summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/rpc/ChangeLog5
-rw-r--r--src/lib/rpc/auth_gssapi.c10
2 files changed, 13 insertions, 2 deletions
diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog
index 00975d930..b4e0eb723 100644
--- a/src/lib/rpc/ChangeLog
+++ b/src/lib/rpc/ChangeLog
@@ -1,3 +1,8 @@
+Tue Nov 12 16:27:27 1996 Barry Jaspan <bjaspan@mit.edu>
+
+ * auth_gssapi.c (auth_gssapi_create): handle channel bindings
+ failure so UDP connections can work [krb5-libs/180]
+
Tue Nov 5 18:43:46 1996 Tom Yu <tlyu@mit.edu>
* configure.in: Revert removal of CopySrcHeader, etc., for now.
diff --git a/src/lib/rpc/auth_gssapi.c b/src/lib/rpc/auth_gssapi.c
index 01e7bffe9..7d51d3dce 100644
--- a/src/lib/rpc/auth_gssapi.c
+++ b/src/lib/rpc/auth_gssapi.c
@@ -158,7 +158,7 @@ AUTH *auth_gssapi_create(clnt, gssstat, minor_stat,
struct sockaddr_in laddr, raddr;
enum clnt_stat callstat;
struct timeval timeout;
- int init_func;
+ int init_func, bindings_failed;
auth_gssapi_init_arg call_arg;
auth_gssapi_init_res call_res;
@@ -207,6 +207,7 @@ AUTH *auth_gssapi_create(clnt, gssstat, minor_stat,
/* start by trying latest version */
call_arg.version = 4;
+ bindings_failed = 0;
try_new_version:
/* set state for initial call to init_sec_context */
@@ -229,7 +230,7 @@ try_new_version:
mech_type = gss_mech_krb5_old;
#endif
- if (call_arg.version >= 3) {
+ if (!bindings_failed && call_arg.version >= 3) {
if (clnt_control(clnt, CLGET_LOCAL_ADDR, &laddr) == FALSE) {
PRINTF(("gssapi_create: CLGET_LOCAL_ADDR failed"));
goto cleanup;
@@ -337,6 +338,11 @@ next_token:
AUTH_GSSAPI_DISPLAY_STATUS(("in response from server",
call_res.gss_major,
call_res.gss_minor));
+ if (GSS_ERROR(call_res.gss_major) == GSS_S_BAD_BINDINGS
+ && call_arg.version > 2) {
+ call_arg.version = 2;
+ goto try_new_version;
+ }
goto cleanup;
}
generated by cgit (git 2.34.1) at 2025-10-17 15:46:12 +0000