summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Hudson <ghudson@mit.edu>2014-01-13 12:02:09 -0500
committerGreg Hudson <ghudson@mit.edu>2014-01-13 12:02:09 -0500
commit1687f4a0763944c2cc94e8334a7865af5d588eb5 (patch)
treeb3035a9ea91a941ef58cb0a27944bcea318d105a
parent220066d9544a1fb1d6100f18f3ada7265799e97b (diff)
downloadkrb5-1687f4a0763944c2cc94e8334a7865af5d588eb5.tar.gz
krb5-1687f4a0763944c2cc94e8334a7865af5d588eb5.tar.xz
krb5-1687f4a0763944c2cc94e8334a7865af5d588eb5.zip
Don't produce context deletion token in krb5 mech
RFCs 2743 and 4121 recommend that implementations produce empty tokens from gss_delete_sec_context, and trying to produce one can cause gss_delete_sec_context to fail on a partially established context. Patch from Tomas Kuthan. ticket: 7816 (new)
Diffstat
-rw-r--r--src/lib/gssapi/krb5/delete_sec_context.c15
1 files changed, 0 insertions, 15 deletions
diff --git a/src/lib/gssapi/krb5/delete_sec_context.c b/src/lib/gssapi/krb5/delete_sec_context.c
index 85db484dcd..2bc818a642 100644
--- a/src/lib/gssapi/krb5/delete_sec_context.c
+++ b/src/lib/gssapi/krb5/delete_sec_context.c
@@ -50,21 +50,6 @@ krb5_gss_delete_sec_context(minor_status, context_handle, output_token)
ctx = (krb5_gss_ctx_id_t) *context_handle;
context = ctx->k5_context;
- /* construct a delete context token if necessary */
-
- if (output_token) {
- OM_uint32 major;
- gss_buffer_desc empty;
- empty.length = 0; empty.value = NULL;
-
- if ((major = kg_seal(minor_status, *context_handle, 0,
- GSS_C_QOP_DEFAULT,
- &empty, NULL, output_token, KG_TOK_DEL_CTX))) {
- save_error_info(*minor_status, context);
- return(major);
- }
- }
-
/* free all the context state */
if (ctx->seqstate)
generated by cgit (git 2.34.1) at 2024-04-24 22:11:47 +0000