[3514] in Kerberos-V5-bugs
[krbdev.mit.edu #1207] kadmind patch
daemon@ATHENA.MIT.EDU (Ben Cox via RT)
Mon Oct 7 15:23:10 2002
Message-Id: <rt-1207-3133.18.3266708020069@krbdev.mit.edu>
In-Reply-To: <rt-1207@krbdev.mit.edu>
From: "Ben Cox via RT" <rt-comment@krbdev.mit.edu>
Reply-To: rt-comment@krbdev.mit.edu
To: krb5-prs@mit.edu
Errors-To: krb5-bugs-admin@mit.edu
Date: Mon, 7 Oct 2002 15:21:51 -0400 (EDT)
Hello,
The attached unified diff against the krb5-1.2.6 source tree fixes a bug
in kadmin where a principal changing his own key cannot specify a list
of supported enctypes (while principals changing other principals' keys
can do so).
To see the bug, configure more than one supported enctype in the KDC,
and create a test principal, and then run "kadmin -p <testprinc>". In
kadmin, try "cpw [-randkey] -e des-cbc-crc:normal <testprinc>". Then
"getprinc <testprinc>" shows that the list was not honored.
This patch fixes the problem my extending the server-side
{chpass,randkey}_principal_wrapper functions to take the keepold,
n_ks_tuple and ks_tuple arguments common to the
kadm5_{chpass,randkey}_principal_3 functions.
The attached patch has been tested with MIT Kerberos 5 version 1.2.6 on
Linux RedHat 7.3, but should pose no portability issues.
-- Ben
_______________________________________________
krb5-bugs mailing list
krb5-bugs@mit.edu
http://mailman.mit.edu/mailman/listinfo/krb5-bugs
