[28563] in Kerberos
Re: Bug in krb5_keyblock_data function on Solaris 10/Opensolaris
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Tue Oct 16 00:07:09 2007
Date: Mon, 15 Oct 2007 23:06:46 -0500
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Markus Moeller <huaraz@moeller.plus.com>
Message-ID: <20071016040645.GQ29257@Sun.COM>
Mail-Followup-To: Markus Moeller <huaraz@moeller.plus.com>,
Ken Raeburn <raeburn@mit.edu>, kerberos@mit.edu
Mime-Version: 1.0
Content-Disposition: inline
In-Reply-To: <056101c80f83$d3ed5d20$0801a8c0@home>
Cc: Ken Raeburn <raeburn@mit.edu>, kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tue, Oct 16, 2007 at 12:33:43AM +0100, Markus Moeller wrote:
> Maybe I miss something but I am not in control of the initialisation of the
> keyblock. The problem is mcreds->keyblock ->contents in
> krb5_copy_keyblock_data, which is not allocated in any function before and
> not provided by the user.
Yeah, I forgot. Solaris has a krb5_init_allocated_keyblock() function
for this purpose. I suppose you could call krb5_init_keyblock() and do
a struct copy, but that'd be asking for trouble (depending on what MIT
wants to do in the future about caching derived keys (which Solaris does
because we were able to modify krb5_keyblock before its layout and size
became part of the ABI when we exposed the krb5 API).
I'm either missing something else or you're right that there's a bug in
krb5_get_credentials_core().
Nico
--
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos