Provide an explicit list of options not to be allowed in AS requests

rather than disallowing all unknown options.

Ticket: 1202
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15467 dc483132-0cff-0310-8789-dd5450dbe970

2 files changed, 10 insertions, 5 deletions

diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog
index e4cbd73306..99c544a6c8 100644
--- a/src/kdc/ChangeLog
+++ b/src/kdc/ChangeLog
@@ -1,3 +1,9 @@
+2003-05-22  Sam Hartman  <hartmans@mit.edu>
+
+	* kdc_util.c (validate_as_request): Only reject options we
+	understand and believe are inappropriate for AS requests. Per
+	spec, unknown options are ignored.
+
 2003-05-14  Sam Hartman  <hartmans@mit.edu>
 
 	* kdc_preauth.c (check_padata): Allow bad_integrity to be returned to a client
diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 753f84a0a9..f0baf474fb 100644
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -828,9 +828,8 @@ fail:
  * Returns a Kerberos protocol error number, which is _not_ the same
  * as a com_err error number!
  */
-#define AS_OPTIONS_HANDLED (KDC_OPT_FORWARDABLE | KDC_OPT_PROXIABLE | \
-			     KDC_OPT_ALLOW_POSTDATE | KDC_OPT_POSTDATED | \
-			     KDC_OPT_RENEWABLE | KDC_OPT_RENEWABLE_OK)
+#define AS_INVALID_OPTIONS (KDC_OPT_FORWARDED | KDC_OPT_PROXY |\
+KDC_OPT_VALIDATE | KDC_OPT_RENEW | KDC_OPT_ENC_TKT_IN_SKEY)
 int
 validate_as_request(register krb5_kdc_req *request, krb5_db_entry client,
 		    krb5_db_entry server, krb5_timestamp kdc_time,
@@ -839,9 +838,9 @@ validate_as_request(register krb5_kdc_req *request, krb5_db_entry client,
     int		errcode;
     
     /*
-     * If an illegal option is set, complain.
+     * If an option is set that is only allowed in TGS requests, complain.
      */
-    if (request->kdc_options & ~(AS_OPTIONS_HANDLED)) {
+    if (request->kdc_options & AS_INVALID_OPTIONS) {
 	*status = "INVALID AS OPTIONS";
 	return KDC_ERR_BADOPTION;
     }