[krbdev.mit.edu #2918] krb5_get_init_creds_password bogus empty pw arg behavior
Tom Yu via RT
rt-comment at krbdev.mit.edu
Wed Feb 9 19:39:58 EST 2005
krb5_get_init_creds_password() appears to treat an empty password
argument differently from krb5_get_in_tkt_with_password(). The former
prompts for a password, but appears to run the string-to-key on an empty
string regardless of what is input. The latter prompts for a password
in the expected way. This was discovered while investigating some test
suite oddities in the fix for #2913.
More information about the krb5-bugs
mailing list