projects
/
mech_eap.orig
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
000678e
)
future-proof: allow multiple round trip Kerberos exchanges at acceptor
author
Luke Howard
<lukeh@padl.com>
Thu, 10 Mar 2011 01:36:36 +0000
(12:36 +1100)
committer
Luke Howard
<lukeh@padl.com>
Thu, 10 Mar 2011 01:36:36 +0000
(12:36 +1100)
accept_sec_context.c
patch
|
blob
|
history
diff --git
a/accept_sec_context.c
b/accept_sec_context.c
index
03b5692
..
5da5ea6
100644
(file)
--- a/
accept_sec_context.c
+++ b/
accept_sec_context.c
@@
-965,7
+965,8
@@
eapGssSmAcceptGssReauth(OM_uint32 *minor,
GSSEAP_SM_TRANSITION(ctx, GSSEAP_STATE_ESTABLISHED);
}
ctx->gssFlags = gssFlags;
- } else if ((*smFlags & SM_FLAG_INPUT_TOKEN_CRITICAL) == 0) {
+ } else if (GSS_ERROR(major) &&
+ (*smFlags & SM_FLAG_INPUT_TOKEN_CRITICAL) == 0) {
/* pretend reauthentication attempt never happened */
gssDeleteSecContext(&tmpMinor, &ctx->kerberosCtx, GSS_C_NO_BUFFER);
ctx->flags &= ~(CTX_FLAG_KRB_REAUTH);