| commit | 69b0a8f4eb0a5b47db65f3427530903fb2238b35 | |
| author | Nicolas Williams <nico@cryptonector.com> | |
| Thu, 12 Mar 2015 05:51:16 +0000 (12 00:51 -0500) | ||
| committer | Jeffrey Altman <jaltman@secure-endpoints.com> | |
| Sat, 14 Mar 2015 20:08:44 +0000 (14 16:08 -0400) | ||
| tree | b5ea2af9609add948e1bd3fb2281ac9768451313 | treesnapshot (tar.gz zip) |
| parent | dcbe8ae73baab2f019d2d87ee668e432dabd3e0c | commitdiff |
kadm5: kadmin modify must refuse bogus keys
kadmin should not permit a modify that stores invalid keys into the
database. Accepting bad key data into the database will result in
errors when those keys are eventually used.
This change does not address the general case. It does address the
specific case of the kadmin client attempting to store the magic
bogus key since that is trivial to check for and can be unintentionally
returned to kadmind by a 1.6rc2 or prior client. This can happen when
a user has get privilege but lacks the new get-keys privilege.
Change-Id: I44795e6428472b75ab1e4257ce7cb9160f0299f5
kadmin should not permit a modify that stores invalid keys into the
database. Accepting bad key data into the database will result in
errors when those keys are eventually used.
This change does not address the general case. It does address the
specific case of the kadmin client attempting to store the magic
bogus key since that is trivial to check for and can be unintentionally
returned to kadmind by a 1.6rc2 or prior client. This can happen when
a user has get privilege but lacks the new get-keys privilege.
Change-Id: I44795e6428472b75ab1e4257ce7cb9160f0299f5
| lib/kadm5/modify_s.c | diffblobblamehistory |