From c5b44f77a1a2fcc19312dc2d5ad2a46836c936a2 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 12 Aug 2008 16:11:16 -0400 Subject: Comment out code that generates keys with a random salt, apparently this does not work as expected and generates faulty keys --- ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c') diff --git a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c index 1697fb5c8..909476b91 100644 --- a/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c +++ b/ipa-server/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c @@ -582,6 +582,7 @@ static Slapi_Value **encrypt_encode_key(krb5_context krbctx, struct ipapwd_data * we have to use a more conservative approach and set the salt * to be REALMprincipal (the concatenation of REALM and principal * name without any separator) */ +#if 0 if (krbTicketFlags & KTF_REQUIRES_PRE_AUTH) { salt.length = KRB5P_SALT_SIZE; salt.data = malloc(KRB5P_SALT_SIZE); @@ -598,6 +599,7 @@ static Slapi_Value **encrypt_encode_key(krb5_context krbctx, struct ipapwd_data goto enc_error; } } else { +#endif krberr = krb5_principal2salt(krbctx, princ, &salt); if (krberr) { slapi_log_error(SLAPI_LOG_FATAL, "ipa_pwd_extop", @@ -605,7 +607,9 @@ static Slapi_Value **encrypt_encode_key(krb5_context krbctx, struct ipapwd_data krb5_get_error_message(krbctx, krberr)); goto enc_error; } +#if 0 } +#endif break; case KRB5_KDB_SALTTYPE_V4: -- cgit