diff options
author | Tom Yu <tlyu@mit.edu> | 2001-04-05 00:29:16 +0000 |
---|---|---|
committer | Tom Yu <tlyu@mit.edu> | 2001-04-05 00:29:16 +0000 |
commit | c64f5ef88710f27e16ca9ad1a4981b7c8b084421 (patch) | |
tree | d96aa8267f768ec0e2c327434ce1ce4120ac1f06 /src/lib/krb5/krb/mk_safe.c | |
parent | 7335d6ddadb9d2d15c9718a593200f081e6327cc (diff) | |
download | krb5-c64f5ef88710f27e16ca9ad1a4981b7c8b084421.tar.gz krb5-c64f5ef88710f27e16ca9ad1a4981b7c8b084421.tar.xz krb5-c64f5ef88710f27e16ca9ad1a4981b7c8b084421.zip |
* mk_safe.c (krb5_mk_safe): Only use safe_cksumtype from the
auth_context (derived from the config file or hardcoded default)
if it's suitable for the enctype of the key we're going to
use. [pullup from krb5-1-2-2-branch]
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13144 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib/krb5/krb/mk_safe.c')
-rw-r--r-- | src/lib/krb5/krb/mk_safe.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 5d1e3bf4a..063b3dbf4 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -168,6 +168,7 @@ krb5_mk_safe(context, auth_context, userdata, outbuf, outdata) krb5_address * plocal_fulladdr = NULL; krb5_address remote_fulladdr; krb5_address local_fulladdr; + krb5_cksumtype sumtype; CLEANUP_INIT(2); @@ -203,9 +204,33 @@ krb5_mk_safe(context, auth_context, userdata, outbuf, outdata) } } + { + unsigned int nsumtypes; + unsigned int i; + krb5_cksumtype *sumtypes; + retval = krb5_c_keyed_checksum_types (context, keyblock->enctype, + &nsumtypes, &sumtypes); + if (retval) { + CLEANUP_DONE (); + goto error; + } + if (nsumtypes == 0) { + retval = KRB5_BAD_ENCTYPE; + krb5_free_cksumtypes (context, sumtypes); + CLEANUP_DONE (); + goto error; + } + for (i = 0; i < nsumtypes; i++) + if (auth_context->safe_cksumtype == sumtypes[i]) + break; + if (i == nsumtypes) + i = 0; + sumtype = sumtypes[i]; + krb5_free_cksumtypes (context, sumtypes); + } if ((retval = krb5_mk_safe_basic(context, userdata, keyblock, &replaydata, plocal_fulladdr, premote_fulladdr, - auth_context->safe_cksumtype, outbuf))) { + sumtype, outbuf))) { CLEANUP_DONE(); goto error; } |