Skip Menu |
 

History Show all quoted textShow full headers
# Mon Dec 12 19:53:57 2011 ghudson@mit.edu (Greg Hudson) - Ticket created
From: ghudson@mit.edu
Subject: SVN Commit
Download (untitled) / with headers
text/plain 471B

If krb5_server_decrypt_ticket_keytab doesn't find a key of the
appropriate enctype in an iterable keytab, it returns 0 (without
decrypting the ticket) due to a misplaced initialization of retval.
This bug causes kinit -k to claim "keytab entry valid" when it
shouldn't. Reported by mark@mproehl.net.

https://github.com/krb5/krb5/commit/b531f40581f6b871c08643a0e9ef11f632de0363
Commit By: ghudson
Revision: 25584
Changed Files:
U trunk/src/lib/krb5/krb/srv_dec_tkt.c
# Mon Dec 12 19:53:57 2011 ghudson@mit.edu (Greg Hudson) - Requestor ghudson@mit.edu (Greg Hudson) added
# Mon Dec 12 19:53:57 2011 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'review'
# Mon Dec 12 19:55:57 2011 ghudson@mit.edu (Greg Hudson) - Comments added
Download (untitled) / with headers
text/plain 211B
This bug applies to versions 1.8 through 1.10. It only affects the
operation of kvno -k, which is pretty obscure (it's not documented), so
I'm not sure what pullups are justified, but the fix is also minimal.
# Tue Jan 10 22:59:23 2012 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'
# Tue Jan 10 22:59:23 2012 tlyu (Taylor Yu) - Version_Fixed 1.10 added
# Tue Jan 10 22:59:23 2012 tlyu (Taylor Yu) - Correspondence added
From: tlyu@mit.edu
Subject: SVN Commit
Download (untitled) / with headers
text/plain 739B

Pull up r25584 from trunk

------------------------------------------------------------------------
r25584 | ghudson | 2011-12-12 19:53:56 -0500 (Mon, 12 Dec 2011) | 9 lines

ticket: 7051
subject: krb5_server_decrypt_ticket_keytab wrongly succeeds

If krb5_server_decrypt_ticket_keytab doesn't find a key of the
appropriate enctype in an iterable keytab, it returns 0 (without
decrypting the ticket) due to a misplaced initialization of retval.
This bug causes kinit -k to claim "keytab entry valid" when it
shouldn't. Reported by mark@mproehl.net.

https://github.com/krb5/krb5/commit/54025e3dba7b9398b45232b27e68f8ccc54f7423
Commit By: tlyu
Revision: 25641
Changed Files:
U branches/krb5-1-10/src/lib/krb5/krb/srv_dec_tkt.c