On Mon, Dec 02, 2013 at 11:24:17AM +1100, Brian May wrote: > On 2 December 2013 00:58, Jelmer Vernooij <jel...@samba.org> wrote: > > > So, the underlying issue is that we're trying to set an empty master > > key - which doesn't really make sense anyway. > I would argue it shouldn't crash, it should come up with a reasonable > error. Not to mention, I think this use to work. I agree kstash shouldn't crash on an empty password - I've filed an upstream bug report about that. That's orthogonal though - even if that would work, setting an empty master key password is suboptimal.
> > There are two solutions I can think of; either we can just skip calling > > kstash at all here, or we can generate a random key. > > > > The latter seems like a better idea, since it means we won't be > > setting an empty key by default (the priority for the > > heimdal-kdc/password question is medium). > Yes, that seems reasonable to me. Okay, I'll upload a fix to unstable with that. Cheers, Jelmer
signature.asc
Description: Digital signature
