Subject: | krb5_get_init_creds_password bogus empty pw arg behavior |
krb5_get_init_creds_password() appears to treat an empty password
argument differently from krb5_get_in_tkt_with_password(). The former
prompts for a password, but appears to run the string-to-key on an empty
string regardless of what is input. The latter prompts for a password
in the expected way. This was discovered while investigating some test
suite oddities in the fix for #2913.
argument differently from krb5_get_in_tkt_with_password(). The former
prompts for a password, but appears to run the string-to-key on an empty
string regardless of what is input. The latter prompts for a password
in the expected way. This was discovered while investigating some test
suite oddities in the fix for #2913.