[1761] in Kerberos-V5-bugs
keytab extraction
daemon@ATHENA.MIT.EDU (Sam Hartman)
Mon Dec 25 16:40:59 1995
Date: Mon, 25 Dec 1995 15:40:31 -0600
To: krb5-bugs@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
kdb5_edit's extract srvtab code just extracts the zeroth key
from the database entry. I am not convinced this is what we want to
happen. In particular, you want to get both a single-DES and
tripple-DES key if present; you actually probably want all keys
present in the database. Also, I am not sure how well things will
work with multiple keys of the same version for the same principal in
the keytab; this may need to be fixed.
I suspect the srvtab code is similarly broken; it should
extract a v4 salt key if present, otherwise any single-DES key.
(Sorry to be submitting more bugs than fixes, but I'm only
working on Kerberos in my free time until IAP starts, at which time I
will be working on it full time.)
