* get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument from

	the call to krb5_obtain_padata.

* preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO preauth,
	if it exists, to determine which salt type to use when encrypting the
	preauthentication data.  Remove the etype_info argument.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7071 dc483132-0cff-0310-8789-dd5450dbe970

3 files changed, 29 insertions, 7 deletions

diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index 4f127349c..de1828dc6 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,13 @@
+Thu Nov  9 00:02:43 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument
+		from the call to krb5_obtain_padata.
+
+	* preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO
+		preauth, if it exists, to determine which salt type to use
+		when encrypting the preauthentication data.  Remove the
+		etype_info argument.
+
 Wed Nov  8 02:50:59 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* krbconfig.c: Removed the krb5_clockskew variable.
diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index e1c253b20..18095ef8e 100644
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -451,7 +451,7 @@ krb5_get_in_tkt(context, options, addrs, ktypes, ptypes, key_proc, keyseed,
 	    goto cleanup;
 	}
 
-	if ((retval = krb5_obtain_padata(context, preauth_to_use, 0, key_proc,
+	if ((retval = krb5_obtain_padata(context, preauth_to_use, key_proc,
 					 keyseed, creds, &request)) != 0)
 	    goto cleanup;
 	if (preauth_to_use)
diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c
index ae961a6ce..d02a7197d 100644
--- a/src/lib/krb5/krb/preauth.c
+++ b/src/lib/krb5/krb/preauth.c
@@ -101,17 +101,17 @@ cleanup:
 }
 
     
-krb5_error_code krb5_obtain_padata(context, preauth_to_use, etype_info,
-				   key_proc, key_seed, creds, request)
+krb5_error_code krb5_obtain_padata(context, preauth_to_use, key_proc,
+				   key_seed, creds, request)
     krb5_context		context;
     krb5_pa_data **		preauth_to_use;
-    krb5_etype_info	    	etype_info;
     git_key_proc 		key_proc;
     krb5_const_pointer		key_seed;
     krb5_creds *		creds;
     krb5_kdc_req *		request;
 {
     krb5_error_code		retval;
+    krb5_etype_info	    	etype_info = 0;
     krb5_pa_data **		pa;
     krb5_pa_data **		send_pa_list;
     krb5_pa_data **		send_pa;
@@ -119,13 +119,22 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, etype_info,
     krb5_keyblock *		def_enc_key = 0;
     krb5_enctype 		enctype;
     krb5_data 			salt;
+    krb5_data			scratch;
     int				size;
     int				f_salt = 0;
 
     if (preauth_to_use == NULL)
 	return 0;
 
-    for (pa = preauth_to_use, size=0; *pa; pa++, size++);
+    for (pa = preauth_to_use, size=0; *pa; pa++, size++) {
+	if ((*pa)->pa_type == KRB5_PADATA_ETYPE_INFO) {
+	    scratch.length = (*pa)->length;
+	    scratch.data = (*pa)->contents;
+	    retval = decode_krb5_etype_info(&scratch, &etype_info);
+	    if (retval)
+		return retval;
+	}
+    }
 
     if ((send_pa_list = malloc((size+1) * sizeof(krb5_pa_data *))) == NULL)
 	return ENOMEM;
@@ -133,12 +142,15 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, etype_info,
     send_pa = send_pa_list;
     *send_pa = 0;
 
+    enctype = request->ktype[0];
+    salt.data = 0;
+    salt.length = -1;
     if (etype_info) {
 	enctype = etype_info[0]->etype;
 	salt.data = etype_info[0]->salt;
 	salt.length = etype_info[0]->length;
-    } else {
-	enctype = request->ktype[0];
+    }
+    if (salt.length == -1) {
 	if ((retval = krb5_principal2salt(context, request->client, &salt)))
 	    return(retval);
 	f_salt = 1;