On Tue, 2009-01-20 at 19:27 +0100, Mark Phalan wrote: > On Tue, 2009-01-20 at 13:14 -0500, Peter Shoults wrote: > > >> 6784485 keys for kadmind princs should be created with all supported > > >> enc-types > > >> http://cr.opensolaris.org/~mbp/6784485-enctypes_for_default_kadmin_princs/ > > >> > > > > 1) Should we be calling > > > > krb5_free_ktypes(context, enctype); > > > > IF we failed the malloc() on line 321? > > Yup, nice catch. I'll make the change. > > > > > 2) Line 341 of new file - How are you determining you are only creating > > keys with "Normal" enctypes? > > Normal _salt_types. > Line 330 a "normal" salttype is created. This salttype is used when > creating the keys. See line 344 where the salttype is being set. > > > > > Otherwise looks good.
Sorry to bother you with this again but when going over my fixes a final time I saw a more elegant way to deal with 6776724 The updated webrev is posted here: http://cr.opensolaris.org/~mbp/6776724-updated/ The only thing which has changed is the fix for 6776724. Its just a one line change (+copyright year). The -znodelete option marks the pkinit plugin as something not to be deleted even if its dlclosed. You can find out more in ld(1). I've tested it and it works fine. Cheers, -M
