[3497] in Kerberos-V5-bugs
[krbdev.mit.edu #1202] KDC rejects unknown flags
daemon@ATHENA.MIT.EDU (via RT)
Tue Oct 1 10:36:11 2002
Message-Id: <rt-1202-3099.9.14109175740066@krbdev.mit.edu>
In-Reply-To: <rt-1202@krbdev.mit.edu>
From: " via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
To: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Tue, 1 Oct 2002 10:35:45 -0400 (EDT)
The MIT KDC (as of 1.2.6) rejects AS_REQs with unknown flags. The
specific code is in kdc/kdc_util.c:validate_as_request():
#define AS_OPTIONS_HANDLED (KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE | \
KDC_OPT_ALLOW_POSTDATE | KDC_OPT_POSTDATED
| \
KDC_OPT_RENEWABLE | KDC_OPT_RENEWABLE_OK)
[...]
/*
* If an illegal option is set, complain.
*/
if (request->kdc_options & ~(AS_OPTIONS_HANDLED)) {
*status = "INVALID AS OPTIONS";
return KDC_ERR_BADOPTION;
}
Probably the right solution is to remove these fragments.
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
