summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb/preauth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/krb5/krb/preauth.c')
-rw-r--r--src/lib/krb5/krb/preauth.c16
1 files changed, 11 insertions, 5 deletions
diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c
index c106dd15a..ab1432fdb 100644
--- a/src/lib/krb5/krb/preauth.c
+++ b/src/lib/krb5/krb/preauth.c
@@ -160,6 +160,10 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, key_proc,
for (pa = preauth_to_use, size=0; *pa; pa++, size++) {
if ((*pa)->pa_type == KRB5_PADATA_ETYPE_INFO) {
+ /* XXX use the first one. Is there another way to disambiguate? */
+ if (etype_info)
+ continue;
+
scratch.length = (*pa)->length;
scratch.data = (char *) (*pa)->contents;
retval = decode_krb5_etype_info(&scratch, &etype_info);
@@ -219,6 +223,8 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, key_proc,
}
cleanup:
+ if (etype_info)
+ krb5_free_etype_info(context, etype_info);
if (f_salt)
krb5_xfree(salt.data);
if (send_pa_list)
@@ -294,9 +300,6 @@ obtain_enc_ts_padata(context, in_padata, etype_info, def_enc_key,
krb5_data * scratch;
krb5_enc_data enc_data;
krb5_pa_data * pa;
-
-
- enc_data.ciphertext.data = 0;
retval = krb5_us_timeofday(context, &pa_enc.patimestamp, &pa_enc.pausec);
if (retval)
@@ -305,8 +308,11 @@ obtain_enc_ts_padata(context, in_padata, etype_info, def_enc_key,
if ((retval = encode_krb5_pa_enc_ts(&pa_enc, &scratch)) != 0)
return retval;
- if ((retval = krb5_encrypt_data(context, def_enc_key, 0, scratch,
- &enc_data)))
+ enc_data.ciphertext.data = 0;
+
+ if ((retval = krb5_encrypt_helper(context, def_enc_key,
+ KRB5_KEYUSAGE_AS_REQ_PA_ENC_TS,
+ scratch, &enc_data)))
goto cleanup;
krb5_free_data(context, scratch);
generated by cgit (git 2.34.1) at 2025-06-14 15:47:18 +0000