diff options
author | Greg Hudson <ghudson@mit.edu> | 2014-05-24 22:58:26 -0400 |
---|---|---|
committer | Greg Hudson <ghudson@mit.edu> | 2014-06-05 11:34:27 -0400 |
commit | 1825455ede7e61ab934b16262fb5b12b78a52f1a (patch) | |
tree | 68d4c3b5670b5734d2177419aae3728e9da9611d /src/lib/krb5/asn.1/ldap_key_seq.c | |
parent | a7b5808b5df9e54ef8a8a7ac24e5faad458ddbce (diff) | |
download | krb5-1825455ede7e61ab934b16262fb5b12b78a52f1a.tar.gz krb5-1825455ede7e61ab934b16262fb5b12b78a52f1a.tar.xz krb5-1825455ede7e61ab934b16262fb5b12b78a52f1a.zip |
Always include salt in LDAP KrbKey encoding
In the LDAP KDB module, ensure that every krb5_key_data we pass to
asn1_encode_sequence_of_keys includes a salt type, for compatibility
with the decoder in unpatched krb5 1.11 and 1.12.
This is not a behavior change by itself; since 1.7 the encoder has
always included a KrbKey salt field because it erroneously treats that
field as non-optional. (Luckily, the encoded salt always happens to
have salt type 0 because krb5_key_data constructors start with zeroed
memory.) The next commit will fix the encoder and decoder to properly
treat the KrbKey salt field as optional, so we need this change to
ensure that our encodings remain compatible.
Also fix the ASN.1 tests to set key_data_ver correctly for the sample
test key data.
ticket: 7919
Diffstat (limited to 'src/lib/krb5/asn.1/ldap_key_seq.c')
0 files changed, 0 insertions, 0 deletions