Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Stop reporting krb5 mech from IAKERB
In the IAKERB gss_init_sec_context() and gss_accept_sec_context(),
always report the IAKERB mech, as IAKERB is not a negotiation
mechanism.

ticket: 8901 (new)
  • Loading branch information
greghudson committed May 7, 2020
1 parent b2fe66f commit 04f6809
Showing 1 changed file with 6 additions and 8 deletions.
14 changes: 6 additions & 8 deletions src/lib/gssapi/krb5/iakerb.c
Expand Up @@ -816,8 +816,6 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status,
}
if (src_name != NULL)
*src_name = GSS_C_NO_NAME;
if (mech_type != NULL)
*mech_type = (gss_OID)gss_mech_iakerb;
if (ret_flags != NULL)
*ret_flags = 0;
if (time_rec != NULL)
Expand All @@ -844,10 +842,11 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status,
&exts);
if (major_status == GSS_S_COMPLETE)
ctx->established = 1;
if (mech_type != NULL)
*mech_type = (gss_OID)gss_mech_krb5;
}

if (mech_type != NULL)
*mech_type = gss_mech_iakerb;

cleanup:
if (initialContextToken && GSS_ERROR(major_status)) {
iakerb_release_context(ctx);
Expand Down Expand Up @@ -970,18 +969,17 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status,
&exts);
if (major_status == GSS_S_COMPLETE)
ctx->established = 1;
if (actual_mech_type != NULL)
*actual_mech_type = (gss_OID)gss_mech_krb5;
} else {
if (actual_mech_type != NULL)
*actual_mech_type = (gss_OID)gss_mech_iakerb;
if (ret_flags != NULL)
*ret_flags = 0;
if (time_rec != NULL)
*time_rec = 0;
major_status = GSS_S_CONTINUE_NEEDED;
}

if (actual_mech_type != NULL)
*actual_mech_type = gss_mech_iakerb;

cleanup:
if (cred_locked)
k5_mutex_unlock(&kcred->lock);
Expand Down

0 comments on commit 04f6809

Please sign in to comment.