krb5 commit: Fix kadm5 setkey operation with LDAP KDB
Greg Hudson
ghudson at mit.edu
Wed Jun 28 17:33:28 EDT 2017
https://github.com/krb5/krb5/commit/f8ed1bde848a16dfda5c6558ffe4326acc37bc95
commit f8ed1bde848a16dfda5c6558ffe4326acc37bc95
Author: Greg Hudson <ghudson at mit.edu>
Date: Mon Jun 26 17:31:37 2017 -0400
Fix kadm5 setkey operation with LDAP KDB
Add mask assignments to kadm5_setv4key_principal() and
kadm5_setkey_principal_4() so that their changes to the principal are
properly written to KDB modules which use the mask flag, such as the
LDAP KDB module. Reported by Frank Lonigro.
ticket: 8589
target_version: 1.15-next
target_version: 1.14-next
tags: pullup
src/lib/kadm5/srv/svr_principal.c | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c
index aa56256..2420f2c 100644
--- a/src/lib/kadm5/srv/svr_principal.c
+++ b/src/lib/kadm5/srv/svr_principal.c
@@ -1732,6 +1732,9 @@ kadm5_setv4key_principal(void *server_handle,
/* unlock principal on this KDC */
kdb->fail_auth_count = 0;
+ /* key data changed, let the database provider know */
+ kdb->mask = KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT;
+
if ((ret = kdb_put_entry(handle, kdb, &adb)))
goto done;
@@ -1982,6 +1985,9 @@ kadm5_setkey_principal_4(void *server_handle, krb5_principal principal,
/* Unlock principal on this KDC. */
kdb->fail_auth_count = 0;
+ /* key data changed, let the database provider know */
+ kdb->mask = KADM5_KEY_DATA | KADM5_FAIL_AUTH_COUNT;
+
ret = kdb_put_entry(handle, kdb, &adb);
if (ret)
goto done;
More information about the cvs-krb5
mailing list