Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Have you reconsidered a computer career?

devel / comp.protocols.kerberos / Re: Creating a principal using the kadmin C API

SubjectAuthor
o Re: Creating a principal using the kadmin C APITeo Klestrup Röijezon

1
Re: Creating a principal using the kadmin C API

<mailman.53.1652105413.8148.kerberos@mit.edu>

  copy mid

https://www.novabbs.com/devel/article-flat.php?id=248&group=comp.protocols.kerberos#248

  copy link   Newsgroups: comp.protocols.kerberos
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!.POSTED.mailman.mit.edu!not-for-mail
From: teo.roij...@stackable.de (Teo Klestrup Röijezon)
Newsgroups: comp.protocols.kerberos
Subject: Re: Creating a principal using the kadmin C API
Date: Mon, 09 May 2022 16:09:11 +0200
Organization: Stackable
Lines: 26
Message-ID: <mailman.53.1652105413.8148.kerberos@mit.edu>
References: <CAD-Ua_ifa=vo4PEzy3kx-5FB3J+hhN_2BTuS7O=E+hfudRbV4Q@mail.gmail.com>
<2957453.irdbgypaU6@teo-dator-newarch>
<e9dbf862-9235-d0ec-0c9e-eedc9ab80a81@mit.edu>
<9281045.T7Z3S40VBb@teo-laptop>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart11295808.nUPlyArG6x";
micalg="pgp-sha256"; protocol="application/pgp-signature"
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="mailman.mit.edu:18.7.21.50";
logging-data="9056"; mail-complaints-to="newsmaster@tnetconsulting.net"
Cc: kerberos@mit.edu
To: Greg Hudson <ghudson@mit.edu>
Authentication-Results: mit.edu; dmarc=pass (p=reject dis=none)
header.from=stackable.de
Authentication-Results: mit.edu; arc=pass
ARC-Seal: i=2; a=rsa-sha256; d=mit.edu; s=arc; t=1652105410; cv=pass;
b=prsXHm7u7XZVAqPdhIxSzEjg+ZKja+c0wyCY/gSLn/sgXMgJfA95arl6rNsHMPnASF4+PE7e8cGEEYkFvHoMI4Jf++QqJSmYbEqaXaLdBOM33g6m2IlJbP2U12iPqPOBn10Q6JcnD8UReKkhpPk4FogFCNbEdl8lmdsxZMp1JncVrnYjO6Jai65NTaFT2MPUKn6AwtGzOmBh/EXsIpcZA1mv2ME66qob/X9WpIIwiM+EuUYkWXSOjLVwYi7APFHITeaqLXG2g43vj69T6i4PqARibEOfQtfusuY6l01vqTH6616UB7fOG1QdsCwYtrPs/kf7D9GZ81izHNHG2NIzpw==
ARC-Message-Signature: i=2; a=rsa-sha256; d=mit.edu; s=arc; t=1652105410;
c=relaxed/relaxed; bh=P5q+TkdoNcgtN/fIYdTDW5GAJfIbFgIWfVKf1U6SSTs=;
h=From:Subject:Date:Message-ID:MIME-Version:Content-Type;
b=RxJWU8F2hsj4JF3tBHhiimjiGbMUyapcVuNexd2QenT2i8ZS5yjpJQFWCt1uU4uMsL/LvcPY73a6q6l07gATXlUTCYEvsn3rCLLyUWjyCw5jGIBOTZChpBEjAXp6eelgyYhYMoE/l6tqxU0urew1sLc60Q3aBm8f+Wf0D06tqtoKVaweKS6Sg35l623Fm7swUDy4VBOTka7/mo1j43hoowSAwyV5Dkb18png9VErANC7uygcZxm4OoORGsQ4u1A2dyMYqh+pRIAs9O3c1jdQqHVRYxYUuylC/CslvmUNWat5X/Aq5tN06nrnX5XVzSbNnbsxXfmuLKQiv7r1GiwfQQ==
ARC-Authentication-Results: i=2; mit.edu; dkim=pass (1024-bit key)
header.d=mitprod.onmicrosoft.com header.i=@mitprod.onmicrosoft.com
header.b=ph8EEGI1;
dkim=pass (2048-bit key) header.d=stackable.de header.i=@stackable.de
header.b=SZsMmpIh; arc=pass
Authentication-Results: mit.edu;
dkim=pass (1024-bit key) header.d=mitprod.onmicrosoft.com
header.i=@mitprod.onmicrosoft.com header.b=ph8EEGI1;
dkim=pass (2048-bit key) header.d=stackable.de header.i=@stackable.de
header.b=SZsMmpIh
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=i9mEHccCoEQ3vjrf6o5EY/UxxUXEMIKzvBctmeCiHaGOnjYWKlPKY5p9+B5lYK6qIiq6W5iubZfAGDaLGl8uz+F/28fEAhXWkaEnDdh1RDOdZf3yapdPx+mBsczbASrJQONfdIrVLewirnqfntU0GFBdyFiiqamNwMeBNAvPwJtIEY8xT7df7HIgsTinpAUA9NfDRfAdhVw+8Nt1IAnJP5UoVubHSaiXq37o9M5ifgm9PORULsROOGfIvm/93vmdSnnOAs1yq3FT56z/1SmU1lL2Kiq8WaOigTL20kQp91sP9XPLm+bfdWk0s0t2TyRSvhZv3QGp5KTsKafPMEecDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=P5q+TkdoNcgtN/fIYdTDW5GAJfIbFgIWfVKf1U6SSTs=;
b=e4cMwDtZQGR/i2GeucNHwy3U7oXoHxGdbK9mFdxwOw4SgsZcXmhpIKoh+q3CP67Asz7YNB7FZ4TdiTJocEjke9tjzPUCrXpToWGncJakKY8+P9wU8Sk/YxLN2VNkstH8gwATEF9QNDR4pbZOAYEo9uM4/thWVCJlqCrZp8lADZRqII/hWLRowAcCJigMJ6LdxOr08d3BIxFnb7tJOHBOSUz3LGYg0TYW53ef575TiEE9KjnQFY9JJjOYZdxH7G0dT6FwiDYuTskstyOqELUTr0/0k/sIQY+8ngWy6o3yBZ9jMaiOS1Zsf/TZiFGqr3FHxauq74aMXmr4U/vPaRiRSA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is
209.85.218.49) smtp.rcpttodomain=mit.edu smtp.mailfrom=stackable.de;
dmarc=pass (p=reject sp=reject pct=100) action=none header.from=stackable.de;
dkim=pass (signature was verified) header.d=stackable.de; arc=none (0)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=P5q+TkdoNcgtN/fIYdTDW5GAJfIbFgIWfVKf1U6SSTs=;
b=ph8EEGI1J+T5IjyzoK6YglOnm5/BLZscjG3twmvddlyz71JtdCxKKEHfbptwrqChflvypcYB7eTloPyEvu432gICIABVkJSFzyepB69o3yvCKany+2SGgK0hYb9D1ZfXDkqJj2Dhuue7dvIZtCTo/gkGCJSZyc3GPN14qVeW5hQ=
Authentication-Results: spf=pass (sender IP is 209.85.218.49)
smtp.mailfrom=stackable.de; dkim=pass (signature was verified)
header.d=stackable.de;dmarc=pass action=none header.from=stackable.de;
Received-SPF: Pass (protection.outlook.com: domain of stackable.de designates
209.85.218.49 as permitted sender)
receiver=protection.outlook.com;
client-ip=209.85.218.49; helo=mail-ej1-f49.google.com;
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=stackable.de; s=google;
h=from:to:cc:subject:date:message-id:organization:in-reply-to
:references:mime-version;
bh=P5q+TkdoNcgtN/fIYdTDW5GAJfIbFgIWfVKf1U6SSTs=;
b=SZsMmpIhjTAdG6wpJhr19GAl4HNv90I3DmB0CeZ1FQA3zp3jGSH/kZIyWEiM35IGYv
OKRMAfG5CmUQo2oYktBv7EjZv33r0/T5bmFsLLdM/OL9PP6g7Lm5nLNubpR/kpH7vOC0
eUMZol4woI+XYgor/fW2FQ5OW9Ir6C9ikw/uv8M/7d6us7x+Xc6vYx8fYtd2McRWz28B
FKWTZZG0HwYocfyIfrA9p5DxQ9uCaztli0JiEDoL04vPvV0szxGfF1HBQiRcJb+sSFh9
vJQCgXe5txfNvplh5ce4HsxrB47IMdd/WFI7qczm06WvBXdsyjl6wkaBwzC5Q50B8I7n
J7pg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20210112;
h=x-gm-message-state:from:to:cc:subject:date:message-id:organization
:in-reply-to:references:mime-version;
bh=P5q+TkdoNcgtN/fIYdTDW5GAJfIbFgIWfVKf1U6SSTs=;
b=MaslAC386JLKokrt0NfW9z+So4bHRX6lF9vouTXW89N++aw2aYCdM6OuNMd2Mh4P+0
PKoRo62+ocb3g6skliotQ0Tc7eOgVYq9esOoqiaClpkcA/Hph222KzZtq2LuY688ABGb
NsJQc3nxS4EiB9Po9fch/2uZTXrkjHMqn6X3lXKftfM4u+MB4JbqmJZzOUEidH+o+X67
eoUjEg/jXAAWtZMd5k/7X0/eLiOO8+2ionfd0cPsgUQMPnwvFxNJXD0cQG8u+ct0abML
kY/JDjdrkG/nOVWH7fy5lZcBQRF7SRxYDW0AC79FHurUsiJNwkjQcLXTAK3rrnUHE3+1
yhwA==
X-Gm-Message-State: AOAM530Cq+uxvdOgU4EuhEqnLEsDMVlWTNlHAXAjZCzvzQHCogU+Hhfc
sB0C/8Gybjej3rUNBplB/RRfm4/v3LKx0grnPCs=
X-Google-Smtp-Source: ABdhPJzezAsBq1G7JHDLzeOVq+STG2UGneNjG8cOz+dLiUUxFHX5yNpG0XyMTOvV74DRkBiiSUojgA==
X-Received: by 2002:a17:907:2ce3:b0:6f5:130e:d98f with SMTP id
hz3-20020a1709072ce300b006f5130ed98fmr14516530ejc.706.1652105355919;
Mon, 09 May 2022 07:09:15 -0700 (PDT)
In-Reply-To: <e9dbf862-9235-d0ec-0c9e-eedc9ab80a81@mit.edu>
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: bc640559-5f6e-45a6-e1fd-08da31c58141
X-MS-TrafficTypeDiagnostic: BN8PR01MB5684:EE_
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-Microsoft-Antispam-PRVS: <BN8PR01MB5684067D71D19E65E940B6D0E1C69@BN8PR01MB5684.prod.exchangelabs.com>
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: InfELmbI5gBh8XXRSLHoM6+x+twrCD/kzFyqSb/c1Dwxok5hxfdbj4hncEyM+hl1tPmtqWWioL0kKptDvC2F9W7JJ6q78AxCSNuluhv8mgAqJ0swjQYByVPdOiaxEdGr4m06ZpP04Ip78fR7bjSTGby6iLTqhRwr+wbHi3cPP1cphfk1srOvUl4HHUlfbR/5DMyA7c3YdSEs8OaP1lYpAxh6hrXWWx3WzPc2FTt+FtihFLLFV6OYHq+t2Xsx/He9Baci3L2C26sg+1fJoy50eoBfYj/Ehv+ynVGzQvjMzUDc2iZW9nw0UJLZuI61b6fZ7umncbkS8cBhPHCsoi+IUhVR+JniEWa3jYlusw6bugrBTbzu7j9VY3OH9dEHAyzVrq+TTY11xl5zDL3pgUjXnCqSf6gdiuKB3nKPZnfJ+Tq/VQLz6MbaihGn/fx6Of51B0SuYM+8MyKhmscbYIg1VYKk65Aifk423aGbkq+EGJWc8lxxSpJtR9NCOjbwqGnhIuc5c6qzxduDoe6EEhHY171HsE437avEtOcFq6a9mUZ/Xw7Il3+/hM6PlRVUeDJ1DQQz3HNEdD6gnrLoLGrBVj+4Mu1q9+4G06O2ZP/HJbaOYbSmi5sD5T3Ghv0OT+e3penrngPnuZ/CekF/PZEJ1UKnx//XTWegRZuyyfw/zcOUXP1TVat1uD5sfiz1iYTxX5Zrd4U/D+wCRVj50B3nSw==
X-Forefront-Antispam-Report: CIP:209.85.218.49; CTRY:US; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:mail-ej1-f49.google.com; PTR:mail-ej1-f49.google.com;
CAT:NONE;
SFS:(13230001)(4636009)(83380400001)(966005)(956004)(9686003)(786003)(86362001)(356005)(508600001)(21480400003)(36916002)(336012)(53546011)(26005)(7596003)(6666004)(316002)(7636003)(33716001)(2906002)(8676002)(68406010)(70586007)(6862004)(4326008)(5660300002);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 May 2022 14:09:17.3243 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: bc640559-5f6e-45a6-e1fd-08da31c58141
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT034.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR01MB5684
X-OriginatorOrg: mitprod.onmicrosoft.com
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/options/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
X-Mailman-Original-Message-ID: <9281045.T7Z3S40VBb@teo-laptop>
X-Mailman-Original-References: <CAD-Ua_ifa=vo4PEzy3kx-5FB3J+hhN_2BTuS7O=E+hfudRbV4Q@mail.gmail.com>
<2957453.irdbgypaU6@teo-dator-newarch>
<e9dbf862-9235-d0ec-0c9e-eedc9ab80a81@mit.edu>
 by: Teo Klestrup Röijez - Mon, 9 May 2022 14:09 UTC
Attachments: signature.asc (application/pgp-signature)

On Saturday, May 7, 2022 8:24:58 AM CEST Greg Hudson wrote:
> I think this is a bug; the init functions and kadm5_get_config_params()
> should use the profile object from the context argument. I have a
> candidate patch that passes tests.

I think that would be great from our perspective, with the only caveat being
that this might break users who rely on the current behaviour for whatever
reason. But I guess that's kind of a https://xkcd.com/1172/ situation...
> Unfortunately I don't think there's a viable workaround beyond the
> options you have already considered.

As long as we can get it working with either a new release or a temporary soft
fork I'm not massively worried about backporting to older versions. Especially
since this is purely a client issue.

Attachments: signature.asc (application/pgp-signature)
1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor