diff options
| author | Ezra Peisach <epeisach@mit.edu> | 2000-08-22 13:58:24 +0000 |
|---|---|---|
| committer | Ezra Peisach <epeisach@mit.edu> | 2000-08-22 13:58:24 +0000 |
| commit | b478311714a6d653bf74bb2ead74d58e51e2a447 (patch) | |
| tree | ab25d9b8b37b6f7da92619e04deaa4271db75f80 | |
| parent | cd22b01da1dfa2de89503f285aeb9776f06f17f1 (diff) | |
| download | krb5-b478311714a6d653bf74bb2ead74d58e51e2a447.tar.gz krb5-b478311714a6d653bf74bb2ead74d58e51e2a447.tar.xz krb5-b478311714a6d653bf74bb2ead74d58e51e2a447.zip | |
* rd_svc_key.c (krb54_get_service_keyblock): If the keytab
encryption type is a non-raw des3 key, bash its enctype. This
matches kdc/kerberos_v4.c.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12624 dc483132-0cff-0310-8789-dd5450dbe970
| -rw-r--r-- | src/lib/krb4/ChangeLog | 12 | ||||
| -rw-r--r-- | src/lib/krb4/rd_svc_key.c | 8 |
2 files changed, 19 insertions, 1 deletions
diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog index 25ad9f284..9b091bfcd 100644 --- a/src/lib/krb4/ChangeLog +++ b/src/lib/krb4/ChangeLog @@ -1,3 +1,15 @@ +Tue Aug 22 09:56:14 2000 Ezra Peisach <epeisach@mit.edu> + + * rd_svc_key.c (krb54_get_service_keyblock): If the keytab + encryption type is a non-raw des3 key, bash its enctype. This + matches kdc/kerberos_v4.c. + +Mon Aug 14 12:13:20 2000 Ezra Peisach <epeisach@mit.edu> + + * cr_tkt.c (krb_cr_tkt_int): When prototypes were changed to not + include a narrow prototype, the flags were being sent OTW as four + bytes instead of one. + 2000-08-02 Ezra Peisach <epeisach@mit.edu> * tf_util.c (tf_init): Add KRB5_DLLIMP/KRB5_CALLCONV definitions diff --git a/src/lib/krb4/rd_svc_key.c b/src/lib/krb4/rd_svc_key.c index 831becdf0..a9b6fd5d5 100644 --- a/src/lib/krb4/rd_svc_key.c +++ b/src/lib/krb4/rd_svc_key.c @@ -183,7 +183,7 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock) if ((retval = krb5_kt_resolve(krb5__krb4_context, keytabname, &kt_id))) goto errout; - + if ((retval = krb5_kt_get_entry(krb5__krb4_context, kt_id, princ, kvno, 0, &kt_entry))) { krb5_kt_close(krb5__krb4_context, kt_id); @@ -192,6 +192,12 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock) retval = krb5_copy_keyblock_contents(krb5__krb4_context, &kt_entry.key, keyblock); + /* Bash types */ + /* KLUDGE! If it's a non-raw des3 key, bash its enctype */ + /* See kdc/kerberos_v4.c */ + if (keyblock->enctype == ENCTYPE_DES3_CBC_SHA1 || + keyblock->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) + keyblock->enctype = ENCTYPE_DES3_CBC_RAW; krb5_kt_free_entry(krb5__krb4_context, &kt_entry); krb5_kt_close (krb5__krb4_context, kt_id); |