[Freeipa-devel] [PATCH] #2038 modify salt creation
Simo Sorce
simo at redhat.com
Fri Nov 4 20:14:55 UTC 2011
On Fri, 2011-11-04 at 15:59 -0400, Simo Sorce wrote:
> On Fri, 2011-11-04 at 15:15 -0400, Nalin Dahyabhai wrote:
> > On Thu, Nov 03, 2011 at 06:26:15PM -0400, Simo Sorce wrote:
> > > As stated in the bug in order to attain better interoperability with
> > > Windows clients we need to change the way we generate the random salt.
> >
> > Nack. The data in a krb5_data is of type 'char', and if it's signed,
> > the math used here doesn't produce a printable result. Might also want
> > to increase KRB5P_SALT_SIZE.
>
> Ah crap, right.
>
> I initially used a safe construct: data[i] &= 0x5F
> Then realized that one of the possible values (5F + 20 = 7F) is
> unprintable, so I switched to this unsafe one.
>
> Will get a revised patch for ipa-2-1 and an amendment for master.
>
> Thanks a lot for spotting this one!
Attached amendment patch for master and an already amended new patch for
ipa-2-1.
--
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Amend-2038-fix.patch
Type: text/x-patch
Size: 1171 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111104/0867e375/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipa-2-1-Modify-random-salt-creation-for-interoperability-2.patch
Type: text/x-patch
Size: 2940 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111104/0867e375/attachment-0001.bin>
More information about the Freeipa-devel
mailing list