[29972] in CVS-changelog-for-Kerberos-V5

home help back first fref pref prev next nref lref last post

krb5 commit: Fix kadm5 setkey operation with LDAP KDB

daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Jun 28 17:33:33 2017

Date: Wed, 28 Jun 2017 17:33:28 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201706282133.v5SLXS5o021193@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu

https://github.com/krb5/krb5/commit/f8ed1bde848a16dfda5c6558ffe4326acc37bc95
commit f8ed1bde848a16dfda5c6558ffe4326acc37bc95
Author: Greg Hudson <ghudson@mit.edu>
Date:   Mon Jun 26 17:31:37 2017 -0400

    Fix kadm5 setkey operation with LDAP KDB
    
    Add mask assignments to kadm5_setv4key_principal() and
    kadm5_setkey_principal_4() so that their changes to the principal are
    properly written to KDB modules which use the mask flag, such as the
    LDAP KDB module.  Reported by Frank Lonigro.
    
    ticket: 8589
    target_version: 1.15-next
    target_version: 1.14-next
    tags: pullup

 src/lib/kadm5/srv/svr_principal.c |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index aa56256..2420f2c 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -1732,6 +1732,9 @@ kadm5_setv4key_principal(void *server_handle,
     /* unlock principal on this KDC */
     kdb->fail_auth_count = 0;
 
+    /* key data changed, let the database provider know */
+    kdb->mask = KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT;
+
     if ((ret = kdb_put_entry(handle, kdb, &adb)))
         goto done;
 
@@ -1982,6 +1985,9 @@ kadm5_setkey_principal_4(void *server_handle, krb5_principal principal,
     /* Unlock principal on this KDC. */
     kdb->fail_auth_count = 0;
 
+    /* key data changed, let the database provider know */
+    kdb->mask = KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT;
+
     ret = kdb_put_entry(handle, kdb, &adb);
     if (ret)
         goto done;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
home help back first fref pref prev next nref lref last post