diff options
author | Greg Hudson <ghudson@mit.edu> | 2014-01-13 12:02:09 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2014-01-13 12:02:09 -0500 |
commit | 1687f4a0763944c2cc94e8334a7865af5d588eb5 (patch) | |
tree | b3035a9ea91a941ef58cb0a27944bcea318d105a | |
parent | 220066d9544a1fb1d6100f18f3ada7265799e97b (diff) | |
download | krb5-1687f4a0763944c2cc94e8334a7865af5d588eb5.tar.gz krb5-1687f4a0763944c2cc94e8334a7865af5d588eb5.tar.xz krb5-1687f4a0763944c2cc94e8334a7865af5d588eb5.zip |
Don't produce context deletion token in krb5 mech
RFCs 2743 and 4121 recommend that implementations produce empty tokens
from gss_delete_sec_context, and trying to produce one can cause
gss_delete_sec_context to fail on a partially established context.
Patch from Tomas Kuthan.
ticket: 7816 (new)
-rw-r--r-- | src/lib/gssapi/krb5/delete_sec_context.c | 15 |
1 files changed, 0 insertions, 15 deletions
diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c index 85db484dcd..2bc818a642 100644 --- a/src/lib/gssapi/krb5/delete_sec_context.c +++ b/src/lib/gssapi/krb5/delete_sec_context.c @@ -50,21 +50,6 @@ krb5_gss_delete_sec_context(minor_status, context_handle, output_token) ctx = (krb5_gss_ctx_id_t) *context_handle; context = ctx->k5_context; - /* construct a delete context token if necessary */ - - if (output_token) { - OM_uint32 major; - gss_buffer_desc empty; - empty.length = 0; empty.value = NULL; - - if ((major = kg_seal(minor_status, *context_handle, 0, - GSS_C_QOP_DEFAULT, - &empty, NULL, output_token, KG_TOK_DEL_CTX))) { - save_error_info(*minor_status, context); - return(major); - } - } - /* free all the context state */ if (ctx->seqstate) |