[krbdev.mit.edu #5840] Prevent kadm5_decrypt_key() from coercing the keytype if the requested ktype == -1
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Fri Nov 9 15:28:34 EST 2007
On Nov 9, 2007, at 15:14, Jeffrey Altman via RT wrote:
> Please review this patch to kadm5_decrypt_key(). This patch prevents
> the returned keyblock's enctype from being coerced to the requested
> 'ktype' if the requested 'ktype' == -1. A ktype of -1 is to be
> ignored.
Is the use of -1 here something that is already happening elsewhere,
or something you're adding? I thought we had 0 as the magic enctype
value elsewhere, maybe I'm wrong.
Ken
More information about the krb5-bugs
mailing list