Perhaps this is a bug. Gss_init_sec_context did return GSS_S_COMPLETE for me.
-Original Message-
From: Greg Hudson [ghud...@mit.edumailto:ghud...@mit.edu]
Sent: Wednesday, October 08, 2014 11:10 PM Eastern Standard Time
To: Xie, Hugh; Kerberos@mit.edu
Subject: Re: Not getting delegation
On 10/09/2014 07:12 AM, Xie, Hugh wrote:
Perhaps this is a bug. Gss_init_sec_context did return GSS_S_COMPLETE
for me.
I don't think we have a bug such that gss_inquire_context on an
established context would return GSS_S_NO_CONTEXT, no; that would show
up in our automated tests. Make sure
1,3,2,4 or 1,3,4,2, then the error disappear.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Thursday, October 09, 2014 12:45 PM
To: Xie, Hugh; 'Kerberos@mit.edu'
Subject: Re: Not getting delegation credential from gss_accept_sec_context()
On 10/09/2014 07:12 AM, Xie
switch the order to either 1,3,2,4 or 1,3,4,2, then the error disappear.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Thursday, October 09, 2014 12:45 PM
To: Xie, Hugh; 'Kerberos@mit.edu'
Subject: Re: Not getting delegation credential from gss_accept_sec_context
We are using version 1.9.1. When I turn on backback in debugger, I see the
gss_accept_sec_context was in turn called internally inside spnego_mech.c that
pass a NULL verifier_cred_handle krb5_gss_accept_sec_context_ext. Anyway I can
resolve this issue? Here are the full backtrace:
(gdb)
On 10/08/2014 10:29 AM, Xie, Hugh wrote:
We are using version 1.9.1. When I turn on backback in debugger, I see the
gss_accept_sec_context was in turn called internally inside spnego_mech.c
that pass a NULL verifier_cred_handle krb5_gss_accept_sec_context_ext. Anyway
I can resolve this
Switched to 1.12 resolved this issue. Thanks.
-Original Message-
From: kerberos-boun...@mit.edu [mailto:kerberos-boun...@mit.edu] On Behalf Of
Xie, Hugh
Sent: Wednesday, October 08, 2014 10:30 AM
To: Kerberos@mit.edu; Greg Hudson
Subject: RE: Not getting delegation credential from
[mailto:kerberos-boun...@mit.edu] On Behalf Of
Xie, Hugh
Sent: Wednesday, October 08, 2014 1:29 PM
To: Kerberos@mit.edu; Greg Hudson
Subject: RE: Not getting delegation credential from gss_accept_sec_context()
Switched to 1.12 resolved this issue. Thanks.
-Original Message-
From: kerberos-boun
On 10/08/2014 03:41 PM, Xie, Hugh wrote:
After switching version 1.12.2, as a follow up question to the next step of
S4U2Proxy.
I passed the delegated_cred_handle from *gss_accept_sec_context()* to
*gss_init_sec_context*. I got a No context has been established error since
the
, Hugh; Kerberos@mit.edu
Subject: Re: Not getting delegation credential from gss_accept_sec_context()
On 10/08/2014 03:41 PM, Xie, Hugh wrote:
After switching version 1.12.2, as a follow up question to the next step of
S4U2Proxy.
I passed the delegated_cred_handle from *gss_accept_sec_context
...@mit.edu [mailto:kerberos-boun...@mit.edu] On Behalf Of
Xie, Hugh
Sent: Wednesday, October 08, 2014 5:23 PM
To: Greg Hudson; Kerberos@mit.edu
Subject: RE: Not getting delegation credential from gss_accept_sec_context()
That was what I did. Both context_handle for *gss_accept_sec_context
On 10/08/2014 05:45 PM, Xie, Hugh wrote:
My mistake. The error is from * gss_inquire_context(min_stat,
state-context, gssuser, NULL, NULL, NULL, NULL, NULL, NULL);* post call to
* gss_init_sec_context*. Can I still call this function post
gss_init_sec_context with delegate handle?
Our
On 10/06/2014 04:49 PM, Xie, Hugh wrote:
I created some printf to check verifier_cred_handle I passed into
*gss_accept_sec_context()* are set back to GSS_C_NO_CREDENTIAL once it reach
kg_accept_krb5(). That in turn cause one of the condition * cred-usage ==
GSS_C_BOTH * to be false. I
13 matches
Mail list logo