[39178] in Kerberos
Re: appl/simple/client/sim_client.c uses internal APIs
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Feb 24 14:12:38 2023
Message-ID: <29953862-a2db-88c6-6eb6-2ca069d2a3f2@mit.edu>
Date: Fri, 24 Feb 2023 14:06:59 -0500
MIME-Version: 1.0
Content-Language: en-US
To: Sam Hartman <hartmans@debian.org>, Simo Sorce <simo@redhat.com>,
Florian Weimer <fweimer@redhat.com>, kerberos@mit.edu
From: Greg Hudson <ghudson@mit.edu>
In-Reply-To: <010001867f579798-1ec0eb99-5063-4a2c-8e72-e25400d41000-000000@email.amazonses.com>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: kerberos-bounces@mit.edu
On 2/23/23 12:34, Sam Hartman wrote:
> I also think that the simple client referred to in the subject has a
> bunch of anti-patterns.
> As an example, I don't think it integrity protects or encrypts its
> exchanges
I think appl/simple actually does protect messages but appl/sample does not.
It looks like the uses of krb5_gen_portaddr() and krb5_gen_replay_name()
in sim_client.c don't do anything after commit
dcb853ac32779b173f39e19c0f24b0087de85771 so they can be removed (I just
didn't realize it at the time).
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos