Thx Kai. Pls see my response inline. --- Kai Blin <blin@xxxxxxx> wrote: > On Wednesday 04 October 2006 08:13, Biswatosh wrote: > > > 2)What if, > > (a) realm != NULL > > and (b) strcmp(realm,text->realm) != 0 > > and (c) text->realm[0] == 0 , are all true? > > This is a != 0, not a == 0. So we make sure that... Yes, SASL code checks text->realm[0] != 0, correct but my question was what if text->realm[0] == 0 ,and having realm !=NULL and realm not same as text->realm ? Where is this being validated? Why are we not making SETERROR(sparams->util,"realm changed: authentication aborted") then? The realm has certainly changed,is not it, even if text->realm is an empty string? > (a) realm is not a NULL pointer, > (b) realm is not identical to text->realm > (c) text->realm is not an empty string > > If all of those a true, SASL_BADAUTH is returned. > Yes,like I said above, what if (a),(b) are true but (c) is false? > > If a,b and c are true then it won't return > SASL_BADAUTH > > and won't set error to "realm changed: > authentication > > aborted". > > Well, if all those are true, it will set that error. > strcmp returns 0 if two > strings are identical. > > > But then, has not the realm actually changed > > because of (b)? Should we not throw an error then? > > Well, the code does. How? Of course, the answer to my questions above should perhaps answer this. > > Kai > > -- > Kai Blin, <blin At gmx Dot net> > WorldForge developer http://www.worldforge.org/ > Wine developer > http://wiki.winehq.org/KaiBlin/ > -- > Ninjas and Pirates agree: Cowboys suck! > Thanks Biswatosh __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
