equal
deleted
inserted
replaced
1 # |
|
2 # In krb5_gss_store_cred_into(), if the credential is acceptor-only, set |
|
3 # the minor status to G_STORE_ACCEPTOR_CRED_NOSUPP instead of |
|
4 # G_BAD_USAGE. |
|
5 # |
|
6 # Found by usr/ontest/lib/libgss/gss_api:gss.27. |
|
7 # |
|
8 # Accepted upstream, will be part of krb5 1.14: |
|
9 # https://github.com/krb5/krb5/commit/c0e16bb2f654038ad81602e89851f232916da051 |
|
10 # Patch source: in-house |
|
11 # |
|
12 diff -pur old/src/lib/gssapi/krb5/store_cred.c new/src/lib/gssapi/krb5/store_cred.c |
|
13 --- old/src/lib/gssapi/krb5/store_cred.c 2015-06-12 08:13:27.399201700 -0700 |
|
14 +++ new/src/lib/gssapi/krb5/store_cred.c 2015-06-12 08:17:35.570611897 -0700 |
|
15 @@ -241,7 +241,10 @@ krb5_gss_store_cred_into(OM_uint32 *mino |
|
16 if (lifetime == 0) |
|
17 return GSS_S_CREDENTIALS_EXPIRED; |
|
18 |
|
19 - if (actual_usage != GSS_C_INITIATE && actual_usage != GSS_C_BOTH) { |
|
20 + if (actual_usage == GSS_C_ACCEPT) { |
|
21 + *minor_status = G_STORE_ACCEPTOR_CRED_NOSUPP; |
|
22 + return GSS_S_FAILURE; |
|
23 + } else if (actual_usage != GSS_C_INITIATE && actual_usage != GSS_C_BOTH) { |
|
24 *minor_status = G_BAD_USAGE; |
|
25 return GSS_S_FAILURE; |
|
26 } |
|