Russ Allbery wrote:
Bryan Kadzban [EMAIL PROTECTED] writes:
The check (ret_flags GSS_C_DELEG_FLAG) looks extremely wrong.
GSS_C_DELEG_FLAGS is a bitmask, and should not be logically
compared against anything (since it will always be logical true).
ret_flags is a pointer, and its value
Bryan Kadzban wrote:
The gss_krb5_copy_ccache function only needs to set mcred to one or
the other of the Kerberos mechanism credential handles; if the top level
gss_union_cred_t uses SPNEGO, then it should contain a sub-credential
that uses one of the Kerberos mechanisms. So one fix would
Package: libkrb53
Version: 1.6.dfsg.3~beta1-4
Severity: normal
Tags: patch
The check (ret_flags GSS_C_DELEG_FLAG) looks extremely wrong.
GSS_C_DELEG_FLAGS is a bitmask, and should not be logically compared
against anything (since it will always be logical true). ret_flags is a
pointer, and its
Package: libkrb53
Version: 1.6.dfsg.3~beta1-4
Severity: normal
Tags: patch
When trying to delegate credentials using mod_auth_kerb, delegation
succeeds (mod_auth_kerb receives a delegated gss_cred_id_t), but when it
tries to copy that credential into a ccache so it can write it out for
CGI
Package: libapache2-mod-auth-kerb
Version: 5.3-4
Severity: normal
Tags: patch
Kerberos authorization (using Negotiate) succeeds, but delegation fails.
(KRB5CCNAME is not set in the CGI environment.) When using K5Passwd,
both authorization and delegation succeed.
Configuration when using
5 matches
Mail list logo