[30609] in CVS-changelog-for-Kerberos-V5
krb5 commit: Fix kadmin addprinc -randkey -kvno
daemon@ATHENA.MIT.EDU (Greg Hudson)
Tue Nov 19 18:17:45 2019
Date: Tue, 19 Nov 2019 18:17:35 -0500
From: Greg Hudson <ghudson@mit.edu>
Message-ID: <201911192317.xAJNHZJT026065@drugstore.mit.edu>
To: <cvs-krb5@mit.edu>
MIME-Version: 1.0
Reply-To: krbdev@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/462e85208d57b8d4120c99e801fbd156b9ccf16f
commit 462e85208d57b8d4120c99e801fbd156b9ccf16f
Author: Greg Hudson <ghudson@mit.edu>
Date: Sat Nov 16 19:54:51 2019 -0500
Fix kadmin addprinc -randkey -kvno
Commit f07bca9fc94a5cf2e3c0f58226c7973a4b86b7a9 made addprinc -randkey
use a single RPC request, but the server-side handling always creates
the random keys with kvno 1. If a kvno is specified in the RPC
request, set the kvno of the key data after creating it. Reported by
Andreas Ladanyi.
ticket: 8848
tags: pullup
target_version: 1.17-next
target_version: 1.16-next
src/lib/kadm5/srv/svr_principal.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index ba6459a..6ee262e 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -302,7 +302,7 @@ kadm5_create_principal_3(void *server_handle,
kadm5_server_handle_t handle = server_handle;
krb5_keyblock *act_mkey;
krb5_kvno act_kvno;
- int new_n_ks_tuple = 0;
+ int new_n_ks_tuple = 0, i;
krb5_key_salt_tuple *new_ks_tuple = NULL;
CHECK_HANDLE(server_handle);
@@ -468,6 +468,10 @@ kadm5_create_principal_3(void *server_handle,
/* Null password means create with random key (new in 1.8). */
ret = krb5_dbe_crk(handle->context, &master_keyblock,
new_ks_tuple, new_n_ks_tuple, FALSE, kdb);
+ if (mask & KADM5_KVNO) {
+ for (i = 0; i < kdb->n_key_data; i++)
+ kdb->key_data[i].key_data_kvno = entry->kvno;
+ }
}
if (ret)
goto cleanup;
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
