.MIT.EDU (Michael Shields)
Sun Jan 26 09:59:47 1997
Resent-From: gnats@rt-11.MIT.EDU (GNATS Management)
Resent-To: krb5-unassigned@RT-11.MIT.EDU
Resent-Reply-To: krb5-bugs@MIT.EDU, shields@crosslink.net
Date: Sun, 26 Jan 1997 09:58:35 -0500
From: Michael Shields <shields@crosslink.net>
Reply-To: shields@crosslink.net
To: krb5-bugs@MIT.EDU
>Number: 352
>Category: krb5-libs
>Synopsis: gss_init_sec_context doesn't accept all forms of null buffer
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Sun Jan 26 09:59:00 EST 1997
>Last-Modified:
>Originator: Michael Shields
>Organization:
CrossLink
>Release: 1.0
>Environment:
System: Linux daedalus 2.0.27 #2 1997-01-02 20:04:03 i586
Architecture: i586
>Description:
draft-ietf-cat-gssv2-cbind-03.txt section 7.19 says that
a buffer which has a length of zero should be treated the
same as GSS_C_NO_BUFFER when passed as the input token to
gss_init_sec_context(). But the GSSAPI library distributed with
MIT K5 1.0 considers a zero-length input_token to be an error
during initial context setup.
The code that does this is commented "complain if the input
token is nonnull" and is in krb5_gss_init_sec_context().
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted: