Call kdb_set_mkey_list from the KDC

In order for the kdb keytab to be used from within the KDC, the KDC
needs to set the master key list in the context.

ticket: 6424
Target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22093 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c
index 00ae43645f1e321312d6387b1f03369bca178768..5e1c91c80612d0bc45047e3522750b36212246bb 100644 (file)
--- a/src/kdc/kdc_util.c
+++ b/src/kdc/kdc_util.c
@@ -454,6 +454,7 @@ kdc_get_server_key(krb5_ticket *ticket, unsigned int flags,
                                     &master_keyblock, 0, &tmp_mkey_list) == 0) {
             krb5_dbe_free_key_list(kdc_context, master_keylist);
             master_keylist = tmp_mkey_list;
+           krb5_db_set_mkey_list(kdc_context, master_keylist);
             if ((retval = krb5_dbe_find_mkey(kdc_context, master_keylist,
                                              server, &mkey_ptr))) {
                 goto errout;

diff --git a/src/kdc/main.c b/src/kdc/main.c
index 631fe3c07dbc369c77e186a5c4d0e6d60619ca30..7656dcd8e11e0c2c58626c5e5cd93c0915bf0666 100644 (file)
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -414,7 +414,6 @@ init_realm(kdc_realm_t *rdp, char *realm, char *def_mpname,
                rdp->realm_mpname, realm);
        goto whoops;
     }
-
 #if 0 /************** Begin IFDEF'ed OUT *******************************/
     /*
      * Commenting krb5_db_verify_master_key out because it requires the most
@@ -445,6 +444,7 @@ init_realm(kdc_realm_t *rdp, char *realm, char *def_mpname,
                "while setting master key for realm %s", realm);
        goto whoops;
     }
+    krb5_db_set_mkey_list(rdp->realm_context, rdp->mkey_list);
 
     /* Set up the keytab */
     if ((kret = krb5_ktkdb_resolve(rdp->realm_context, NULL,