kdb5_util update_princ_encryption counts incorrectly
Greg Hudson
ghudson at MIT.EDU
Sun Jul 28 01:37:07 EDT 2013
On 07/28/2013 12:45 AM, David Shrimpton wrote:
> The first principal processed by update_princ_encryption
> is reported as both 'updating' and 'skipping' when it should
> be just 'updating'.
Thanks for reporting this. I was able to reproduce this bug easily. It
looks like when the first principal is updated, we re-open the DB for
writing, which implicitly resets the iteration cursor to the first entry
in the DB. So the iteration restarts (just once, fortunately) and we
revisit the initial entries.
Fixing this for update_princ_encryption is probably straightforward
enough; fixing the iteration semantics seems more difficult. I will
think about this a bit more and either fix it or open a bug.
More information about the Kerberos
mailing list