[Freeipa-devel] [PATCH] #2038 modify salt creation

Simo Sorce simo at redhat.com
Fri Nov 4 20:14:55 UTC 2011


On Fri, 2011-11-04 at 15:59 -0400, Simo Sorce wrote:
> On Fri, 2011-11-04 at 15:15 -0400, Nalin Dahyabhai wrote:
> > On Thu, Nov 03, 2011 at 06:26:15PM -0400, Simo Sorce wrote:
> > > As stated in the bug in order to attain better interoperability with
> > > Windows clients we need to change the way we generate the random salt.
> > 
> > Nack.  The data in a krb5_data is of type 'char', and if it's signed,
> > the math used here doesn't produce a printable result.  Might also want
> > to increase KRB5P_SALT_SIZE.
> 
> Ah crap, right.
> 
> I initially used a safe construct: data[i] &= 0x5F
> Then realized that one of the possible values (5F + 20 = 7F) is
> unprintable, so I switched to this unsafe one.
> 
> Will get a revised patch for ipa-2-1 and an amendment for master.
> 
> Thanks a lot for spotting this one!

Attached amendment patch for master and an already amended new patch for
ipa-2-1.


-- 
Simo Sorce * Red Hat, Inc * New York
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Amend-2038-fix.patch
Type: text/x-patch
Size: 1171 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111104/0867e375/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipa-2-1-Modify-random-salt-creation-for-interoperability-2.patch
Type: text/x-patch
Size: 2940 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111104/0867e375/attachment-0001.bin>


More information about the Freeipa-devel mailing list