[krbdev.mit.edu #2234] kdc_util.c bug - validate_tgs_request clears all kdc_options
Jeffrey Altman
jaltman at columbia.edu
Thu Feb 12 13:31:00 EST 2004
Wyllys Ingersoll via RT wrote:
>The new code in kdc_util.c
>
> request->kdc_options &= ~(TGS_OPTIONS_HANDLED);
>
>Actually causes clears the kdc_options field of all
>handled options, which (in most cases) zeros the field.
>This is probably not intended...
>
>To properly disable unrecognized flags, I think you need
>to do something like this:
>
>badflags = (request->kdc_options & ~(TGS_OPTIONS_HANDLED));
>request->kdc_options &= ~badflags;
>
>-Wyllys
>
>
Shouldn't this simply be?
request->kdc_options &= TGS_OPTIONS_HANDLED;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/krb5-bugs/attachments/20040212/5b73432c/attachment.htm
More information about the krb5-bugs
mailing list