[krbdev.mit.edu #5958] Re: [krbdev.mit.edu #7887] AutoReply: kadmin reports 'no salt' for normally-salted entries using key_data_ver=1

nick.moriarty@york.ac.uk via RT rt-comment at krbdev.mit.edu
Sun Mar 23 14:57:32 EDT 2014 

Correction - fix should read:
1456c1456
<                 printf(_("no salt\n"));
---
>                 printf(_("normal\n"));

The original fix specified was on an earlier version.

On 21 March 2014 18:50, krb5 <rt at krbdev.mit.edu> wrote:
>
> Greetings,
>
> This message has been automatically generated in response to the
> creation of a trouble ticket regarding:
>         "kadmin reports 'no salt' for normally-salted entries using key_data_ver=1",
> a summary of which appears below.
>
> There is no need to reply to this message right now.  Your ticket has been
> assigned an ID of [krbdev.mit.edu #7887].
>
> Please include the string:
>
>          [krbdev.mit.edu #7887]
>
> in the subject line of all future correspondence about this issue. To do so,
> you may reply to this message.
>
>                         Thank you,
>
>
> -------------------------------------------------------------------------
> From krb5-bugs-incoming-bounces at PCH.mit.edu  Fri Mar 21 14:49:59 2014
> Return-Path: <krb5-bugs-incoming-bounces at PCH.mit.edu>
> Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90])
>         by krbdev.mit.edu (Postfix) with ESMTP id AA72C751B3;
>         Fri, 21 Mar 2014 14:49:59 -0400 (EDT)
> Received: from pch.mit.edu (pch.mit.edu [127.0.0.1])
>         by pch.mit.edu (8.13.6/8.12.8) with ESMTP id s2LInxRB016247;
>         Fri, 21 Mar 2014 14:49:59 -0400
> Received: from mailhub-dmz-4.mit.edu (mailhub-dmz-4.mit.edu [18.7.62.38])
>         by pch.mit.edu (8.13.6/8.12.8) with ESMTP id s2LDfIOK002664
>         for <krb5-bugs-incoming at PCH.mit.edu>; Fri, 21 Mar 2014 09:41:18 -0400
> Received: from dmz-mailsec-scanner-6.mit.edu (dmz-mailsec-scanner-6.mit.edu
>         [18.7.68.35])
>         by mailhub-dmz-4.mit.edu (8.13.8/8.9.2) with ESMTP id s2LDcJqa029573
>         for <krb5-bugs at mit.edu>; Fri, 21 Mar 2014 09:41:17 -0400
> X-AuditID: 12074423-f79476d000000c51-76-532c417c929a
> Authentication-Results: symauth.service.identifier
> Received: from mail-ie0-f176.google.com (mail-ie0-f176.google.com
>         [209.85.223.176]) (using TLS with cipher RC4-SHA (128/128 bits))
>         (Client did not present a certificate)
>         by dmz-mailsec-scanner-6.mit.edu (Symantec Messaging Gateway) with SMTP
>         id 2F.8B.03153.D714C235; Fri, 21 Mar 2014 09:41:17 -0400 (EDT)
> Received: by mail-ie0-f176.google.com with SMTP id rd18so2404347iec.21
>         for <krb5-bugs at mit.edu>; Fri, 21 Mar 2014 06:41:16 -0700 (PDT)
> X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
>         d=1e100.net; s=20130820;
>         h=x-gm-message-state:mime-version:date:message-id:subject:from:to
>         :content-type;
>         bh=oUqGVe02OXlI6QwWHBCsLG3X+yq5//+MLZpTWbFRdXg=;
>         b=HmVhPv9MAG5cXAjr1EeFvy9Lx7KOteW2jEj3vZqa05gN4hfCpaCpq1VtaipeUbAYOd
>         8BZE6ZydZCkY36fcw8ZW4YJp+pBZo0KdqdKmamEuI2MBUQbH/26Ww+2nur3zxp0iWtXQ
>         S2nrp9ZPynl6QroQoaY0HN9il5KayZn0ztK1wMzzSoZihohcQM4ULlPzOjEPx5yR8Juu
>         azltxCb5mHyhwGE9oAlIrfgNFYjLv1uLdrGxNtzJRxYFFgQkBMSt7fp5h8G2hReMmxrw
>         WyjaVuPA0zEZcvQthhOyfJ5AgF7YWXRGw4OSnWkc7KfiTJ63CVzFRtIyBjYN8Vk59Quk
>         Ntpw==
> X-Gm-Message-State: ALoCoQlUsSaOQb1k35QXwkx7zwJ3bQcojg1uxRHXkBx2lJEy0ISziJEcl5oo3OUGquU2HPLEjlM8
> MIME-Version: 1.0
> X-Received: by 10.42.53.10 with SMTP id l10mr39555259icg.33.1395409276688;
>         Fri, 21 Mar 2014 06:41:16 -0700 (PDT)
> Received: by 10.64.60.197 with HTTP; Fri, 21 Mar 2014 06:41:16 -0700 (PDT)
> Date: Fri, 21 Mar 2014 13:41:16 +0000
> Message-ID: <CAEo=OUkNfVmzVa8Xz40wBqNKfKAbipCyj6PFZydmLrBqs4Bxyw at mail.gmail.com>
> Subject: kadmin: Reports 'no salt' whenever key data is stored with
>         key_data_ver = 1
> From: Nick Moriarty <nick.moriarty at york.ac.uk>
> To: krb5-bugs at mit.edu
> Content-Type: text/plain; charset=ISO-8859-1
> X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprEKsWRWlGSWpSXmKPExsVyMfT+Bt1aR51gg80/BS0aHh5nd2D0aDpz
>         lDmAMYrLJiU1J7MstUjfLoErY/K/DqaCE5wVtzbcZ25g3MDexcjJISFgIvGmeyobiM0oYCSx
>         +9wrVoi4mMSFe+uB4lwcQgLbmCQOv7/CAuH0MUrMeLeaFcSREJjJKtF7bA4LREuCxMqPq8Bs
>         XgFBiZMznwDZHEDxIon5mx1BwkICXhJHpt5mArFZBFQlDsyayARRHiCx+HIPI4gtLBAmcfRw
>         H1icTUBP4veJeWAjRQREJV7+PQZmMwvoSLzre8A8gVFgFpJts5CkFjAyrWKUTcmt0s1NzMwp
>         Tk3WLU5OzMtLLdI108vNLNFLTSndxAgMPiF2F+UdjH8OKh1iFOBgVOLhreDUDhZiTSwrrsw9
>         xCjJwaQkyrvGWCdYiC8pP6UyI7E4I76oNCe1+BCjBAezkghvpx1QjjclsbIqtSgfJiXNwaIk
>         zivPATRJID2xJDU7NbUgtQgmy8TBfohRhoNDSYL3mQNQt2BRanpqRVpmTgmyGk4QwQWyhgdo
>         TSFIIW9xQWJucWY6RNEpRmOOprurG5k4Tq3b0MgkxJKXn5cqJc47A6RUAKQ0ozQPbiQsqVxi
>         lJUS5mVkYGAQ4gG6CRgUqPKvGMWBwSDMawUyhSczrwRu3yugU5iATuGfqgVySkkiQkqqgVGe
>         f/cK2Wq5K39nn1R7cyd9pfEblyk2Ku9E4j307gq2eYpv844MMmIqvsrL9OlGbmSxmMXHb8Kd
>         WcWKcj9D9/9/1rdB7ty0qtyn34+YqLc0uMyR4SwUc8yxb5sSwH7gyZzpB16bsrGUHv2e5sec
>         yV5jX/hueyrfKlbz0HN6pX+9u3J2thpXKLEUZyQaajEXFScCAEMLE88lAwAA
> X-Mailman-Approved-At: Fri, 21 Mar 2014 14:49:58 -0400
> X-BeenThere: krb5-bugs-incoming at mailman.mit.edu
> X-Mailman-Version: 2.1.6
> Precedence: list
> Sender: krb5-bugs-incoming-bounces at PCH.mit.edu
> Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu
>
>>Originator:    Nick Moriarty
>>Organization:  University of York
>>Confidential:    no
>>Synopsis:    kadmin reports 'no salt' for normally-salted entries using key_data_ver=1
>>Severity:    non-critical
>>Priority:    low
>>Release:    1.12.1
>>Environment:
>      System: Ubuntu GNU/Linux 3.2.0-60
>      Machine: x86_64
>>Description:
>     We've found a text bug in kadmin.c, which causes keys to be
> reported as unsalted whenever they have key_data_ver = 1.  According
> to API docs (http://cryptnet.net/mirrors/docs/krb5adm_api.html),
> key_data_ver set to 1 indicates that either of the following are true:
>     - The key is salted using the normal v5 salting method, or
>     - The key was generated randomly, so salting is never applied / irrelevant
>     In src/kadmin/cli/kadmin.c:
>     1456:    printf(_("no salt\n"));
>     This text should be changed to something more appropriate;
> 'normal' would seem sensible, as this is typically how normal v5
> salting is identified.
>>How-To-Repeat:
>         Run kadmin and get_princ a principal with only normal salting
> on their keys; they will show up as 'no salt'.
>>Fix:
> 1507c1507
> <                 printf(_("no salt\n"));
> ---
>>                 printf(_("normal\n"));
>



-- 


Nick Moriarty
Linux Systems Administrator and Developer

IT Services
University of York
YO10 5DD
United Kingdom
(01904) 32 3484

e-mail disclaimer: http://www.york.ac.uk/docs/disclaimer/email.htm

More information about the krb5-bugs mailing list