krb5_db_free(context, data);
}
+/*
+ * Set *passptr to NULL if the request looks like the first part of a krb5 1.6
+ * addprinc -randkey operation. The krb5 1.6 dummy password for these requests
+ * was invalid UTF-8, which runs afoul of the arcfour string-to-key.
+ */
+static void
+check_1_6_dummy(kadm5_principal_ent_t entry, long mask,
+ int n_ks_tuple, krb5_key_salt_tuple *ks_tuple, char **passptr)
+{
+ int i;
+ char *password = *passptr;
+
+ /* Old-style randkey operations disallowed tickets to start. */
+ if (!(mask & KADM5_ATTRIBUTES) ||
+ !(entry->attributes & KRB5_KDB_DISALLOW_ALL_TIX))
+ return;
+
+ /* The 1.6 dummy password was the octets 1..255. */
+ for (i = 0; (unsigned char) password[i] == i + 1; i++);
+ if (password[i] != '\0' || i != 255)
+ return;
+
+ /* This will make the caller use a random password instead. */
+ *passptr = NULL;
+}
+
kadm5_ret_t
kadm5_create_principal(void *server_handle,
kadm5_principal_ent_t entry, long mask,
krb5_clear_error_message(handle->context);
+ check_1_6_dummy(entry, mask, n_ks_tuple, ks_tuple, &password);
+
/*
* Argument sanity checking, and opening up the DB
*/