[krbdev.mit.edu #964] kdb_init_hist() fails if master_key_enctype is not in supported_enctypes
Tom Yu via RT
rt-comment at krbdev.mit.edu
Fri Jun 13 03:17:08 EDT 2003
Surprisingly enough, still a bug, though the error message is less
cryptic these days. Basically the kdb_init_hist() in
lib/kadm5/srv/server_kdb.c expects that the history principal has a key
of the same enctype as the master key, which isn't necessarily the case,
especially where master_key_enctype is not in supported_enctypes. The
process of creating the history principal uses supported_enctypes, just
like all of libkadm5's principal creations do by default.
The creation of the history principal should probably explicitly use the
master key's enctype.
More information about the krb5-bugs
mailing list