diff options
| author | Simo Sorce <ssorce@redhat.com> | 2008-08-12 16:11:16 -0400 |
|---|---|---|
| committer | Martin Nagy <mnagy@redhat.com> | 2008-08-15 08:54:44 +0200 |
| commit | c5b44f77a1a2fcc19312dc2d5ad2a46836c936a2 (patch) | |
| tree | 4cf21ab73123e5b63b6a698b111c03341a93aa8c | |
| parent | 828c9b9cddbc60e4c81a0ca987acace99e3d8594 (diff) | |
| download | freeipa-c5b44f77a1a2fcc19312dc2d5ad2a46836c936a2.tar.gz freeipa-c5b44f77a1a2fcc19312dc2d5ad2a46836c936a2.tar.xz freeipa-c5b44f77a1a2fcc19312dc2d5ad2a46836c936a2.zip | |
Comment out code that generates keys with a random salt, apparently this does not work as expected and generates faulty keys
| -rw-r--r-- | ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 1697fb5c8..909476b91 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -582,6 +582,7 @@ static Slapi_Value **encrypt_encode_key(krb5_context krbctx, struct ipapwd_data * we have to use a more conservative approach and set the salt * to be REALMprincipal (the concatenation of REALM and principal * name without any separator) */ +#if 0 if (krbTicketFlags & KTF_REQUIRES_PRE_AUTH) { salt.length = KRB5P_SALT_SIZE; salt.data = malloc(KRB5P_SALT_SIZE); @@ -598,6 +599,7 @@ static Slapi_Value **encrypt_encode_key(krb5_context krbctx, struct ipapwd_data goto enc_error; } } else { +#endif krberr = krb5_principal2salt(krbctx, princ, &salt); if (krberr) { slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", @@ -605,7 +607,9 @@ static Slapi_Value **encrypt_encode_key(krb5_context krbctx, struct ipapwd_data krb5_get_error_message(krbctx, krberr)); goto enc_error; } +#if 0 } +#endif break; case KRB5_KDB_SALTTYPE_V4: |