| commit | 7dbce5ce720b9e8c31ad769cd59688c85953ec31 | |
| author | Stefan Becker <chemobejk@gmail.com> | |
| Fri, 18 Oct 2013 15:42:11 +0000 (18 18:42 +0300) | ||
| committer | Stefan Becker <chemobejk@gmail.com> | |
| Fri, 18 Oct 2013 15:42:11 +0000 (18 18:42 +0300) | ||
| tree | e0548fbf2dc53c7234696aa7fff85b2bc1854761 | treesnapshot (tar.gz zip) |
| parent | cad1f790701e004fec2774b36c34a4a4f5ac6828 | commitdiff |
security: only throw away completed contexts
In sip_sec_init_sec_context__krb5() we threw away an already existing
Kerberos context when a new authentication handshake was started on the
existing connection. Although for Kerberos this is not a really a
problem, because it has only one authentication step, this is not
correct for the general GSSAPI case.
We now check if SIP_SEC_FLAG_COMMON_READY is set.
In sip_sec_init_sec_context__krb5() we threw away an already existing
Kerberos context when a new authentication handshake was started on the
existing connection. Although for Kerberos this is not a really a
problem, because it has only one authentication step, this is not
correct for the general GSSAPI case.
We now check if SIP_SEC_FLAG_COMMON_READY is set.
| src/core/sip-sec-krb5.c | diffblobblamehistory |