[422] in Kerberos-V5-bugs
beta 3: krb5_get_in_tkt uses creds->addresses when it should
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Thu Feb 24 15:15:28 1994
Date: Thu, 24 Feb 1994 15:12:45 -0500
From: "Jonathan I. Kamens" <jik@security.ov.com>
To: krb5-bugs@MIT.EDU
krb5_get_in_tkt calls krb5_obtain_padata with creds->addresses as its
addresses argument. I believe that that's wrong, because (a)
creds->addresses is assigned later from the KDC reply, (b) kinit
doesn't iniitialize creds->addresses before calling
krb5_get_in_tkt_with_*, and (c) doc/api/krb5.tex doesn't say that
creds->addresses is used by krb5_get_in_tkt.
Therefore, it looks to me like like instead of passing
creds->addresses into krb5_obtain_padata, krb5_get_in_tkt should pass
in either addrs if it's non-NULL, or the results of calling
krb5_os_localaddr if it is.
I'd send in a patch, but I'm reluctant to fix this until somebody else
confirms that I'm right about it being broken :-). If I am right,
please let me know. (Please let me know if I'm wrong too. :-)
jik
