diff options
author | Greg Hudson <ghudson@mit.edu> | 2019-11-16 19:54:51 -0500 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2019-12-09 17:02:52 -0500 |
commit | 6eaa92c3ebfd67c5517ae3a8b5adf4ae8c9cb574 (patch) | |
tree | 2de813a0f8c307aec50a7455ec79d9368e7edbe5 | |
parent | 206edea3b1e10bfef331d7e03dcb1e1b55c40d79 (diff) | |
download | krb5-6eaa92c3ebfd67c5517ae3a8b5adf4ae8c9cb574.zip krb5-6eaa92c3ebfd67c5517ae3a8b5adf4ae8c9cb574.tar.gz krb5-6eaa92c3ebfd67c5517ae3a8b5adf4ae8c9cb574.tar.bz2 |
Fix kadmin addprinc -randkey -kvno
Commit f07bca9fc94a5cf2e3c0f58226c7973a4b86b7a9 made addprinc -randkey
use a single RPC request, but the server-side handling always creates
the random keys with kvno 1. If a kvno is specified in the RPC
request, set the kvno of the key data after creating it. Reported by
Andreas Ladanyi.
(cherry picked from commit 462e85208d57b8d4120c99e801fbd156b9ccf16f)
ticket: 8848
version_fixed: 1.17.1
-rw-r--r-- | src/lib/kadm5/srv/svr_principal.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/lib/kadm5/srv/svr_principal.c b/src/lib/kadm5/srv/svr_principal.c index 21c53ec..8582bbc 100644 --- a/src/lib/kadm5/srv/svr_principal.c +++ b/src/lib/kadm5/srv/svr_principal.c @@ -302,7 +302,7 @@ kadm5_create_principal_3(void *server_handle, kadm5_server_handle_t handle = server_handle; krb5_keyblock *act_mkey; krb5_kvno act_kvno; - int new_n_ks_tuple = 0; + int new_n_ks_tuple = 0, i; krb5_key_salt_tuple *new_ks_tuple = NULL; CHECK_HANDLE(server_handle); @@ -468,6 +468,10 @@ kadm5_create_principal_3(void *server_handle, /* Null password means create with random key (new in 1.8). */ ret = krb5_dbe_crk(handle->context, &master_keyblock, new_ks_tuple, new_n_ks_tuple, FALSE, kdb); + if (mask & KADM5_KVNO) { + for (i = 0; i < kdb->n_key_data; i++) + kdb->key_data[i].key_data_kvno = entry->kvno; + } } if (ret) goto cleanup; |