oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Report mkvno as unknown

Browse Source 
When the principal is retrieved from the database via libkadm5srv, the
keys are always decrypted, so the reported mkvno is always 0.  Rather
than returning 0 and implying that the key in the database is not
encrypted, report the mkvno as unknown for right now.

A better fix is required to either not decrypt the keys when retrieving
get information or to get the mkvno before keys are decrypted.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
This commit is contained in:
Russ Allbery
2010-02-02 14:28:10 -08:00
committed by Love Hornquist Astrand
parent 117652f353
commit d5970c0851
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
kadmin/get.c
View File

@@ -209,7 +209,8 @@ format_field(kadm5_principal_ent_t princ, unsigned int field,
snprintf(buf, buf_len, "%d", princ->kvno); snprintf(buf, buf_len, "%d", princ->kvno);
break; break;
case KADM5_MKVNO: case KADM5_MKVNO:
snprintf(buf, buf_len, "%d", princ->mkvno); /* XXX libkadm5srv decrypts the keys, so mkvno is always 0. */
strlcpy(buf, "unknown", buf_len);
break; break;
case KADM5_LAST_SUCCESS: case KADM5_LAST_SUCCESS:
time_t2str(princ->last_success, buf, buf_len, !condensed); time_t2str(princ->last_success, buf, buf_len, !condensed);