From agb@pacificnet.net Wed Jan 29 02:36:00 1997
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id CAA12200 for <bugs@RT-11.MIT.EDU>; Wed, 29 Jan 1997 02:35:59 -0500
Received: from agb.pacificnet.net by MIT.EDU with SMTP
id AA00354; Wed, 29 Jan 97 02:34:48 EST
Received: (from root@localhost) by agb.pacificnet.net (8.6.12/8.6.12) id XAA02419; Tue, 28 Jan 1997 23:29:59 -0800
Message-Id: <199701290729.XAA02419@agb.pacificnet.net>
Date: Tue, 28 Jan 1997 23:29:59 -0800
From: "Alexander G. Burchell" <agb@pacificnet.net>
Reply-To: agb@pacificnet.net
To: krb5-bugs@MIT.EDU
Subject: X11R6.3 source not compatible with Kerberos V5 1.0
X-Send-Pr-Version: 3.99
System: Linux agb.pacificnet.net 2.0.26 #3 Thu Nov 28 22:17:14 PST 1996 i486
Architecture: i486
Function and macro calls do not contain "context" field.
XauKrb5Decode() called for example by xhost.c.
as well as a call to krb5_init_context(). This fix is untested.
(2) Obtain corrected X11R6.3 code or patches, source unknown to me.
State-Changed-From-To: open-closed
State-Changed-By: hartmans
State-Changed-When: Thu Apr 18 11:16:20 2002
State-Changed-Why:
Years ago you filed a bug on Kerberos complaining that the Kerberos
sources in X11 were outdated.
While this was true then and is even more true now, it is really a good thing since
those sources are also very insecure. Please
use ssh instead.
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id CAA12200 for <bugs@RT-11.MIT.EDU>; Wed, 29 Jan 1997 02:35:59 -0500
Received: from agb.pacificnet.net by MIT.EDU with SMTP
id AA00354; Wed, 29 Jan 97 02:34:48 EST
Received: (from root@localhost) by agb.pacificnet.net (8.6.12/8.6.12) id XAA02419; Tue, 28 Jan 1997 23:29:59 -0800
Message-Id: <199701290729.XAA02419@agb.pacificnet.net>
Date: Tue, 28 Jan 1997 23:29:59 -0800
From: "Alexander G. Burchell" <agb@pacificnet.net>
Reply-To: agb@pacificnet.net
To: krb5-bugs@MIT.EDU
Subject: X11R6.3 source not compatible with Kerberos V5 1.0
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 358
>Category: krb5-misc
>Synopsis: X11R6.3 source not compatible with Kerberos V5 1.0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: closed
>Class: support
>Submitter-Id: unknown
>Arrival-Date: Wed Jan 29 02:36:01 EST 1997
>Last-Modified: Thu Apr 18 11:17:12 EDT 2002
>Originator: Alexander G. Burchell
>Organization:
None>Category: krb5-misc
>Synopsis: X11R6.3 source not compatible with Kerberos V5 1.0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: closed
>Class: support
>Submitter-Id: unknown
>Arrival-Date: Wed Jan 29 02:36:01 EST 1997
>Last-Modified: Thu Apr 18 11:17:12 EDT 2002
>Originator: Alexander G. Burchell
>Organization:
Show quoted text
>Release: 1.0
>Environment:
>Environment:
System: Linux agb.pacificnet.net 2.0.26 #3 Thu Nov 28 22:17:14 PST 1996 i486
Architecture: i486
Show quoted text
>Description:
Source code for X11R6.3 is not compatible with Kerberos V5 1.0:Function and macro calls do not contain "context" field.
Show quoted text
>How-To-Repeat:
See for example k5encode.c in libXau; functions XauKrb5Encode() andXauKrb5Decode() called for example by xhost.c.
Show quoted text
>Fix:
(1) Add "context" field to function calls and macro calls in X11R6.3 source,as well as a call to krb5_init_context(). This fix is untested.
(2) Obtain corrected X11R6.3 code or patches, source unknown to me.
Show quoted text
>Audit-Trail:
State-Changed-From-To: open-closed
State-Changed-By: hartmans
State-Changed-When: Thu Apr 18 11:16:20 2002
State-Changed-Why:
Years ago you filed a bug on Kerberos complaining that the Kerberos
sources in X11 were outdated.
While this was true then and is even more true now, it is really a good thing since
those sources are also very insecure. Please
use ssh instead.
Show quoted text
>Unformatted: