projects / krb5.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 60e01dc) | patch
Allow clearpolicy restriction for kadmin addprinc
authorGreg Hudson <ghudson@mit.edu>
Thu, 26 Apr 2012 04:34:20 +0000 (04:34 +0000)
committerGreg Hudson <ghudson@mit.edu>
Thu, 26 Apr 2012 04:34:20 +0000 (04:34 +0000)
commit79495d8694275ebde98d48d018161208c72368c2
treeff6bf70c9573dad97364de0165c661f3bbf91582tree | snapshot
parent60e01dc17967479f31a3669d2a5ef306d1b48750commit | diff
Allow clearpolicy restriction for kadmin addprinc

Although the kadmin client never generates a KADM5_POLICY_CLR mask bit
with addprinc, the bit will be set if a kadm5.acl line imposes the
-clearpolicy restriction.  Relax the sanity checking in
kadm5_create_principal_3 to allow KADM5_POLICY_CLR as long as
KADM5_POLICY is not also set.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25827 dc483132-0cff-0310-8789-dd5450dbe970
src/lib/kadm5/srv/svr_principal.c diff | blob | history
MIT implementation of the Kerberos network authentication protocol. This repo may be rebased, so don't base your work on it. Use git://github.com/krb5/krb5 instead.