text
If I switch the order to either 1,3,2,4 or 1,3,4,2, then the error disappear.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Thursday, October 09, 2014 12:45 PM
To: Xie, Hugh; 'Kerberos@mit.edu'
Subject: Re: Not getting delegation credential from gss_acce
1,3,2,4 or 1,3,4,2, then the error disappear.
-Original Message-
From: Greg Hudson [mailto:ghud...@mit.edu]
Sent: Thursday, October 09, 2014 12:45 PM
To: Xie, Hugh; 'Kerberos@mit.edu'
Subject: Re: Not getting delegation credential from gss_accept_sec_context()
On 10/09/2014 07:
On 10/09/2014 07:12 AM, Xie, Hugh wrote:
> Perhaps this is a bug. Gss_init_sec_context did return GSS_S_COMPLETE
> for me.
I don't think we have a bug such that gss_inquire_context on an
established context would return GSS_S_NO_CONTEXT, no; that would show
up in our automated tests. Make sure yo
Perhaps this is a bug. Gss_init_sec_context did return GSS_S_COMPLETE for me.
-Original Message-
From: Greg Hudson [ghud...@mit.edu<mailto:ghud...@mit.edu>]
Sent: Wednesday, October 08, 2014 11:10 PM Eastern Standard Time
To: Xie, Hugh; Kerberos@mit.edu
Subject: Re: Not getting dele
On 10/08/2014 05:45 PM, Xie, Hugh wrote:
> My mistake. The error is from * gss_inquire_context(&min_stat,
> state->context, &gssuser, NULL, NULL, NULL, NULL, NULL, NULL);* post call to
> * gss_init_sec_context*. Can I still call this function post
> gss_init_sec_context with delegate handle?
O
rberos-boun...@mit.edu [mailto:kerberos-boun...@mit.edu] On Behalf Of
Xie, Hugh
Sent: Wednesday, October 08, 2014 5:23 PM
To: Greg Hudson; Kerberos@mit.edu
Subject: RE: Not getting delegation credential from gss_accept_sec_context()
That was what I did. Both context_handle for *gss_accept_sec_con
ober 08, 2014 5:10 PM
To: Xie, Hugh; Kerberos@mit.edu
Subject: Re: Not getting delegation credential from gss_accept_sec_context()
On 10/08/2014 03:41 PM, Xie, Hugh wrote:
> After switching version 1.12.2, as a follow up question to the next step of
> S4U2Proxy.
>
> I p
On 10/08/2014 03:41 PM, Xie, Hugh wrote:
> After switching version 1.12.2, as a follow up question to the next step of
> S4U2Proxy.
>
> I passed the delegated_cred_handle from *gss_accept_sec_context()* to
> *gss_init_sec_context*. I got a "No context has been established" error since
> the con
..@mit.edu [mailto:kerberos-boun...@mit.edu] On Behalf Of
Xie, Hugh
Sent: Wednesday, October 08, 2014 1:29 PM
To: Kerberos@mit.edu; Greg Hudson
Subject: RE: Not getting delegation credential from gss_accept_sec_context()
Switched to 1.12 resolved this issue. Thanks.
-Original Message-
From: ker
nt: Monday, October 06, 2014 4:50 PM
To: Kerberos@mit.edu
Subject: Not getting delegation credential from gss_accept_sec_context()
Hi,
I am having trouble with S4U2Proxy. Looking into *accept_sec_context.c*, it has
:
* if (delegated_cred_handle != NULL &&
deleg_cred == NULL &
On 10/08/2014 10:29 AM, Xie, Hugh wrote:
> We are using version 1.9.1. When I turn on backback in debugger, I see the
> gss_accept_sec_context was in turn called internally inside spnego_mech.c
> that pass a NULL verifier_cred_handle krb5_gss_accept_sec_context_ext. Anyway
> I can resolve this i
06, 2014 4:50 PM
To: Kerberos@mit.edu
Subject: Not getting delegation credential from gss_accept_sec_context()
Hi,
I am having trouble with S4U2Proxy. Looking into *accept_sec_context.c*, it has
:
* if (delegated_cred_handle != NULL &&
deleg_cred == NULL && /* n
On 10/06/2014 04:49 PM, Xie, Hugh wrote:
> I created some printf to check verifier_cred_handle I passed into
> *gss_accept_sec_context()* are set back to GSS_C_NO_CREDENTIAL once it reach
> kg_accept_krb5(). That in turn cause one of the condition * cred->usage ==
> GSS_C_BOTH * to be false. I d
Hi,
I am having trouble with S4U2Proxy. Looking into *accept_sec_context.c*, it has
:
* if (delegated_cred_handle != NULL &&
deleg_cred == NULL && /* no unconstrained delegation */
cred->usage == GSS_C_BOTH &&
(ticket->enc_part2->flags & TKT_FLG_FORWARDABLE)) {
/*
14 matches
Mail list logo
