[29987] in CVS-changelog-for-Kerberos-V5
krb5 commit [krb5-1.14]: Fix kadm5 setkey operation with LDAP KDB
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 17 22:43:55 2017
Date: Mon, 17 Jul 2017 22:41:30 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201707180241.v6I2fUQ6003121@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/f5f1729930733a2193e9b1663c0b98dbe72d6cb2
commit f5f1729930733a2193e9b1663c0b98dbe72d6cb2
Author: Greg Hudson <ghudson@mit.edu>
Date: Mon Jun 26 17:31:37 2017 -0400
Fix kadm5 setkey operation with LDAP KDB
Add mask assignments to kadm5_setv4key_principal() and
kadm5_setkey_principal_4() so that their changes to the principal are
properly written to KDB modules which use the mask flag, such as the
LDAP KDB module. Reported by Frank Lonigro.
(cherry picked from commit f8ed1bde848a16dfda5c6558ffe4326acc37bc95)
ticket: 8589
version_fixed: 1.14.6
src/lib/kadm5/srv/svr_principal.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index 87b8c23..51a7c99 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -1892,6 +1892,9 @@ kadm5_setv4key_principal(void *server_handle,
/* unlock principal on this KDC */
kdb->fail_auth_count = 0;
+ /* key data changed, let the database provider know */
+ kdb->mask = KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT;
+
if ((ret = kdb_put_entry(handle, kdb, &adb)))
goto done;
@@ -2156,6 +2159,9 @@ kadm5_setkey_principal_3(void *server_handle,
/* unlock principal on this KDC */
kdb->fail_auth_count = 0;
+ /* key data changed, let the database provider know */
+ kdb->mask = KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT;
+
if ((ret = kdb_put_entry(handle, kdb, &adb)))
goto done;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
