[16507] in Kerberos_V5_Development
Re: X-CACHECONF in cache type 0504
daemon@ATHENA.MIT.EDU (Frank Cusack)
Mon Nov 22 23:19:12 2010
Date: Mon, 22 Nov 2010 20:19:05 -0800
From: Frank Cusack <frank+krb@linetwo.net>
To: Greg Hudson <ghudson@mit.edu>
Message-ID: <6A19164F79638D6EB0857AD6@cusack.local>
In-Reply-To: <1290145952.2633.1248.camel@ray>
MIME-Version: 1.0
Content-Disposition: inline
Cc: Weijun Wang <weijun.wang@oracle.com>, krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On 11/19/10 12:52 AM -0500 Greg Hudson wrote:
> On Thu, 2010-11-18 at 22:18 -0500, Weijun Wang wrote:
>> Java 1.6 currently just reads all entries as normal credential cache. It
>> fails on the new type of entry when trying to interpret the last 2
>> fields as ticket and second ticket. For the new entry, the field used to
>> be the ticket is a 3-bytes sequence which is not a DER encoding at
>> all.
>
> I see. In hindsight, we perhaps should have made the config entries
> preserve the Ticket ASN.1 structure of the ticket field. But that ship
> has sailed.
Well why couldn't you just update the code that writes the entries? Of
course you'd have to read either format but you could remove the "bad"
encoding reader after a year.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
