diff options
author | Sam Hartman <hartmans@mit.edu> | 2001-11-18 23:46:32 +0000 |
---|---|---|
committer | Sam Hartman <hartmans@mit.edu> | 2001-11-18 23:46:32 +0000 |
commit | 6e67fcdfe9b6974c196929b33adff851cee0108e (patch) | |
tree | f52bbda03c3abe467ba8d078f607cfe67af605c9 /src/lib | |
parent | 4b50e8f97119084be1c76e86c67993bbad351840 (diff) | |
download | krb5-6e67fcdfe9b6974c196929b33adff851cee0108e.tar.gz krb5-6e67fcdfe9b6974c196929b33adff851cee0108e.tar.xz krb5-6e67fcdfe9b6974c196929b33adff851cee0108e.zip |
When initiating GSSAPI context override tgs-enctypes
rather than trying all acceptable enctypes in a loop.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13989 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 6 | ||||
-rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 28 | ||||
-rw-r--r-- | src/lib/krb5/krb/ChangeLog | 5 | ||||
-rw-r--r-- | src/lib/krb5/krb/init_ctx.c | 11 |
4 files changed, 24 insertions, 26 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 5d6982149..4a6bd8e79 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,9 @@ +2001-11-18 Sam Hartman <hartmans@mit.edu> + + * init_sec_context.c (get_credentials): Override + default_tgs_enctypes rather than looping over credentials. Avoids + hits on the KDC. + 2001-10-30 Ezra Peisach <epeisach@mit.edu> * k5unseal.c: Fix whitespace in copyright message. diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 6a88a4ebc..72e3ccfac 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -113,31 +113,11 @@ static krb5_error_code get_credentials(context, cred, server, now, in_creds.keyblock.enctype = 0; - /* - * Initial iteration is necessary to catch a non-matching - * credential prior to looping through the GSSAPI-supported - * enctypes, since an enctype mismatch in the loop below will - * return KRB5_CC_NOTFOUND rather than one of the other error - * codes. - */ - code = krb5_get_credentials(context, 0, cred->ccache, - &in_creds, out_creds); + code = krb5_set_default_tgs_enctypes (context, enctypes); if (code) - goto cleanup; - krb5_free_creds(context, *out_creds); - *out_creds = NULL; - for (i = 0; enctypes[i]; i++) { - in_creds.keyblock.enctype = enctypes[i]; - code = krb5_get_credentials(context, 0, cred->ccache, - &in_creds, out_creds); - if (code != KRB5_CC_NOT_KTYPE && code != KRB5_CC_NOTFOUND - && code != KRB5KDC_ERR_ETYPE_NOSUPP) - break; - } - if (enctypes[i] == 0) { - code = KRB5_CONFIG_ETYPE_NOSUPP; - goto cleanup; - } + goto cleanup; + code = krb5_get_credentials(context, 0, cred->ccache, + &in_creds, out_creds); if (code) goto cleanup; diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 83558a028..1b91275b3 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,8 @@ +2001-11-16 Sam Hartman <hartmans@mit.edu> + + * init_ctx.c (krb5_set_default_tgs_enctypes): rename from + set_default_ktypes; old function provided as APIA + 2001-11-16 Ezra Peisach <epeisach@mit.edu> * init_ctx.c (DEFAULT_ETYPE_LIST): Ensure space present after diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 45af231f2..6d87c73ae 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -388,8 +388,8 @@ krb5_get_default_in_tkt_ktypes(context, ktypes) context->in_tkt_ktypes)); } -krb5_error_code -krb5_set_default_tgs_ktypes(context, ktypes) +krb5_error_code KRB5_CALLCONV +krb5_set_default_tgs_enctypes (context, ktypes) krb5_context context; const krb5_enctype *ktypes; { @@ -420,6 +420,13 @@ krb5_set_default_tgs_ktypes(context, ktypes) return 0; } +krb5_error_code krb5_set_default_tgs_ktypes +(krb5_context context, const krb5_enctype *etypes) +{ + return (krb5_set_default_tgs_enctypes (context, etypes)); +} + + void KRB5_CALLCONV krb5_free_ktypes (context, val) |