oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

gss: add some missing GM_USE_MG_CRED checks

Browse Source 
GM_USE_MG_CRED allows a mechanism glue credential to be used by a mechanism
without additional wrapping. Although no extant mechanisms use this flag, the
flag had sporadic support in the mechanism glue already. In the interest of
consistency, add missing GM_USE_MG_CRED checks. If this functionality is not
desired, then all checks should be removed.
This commit is contained in:
Luke Howard
2019-12-28 16:35:04 +11:00
parent 340cc3f092
commit e80248ed36
4 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/gssapi/mech/gss_store_cred_into.c
View File

@@ -110,7 +110,7 @@ gss_store_cred_into(OM_uint32 *minor_status,
HEIM_TAILQ_FOREACH(mc, &cred->gc_mc, gmc_link) {
gssapi_mech_interface m = mc->gmc_mech;
if (m == NULL)
if (m == NULL || (m->gm_flags & GM_USE_MG_CRED) != 0)
continue;
if (desired_mech != GSS_C_NO_OID &&