empty salt in MIT dump file

[Aidan Cully <aidan@kublai.com>]

I tried converting my MIT kerberos database to Heimdal (using the Heimdal
included in NetBSD 1.5D, from 8/6/2000, I think that's Heimdal 0.3a), and
it core dumped on me.  A fair amount of digging, and I eventually
discovered that it was because MIT can create a dump file that indicates
the presence of salt (in this case, of type 1 == KRB5_KDB_SALTTYPE_V4),
but where the salt has no data associated with it.  This case in the
Heimdal code was not handled:

  foreach version 0 to key data version - 1 (a key or a salt)
    %d\t%d\t(data type for this key, data length for this key)
    foreach key data length 0 to length-1
      %02x (key data contents[element n])
    except if key_data length is 0  <------- I was running into this.
      %d (always -1)

I'm not sure how to encode 'empty salt' into the Heimdal DB, so what I
did was:
--- mit_dump.c.orig	Mon Aug  7 01:36:41 2000
+++ mit_dump.c	Tue Aug  8 23:30:49 2000
@@ -279,9 +279,15 @@
 		ALLOC(ent.keys.val[i].salt);
 		ent.keys.val[i].salt->type = getint(&p); /* salt type */
 		tmp = getint(&p); /* salt length */
-		krb5_data_alloc(&ent.keys.val[i].salt->salt, tmp - 2);
-		q = nexttoken(&p); /* salt itself */
-		hex_to_octet_string(q + 4, &ent.keys.val[i].salt->salt);
+		if(tmp > 0) {
+		    krb5_data_alloc(&ent.keys.val[i].salt->salt, tmp - 2);
+		    q = nexttoken(&p); /* salt itself */
+		    hex_to_octet_string(q + 4, &ent.keys.val[i].salt->salt);
+		} else {
+		    ent.keys.val[i].salt->salt.length = tmp;
+		    ent.keys.val[i].salt->salt.data = 0;
+		    tmp = getint(&p);	/* -1, if no data. */
+		}
 	    }
 	}
 	q = nexttoken(&p); /* extra data */

Anyway, some fix should go into the dist, even if this one isn't exactly
correct.

--aidan