Add missing KADM5_AUTH_GET_KEYS error and use it.

author Nicolas Williams <nico@cryptonector.com>

Tue, 19 Jul 2011 19:01:56 +0000 (14:01 -0500)

committer Nicolas Williams <nico@cryptonector.com>

Fri, 22 Jul 2011 21:07:07 +0000 (16:07 -0500)
author Nicolas Williams <nico@cryptonector.com>
Tue, 19 Jul 2011 19:01:56 +0000 (14:01 -0500)
committer Nicolas Williams <nico@cryptonector.com>
Fri, 22 Jul 2011 21:07:07 +0000 (16:07 -0500)
diff --git a/lib/kadm5/acl.c b/lib/kadm5/acl.c

index d36d43fa88313562124cd777254904a6d9f9d408..fdee715f99be58953d729b271ab2576a6426fc96 100644 (file)
--- a/lib/kadm5/acl.c
+++ b/lib/kadm5/acl.c
@@ -179,7 +179,7 @@ check_flags (unsigned op,
      if(res & KADM5_PRIV_GET)
         return KADM5_AUTH_GET;
      if(res & KADM5_PRIV_GET_KEYS)
-       return KADM5_AUTH_GET;
+       return KADM5_AUTH_GET_KEYS;
      if(res & KADM5_PRIV_ADD)
         return KADM5_AUTH_ADD;
      if(res & KADM5_PRIV_MODIFY)
diff --git a/lib/kadm5/kadm5_err.et b/lib/kadm5/kadm5_err.et

index 1f12d0f8dc779cb7ddbeb601beef942084c4aec8..35c620e7287037731558e34eeecbe0e15fb5ed9f 100644 (file)
--- a/lib/kadm5/kadm5_err.et
+++ b/lib/kadm5/kadm5_err.et
@@ -62,3 +62,4 @@ error_code SETKEY3_ETYPE_MISMATCH,    "Key/salt tuples don't match keys"
  error_code DECRYPT_USAGE_NOSUPP,       "Given usage of kadm5_decrypt() not supported"
  error_code POLICY_OP_NOSUPP,   "Policy operations not supported"
  error_code KEEPOLD_NOSUPP,     "Keep old keys option not supported"
+error_code AUTH_GET_KEYS,      "Operation requires `get-keys' privilege"
author	Nicolas Williams <nico@cryptonector.com>
	Tue, 19 Jul 2011 19:01:56 +0000 (14:01 -0500)
committer	Nicolas Williams <nico@cryptonector.com>
	Fri, 22 Jul 2011 21:07:07 +0000 (16:07 -0500)
lib/kadm5/acl.c		patch \| blob \| history
lib/kadm5/kadm5_err.et		patch \| blob \| history