From 50318b60eebbed1dc1a488991dff7f86bfaca58f Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 16 Feb 2011 11:16:30 -0500 Subject: Fix duplicate OIDs Apparently we forgot to check OID consistency between the schema and the extensions, and we got duplicates. Technically the schema was done later but it is easier to change the extensions OIDs than to change the schema of current beta2/rc1 installations. The only side effect is that older ipa-getkeytab and ipa-join binaries will fail. So all the admin/client tools must be upgraded at the same time as well as all the masters (otherwise some will show/accept the new OID while others won't). Fixes: https://fedorahosted.org/freeipa/ticket/976 --- ipa-client/ipa-getkeytab.c | 4 ++-- ipa-client/ipa-join.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'ipa-client') diff --git a/ipa-client/ipa-getkeytab.c b/ipa-client/ipa-getkeytab.c index f8da31786..01b8d7bc5 100644 --- a/ipa-client/ipa-getkeytab.c +++ b/ipa-client/ipa-getkeytab.c @@ -50,8 +50,8 @@ #define KRB5_KDB_SALTTYPE_SPECIAL 4 #define KRB5_KDB_SALTTYPE_AFS3 5 -#define KEYTAB_SET_OID "2.16.840.1.113730.3.8.3.1" -#define KEYTAB_RET_OID "2.16.840.1.113730.3.8.3.2" +#define KEYTAB_SET_OID "2.16.840.1.113730.3.8.10.1" +#define KEYTAB_RET_OID "2.16.840.1.113730.3.8.10.2" struct krb_key_salt { krb5_enctype enctype; diff --git a/ipa-client/ipa-join.c b/ipa-client/ipa-join.c index 86b1bd122..c3818f21e 100644 --- a/ipa-client/ipa-join.c +++ b/ipa-client/ipa-join.c @@ -42,7 +42,7 @@ #define NAME "ipa-join" #define VERSION "1.0" -#define JOIN_OID "2.16.840.1.113730.3.8.3.53" +#define JOIN_OID "2.16.840.1.113730.3.8.10.3" #define CAFILE "/etc/ipa/ca.crt" -- cgit