Bug 314651 - gss_init_sec_context() mechglue wrapper doesn't handle ret_flags right
gss_init_sec_context() mechglue wrapper doesn't handle ret_flags right
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: krb5 (Show other bugs)
5.1
All Linux
urgent Severity low
: rc
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
GSSApproved
: ZStream
Depends On:
Blocks: 301061 436465
  Show dependency treegraph
 
Reported: 2007-10-01 15:56 EDT by Nalin Dahyabhai
Modified: 2008-03-07 08:09 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.6.2-11.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-02-13 00:06:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
currently-proposed fix (1.46 KB, patch)
2007-10-01 17:50 EDT, Nalin Dahyabhai
no flags Details | Diff

  None (edit)
Description Nalin Dahyabhai 2007-10-01 15:56:03 EDT
If the application calling gss_accept_sec_context() doesn't pass a value
for ret_flags, we'd never be able to check if credentials had been delegated.

The passed-in ret_flags value is a pointer to a bitfield, so the comparision
as-written was not likely to work as expected.

I've got a patch for this, but would like to hold for feedback from upstream,
because there are potentially more corner cases here.
Comment 1 Nalin Dahyabhai 2007-10-01 17:50:30 EDT
Created attachment 212921 [details]
currently-proposed fix
Comment 2 RHEL Product and Program Management 2007-10-15 23:36:42 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 6 Fedora Update System 2007-12-06 12:39:52 EST
krb5-1.6.1-6.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update krb5'
Comment 7 Fedora Update System 2007-12-06 15:54:43 EST
krb5-1.6.2-11.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update krb5'
Comment 11 Fedora Update System 2008-02-13 00:06:43 EST
krb5-1.6.2-11.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 12 Fedora Update System 2008-02-13 00:15:25 EST
krb5-1.6.1-6.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.