Our code does not currently support GSS_C_PROT_READY_FLAG so only
return that flag after context establishment. A potential future
addition is to support that flag and return GAP_TOKEN if the initiator
processes a message token before the final context token.
Ticket: 1352
Tags: pullup
Status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15280
dc483132-0cff-0310-8789-
dd5450dbe970
+2003-03-14 Sam Hartman <hartmans@mit.edu>
+
+ * accept_sec_context.c (krb5_gss_accept_sec_context): Set
+ prot_ready here
+
+ * init_sec_context.c (krb5_gss_init_sec_context): Set prot_ready
+ after context established
+
+ * gssapiP_krb5.h (KG_IMPLFLAGS): Don't claim prot_ready until the
+ context is established because we don't currently support it.
+
2003-03-06 Alexandra Ellwood <lxs@mit.edu>
* disp_status.c, gssapi_krb5.h, gssapiP_krb5.h:
&ctx->seq_send);
/* the reply token hasn't been sent yet, but that's ok. */
+ ctx->gss_flags |= GSS_C_PROT_READY_FLAG;
ctx->established = 1;
token.length = g_token_size((gss_OID) mech_used, ap_rep.length);
#define KG_TOK_DEL_CTX 0x0102
#define KG_IMPLFLAGS(x) (GSS_C_INTEG_FLAG | GSS_C_CONF_FLAG | \
- GSS_C_TRANS_FLAG | GSS_C_PROT_READY_FLAG | \
+ GSS_C_TRANS_FLAG | \
((x) & (GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG | \
GSS_C_SEQUENCE_FLAG | GSS_C_DELEG_FLAG)))
g_order_init(&(ctx->seqstate), ctx->seq_recv,
(ctx->gss_flags & GSS_C_REPLAY_FLAG) != 0,
(ctx->gss_flags & GSS_C_SEQUENCE_FLAG) != 0);
+ ctx->gss_flags |= GSS_C_PROT_READY_FLAG;
ctx->established = 1;
/* fall through to GSS_S_COMPLETE */
}
projects / krb5.git / commitdiff