Subject: | kdc_util.c bug - validate_tgs_request clears all kdc_options |
From: | Wyllys Ingersoll <wyllys.ingersoll@sun.com> |
To: | krb5-bugs@mit.edu |
Date: | Thu, 12 Feb 2004 13:13:45 -0500 |
The new code in kdc_util.c
request->kdc_options &= ~(TGS_OPTIONS_HANDLED);
Actually causes clears the kdc_options field of all
handled options, which (in most cases) zeros the field.
This is probably not intended...
To properly disable unrecognized flags, I think you need
to do something like this:
badflags = (request->kdc_options & ~(TGS_OPTIONS_HANDLED));
request->kdc_options &= ~badflags;
-Wyllys
--
Wyllys Ingersoll <wyllys.ingersoll@sun.com>