[Bug 1218] GSSAPI client code permits SPNEGO usage
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Aug 18 00:51:28 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=1218
Summary: GSSAPI client code permits SPNEGO usage
Product: Portable OpenSSH
Version: 4.3p2
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Kerberos support
AssignedTo: bitbucket at mindrot.org
ReportedBy: simon at sxw.org.uk
RFC4462 states that "mechanisms conforming to this document MUST NOT
use SPNEGO as the underlying GSS-API mechanism".
Unfortunately, the check in the GSSAPI client code has disappeared
somewhere in the midsts
of time. The attached patch reinstates this check, as well as tidying
up the mechanism checking
code.
I hope its in suitable KNF.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list