Bug in krb5_keyblock_data function on Solaris 10/Opensolaris

Nicolas Williams Nicolas.Williams at sun.com
Tue Oct 16 00:06:46 EDT 2007


On Tue, Oct 16, 2007 at 12:33:43AM +0100, Markus Moeller wrote:
> Maybe I miss something but I am not in control of the initialisation of the 
> keyblock.  The problem is mcreds->keyblock ->contents in 
> krb5_copy_keyblock_data, which is not allocated in any function before and 
> not provided by the user.

Yeah, I forgot.  Solaris has a krb5_init_allocated_keyblock() function
for this purpose.  I suppose you could call krb5_init_keyblock() and do
a struct copy, but that'd be asking for trouble (depending on what MIT
wants to do in the future about caching derived keys (which Solaris does
because we were able to modify krb5_keyblock before its layout and size
became part of the ABI when we exposed the krb5 API).

I'm either missing something else or you're right that there's a bug in
krb5_get_credentials_core().

Nico
-- 



More information about the Kerberos mailing list