]> git.ipfire.org Git - thirdparty/krb5.git/commitdiff
projects / thirdparty / krb5.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 54aee08)
Set TL_DATA mask flag for master key operations
authorSimo Sorce <simo@redhat.com>
Wed, 9 Dec 2015 23:09:18 +0000 (18:09 -0500)
committerTom Yu <tlyu@mit.edu>
Fri, 18 Dec 2015 18:32:26 +0000 (13:32 -0500)
When kdb5_util adds or removes master keys, it modifies tl-data but
doesn't set the KADM5_TL_DATA mask flag, causing KDB modules that rely
on this signaling (such as the LDAP module) not to store the tl-data
changes.  Fix this issue by setting the mask bit in add_new_mkey() and
kdb5_purge_mkeys().

[ghudson@mit.edu: edit commit message]

(cherry picked from commit c877f13c8985d820583b0d7ac1bb4c5dc36e677e)

ticket: 8327
version_fixed: 1.13.4
tags: -pullup
status: resolved

src/kadmin/dbutil/kdb5_mkey.c patch | blob | blame | history

diff --git a/src/kadmin/dbutil/kdb5_mkey.c b/src/kadmin/dbutil/kdb5_mkey.c
index 2f90cb0ada68d255fd69f8ae0cc0092a9ba8cb78..04497327027132d182becbbf7fac1b1518f6cff1 100644 (file)
--- a/src/kadmin/dbutil/kdb5_mkey.c
+++ b/src/kadmin/dbutil/kdb5_mkey.c
@@ -178,7 +178,7 @@ add_new_mkey(krb5_context context, krb5_db_entry *master_entry,
                                            mkey_aux_data_head))) {
         goto clean_n_exit;
     }
-    master_entry->mask |= KADM5_KEY_DATA;
+    master_entry->mask |= KADM5_KEY_DATA | KADM5_TL_DATA;
 
 clean_n_exit:
     krb5_dbe_free_mkey_aux_list(context, mkey_aux_data_head);
@@ -1366,7 +1366,7 @@ kdb5_purge_mkeys(int argc, char *argv[])
         goto cleanup_return;
     }
 
-    master_entry->mask |= KADM5_KEY_DATA;
+    master_entry->mask |= KADM5_KEY_DATA | KADM5_TL_DATA;
 
     if ((retval = krb5_db_put_principal(util_context, master_entry))) {
         (void) krb5_db_fini(util_context);
Mirror of https://github.com/krb5/krb5.git