aboutsummaryrefslogtreecommitdiff
path: root/src/lib/kadm5
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/kadm5')
-rw-r--r--src/lib/kadm5/admin.h3
-rw-r--r--src/lib/kadm5/alt_prof.c5
-rw-r--r--src/lib/kadm5/srv/server_kdb.c3
-rw-r--r--src/lib/kadm5/unit-test/api.2/init-v2.exp2
4 files changed, 10 insertions, 3 deletions
diff --git a/src/lib/kadm5/admin.h b/src/lib/kadm5/admin.h
index 9013305..2817195 100644
--- a/src/lib/kadm5/admin.h
+++ b/src/lib/kadm5/admin.h
@@ -139,6 +139,7 @@ typedef long kadm5_ret_t;
#define KADM5_CONFIG_POLL_TIME 0x04000000
#define KADM5_CONFIG_IPROP_LOGFILE 0x08000000
#define KADM5_CONFIG_IPROP_PORT 0x10000000
+#define KADM5_CONFIG_KVNO 0x20000000
/*
* permission bits
*/
@@ -256,7 +257,7 @@ typedef struct _kadm5_config_params {
krb5_flags flags;
krb5_key_salt_tuple *keysalts;
krb5_int32 num_keysalts;
-
+ krb5_kvno kvno;
bool_t iprop_enabled;
uint32_t iprop_ulogsize;
krb5_deltat iprop_poll_time;
diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c
index c8bc6b0..cfcbd79 100644
--- a/src/lib/kadm5/alt_prof.c
+++ b/src/lib/kadm5/alt_prof.c
@@ -501,6 +501,11 @@ krb5_error_code kadm5_get_config_params(context, use_kdc_config,
params.realm = lrealm;
params.mask |= KADM5_CONFIG_REALM;
}
+
+ if (params_in->mask & KADM5_CONFIG_KVNO) {
+ params.kvno = params_in->kvno;
+ params.mask |= KADM5_CONFIG_KVNO;
+ }
/*
* XXX These defaults should to work on both client and
* server. kadm5_get_config_params can be implemented as a
diff --git a/src/lib/kadm5/srv/server_kdb.c b/src/lib/kadm5/srv/server_kdb.c
index 700b53a..836cd00 100644
--- a/src/lib/kadm5/srv/server_kdb.c
+++ b/src/lib/kadm5/srv/server_kdb.c
@@ -54,6 +54,7 @@ krb5_error_code kdb_init_master(kadm5_server_handle_t handle,
master_keyblock.enctype, from_kbd,
FALSE /* only prompt once */,
handle->params.stash_file,
+ NULL /* don't care about kvno */,
NULL /* I'm not sure about this,
but it's what the kdc does --marc */,
&master_keyblock);
@@ -61,7 +62,7 @@ krb5_error_code kdb_init_master(kadm5_server_handle_t handle,
goto done;
if ((ret = krb5_db_verify_master_key(handle->context, master_princ,
- &master_keyblock))) {
+ IGNORE_VNO, &master_keyblock))) {
krb5_db_fini(handle->context);
return ret;
}
diff --git a/src/lib/kadm5/unit-test/api.2/init-v2.exp b/src/lib/kadm5/unit-test/api.2/init-v2.exp
index 21f6260..24bfb09 100644
--- a/src/lib/kadm5/unit-test/api.2/init-v2.exp
+++ b/src/lib/kadm5/unit-test/api.2/init-v2.exp
@@ -147,7 +147,7 @@ proc test108 {} {
[config_params {KADM5_CONFIG_MKEY_NAME} does/not/exist] \
$KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \
server_handle
- } "KDB_NOMASTERKEY"
+ } "KRB5_KDB_CANTREAD_STORED"
}
if {! $RPC} test108
generated by cgit v1.1 at 2024-08-03 15:48:26 +0000