svn rev #21834: branches/mkey_migrate/src/kadmin/dbutil/

Thu Jan 29 18:47:56 EST 2009

http://src.mit.edu/fisheye/changelog/krb5/?cs=21834
Commit By: raeburn
Log Message:
When listing master key versions, if none of them appears to be active
(can currently happen in certain time-warp cases), print a message to
that effect and keep going with the listing.



Changed Files:
U   branches/mkey_migrate/src/kadmin/dbutil/kdb5_mkey.c
Modified: branches/mkey_migrate/src/kadmin/dbutil/kdb5_mkey.c
===================================================================

--- branches/mkey_migrate/src/kadmin/dbutil/kdb5_mkey.c	2009-01-29 23:06:31 UTC (rev 21833)
+++ branches/mkey_migrate/src/kadmin/dbutil/kdb5_mkey.c	2009-01-29 23:47:47 UTC (rev 21834)
@@ -467,7 +467,8 @@
 
     retval = krb5_dbe_lookup_actkvno(util_context, &master_entry, &actkvno_list);
     if (retval != 0) {
-        com_err(progname, retval, "while setting up master key name");
+        com_err(progname, retval,
+                "while looking up active version of master key");
         exit_status++;
         return;
     }
@@ -628,8 +629,14 @@
     } else {
         retval = krb5_dbe_find_act_mkey(util_context, master_keylist,
                                         actkvno_list, &act_kvno, &act_mkey);
-        if (retval != 0) {
-            com_err(progname, retval, "while setting up master key name");
+        if (retval == KRB5_KDB_NOACTMASTERKEY) {
+            /* Maybe we went through a time warp, and the only keys
+               with activation dates have them set in the future?  */
+            com_err(progname, retval, "");
+            /* Keep going.  */
+            act_kvno = -1;
+        } else if (retval != 0) {
+            com_err(progname, retval, "while looking up active master key");
             exit_status++;
             return;
         }


