Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1472

[native kerberos] setting channelBinding of gssContext when not used

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • 1.2.0.Beta11
    • SASL

      Gs2SaslServer: gssContext's channelBinding setting leads to error when native Kerberos is used.

      This lead to following error when using native Kerberos library:

      [GSSLibStub_acceptContext] before2: pCred=35810112, pContext=0
[GSSLibStub_acceptContext] before3: inToken.length=515
[GSSLibStub_acceptContext] after: pCred=35810112, pContext=0, pDelegCred=0
[GSSLibStub_acceptContext] after2: major=262144, GSS_ERROR(major)=262144 minor=12
[GSSLibStub_acceptContext] acceptSecContext JK Status major/minor = 40000/12
c/r/s = 0/4/0

      Which mean routine error 4 has occurred, which is GSS_S_BAD_BINDINGS - Incorrect channel bindings were supplied.

      This is fixed when I change cb (in native) to GSS_C_NO_CHANNEL_BINDINGS - equivalent of setting null into channelBinding in gssContext.

              jkalina@redhat.com Jan Kalina (Inactive)
              jkalina@redhat.com Jan Kalina (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: