[krbdev.mit.edu #1207] kadmind patch
Ben Cox via RT
rt-comment at krbdev.mit.edu
Mon Oct 7 15:21:51 EDT 2002
Hello,
The attached unified diff against the krb5-1.2.6 source tree fixes a bug
in kadmin where a principal changing his own key cannot specify a list
of supported enctypes (while principals changing other principals' keys
can do so).
To see the bug, configure more than one supported enctype in the KDC,
and create a test principal, and then run "kadmin -p <testprinc>". In
kadmin, try "cpw [-randkey] -e des-cbc-crc:normal <testprinc>". Then
"getprinc <testprinc>" shows that the list was not honored.
This patch fixes the problem my extending the server-side
{chpass,randkey}_principal_wrapper functions to take the keepold,
n_ks_tuple and ks_tuple arguments common to the
kadm5_{chpass,randkey}_principal_3 functions.
The attached patch has been tested with MIT Kerberos 5 version 1.2.6 on
Linux RedHat 7.3, but should pose no portability issues.
-- Ben
More information about the krb5-bugs
mailing list