[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gss_accept_sec_context() problem

To: Michael Shuldman <michaels@inet.no>
Subject: Re: gss_accept_sec_context() problem
From: Assar Westerlund <assar@sics.se>
Date: 29 Jul 2000 07:45:27 +0200
Cc: heimdal-discuss@sics.se
In-Reply-To: Michael Shuldman's message of "Fri, 28 Jul 2000 14:49:49 +0200"
References: <20000728144948.14080@bastesen.inet.no>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Gnus/5.070098 (Pterodactyl Gnus v0.98) Emacs/20.6

[ two answers for the price of one :-) ]

Michael Shuldman <michaels@inet.no> writes:
> I can't see any requirement for input_token to be filled when calling
> gss_accept_sec_context() and was expecting GSS_S_CONTINUE_NEEDED.

I don't think it makes much sense to call gss_accept_sec_context with
an empty token.  What would it mean and why would you do it?

GSS_S_CONTINUE_NEEDED is used when authentication requires more steps,
to indicate that you should continue looping around
gss_accept_sec_context (and gss_init_sec_context).

I changed the code to return GSS_S_DEFECTIVE_TOKEN instead of crashing.

> I tried filling input_token with the token gotten on the clientside
> from gss_init_sec_context, a assert() in Heimdal then fails.  I
> guess I'm doing something wrong here?

Can also possible be us doing something wrong. :-)  Just send us the
assert that's failing and we will look at it.

/assar

Follow-Ups:
- Re: gss_accept_sec_context() problem
  - From: Michael Shuldman <michaels@inet.no>

References:
- gss_accept_sec_context() problem
  - From: Michael Shuldman <michaels@inet.no>

Prev by Date: gss_accept_sec_context() problem
Next by Date: Re: gss_accept_sec_context() problem
Prev by thread: gss_accept_sec_context() problem
Next by thread: Re: gss_accept_sec_context() problem
Index(es):
- Date
- Thread