Renewable tickets
Sam Hartman
hartmans at MIT.EDU
Mon Feb 2 12:42:01 EST 2004
>>>>> "Russell" == Russell King <rmk at arm.linux.org.uk> writes:
Russell> Ok. However, verify_as_reply() in get_in_tkt() seems
Russell> buggy:
And that is what I remember us fixing before the 1.3 release:
2003-05-30 Alexandra Ellwood <lxs at mit.edu>
* get_in_tkt.c: (verify_as_reply) Only check the renewable lifetime
of tickets whose request options included KDC_OPT_RENEWABLE_OK
if those options did not also include KDC_OPT_RENEWABLE. Otherwise
verify_as_reply() will fail for all renewable tickets.
OK, so the change is not quite what I remember and may be for a
related but not identical problem.
I'd suggest sending a brief summary of the situation, including
verbatim copies of your comments about verify_as_reply to
krb5-bugs at mit.edu.
More information about the krbdev
mailing list