From: Julien Rische Date: Thu, 1 Aug 2024 08:56:07 +0000 (+0200) Subject: Set missing mask flags for kdb5_util operations X-Git-Tag: krb5-1.22-beta1~31 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1364%2Fhead;p=thirdparty%2Fkrb5.git Set missing mask flags for kdb5_util operations Set KADM5_TL_DATA for the use_mkey and update_princ_encryption commands. (Commit c877f13c8985d820583b0d7ac1bb4c5dc36e677e did this for the add_new_mkey and purge_mkeys commands.) Set appropriate flags for the add_random_key command. [ghudson@mit.edu: combined two commits; pruned out proposed mask flag additions for values represented within key data or tl-data (like KADM5_MKVNO), as those flags are currently only used in the kadm5 protocol, not to communicate with the KDB module] ticket: 9158 (new) --- diff --git a/src/kadmin/dbutil/kdb5_mkey.c b/src/kadmin/dbutil/kdb5_mkey.c index 0088c8eafb..3e213123f4 100644 --- a/src/kadmin/dbutil/kdb5_mkey.c +++ b/src/kadmin/dbutil/kdb5_mkey.c @@ -510,6 +510,8 @@ kdb5_use_mkey(int argc, char *argv[]) goto cleanup_return; } + master_entry->mask |= KADM5_TL_DATA; + if ((retval = krb5_db_put_principal(util_context, master_entry))) { com_err(progname, retval, _("while adding master key entry to the database")); @@ -780,7 +782,7 @@ update_princ_encryption_1(void *cb, krb5_db_entry *ent) goto fail; } - ent->mask |= KADM5_KEY_DATA; + ent->mask |= KADM5_KEY_DATA | KADM5_TL_DATA; if ((retval = krb5_db_put_principal(util_context, ent))) { com_err(progname, retval, _("while updating principal '%s' key data " diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index fd3cc1f96a..88218dba74 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -600,6 +600,9 @@ add_random_key(int argc, char **argv) exit_status++; return; } + + dbent->mask |= KADM5_ATTRIBUTES | KADM5_KEY_DATA | KADM5_TL_DATA; + ret = krb5_db_put_principal(util_context, dbent); krb5_db_free_principal(util_context, dbent); if (ret) {