On Wed, 2005-10-12 at 09:25 +0200, Love Hörnquist Åstrand wrote: > Michael B Allen <mba2000@ioplex.com> writes: > > > Would you accept a patch to change this behavior wherever I think it is > > occuring or is knowing enough for you to fix them? > > I'll fix those that I find. While reinventing the wheel (re-implementing kpasswdd ;-) I found another case of the same thing. Patch attached. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc. http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
Index: heimdal/lib/krb5/rd_req.c
===================================================================
--- heimdal/lib/krb5/rd_req.c (revision 11193)
+++ heimdal/lib/krb5/rd_req.c (working copy)
@@ -110,7 +110,7 @@
size_t len;
ret = decode_AP_REQ(inbuf->data, inbuf->length, ap_req, &len);
if (ret)
- return ret;
+ return KRB5KRB_AP_ERR_MODIFIED;
if (ap_req->pvno != 5){
free_AP_REQ(ap_req);
krb5_clear_error_string (context);
This is a digitally signed message part