RFR 8170732: GssKrb5Client sends non-zero buffer size when qop is "auth"
Xuelei Fan
xuelei.fan at oracle.com
Tue Jan 3 22:56:34 UTC 2017
Would you mind add a comment about this MUST-BE-ZERO behavior?
Otherwise, looks fine to me.
Xuelei
On 1/2/2017 7:31 PM, Wang Weijun wrote:
> Ping again.
>
> On 12/22/2016 9:52 AM, Wang Weijun wrote:
>> Please take a review at
>>
>> http://cr.openjdk.java.net/~weijun/8170732/webrev.00/
>>
>> According to https://tools.ietf.org/html/rfc4752#section-3.1:
>>
>> The client then constructs data, with the first octet containing the
>> bit-mask specifying the selected security layer, the second through
>> fourth octets containing in network byte order the maximum size
>> output_message the client is able to receive (which MUST be 0 if the
>> client does not support any security layer),
>>
>> A test is modified to check this case. Please note that when there is
>> no security layer, you cannot call wrap/unwrap anymore.
>>
>> Thanks Max
>>
More information about the security-dev
mailing list