[16600] in Kerberos_V5_Development
issue with krb5int_parse_enctype_list()
daemon@ATHENA.MIT.EDU (Will Fiveash)
Thu Jan 20 18:53:37 2011
Date: Thu, 20 Jan 2011 17:52:13 -0600
From: Will Fiveash <will.fiveash@oracle.com>
To: MIT Kerberos Dev List <krbdev@mit.edu>
Message-ID: <20110120235213.GB2602@sun.com>
Mail-Followup-To: MIT Kerberos Dev List <krbdev@MIT.EDU>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Looking at krb5int_parse_enctype_list() in src/lib/krb5/krb/init_ctx.c I
see:
} else if (krb5_string_to_enctype(token, &etype) == 0) {
/* Set a specific enctype. */
mod_list(etype, sel, weak, &list);
}
My concern is if the admin has mistyped when entering the enctypes for
the enctype list parameters in krb5.conf won't this logic silently
ignore the invalid enctype because an error return value from
krb5_string_to_enctype() is ignored? Shouldn't an error be set which
can be output/syslogged?
--
Will Fiveash
Oracle
http://opensolaris.org/os/project/kerberos/
Sent using mutt, a sweet, text based e-mail app <http://www.mutt.org/>
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
