[krbdev.mit.edu #6506] SVN Commit
Tom Yu via RT
rt-comment at krbdev.mit.edu
Mon Sep 28 16:27:11 EDT 2009
pull up r22397 from trunk
------------------------------------------------------------------------
r22397 | ghudson | 2009-06-01 18:39:31 -0400 (Mon, 01 Jun 2009) | 17 lines
ticket: 6506
subject: Make results of krb5_db_def_fetch_mkey more predictable
tags: pullup
target_version: 1.7
krb5_db_def_fetch_mkey tries the stash file as a keytab, then falls
back to the old stash file format. If the stash file was in keytab
format, but didn't contain the desired master key, we would try to
read a keytab file as a stash file. This could succeed or fail
depending on byte order and other unpredictable factors. The upshot
was that one of the libkadm5 unit tests (init 108) was getting a
different error code on different platforms.
To fix this, only try the stash file format if we get
KRB5_KEYTAB_BADVNO trying the keytab format. This requires reworking
the error handling logic.
http://src.mit.edu/fisheye/changelog/krb5/?cs=22795
Commit By: tlyu
Revision: 22795
Changed Files:
U branches/krb5-1-7/src/lib/kdb/kdb_default.c
More information about the krb5-bugs
mailing list