Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
kadm5: kadmin modify must refuse bogus keys
kadmin should not permit a modify that stores invalid keys into the database. Accepting bad key data into the database will result in errors when those keys are eventually used. This change does not address the general case. It does address the specific case of the kadmin client attempting to store the magic bogus key since that is trivial to check for and can be unintentionally returned to kadmind by a 1.6rc2 or prior client. This can happen when a user has get privilege but lacks the new get-keys privilege. Change-Id: I44795e6428472b75ab1e4257ce7cb9160f0299f5
- Loading branch information