[krbdev.mit.edu #1230] Transited realm handling

Sam Hartman hartmans at MIT.EDU
Sun Oct 27 21:35:01 EST 2002

Bug 1230 notes that we were included a trailing null in transited
realm encodings that we send over the wire and check against KDC

I have fixed this code but not yet closed out the bug.  We could
include an additional fix to better deal with encodings that include a
trailing null received from other KDCs.

The disadvantage is that we would consider realms differing only in a
trailing null character the same for trust comparisons.  Also, it is
not clear how useful the fix will be since I think our current KDC
code will always force  a non-null transited encoding to fail the
cross-realm policy check.


More information about the krbdev mailing list