summaryrefslogtreecommitdiffstats
path: root/src/lib/kdb
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/kdb')
-rw-r--r--src/lib/kdb/ChangeLog5
-rw-r--r--src/lib/kdb/keytab.c6
2 files changed, 11 insertions, 0 deletions
diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog
index 24f7e51de2..a790596ad1 100644
--- a/src/lib/kdb/ChangeLog
+++ b/src/lib/kdb/ChangeLog
@@ -1,3 +1,8 @@
+2002-08-15 Tom Yu <tlyu@mit.edu>
+
+ * keytab.c (krb5_ktkdb_get_entry): For consistency, check for
+ DISALLOW_ALL_TIX and DISALLOW_SVR when looking up keys.
+
2002-08-09 Sam Hartman <hartmans@mit.edu>
* kdb_xdr.c (krb5_dbe_search_enctype): Initialize ret to 0; thanks
diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c
index f8077324b9..9c9b3b3bd8 100644
--- a/src/lib/kdb/keytab.c
+++ b/src/lib/kdb/keytab.c
@@ -116,6 +116,12 @@ krb5_ktkdb_get_entry(context, id, principal, kvno, enctype, entry)
return KRB5_KT_NOTFOUND;
}
+ if (db_entry.attributes & KRB5_KDB_DISALLOW_SVR
+ || db_entry.attributes & KRB5_KDB_DISALLOW_ALL_TIX) {
+ kerror = KRB5_KT_NOTFOUND;
+ goto error;
+ }
+
/* match key */
kerror = krb5_db_get_mkey(context, &master_key);
if (kerror)
generated by cgit (git 2.34.1) at 2024-10-01 22:44:01 +0000