* kerberos5.c (kerberos5_is()): Use new calling convention for

krb5_rd_req(), and krb5_mk_rep(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5257 dc483132-0cff-0310-8789-dd5450dbe970
author: Chris Provenzano <proven@mit.edu> 1995-03-27 14:31:31 +0000
committer: Chris Provenzano <proven@mit.edu> 1995-03-27 14:31:31 +0000
commit: 5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2 (patch)
tree: 99d288ee5614d1d164aab391865c710dcf02d7d9
parent: 2726d8dd9c780485c5c2fbbb4e342d935d061872 (diff)
download: krb5-5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2.tar.gz
krb5-5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2.tar.xz
krb5-5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2.zip
2 files changed, 35 insertions, 40 deletions
diff --git a/src/appl/telnet/libtelnet/ChangeLog b/src/appl/telnet/libtelnet/ChangeLog
index a8229d736..6785b77a5 100644
--- a/src/appl/telnet/libtelnet/ChangeLog
+++ b/src/appl/telnet/libtelnet/ChangeLog
@@ -1,3 +1,8 @@
+Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu)
+
+        * kerberos5.c (kerberos5_is()): Use new calling convention for 
+		krb5_rd_req(), and krb5_mk_rep().
+
 Fri Mar 24 23:51:18 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* kerberos5.c (kerberos5_send): Initialize auth_context to zero
@@ -5,7 +10,7 @@ Fri Mar 24 23:51:18 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 Fri Mar 10 11:09:34 1995  Chris Provenzano (proven@mit.edu)
 
-        * kerberos5.c Use new calling convention for krb5_mk_req_extended().
+        * kerberos5.c: Use new calling convention for krb5_mk_req_extended().
 
 Tue Mar  7 19:52:00 1995  Mark Eichin  <eichin@cygnus.com>
 
diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c
index e2d0462a4..51e12ad0e 100644
--- a/src/appl/telnet/libtelnet/kerberos5.c
+++ b/src/appl/telnet/libtelnet/kerberos5.c
@@ -107,7 +107,7 @@ krb5_auth_context * auth_context;
 
 static	krb5_data auth;
 	/* telnetd gets session key from here */
-static	krb5_tkt_authent *authdat = NULL;
+static	krb5_ticket * ticket = NULL;
 /* telnet matches the AP_REQ and AP_REP with this */
 
 /* some compilers can't hack void *, so we use the Kerberos krb5_pointer,
@@ -240,14 +240,14 @@ kerberos5_send(ap)
 				 NULL, new_creds, &auth);
 
 #ifdef	ENCRYPTION
-	krb5_auth_con_getlocalsubkey(telnet_context, auth_context, newkey);
+	krb5_auth_con_getlocalsubkey(telnet_context, auth_context, &newkey);
 	if (session_key.contents)
 	    free(session_key.contents);
 	/*
 	 * keep the key in our private storage, but don't use it yet
 	 * ---see kerberos5_reply() below 
 	 * /
-	if (newkey->keytype != KEYTYPE_DES) {
+	if (newkey && (newkey->keytype != KEYTYPE_DES)) {
 	    if (new_creds->keyblock.keytype == KEYTYPE_DES)
 		/* use the session key in credentials instead */
 		krb5_copy_keyblock_contents(telnet_context, new_creds, 
@@ -257,7 +257,8 @@ kerberos5_send(ap)
 	} else {
 	    krb5_copy_keyblock_contents(telnet_context, newkey, &session_key);
 	}
-	krb5_free_keyblock(telnet_context, newkey);
+	if (newkey)
+	    krb5_free_keyblock(telnet_context, newkey);
 #endif	/* ENCRYPTION */
 	krb5_free_cred_contents(telnet_context, &creds);
 	krb5_free_creds(telnet_context, new_creds);
@@ -293,7 +294,7 @@ kerberos5_is(ap, data, cnt)
 {
 	int r;
 	krb5_principal server;
-	krb5_ap_rep_enc_part reply;
+	krb5_keyblock *newkey = NULL;
 	krb5_data outbuf;
 #ifdef ENCRYPTION
 	Session_Key skey;
@@ -313,19 +314,15 @@ kerberos5_is(ap, data, cnt)
 					    KRB5_NT_SRV_HST,
 					    &server);
 		
-		if (authdat)
-			krb5_free_tkt_authent(telnet_context, authdat);
-
 		if (!r) {
-		    r = krb5_rd_req_simple(telnet_context, &auth, server, 0, 
-					   &authdat);
+		    r = krb5_rd_req(telnet_context, &auth_context, &auth,
+				    server, NULL, NULL, &ticket);
 		    krb5_free_principal(telnet_context, server);
 		}
 		if (r) {
 			char errbuf[128];
 
 		    errout:
-			authdat = 0;
 			(void) strcpy(errbuf, "Read req failed: ");
 			(void) strcat(errbuf, error_message(r));
 			Data(ap, KRB_REJECT, errbuf, -1);
@@ -335,23 +332,13 @@ kerberos5_is(ap, data, cnt)
 		}
 		if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) {
 		    /* do ap_rep stuff here */
-		    reply.ctime = authdat->authenticator->ctime;
-		    reply.cusec = authdat->authenticator->cusec;
-		    reply.subkey = 0;	/* use the one he gave us, so don't
-					   need to return one here */
-		    reply.seq_number = 0; /* we don't do seq #'s. */
-
-		    if (r = krb5_mk_rep(telnet_context, &reply,
-					authdat->authenticator->subkey ?
-					authdat->authenticator->subkey :
-					authdat->ticket->enc_part2->session,
-					&outbuf)) {
+		    if (r = krb5_mk_rep(telnet_context, auth_context, &outbuf))
 			goto errout;
-		    }
+
 		    Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length);
 		} 
 		if (krb5_unparse_name(telnet_context, 
-				      authdat->ticket->enc_part2 ->client,
+				      ticket->enc_part2 ->client,
 				      &name))
 			name = 0;
 		Data(ap, KRB_ACCEPT, name, name ? -1 : 0);
@@ -363,22 +350,26 @@ kerberos5_is(ap, data, cnt)
 		
 		if (name)
 		    free(name);
-	    	if (authdat->authenticator->subkey &&
-		    authdat->authenticator->subkey->keytype == KEYTYPE_DES) {
+		krb5_auth_con_getremotesubkey(telnet_context, auth_context,
+					      &newkey);
+	    	if (newkey && newkey->keytype == KEYTYPE_DES) {
 		    if (session_key.contents)
 			free(session_key.contents);
-		    krb5_copy_keyblock_contents(telnet_context, 
-						authdat->authenticator->subkey,
+		    krb5_copy_keyblock_contents(telnet_context, newkey,
 					    	&session_key);
-		} else if (authdat->ticket->enc_part2->session->keytype ==
-			   KEYTYPE_DES) {
-		    if (session_key.contents)
-			free(session_key.contents);
-		    krb5_copy_keyblock_contents(telnet_context, 
-					   authdat->ticket->enc_part2->session,
+		    krb5_free_keyblock(telnet_context, newkey);
+		} else {
+		    if (newkey)
+		    	krb5_free_keyblock(telnet_context, newkey);
+		    if (ticket->enc_part2->session->keytype == KEYTYPE_DES) {
+		        if (session_key.contents)
+			    free(session_key.contents);
+		        krb5_copy_keyblock_contents(telnet_context, 
+					   ticket->enc_part2->session,
 					   &session_key);
-		} else
-		    break;
+		    } else
+		        break;
+		}
 		
 #ifdef ENCRYPTION
 		skey.type = SK_DES;
@@ -391,8 +382,7 @@ kerberos5_is(ap, data, cnt)
 	case KRB_FORWARD:
 		inbuf.data = (char *)data;
 		inbuf.length = cnt;
-		if (r = rd_and_store_for_creds(telnet_context, &inbuf, 
-					       authdat->ticket, 
+		if (r = rd_and_store_for_creds(telnet_context, &inbuf, ticket, 
 					       UserNameRequested)) {
 		    char errbuf[128];
 		    
@@ -514,7 +504,7 @@ kerberos5_status(ap, name, level)
 		return(level);
 
 	if (UserNameRequested &&
-	    krb5_kuserok(telnet_context, authdat->ticket->enc_part2->client, 
+	    krb5_kuserok(telnet_context, ticket->enc_part2->client, 
 			 UserNameRequested))
 	{
 		strcpy(name, UserNameRequested);
author	Chris Provenzano <proven@mit.edu>	1995-03-27 14:31:31 +0000
committer	Chris Provenzano <proven@mit.edu>	1995-03-27 14:31:31 +0000
commit	5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2 (patch)
tree	99d288ee5614d1d164aab391865c710dcf02d7d9
parent	2726d8dd9c780485c5c2fbbb4e342d935d061872 (diff)
download	krb5-5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2.tar.gz krb5-5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2.tar.xz krb5-5dc4d331dcd0130a9cdd5fa5d05d31611efe80d2.zip