← Back to branch summary

~ubuntu-branches/ubuntu/maverick/krb5/maverick

« back to all changes in this revision

Viewing changes to debian/patches/gss-canon-name

  • Committer: Bazaar Package Importer
  • Author(s): Sam Hartman
  • Date: 2009-05-07 16:16:34 UTC
  • mfrom: (13.1.7 sid)
  • Revision ID: james.westby@ubuntu.com-20090507161634-xqyk0s9na0le4flj
Tags: 1.7dfsg~beta1-4
http://bugs.debian.org/527353
When  decrypting the TGS response fails with the subkey, try with the
session key to work around Heimdal bug, Closes: #527353 

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/gss-canon-name
1
 
Assume the krb5 mechanism if no mechanism was provided.  ipsec-tools
2
 
expects this behavior.  Patch from Daniel Kahn Gillmor.
3
 
 
4
 
Kerberos RT #3467
5
 
Debian bug #351877
6
 
 
7
 
=== krb5/src/lib/gssapi/krb5/canon_name.c
8
 
==================================================================
9
 
--- krb5/src/lib/gssapi/krb5/canon_name.c       (revision 2103)
10
 
+++ krb5/src/lib/gssapi/krb5/canon_name.c       (local)
11
 
@@ -34,7 +34,8 @@
12
 
                                     const gss_OID mech_type,
13
 
                                     gss_name_t *output_name)
14
 
 {
15
 
-    if (!g_OID_equal(gss_mech_krb5, mech_type) &&
16
 
+    if ((GSS_C_NO_OID != mech_type) &&
17
 
+       !g_OID_equal(gss_mech_krb5, mech_type) &&
18
 
        !g_OID_equal(gss_mech_krb5_old, mech_type)) {
19
 
        *minor_status = 0;
20
 
        return(GSS_S_BAD_MECH);