Date: | Sat, 1 Mar 2003 15:26:47 -0600 |
From: | Nicolas Williams <Nicolas.Williams@sun.com> |
To: | krb5-bugs@mit.edu |
Subject: | Remove caching of default initiator GSS credential data |
There is no need for gss_inquire_cred(GSS_C_NO_CREDENTIAL) to have any
sort of predictable outputs; its outputs should always reflect the
current state of the user's ccache, and not that of the user's ccache at
the time that GSS_C_NO_CREDENTIAL is first referred to.
Applications that need to know details of the default credential used to
initiate some context, such as initiator name or credential lifetime,
can get the information by inquiring the context and should not assume
that the outputs of gss_inquire_cred(GSS_C_NO_CREDENTIAL) will reflect
the same values as used during the initiation of any one context.
Please remove this cache.
sort of predictable outputs; its outputs should always reflect the
current state of the user's ccache, and not that of the user's ccache at
the time that GSS_C_NO_CREDENTIAL is first referred to.
Applications that need to know details of the default credential used to
initiate some context, such as initiator name or credential lifetime,
can get the information by inquiring the context and should not assume
that the outputs of gss_inquire_cred(GSS_C_NO_CREDENTIAL) will reflect
the same values as used during the initiation of any one context.
Please remove this cache.