[krbdev.mit.edu #2234] kdc_util.c bug - validate_tgs_request clears all kdc_options
"Jeffrey Altman [Kermit Project]" via RT
rt-comment at krbdev.mit.edu
Thu Feb 12 13:30:40 EST 2004
Wyllys Ingersoll via RT wrote:
>The new code in kdc_util.c
>
> request->kdc_options &= ~(TGS_OPTIONS_HANDLED);
>
>Actually causes clears the kdc_options field of all
>handled options, which (in most cases) zeros the field.
>This is probably not intended...
>
>To properly disable unrecognized flags, I think you need
>to do something like this:
>
>badflags = (request->kdc_options & ~(TGS_OPTIONS_HANDLED));
>request->kdc_options &= ~badflags;
>
>-Wyllys
>
>
Shouldn't this simply be?
request->kdc_options &= TGS_OPTIONS_HANDLED;
More information about the krb5-bugs
mailing list