[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#688006: unblock: krb5-sync/2.2-3

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package krb5-sync for the fix to RC bug #687346.

  * Apply upstream commit to silently ignore password changes with a NULL
    password, only new keys.  This represents a key randomization, such as
    from addprinc -randkey, which is outside the synchronization scope of
    this package.  Without this change, the plugin would segfault on that
    operation.  (Closes: #687346)

The debdiff adds a debian patch, the effect of which is to apply the
following patch:

--- a/plugin/mit.c
+++ b/plugin/mit.c
@@ -81,6 +81,15 @@ chpass(krb5_context ctx, kadm5_hook_modinfo *data, int stage,
     size_t length;
     int status = 0;
+    /*
+     * If password is NULL, we have a new key set but no password (meaning
+     * this is an operation such as addprinc -randkey).  We can't do anything
+     * without a password, so ignore these cases.
+     */
+    if (password == NULL)
+        return 0;
+    /* Dispatch to the appropriate function. */
     length = strlen(password);
     if (stage == KADM5_HOOK_STAGE_PRECOMMIT)
         status = pwupdate_precommit_password(data, princ, password, length,

unblock krb5-sync/2.2-3

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Reply to: