Skip Menu |
 

History Show all quoted textShow full headers
# Mon Aug 19 14:16:23 2002 The RT System itself - Default: Import/ changed from (no value) to (no value)
Download (untitled) / with headers
text/plain 2.7KiB
From willf@alton.central.sun.com Thu Jun 20 20:33:04 2002
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id UAA29155
for <bugs@RT-11.mit.edu>; Thu, 20 Jun 2002 20:33:04 -0400 (EDT)
Received: from kathmandu.sun.com (kathmandu.sun.com [192.18.98.36])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id UAA23861
for <krb5-bugs@mit.edu>; Thu, 20 Jun 2002 20:33:03 -0400 (EDT)
Received: from engmail2.Eng.Sun.COM ([129.146.1.25])
by kathmandu.sun.com (8.9.3+Sun/8.9.3) with ESMTP id SAA26122
for <krb5-bugs@mit.edu>; Thu, 20 Jun 2002 18:33:03 -0600 (MDT)
Received: from alton.central.sun.com (alton.Central.Sun.COM [129.153.128.101])
by engmail2.Eng.Sun.COM (8.9.3+Sun/8.9.3/ENSMAIL,v2.1p1) with ESMTP id RAA00666
for <krb5-bugs@mit.edu>; Thu, 20 Jun 2002 17:33:02 -0700 (PDT)
Received: (from willf@localhost)
by alton.central.sun.com (8.10.2+Sun/8.10.2) id g5L0X0U10735;
Thu, 20 Jun 2002 19:33:00 -0500 (CDT)
Message-Id: <200206210033.g5L0X0U10735@alton.central.sun.com>
Date: Thu, 20 Jun 2002 19:33:00 -0500 (CDT)
From: William Fiveash <willf@alton.central.sun.com>
Reply-To: willf@alton.central.sun.com
To: krb5-bugs@mit.edu
Subject: kdc does not support des3-hmac-sha1 by default
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 1121
>Category: krb5-kdc
>Synopsis: kdc does not support des3-hmac-sha1 by default
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Jun 20 20:34:00 EDT 2002
>Last-Modified:
>Originator: William Fiveash
>Organization:
Sun Microsystems Inc.
Show quoted text
>Release: krb5-1.2.5
>Environment:

System: SunOS alton 5.8 Generic_108528-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4

Show quoted text
>Description:


When setting "master_key_type = des3-hmac-sha1" in kdc.conf and creating
the principal db, krb5kdc will fail to start unless "supported_enctypes
= des3-hmac-sha1" is also set. krb5kdc should support des3-hmac-sha1 by
default.

Show quoted text
>How-To-Repeat:

Show quoted text
>Fix:


--- src/lib/kadm5/alt_prof.c.orig Thu Jun 20 19:07:24 2002
+++ src/lib/kadm5/alt_prof.c Thu Jun 20 19:17:56 2002
@@ -943,6 +943,11 @@
hierarchy[2] = "supported_enctypes";
kret = krb5_aprof_get_string(aprofile, hierarchy, TRUE, &svalue);
}
+ /* Why not support the same defaults found in kadm5_get_config_params()?
+ */
+ if (svalue == NULL) {
+ svalue = strdup("des3-hmac-sha1:normal des-cbc-crc:normal");
+ }
if (!kret) {
krb5_string_to_keysalts(svalue,
", \t", /* Tuple separators */
@@ -951,6 +956,7 @@
&rparams->realm_keysalts,
&rparams->realm_num_keysalts);
krb5_xfree(svalue);
+ svalue = NULL;
}
kret = 0;
}
Show quoted text
>Audit-Trail:
>Unformatted:
# Mon Aug 19 14:16:23 2002 The RT System itself - Component krb5-kdc added
# Mon Aug 19 14:16:23 2002 The RT System itself - Version_reported 1.2.5 added
# Mon Nov 17 17:49:12 2003 hartmans (Sam Hartman) - Tags nochange added
# Mon Nov 17 17:49:13 2003 hartmans (Sam Hartman) - Status changed from 'new' to 'resolved'