Skip Menu |
 

Subject: Do not permit salttype after a lookup to be assigned "Ignore salttype"
Index: str_conv.c
===================================================================
--- str_conv.c (revision 20163)
+++ str_conv.c (working copy)

@@ -346,6 +346,9 @@
krb5_xfree(savep);
}
+ if (stype == -1)
+ stype == KRB5_KDB_SALT_TYPETYPE_NORMAL;
+
/* Save our values */
(*ksaltp)[(*nksaltp)].ks_enctype = ktype;
(*ksaltp)[(*nksaltp)].ks_salttype = stype;

Instead of setting the ks_salttype field to -1 which is an invalid
salttype, we default to using the normal salt type instead.
From: tlyu@mit.edu
Subject: git commit

Default to normal salt instead of "ignore"

krb5_string_to_keysalts() treats an empty salt field as -1 ("ignore"),
rather than as the normal salttype. Default to normal instead, so
that omitting a salttype works as expected.

https://github.com/krb5/krb5/commit/25a3b1bd943199bcaa3a9d3a43f90f8ea05f1124
Author: Tom Yu <tlyu@mit.edu>
Commit: 25a3b1bd943199bcaa3a9d3a43f90f8ea05f1124
Branch: master
src/lib/kadm5/str_conv.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)