Skip Menu |
 

From: ghudson@mit.edu
Subject: SVN Commit

krb5_db_def_fetch_mkey tries the stash file as a keytab, then falls
back to the old stash file format. If the stash file was in keytab
format, but didn't contain the desired master key, we would try to
read a keytab file as a stash file. This could succeed or fail
depending on byte order and other unpredictable factors. The upshot
was that one of the libkadm5 unit tests (init 108) was getting a
different error code on different platforms.

To fix this, only try the stash file format if we get
KRB5_KEYTAB_BADVNO trying the keytab format. This requires reworking
the error handling logic.


https://github.com/krb5/krb5/commit/9d4a7b700805858bc1a091cd6561ee9f5aef20af
Commit By: ghudson
Revision: 22397
Changed Files:
U trunk/src/lib/kdb/kdb_default.c
From: tlyu@mit.edu
Subject: SVN Commit

pull up r22397 from trunk

------------------------------------------------------------------------
r22397 | ghudson | 2009-06-01 18:39:31 -0400 (Mon, 01 Jun 2009) | 17 lines

ticket: 6506
subject: Make results of krb5_db_def_fetch_mkey more predictable
tags: pullup
target_version: 1.7

krb5_db_def_fetch_mkey tries the stash file as a keytab, then falls
back to the old stash file format. If the stash file was in keytab
format, but didn't contain the desired master key, we would try to
read a keytab file as a stash file. This could succeed or fail
depending on byte order and other unpredictable factors. The upshot
was that one of the libkadm5 unit tests (init 108) was getting a
different error code on different platforms.

To fix this, only try the stash file format if we get
KRB5_KEYTAB_BADVNO trying the keytab format. This requires reworking
the error handling logic.

https://github.com/krb5/krb5/commit/4582a1b450f58116745587911370b7035fc41b50
Commit By: tlyu
Revision: 22795
Changed Files:
U branches/krb5-1-7/src/lib/kdb/kdb_default.c