Bug#480432: libkrb53: ret_flags check at g_accept_sec_context.c:248 looks wrong

Russ Allbery wrote: Bryan Kadzban [EMAIL PROTECTED] writes: The check (ret_flags GSS_C_DELEG_FLAG) looks extremely wrong. GSS_C_DELEG_FLAGS is a bitmask, and should not be logically compared against anything (since it will always be logical true). ret_flags is a pointer, and its value

Bug#480434: libkrb53: Delegation fails if an SPNEGO credential is passed to gss_krb5_copy_ccache

Bryan Kadzban wrote: The gss_krb5_copy_ccache function only needs to set mcred to one or the other of the Kerberos mechanism credential handles; if the top level gss_union_cred_t uses SPNEGO, then it should contain a sub-credential that uses one of the Kerberos mechanisms. So one fix would

Bug#480432: libkrb53: ret_flags check at g_accept_sec_context.c:248 looks wrong

Package: libkrb53 Version: 1.6.dfsg.3~beta1-4 Severity: normal Tags: patch The check (ret_flags GSS_C_DELEG_FLAG) looks extremely wrong. GSS_C_DELEG_FLAGS is a bitmask, and should not be logically compared against anything (since it will always be logical true). ret_flags is a pointer, and its

Bug#480434: libkrb53: Delegation fails if an SPNEGO credential is passed to gss_krb5_copy_ccache

Package: libkrb53 Version: 1.6.dfsg.3~beta1-4 Severity: normal Tags: patch When trying to delegate credentials using mod_auth_kerb, delegation succeeds (mod_auth_kerb receives a delegated gss_cred_id_t), but when it tries to copy that credential into a ccache so it can write it out for CGI

Bug#480097: libapache2-mod-auth-kerb: GSSAPI delegation fails (returns NULL delegated_cred even though delegated TGT is present)

Package: libapache2-mod-auth-kerb Version: 5.3-4 Severity: normal Tags: patch Kerberos authorization (using Negotiate) succeeds, but delegation fails. (KRB5CCNAME is not set in the CGI environment.) When using K5Passwd, both authorization and delegation succeed. Configuration when using