Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by krbdev.mit.edu (8.9.3) with ESMTP id QAA24263; Tue, 20 May 2003 16:42:07 -0400 (EDT) Received: from konishi-polis.mit.edu (KONISHI-POLIS.MIT.EDU [18.18.3.10]) by pacific-carrier-annex.mit.edu (8.12.4/8.9.2) with ESMTP id h4KKg7S1011002 for ; Tue, 20 May 2003 16:42:07 -0400 (EDT) Received: by konishi-polis.mit.edu (Postfix, from userid 8042) id F1650152451; Tue, 20 May 2003 16:42:04 -0400 (EDT) To: krb5-bugs@mit.edu Subject: Convert principal name accessors to functions Message-Id: <20030520204204.F1650152451@konishi-polis.mit.edu> Date: Tue, 20 May 2003 16:42:04 -0400 (EDT) From: hartmans@MIT.EDU (Sam Hartman) X-RT-Original-Encoding: iso-8859-1 Content-Length: 340 Nico points out that if the principal access macros were functions, fixing the security bug we had with walking off the end of the principal array would have required only replacing the libkrb5 shared object, not all the applications. AS such, unless we have compelling performance reasons we should make these be functions not macros.