Probable boolean logic error
Robbie Harwood
rharwood at redhat.com
Wed Dec 6 11:27:47 EST 2017
Michael McConville <mmcco at mykolab.com> writes:
> Hi guys.
>
> The below if condition is obviously always true in its current state.
> It seems that the author meant to use && rather than ||.
>
> Thanks for your time,
> Michael McConville
> University of Utah
>
> diff --git a/src/windows/leashdll/krb5routines.c b/src/windows/leashdll/krb5routines.c
> index 3911720ae..ff5eb4980 100644
> --- a/src/windows/leashdll/krb5routines.c
> +++ b/src/windows/leashdll/krb5routines.c
> @@ -255,7 +255,7 @@ LeashKRB5_renew(void)
> pkrb5_cc_set_flags(ctx, cc, KRB5_TC_NOTICKET);
> #endif
> if (code) {
> - if ( code != KRB5KDC_ERR_ETYPE_NOSUPP ||
> + if ( code != KRB5KDC_ERR_ETYPE_NOSUPP &&
> code != KRB5_KDC_UNREACH)
> Leash_krb5_error(code, "krb5_get_renewed_creds()", 0, &ctx, &cc);
> goto cleanup;
That doesn't seem correct to me. On line 253, we call into
pkrb5_get_renewed_creds(), which is what's being checked by this call -
it's a wrapper around get_valrenewed_creds(), which can return a lot
more than KRB5KDC_ERR_ETYPE_NOSUPP and KRB5_KDC_UNREACH - including
EINVAL, ENOMEM, KRB5_CC_NOTFOUND, to name a few.
Thanks,
--Robbie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20171206/c7b4f9f3/attachment.bin
More information about the krbdev
mailing list