oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Don't require timestamp to be set on delegated token, its already

Browse Source 
protected by the outer token (and windows doesn't alway send it)
Pointed out by Zi-Bin Yang <zbyang@decru.com> on heimdal-discuss


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13128 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2003-11-22 22:42:16 +00:00
parent 67e6f2f7eb
commit 3882d8ca5f
2 changed files with 20 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/gssapi/accept_sec_context.c
View File

@@ -305,8 +305,8 @@ gsskrb5_accept_sec_context
}
if (fwd_data.length > 0 && (flags & GSS_C_DELEG_FLAG)) {
krb5_ccache ccache;
int32_t ac_flags;
if (delegated_cred_handle == NULL)
/* XXX Create a new delegated_cred_handle? */
@@ -364,10 +364,19 @@ gsskrb5_accept_sec_context
goto end_fwd;
}
krb5_auth_con_getflags(gssapi_krb5_context,
(*context_handle)->auth_context,
&ac_flags);
krb5_auth_con_setflags(gssapi_krb5_context,
(*context_handle)->auth_context,
ac_flags & ~KRB5_AUTH_CONTEXT_DO_TIME);
kret = krb5_rd_cred2(gssapi_krb5_context,
(*context_handle)->auth_context,
ccache,
&fwd_data);
krb5_auth_con_setflags(gssapi_krb5_context,
(*context_handle)->auth_context,
ac_flags);
if (kret) {
flags &= ~GSS_C_DELEG_FLAG;
goto end_fwd;

11
lib/gssapi/krb5/accept_sec_context.c
View File

@@ -305,8 +305,8 @@ gsskrb5_accept_sec_context
}
if (fwd_data.length > 0 && (flags & GSS_C_DELEG_FLAG)) {
krb5_ccache ccache;
int32_t ac_flags;
if (delegated_cred_handle == NULL)
/* XXX Create a new delegated_cred_handle? */
@@ -364,10 +364,19 @@ gsskrb5_accept_sec_context
goto end_fwd;
}
krb5_auth_con_getflags(gssapi_krb5_context,
(*context_handle)->auth_context,
&ac_flags);
krb5_auth_con_setflags(gssapi_krb5_context,
(*context_handle)->auth_context,
ac_flags & ~KRB5_AUTH_CONTEXT_DO_TIME);
kret = krb5_rd_cred2(gssapi_krb5_context,
(*context_handle)->auth_context,
ccache,
&fwd_data);
krb5_auth_con_setflags(gssapi_krb5_context,
(*context_handle)->auth_context,
ac_flags);
if (kret) {
flags &= ~GSS_C_DELEG_FLAG;
goto end_fwd;