[PATCH] s3-krb5: Limit search for old kvno to 8bits
Simo
simo at samba.org
Wed May 7 13:57:03 MDT 2014
On Wed, 2014-05-07 at 15:42 -0400, Simo wrote:
> On Wed, 2014-05-07 at 20:23 +0200, Volker Lendecke wrote:
> > On Wed, May 07, 2014 at 11:13:04AM -0700, Jeremy Allison wrote:
> > > Pretty compelling stuff :-). Wow, just looked
> > > at that doc - what a *mess* :-).
> > >
> > > "The 8 bit vno8 field is the version number of the key. This value is
> > > overridden by the 32 bit vno field if it is present."
> > >
> > > so the caller has no way of knowing, as far
> > > as I can see, if the kvno field stored and
> > > returned is 8 bit or 32 bit :-(.
> >
> > Maybe Simo, Günther or Andreas want to chime in here?
>
> Although, in theory there is a 32 bit vno field, both heimdal and MIT
> code only use the lowest 8 bit for comparison.
>
> In MIT code I do not even find the 32bit version ever stored, but I just
> took a very quick look.
>
> I think Christof patch is reasonable.
>
> Reviewed-by: Simo Sorce <idra at samba.org>
>
> Simo.
>
FWIW, MIT would be happy to review patches to get support for using the
optional 32 bit vno field :-)
Simo.
More information about the samba-technical
mailing list