From krb5-bugs-incoming-bounces@mit.edu  Tue Apr 20 22:01:03 2004
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (8.9.3p2) with ESMTP
	id WAA07747; Tue, 20 Apr 2004 22:01:02 -0400 (EDT)
Received: from pch.mit.edu (localhost [127.0.0.1])
	by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i3L212os021847
	for <krb5-send-pr@krbdev.mit.edu>; Tue, 20 Apr 2004 22:01:02 -0400 (EDT)
Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU
	[18.7.21.83])
	by pch.mit.edu (8.12.8p2/8.12.8) with ESMTP id i3JKflos029422
	for <krb5-bugs-incoming@PCH.mit.edu>;
	Mon, 19 Apr 2004 16:41:47 -0400 (EDT)
Received: from nwkea-mail-2.sun.com (nwkea-mail-2.sun.com [192.18.42.14])
	i3JKcKBg016624
	for <krb5-bugs@mit.edu>; Mon, 19 Apr 2004 16:38:21 -0400 (EDT)
Received: from centralmail1brm.Central.Sun.COM ([129.147.62.1])
	by nwkea-mail-2.sun.com (8.12.10/8.12.9) with ESMTP id i3JKcKhO026905
	for <krb5-bugs@mit.edu>; Mon, 19 Apr 2004 13:38:20 -0700 (PDT)
Received: from alton.central.sun.com (alton.Central.Sun.COM [129.153.128.101])
	with ESMTP id i3JKcJcE004260
	for <krb5-bugs@mit.edu>; Mon, 19 Apr 2004 14:38:20 -0600 (MDT)
Received: from alton.central.sun.com (localhost [127.0.0.1])
	i3JKcJXo626697
	for <krb5-bugs@mit.edu>; Mon, 19 Apr 2004 15:38:19 -0500 (CDT)
Received: (from willf@localhost)i3JKcJJL626696;
	Mon, 19 Apr 2004 15:38:19 -0500 (CDT)
Date: Mon, 19 Apr 2004 15:38:19 -0500 (CDT)
From: William Fiveash <willf@alton.central.sun.com>
Message-Id: <200404192038.i3JKcJJL626696@alton.central.sun.com>
To: krb5-bugs@mit.edu
X-send-pr-version: 3.99
X-Mailman-Approved-At: Tue, 20 Apr 2004 22:00:42 -0400
X-BeenThere: krb5-bugs-incoming@mit.edu
X-Mailman-Version: 2.1
Precedence: list
Reply-To: willf@alton.central.sun.com
Sender: krb5-bugs-incoming-bounces@mit.edu
Errors-To: krb5-bugs-incoming-bounces@mit.edu


>Submitter-Id:	net
>Originator:	William Fiveash
>Organization:
	
Sun Microsystems Inc.
>Confidential:	
no
>Synopsis:	
krb5_get_in_tkt_with_password() called too many times in _kadm5_init_any()
>Severity:	
non-critical
>Priority:	
low
>Category:	
krb5-admin
>Class:		
sw-bug
>Release:	krb5-1.3.3
>Environment:
	
System: SunOS alton 5.10 s10_55 sun4u sparc SUNW,Sun-Blade-1000
Architecture: sun4

>Description:
	
In _kadm5_init_any() around line 357 I see:

     if (init_type == INIT_PASS) {
      for (i=0; preauth_search_list[i] >= 0; i++) {
           code = krb5_get_in_tkt_with_password(handle->context,

Where preauth_search_list is defined as:

/*
 * Try no preauthentication first; then try the encrypted timestamp
 * (stolen from krb5 kinit.c)
 */
static int preauth_search_list[] = {
     0,
     KRB5_PADATA_ENC_UNIX_TIME,
     -1                        
};

The for loop isn't required AFIK since krb5_get_in_tkt_with_password()
has logic to deal with the case where preauth is required.  As it stands
now the for loop can cause kadmin to needlessly prompt twice for a
password and still fail.

>How-To-Repeat:
	

If you can get preauth to fail this will cause krb5_get_in_tkt_with_password()
to be called twice.
>Fix:
	
Remove the "for (i=0; preauth_search_list[i] >= 0; i++) {" loop.