Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1472

[native kerberos] setting channelBinding of gssContext when not used

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Rejected
    • 1.2.0.Beta11
    • None
    • SASL

    Description

      Gs2SaslServer: gssContext's channelBinding setting leads to error when native Kerberos is used.

      This lead to following error when using native Kerberos library:

      [GSSLibStub_acceptContext] before2: pCred=35810112, pContext=0
      [GSSLibStub_acceptContext] before3: inToken.length=515
      [GSSLibStub_acceptContext] after: pCred=35810112, pContext=0, pDelegCred=0
      [GSSLibStub_acceptContext] after2: major=262144, GSS_ERROR(major)=262144 minor=12
      [GSSLibStub_acceptContext] acceptSecContext JK Status major/minor = 40000/12
      c/r/s = 0/4/0
      

      Which mean routine error 4 has occurred, which is GSS_S_BAD_BINDINGS - Incorrect channel bindings were supplied.

      This is fixed when I change cb (in native) to GSS_C_NO_CHANNEL_BINDINGS - equivalent of setting null into channelBinding in gssContext.

      Attachments

        Issue Links

          Activity

            People

              jkalina@redhat.com Jan Kalina (Inactive)
              jkalina@redhat.com Jan Kalina (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: