Skip Menu |
 

Subject: gss_acquire_cred_with_password() fails to acquire multiple creds by default
From: Simo Sorce <simo@redhat.com>
To: krb5-bugs <krb5-bugs@mit.edu>
Date: Sat, 20 Jun 2015 16:19:41 -0400
The code in gss_acquire_cred_with_password() limits itself to only
acquire creds for the "default" mechanism if no desires odi_set is
provided. This prevents cases where multiple mechanism are available to
work in the default case where no preference is desired.

A workaround is to use gss_indicate_mechs() and pass the output to
gss_acquire_cred_with_password() but it seem just a gratuitous
limitation.

gss_acquire_cred_with_password() (or a better successor) should not
prevent a multi-mechanism negotiation by default.

Simo.

--
Simo Sorce * Red Hat, Inc * New York