Don't include trailing null in the transited encoding produced by the KDC.

Other routines do not expect the null to be included in the length so
policy checks fail.  Also, sending the null over the wire is wrong.

ticket: 1230
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14940 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index 4823515cc11987a6b4180307fa8daf4e55168e70..1bdd8bcc6fa08ddf6e6731c42a57df1deeab400d 100644 (file)
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,7 @@
+2002-10-27  Sam Hartman  <hartmans@mit.edu>
+
+       * kdc_util.c (add_to_transited): Don't include trailing null in transited encoding length; doing so breaks using codee
+
 2002-10-05  Tom Yu  <tlyu@mit.edu>
 
        * do_as_req.c (process_as_req): Apply fix from Kevin Coffman to

diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 6dff24189e51a7d656242977b0079d96383a319d..736c51d12963015e31b7975651c52127d9fe5988 100644 (file)
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -783,7 +783,7 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans,
       goto fail;
     }
     strcat(trans, current);
-    new_trans->length = strlen(trans) + 1;
+    new_trans->length = strlen(trans);
 
     strncpy(prev, exp, sizeof(prev) - 1);
     prev[sizeof(prev) - 1] = '\0';
@@ -811,7 +811,7 @@ add_to_transited(krb5_data *tgt_trans, krb5_data *new_trans,
       goto fail;
     }
     strcat(trans, realm);
-    new_trans->length = strlen(trans) + 1;
+    new_trans->length = strlen(trans);
   }
 
   retval = 0;