issue with krb5int_parse_enctype_list()

Will Fiveash will.fiveash at
Thu Jan 20 18:52:13 EST 2011

Looking at krb5int_parse_enctype_list() in src/lib/krb5/krb/init_ctx.c I

        } else if (krb5_string_to_enctype(token, &etype) == 0) {
            /* Set a specific enctype. */
            mod_list(etype, sel, weak, &list);

My concern is if the admin has mistyped when entering the enctypes for
the enctype list parameters in krb5.conf won't this logic silently
ignore the invalid enctype because an error return value from
krb5_string_to_enctype() is ignored?  Shouldn't an error be set which
can be output/syslogged?

Will Fiveash
Sent using mutt, a sweet, text based e-mail app <>

More information about the krbdev mailing list