Bug 6706 – gss_export_sec_context and gss_import_sec_context don't generate independent tokens

Bug 6706 - gss_export_sec_context and gss_import_sec_context don't generate independent tokens

Summary:

gss_export_sec_context and gss_import_sec_context don't generate independent ...

Status:	ASSIGNED

Product:	GSI C
Component:	Authentication
Version:	development
Platform:	All All

Importance:	P3 normal
Target Milestone:	---
Assigned To:	Joe Bester

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2009-03-26 08:57 by Joe Bester
Modified:	2009-03-26 08:57 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Joe Bester 2009-03-26 08:57:47

The interprocess token generated by gss_export_sec_context does not contain
enough information to re-import the security context. If the caller does not
have a default credential (gss_acquire_cred() fails), then the import fails.
I've worked around this in a gram dev branch by adding the GSS_C_ANON flag so
that it will generate a mostly usable context---the inquire functions will
still misbehave in this case, but otherwise the context can be used.