[jboss-jira] [JBoss JIRA] (ELY-1472) [native kerberos] setting channelBinding of gssContext when not used
Jan Kalina (JIRA)
issues at jboss.org
Thu Dec 21 10:11:00 EST 2017
Jan Kalina created ELY-1472:
-------------------------------
Summary: [native kerberos] setting channelBinding of gssContext when not used
Key: ELY-1472
URL: https://issues.jboss.org/browse/ELY-1472
Project: WildFly Elytron
Issue Type: Bug
Components: SASL
Affects Versions: 1.2.0.Beta11
Reporter: Jan Kalina
Assignee: Jan Kalina
gssContext's channelBinding is set even when channel binding is not used.
This lead to following error when using native Kerberos library:
{code}
[GSSLibStub_acceptContext] before2: pCred=35810112, pContext=0
[GSSLibStub_acceptContext] before3: inToken.length=515
[GSSLibStub_acceptContext] after: pCred=35810112, pContext=0, pDelegCred=0
[GSSLibStub_acceptContext] after2: major=262144, GSS_ERROR(major)=262144 minor=12
[GSSLibStub_acceptContext] acceptSecContext JK Status major/minor = 40000/12
c/r/s = 0/4/0
{code}
Which mean routine error 4 has occurred, which is GSS_S_BAD_BINDINGS - Incorrect channel bindings were supplied.
This is fixed when I change cb (in native) to GSS_C_NO_CHANNEL_BINDINGS - equivalent of setting null into channelBinding in gssContext.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list