Can we sort preauth data in an AS reply

Sam Hartman hartmans at MIT.EDU
Tue Oct 3 14:40:12 EDT 2006

I'm applying the redhat patch and ran across the following:

    /* process any preauth data in the as_reply */
    krb5_clear_preauth_context_use_counts(context, preauth_context);
    if ((ret = sort_krb5_padata_sequence(context, &request.server->realm,
	goto cleanup

Under what circumstances is it reasonable for a client to process
padata out of order?  I'd assume it is reasonable to process any
padata in a preauth_needed error that has no associated data out of
order, but what about other circumstances?


More information about the krbdev mailing list