RFR 8170732: GssKrb5Client sends non-zero buffer size when qop is "auth"
Wang Weijun
weijun.wang at oracle.com
Thu Dec 22 01:52:13 UTC 2016
Please take a review at
http://cr.openjdk.java.net/~weijun/8170732/webrev.00/
According to https://tools.ietf.org/html/rfc4752#section-3.1:
The client then constructs data, with the first octet containing the
bit-mask specifying the selected security layer, the second through
fourth octets containing in network byte order the maximum size
output_message the client is able to receive (which MUST be 0 if the
client does not support any security layer),
A test is modified to check this case. Please note that when there is no security layer, you cannot call wrap/unwrap anymore.
Thanks
Max
More information about the security-dev
mailing list