ksetpwd.c bug
Chris Hecker
checker at d6.com
Wed Mar 21 01:07:44 EDT 2012
Not sure if anybody noticed my parenthetical phrase about this in my
kerberos list clock skew thread, but this code is in ksetpwd.c:
static void get_init_creds_opt_init( krb5_get_init_creds_opt *outOptions )
{
krb5_preauthtype preauth[] = { KRB5_PADATA_ENC_TIMESTAMP };
krb5_enctype etypes[] = {ENCTYPE_DES_CBC_MD5,
ENCTYPE_DES_CBC_CRC};
krb5_get_init_creds_opt_set_address_list(outOptions, NULL);
krb5_get_init_creds_opt_set_etype_list( outOptions, etypes,
sizeof(etypes)/sizeof(krb5_enctype) );
krb5_get_init_creds_opt_set_preauth_list(outOptions, preauth,
sizeof(preauth)/sizeof(krb5_preauthtype) );
}
I haven't looked at all the calls, but at least the set_preauth_list
just keeps the pointer, which in this case happens to point into the
stack of this function which promptly returns.
Chris
More information about the krbdev
mailing list