diff options
| author | Theodore Tso <tytso@mit.edu> | 1998-02-06 04:50:31 +0000 |
|---|---|---|
| committer | Theodore Tso <tytso@mit.edu> | 1998-02-06 04:50:31 +0000 |
| commit | 51924e9c496b7b10e5badae7cc1a08934e6542c7 (patch) | |
| tree | 40d1a3f96bf4049efcb94cb0bbe3b9d3e5f92d35 /src/lib | |
| parent | bf5b18617222ab2ea1162cfd7182223a0a7a7f0b (diff) | |
| download | krb5-51924e9c496b7b10e5badae7cc1a08934e6542c7.tar.gz krb5-51924e9c496b7b10e5badae7cc1a08934e6542c7.tar.xz krb5-51924e9c496b7b10e5badae7cc1a08934e6542c7.zip | |
rd_cred.c (krb5_rd_cred):
rd_safe.c (krb5_rd_safe):
rd_priv.c (krb5_rd_priv): Use the remote_subkey first, since the mk_*
routines try to use their local_subkey first. Otherwise, the wrong
keys will get used if subkeys are used in both directions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10415 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 9 | ||||
| -rw-r--r-- | src/lib/krb5/krb/rd_cred.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/rd_priv.c | 4 | ||||
| -rw-r--r-- | src/lib/krb5/krb/rd_safe.c | 4 |
4 files changed, 15 insertions, 6 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index e9803f199..0a99bfa2b 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,12 @@ +Thu Feb 5 23:48:34 1998 Theodore Y. Ts'o <tytso@mit.edu> + + * rd_cred.c (krb5_rd_cred): + * rd_safe.c (krb5_rd_safe): + * rd_priv.c (krb5_rd_priv): Use the remote_subkey first, since the + mk_* routines try to use their local_subkey first. + Otherwise, the wrong keys will get used if subkeys are + used in both directions. + Fri Jan 2 21:21:29 1998 Tom Yu <tlyu@mit.edu> * preauth.c (handle_sam_labels): diff --git a/src/lib/krb5/krb/rd_cred.c b/src/lib/krb5/krb/rd_cred.c index c66f71c27..7537ac990 100644 --- a/src/lib/krb5/krb/rd_cred.c +++ b/src/lib/krb5/krb/rd_cred.c @@ -238,8 +238,8 @@ krb5_rd_cred(context, auth_context, pcreddata, pppcreds, outdata) krb5_replay_data replaydata; /* Get keyblock */ - if ((keyblock = auth_context->local_subkey) == NULL) - if ((keyblock = auth_context->remote_subkey) == NULL) + if ((keyblock = auth_context->remote_subkey) == NULL) + if ((keyblock = auth_context->local_subkey) == NULL) keyblock = auth_context->keyblock; if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) || diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index e6c0fe361..c4e1ed0b6 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -183,8 +183,8 @@ krb5_rd_priv(context, auth_context, inbuf, outbuf, outdata) krb5_replay_data replaydata; /* Get keyblock */ - if ((keyblock = auth_context->local_subkey) == NULL) - if ((keyblock = auth_context->remote_subkey) == NULL) + if ((keyblock = auth_context->remote_subkey) == NULL) + if ((keyblock = auth_context->local_subkey) == NULL) keyblock = auth_context->keyblock; if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) || diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c index 9f23ff383..5f0fcd6ca 100644 --- a/src/lib/krb5/krb/rd_safe.c +++ b/src/lib/krb5/krb/rd_safe.c @@ -170,8 +170,8 @@ krb5_rd_safe(context, auth_context, inbuf, outbuf, outdata) return KRB5_RC_REQUIRED; /* Get keyblock */ - if ((keyblock = auth_context->local_subkey) == NULL) - if ((keyblock = auth_context->remote_subkey) == NULL) + if ((keyblock = auth_context->remote_subkey) == NULL) + if ((keyblock = auth_context->local_subkey) == NULL) keyblock = auth_context->keyblock; { |