[20138] in Kerberos_V5_Development


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Is GSS_C_INTEG_FLAG required for calling gss_wrap/unwrap

daemon@ATHENA.MIT.EDU (Isaac Boukris)
Fri Jun 26 07:57:38 2020

MIME-Version: 1.0
From: Isaac Boukris <iboukris@gmail.com>
Date: Fri, 26 Jun 2020 13:57:16 +0200
Message-ID: <CAC-fF8SbJbEg=8gX2JhzN0wwTCfjA1Dud0hOWMnqqzEn9WyN8A@mail.gmail.com>
To: "krbdev@mit.edu Dev List" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu

Hi,

According to RFC 2274, GSS_C_INTEG_FLAG:
True - Integrity service may be invoked by calling either gss_get_mic
or gss_wrap routines.

But per my testing even with GSS_KRB5_CRED_NO_CI_FLAGS_X and not
asking for GSS_C_INTEG_FLAG (integ/conf are false in ap-req), both
parties are able to call gss_wrap/unwrap (windows server), is that
expected?

Thanks
_______________________________________________
krbdev mailing list             krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20138] in Kerberos_V5_Development

Is GSS_C_INTEG_FLAG required for calling gss_wrap/unwrap

daemon@ATHENA.MIT.EDU (Isaac Boukris)Fri Jun 26 07:57:38 2020

daemon@ATHENA.MIT.EDU (Isaac Boukris)
Fri Jun 26 07:57:38 2020