freeipa

#976 Critical: OID reuse

Closed: Fixed None Opened 13 years ago by simo.

We accidentally reused 2 OIDs assigned to the keytab extedned operation.

In ipa_pwd_extop.c we have:
/ OID to retrieve keytabs /

define KEYTAB_SET_OID "2.16.840.1.113730.3.8.3.1"

define KEYTAB_RET_OID "2.16.840.1.113730.3.8.3.2"

but in the schema we also have:
attributeTypes: (2.16.840.1.113730.3.8.3.1 NAME 'ipaUniqueID' ....
attributeTypes: (2.16.840.1.113730.3.8.3.2 NAME 'ipaClientVersion' ...

This is bad.
The easiest way to fix this is by changing the extended operation OIDs that are used only by IPA. The only side effect is that it will break older ipa-getkeytab binaries. But changing the extended operation OIDs is easier then forcing users of beta2/rc1 to reinstall their servers.

simo commented 13 years ago

Fixed in: 50318b6

Metadata Update from @simo:
- Issue assigned to simo
- Issue set to the milestone: FreeIPA 2.0.3 RC3 (bug fixing)

7 years ago

Metadata

Assignee

simo

Tags

None

Blocking

None

Depending on

None

Priority

critical

Milestone

FreeIPA 2.0.3 RC3 (bug fixing)

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

tester

None

changelog

None

design

None

freeipa

Source Code

#976 Critical: OID reuse Closed: Fixed None Opened 13 years ago by simo.

define KEYTAB_SET_OID "2.16.840.1.113730.3.8.3.1"

define KEYTAB_RET_OID "2.16.840.1.113730.3.8.3.2"

Metadata

#976 Critical: OID reuse

Closed: Fixed None Opened 13 years ago by simo.