From ghudson@MIT.EDU Wed May 13 12:43:29 1998
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id MAA04201 for <bugs@RT-11.MIT.EDU>; Wed, 13 May 1998 12:43:28 -0400
Received: from SNORKLEWACKER.MIT.EDU by MIT.EDU with SMTP
id AA29048; Wed, 13 May 98 12:43:12 EDT
Received: by snorklewacker.mit.edu (8.8.8/4.7) id MAA01208; Wed, 13 May 1998 12:43:11 -0400 (EDT)
Message-Id: <199805131643.MAA01208@snorklewacker.mit.edu>
Date: Wed, 13 May 1998 12:43:11 -0400 (EDT)
From: ghudson@MIT.EDU
Reply-To: ghudson@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: des_read_pw_string in libdes425
X-Send-Pr-Version: 3.99
System: NetBSD snorklewacker.mit.edu 1.3.1 NetBSD 1.3.1 (ATHENA) #0: Mon Apr 27 17:21:42 EDT 1998 nathanw@antisnork.mit.edu:/u1/var/tmp/sys-1.3.1/arch/i386/compile/ATHENA i386
libdes. Unfortunately, des_read_pw_string() is not compatible; in
both MIT Kerberos and CNS, the fourth argument is a flag "verify"
(which verifies with a prompt "Verifying, please re-enter <first
it dump core.
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id MAA04201 for <bugs@RT-11.MIT.EDU>; Wed, 13 May 1998 12:43:28 -0400
Received: from SNORKLEWACKER.MIT.EDU by MIT.EDU with SMTP
id AA29048; Wed, 13 May 98 12:43:12 EDT
Received: by snorklewacker.mit.edu (8.8.8/4.7) id MAA01208; Wed, 13 May 1998 12:43:11 -0400 (EDT)
Message-Id: <199805131643.MAA01208@snorklewacker.mit.edu>
Date: Wed, 13 May 1998 12:43:11 -0400 (EDT)
From: ghudson@MIT.EDU
Reply-To: ghudson@MIT.EDU
To: krb5-bugs@MIT.EDU
Subject: des_read_pw_string in libdes425
X-Send-Pr-Version: 3.99
Show quoted text
>Number: 590
>Category: krb5-libs
>Synopsis: des_read_pw_string() is not backward-compatible
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed May 13 12:44:00 EDT 1998
>Last-Modified:
>Originator: Greg Hudson
>Organization:
MIT>Category: krb5-libs
>Synopsis: des_read_pw_string() is not backward-compatible
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Wed May 13 12:44:00 EDT 1998
>Last-Modified:
>Originator: Greg Hudson
>Organization:
Show quoted text
>Release: 1.0pl1
>Environment:
>Environment:
System: NetBSD snorklewacker.mit.edu 1.3.1 NetBSD 1.3.1 (ATHENA) #0: Mon Apr 27 17:21:42 EDT 1998 nathanw@antisnork.mit.edu:/u1/var/tmp/sys-1.3.1/arch/i386/compile/ATHENA i386
Show quoted text
>Description:
libdes425 is supposed to provide backward compatibility with the krb4libdes. Unfortunately, des_read_pw_string() is not compatible; in
both MIT Kerberos and CNS, the fourth argument is a flag "verify"
(which verifies with a prompt "Verifying, please re-enter <first
Show quoted text
prompt>"). In libdes425, the fourth argument is a second prompt to
use when verifying, or NULL if verification is not to be done.Show quoted text
>How-To-Repeat:
Compile the CNS kpasswd against the krb4 compatibility libraries. Watchit dump core.
Show quoted text
>Fix:
None provided, although it's fairly simple.Show quoted text
>Audit-Trail:
>Unformatted:
>Unformatted: