[krbdev.mit.edu #7887] kadmin reports 'no salt' for normally-salted entries using key_data_ver=1

The RT System itself via RT rt-comment at krbdev.mit.edu
Fri Mar 21 14:50:00 EDT 2014 

>From krb5-bugs-incoming-bounces at PCH.mit.edu  Fri Mar 21 14:49:59 2014
Return-Path: <krb5-bugs-incoming-bounces at PCH.mit.edu>
Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90])
	by krbdev.mit.edu (Postfix) with ESMTP id AA72C751B3;
	Fri, 21 Mar 2014 14:49:59 -0400 (EDT)
Received: from pch.mit.edu (pch.mit.edu [127.0.0.1])
	by pch.mit.edu (8.13.6/8.12.8) with ESMTP id s2LInxRB016247;
	Fri, 21 Mar 2014 14:49:59 -0400
Received: from mailhub-dmz-4.mit.edu (mailhub-dmz-4.mit.edu [18.7.62.38])
	by pch.mit.edu (8.13.6/8.12.8) with ESMTP id s2LDfIOK002664
	for <krb5-bugs-incoming at PCH.mit.edu>; Fri, 21 Mar 2014 09:41:18 -0400
Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu
	[18.7.68.35])
	by mailhub-dmz-4.mit.edu (8.13.8/8.9.2) with ESMTP id s2LDcJqa029573
	for <krb5-bugs at mit.edu>; Fri, 21 Mar 2014 09:41:17 -0400
X-AuditID: 12074423-f79476d000000c51-76-532c417c929a
Authentication-Results: symauth.service.identifier
Received: from mail-ie0-f176.google.com (mail-ie0-f176.google.com
	[209.85.223.176]) (using TLS with cipher RC4-SHA (128/128 bits))
	(Client did not present a certificate)
	by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP
	id 2F.8B.03153.D714C235; Fri, 21 Mar 2014 09:41:17 -0400 (EDT)
Received: by mail-ie0-f176.google.com with SMTP id rd18so2404347iec.21
	for <krb5-bugs at mit.edu>; Fri, 21 Mar 2014 06:41:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:date:message-id:subject:from:to
	:content-type;
	bh=oUqGVe02OXlI6QwWHBCsLG3X+yq5//+MLZpTWbFRdXg=;
	b=HmVhPv9MAG5cXAjr1EeFvy9Lx7KOteW2jEj3vZqa05gN4hfCpaCpq1VtaipeUbAYOd
	8BZE6ZydZCkY36fcw8ZW4YJp+pBZo0KdqdKmamEuI2MBUQbH/26Ww+2nur3zxp0iWtXQ
	S2nrp9ZPynl6QroQoaY0HN9il5KayZn0ztK1wMzzSoZihohcQM4ULlPzOjEPx5yR8Juu
	azltxCb5mHyhwGE9oAlIrfgNFYjLv1uLdrGxNtzJRxYFFgQkBMSt7fp5h8G2hReMmxrw
	WyjaVuPA0zEZcvQthhOyfJ5AgF7YWXRGw4OSnWkc7KfiTJ63CVzFRtIyBjYN8Vk59Quk
	Ntpw==
X-Gm-Message-State: ALoCoQlUsSaOQb1k35QXwkx7zwJ3bQcojg1uxRHXkBx2lJEy0ISziJEcl5oo3OUGquU2HPLEjlM8
MIME-Version: 1.0
X-Received: by 10.42.53.10 with SMTP id l10mr39555259icg.33.1395409276688;
	Fri, 21 Mar 2014 06:41:16 -0700 (PDT)
Received: by 10.64.60.197 with HTTP; Fri, 21 Mar 2014 06:41:16 -0700 (PDT)
Date: Fri, 21 Mar 2014 13:41:16 +0000
Message-ID: <CAEo=OUkNfVmzVa8Xz40wBqNKfKAbipCyj6PFZydmLrBqs4Bxyw at mail.gmail.com>
Subject: kadmin: Reports 'no salt' whenever key data is stored with
	key_data_ver = 1
From: Nick Moriarty <nick.moriarty at york.ac.uk>
To: krb5-bugs at mit.edu
Content-Type: text/plain; charset=ISO-8859-1
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprEKsWRWlGSWpSXmKPExsVyMfT+Bt1aR51gg80/BS0aHh5nd2D0aDpz
	lDmAMYrLJiU1J7MstUjfLoErY/K/DqaCE5wVtzbcZ25g3MDexcjJISFgIvGmeyobiM0oYCSx
	+9wrVoi4mMSFe+uB4lwcQgLbmCQOv7/CAuH0MUrMeLeaFcSREJjJKtF7bA4LREuCxMqPq8Bs
	XgFBiZMznwDZHEDxIon5mx1BwkICXhJHpt5mArFZBFQlDsyayARRHiCx+HIPI4gtLBAmcfRw
	H1icTUBP4veJeWAjRQREJV7+PQZmMwvoSLzre8A8gVFgFpJts5CkFjAyrWKUTcmt0s1NzMwp
	Tk3WLU5OzMtLLdI108vNLNFLTSndxAgMPiF2F+UdjH8OKh1iFOBgVOLhreDUDhZiTSwrrsw9
	xCjJwaQkyrvGWCdYiC8pP6UyI7E4I76oNCe1+BCjBAezkghvpx1QjjclsbIqtSgfJiXNwaIk
	zivPATRJID2xJDU7NbUgtQgmy8TBfohRhoNDSYL3mQNQt2BRanpqRVpmTgmyGk4QwQWyhgdo
	TSFIIW9xQWJucWY6RNEpRmOOprurG5k4Tq3b0MgkxJKXn5cqJc47A6RUAKQ0ozQPbiQsqVxi
	lJUS5mVkYGAQ4gG6CRgUqPKvGMWBwSDMawUyhSczrwRu3yugU5iATuGfqgVySkkiQkqqgVGe
	f/cK2Wq5K39nn1R7cyd9pfEblyk2Ku9E4j307gq2eYpv844MMmIqvsrL9OlGbmSxmMXHb8Kd
	WcWKcj9D9/9/1rdB7ty0qtyn34+YqLc0uMyR4SwUc8yxb5sSwH7gyZzpB16bsrGUHv2e5sec
	yV5jX/hueyrfKlbz0HN6pX+9u3J2thpXKLEUZyQaajEXFScCAEMLE88lAwAA
X-Mailman-Approved-At: Fri, 21 Mar 2014 14:49:58 -0400
X-BeenThere: krb5-bugs-incoming at mailman.mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
Sender: krb5-bugs-incoming-bounces at PCH.mit.edu
Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu

>Originator:    Nick Moriarty
>Organization:  University of York
>Confidential:    no
>Synopsis:    kadmin reports 'no salt' for normally-salted entries using key_data_ver=1
>Severity:    non-critical
>Priority:    low
>Release:    1.12.1
>Environment:
     System: Ubuntu GNU/Linux 3.2.0-60
     Machine: x86_64
>Description:
    We've found a text bug in kadmin.c, which causes keys to be
reported as unsalted whenever they have key_data_ver = 1.  According
to API docs (http://cryptnet.net/mirrors/docs/krb5adm_api.html),
key_data_ver set to 1 indicates that either of the following are true:
    - The key is salted using the normal v5 salting method, or
    - The key was generated randomly, so salting is never applied / irrelevant
    In src/kadmin/cli/kadmin.c:
    1456:    printf(_("no salt\n"));
    This text should be changed to something more appropriate;
'normal' would seem sensible, as this is typically how normal v5
salting is identified.
>How-To-Repeat:
        Run kadmin and get_princ a principal with only normal salting
on their keys; they will show up as 'no salt'.
>Fix:
1507c1507
<                 printf(_("no salt\n"));
---
>                 printf(_("normal\n"));

More information about the krb5-bugs mailing list