[4420] in Kerberos
Re: kadmin specifies KRB5_PADATA_ENC_TIMESTAMP
daemon@ATHENA.MIT.EDU (David Parter)
Mon Jan 2 21:04:01 1995
To: Jim_Miller@suite.com
Cc: krb5-bugs@MIT.EDU, kerberos@MIT.EDU
Date: Mon, 02 Jan 1995 19:52:11 -0600
From: David Parter <dparter@cs.wisc.edu>
Jim_Miller@suite.com writes:
> This bug report is for KRB5, beta 4, patchlevel 3.
> The "preauth_search_list" array declared at the beginning of kadmin.c
> specifies the preauth type of KRB5_PADATA_ENC_TIMESTAMP. However, this
> preauth type is no longer listed in the "preauth_systems" array defined in
> preauth.c. It looks like KRB5_PADATA_ENC_TIMESTAMP was supposed to be
> replaced with KRB5_PADATA_ENC_UNIX_TIME.
also, in preauth.c, the last entry in preauth_systems[] is:
{ -1,}
(which means the magic number is -1)
however, in find_preauthenticator, the code tests for:
(ap->type != -1)
which will never match.
Three obvious ways to fix this:
1. make the initialization { -1, -1 }
2. make the initialization { 0, -1 }
3. leave the initialization as is and change the test to check for
(ap->magic != -1). This seemed wrong to me, so I used method #1.
--david
--------
david parter dparter@cs.wisc.edu
university of wisconsin -- madison voice: 608-262-0608/262-2389
computer sciences department fax: 608-262-6626
postmaster, hostmaster, xunet/blanca, mentor, www, gopher, ftp,
compilers, security, software planning, training ...
