diff options
author | Barry Jaspan <bjaspan@mit.edu> | 1996-11-12 21:30:25 +0000 |
---|---|---|
committer | Barry Jaspan <bjaspan@mit.edu> | 1996-11-12 21:30:25 +0000 |
commit | 6caadd951d3305cc6f9667aacbc423efb44f2553 (patch) | |
tree | 08552ddafcb574b8bf6f4a2f48f66543e834819b | |
parent | 37ab44de802a7ecb09aa1ce290da612361b3d19d (diff) | |
download | krb5-6caadd951d3305cc6f9667aacbc423efb44f2553.zip krb5-6caadd951d3305cc6f9667aacbc423efb44f2553.tar.gz krb5-6caadd951d3305cc6f9667aacbc423efb44f2553.tar.bz2 |
* auth_gssapi.c (auth_gssapi_create): handle channel bindings
failure so UDP connections can work [krb5-libs/180]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9390 dc483132-0cff-0310-8789-dd5450dbe970
-rw-r--r-- | src/lib/rpc/ChangeLog | 5 | ||||
-rw-r--r-- | src/lib/rpc/auth_gssapi.c | 10 |
2 files changed, 13 insertions, 2 deletions
diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index 00975d9..b4e0eb7 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,8 @@ +Tue Nov 12 16:27:27 1996 Barry Jaspan <bjaspan@mit.edu> + + * auth_gssapi.c (auth_gssapi_create): handle channel bindings + failure so UDP connections can work [krb5-libs/180] + Tue Nov 5 18:43:46 1996 Tom Yu <tlyu@mit.edu> * configure.in: Revert removal of CopySrcHeader, etc., for now. diff --git a/src/lib/rpc/auth_gssapi.c b/src/lib/rpc/auth_gssapi.c index 01e7bff..7d51d3d 100644 --- a/src/lib/rpc/auth_gssapi.c +++ b/src/lib/rpc/auth_gssapi.c @@ -158,7 +158,7 @@ AUTH *auth_gssapi_create(clnt, gssstat, minor_stat, struct sockaddr_in laddr, raddr; enum clnt_stat callstat; struct timeval timeout; - int init_func; + int init_func, bindings_failed; auth_gssapi_init_arg call_arg; auth_gssapi_init_res call_res; @@ -207,6 +207,7 @@ AUTH *auth_gssapi_create(clnt, gssstat, minor_stat, /* start by trying latest version */ call_arg.version = 4; + bindings_failed = 0; try_new_version: /* set state for initial call to init_sec_context */ @@ -229,7 +230,7 @@ try_new_version: mech_type = gss_mech_krb5_old; #endif - if (call_arg.version >= 3) { + if (!bindings_failed && call_arg.version >= 3) { if (clnt_control(clnt, CLGET_LOCAL_ADDR, &laddr) == FALSE) { PRINTF(("gssapi_create: CLGET_LOCAL_ADDR failed")); goto cleanup; @@ -337,6 +338,11 @@ next_token: AUTH_GSSAPI_DISPLAY_STATUS(("in response from server", call_res.gss_major, call_res.gss_minor)); + if (GSS_ERROR(call_res.gss_major) == GSS_S_BAD_BINDINGS + && call_arg.version > 2) { + call_arg.version = 2; + goto try_new_version; + } goto cleanup; } |