From ca58609ecd6b2dfdf2337ed60730cbb4e62da722 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Mon, 7 Feb 2000 10:32:45 +0000 Subject: * gic_pwd.c (krb5_get_as_key_password): If the as_key enctype is already set to the correct type, do continue and ask for the password anyways. (Patch from Chas Williams, PR krb5-libs/730.) * preauth2.c (pa_sam): If no sam_flags were set, return KRB5_PREAUTH_BAD_TYPE, because we don't currently handle that case. * preauth2.c (pa_sam): Remove unused variable use_sam_key. (SAMDATA): Cast first result to int, which is what sprintf needs. (pa_salt): Delete unused variable ret. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12012 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/gic_pwd.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'src/lib/krb5/krb/gic_pwd.c') diff --git a/src/lib/krb5/krb/gic_pwd.c b/src/lib/krb5/krb/gic_pwd.c index 1706bce23f..c2ee423cc0 100644 --- a/src/lib/krb5/krb/gic_pwd.c +++ b/src/lib/krb5/krb/gic_pwd.c @@ -22,16 +22,19 @@ krb5_get_as_key_password(context, client, etype, prompter, prompter_data, password = (krb5_data *) gak_data; - /* if there's already a key of the correct etype, we're done. - if the etype is wrong, free the existing key, and make - a new one. */ + /* If there's already a key of the correct etype, we're done. + If the etype is wrong, free the existing key, and make + a new one. - if (as_key->length) { - if (as_key->enctype == etype) - return(0); + XXX This was the old behavior, and was wrong in hw preauth + cases. Is this new behavior -- always asking -- correct in all + cases? */ - krb5_free_keyblock_contents(context, as_key); - as_key->length = 0; + if (as_key->length) { + if (as_key->enctype != etype) { + krb5_free_keyblock_contents (context, as_key); + as_key->length = 0; + } } if (password->data[0] == '\0') { -- cgit