[471] in Kerberos-V5-bugs
Re: Potential bug.
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Tue May 17 14:33:22 1994
Date: Tue, 17 May 94 14:32:46 EDT
From: tytso@MIT.EDU (Theodore Ts'o)
To: georgesr@wrq.com (georges rahbani)
Cc: krb5-bugs@MIT.EDU, georgesr@elmer.wrq.com
In-Reply-To: "[468] in Kerberos-V5-bugs"
Date: Tue, 17 May 1994 10:21:01 -0700
From: georgesr@wrq.com (georges rahbani)
Howdy,
I was looking at the function krb5_get_cred_from_kdc early in the
function there is a call to
krb5_tgtname (krb5_princ_realm(cred->server),
krb5_princ_realm(cred->client), &final_server)
This call suppose to get the principal structure for the TGT. The
owner I guess should be the client. In this case the owner will be
the server. Could anybody please help me on this issue. Is this
correct?
I'm not sure what you mean by "owner" here, but as far as I can tell,
the code is correct. About the only thing that is wrong is how the
arguments to krb5_tgtname are labelled:
krb5_error_code
krb5_tgtname(client, server, tgtprinc)
const krb5_data *client, *server;
krb5_principal *tgtprinc;
{
return krb5_build_principal_ext(tgtprinc, server->length, server->data,
KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME,
client->length, client->data,
0);
}
would be much more understandable if it client and server were switched:
krb5_error_code
krb5_tgtname(server, client, tgtprinc)
const krb5_data *server, *client;
krb5_principal *tgtprinc;
{
return krb5_build_principal_ext(tgtprinc, client->length, client->data,
KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME,
server->length, server->data,
0);
}
This doesn't make any difference as far as how the code executes, but
it's a bit more understandable this way...
Does this answer your question?
- Ted
