[1883] in Kerberos-V5-bugs
Re: ss-960411 Checksum Problems
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Wed Apr 17 14:38:58 1996
Date: Wed, 17 Apr 1996 14:38:34 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: Doug Engert <DEEngert@anl.gov>
Cc: krb5-bugs@MIT.EDU
In-Reply-To: Doug Engert's message of Tue, 16 Apr 1996 17:06:38 -0500,
<199604162206.RAA31314@pembroke.ctd.anl.gov>
Date: Tue, 16 Apr 1996 17:06:38 -0500
From: Doug Engert <DEEngert@anl.gov>
While testing the ss-960411 snapshot, I always get a "Decrypt
integrity check failed" when using an older version of krlogin with
the newer krlogind.
It appears that krlogind.c should only be checking the checksum if the
-c option is set. But the logic appears to check it anyway, and the
krb5_verify_checksum is called which returns the bad status.
What version was the "older version" of krlogin? I had thought the
older versions of krlogin didn't fill in the checksum field at all, so
it krb5_verify_checksum() shouldn't have been called in those
circumstances.
- Ted
