summaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/crypto/old/ChangeLog9
-rw-r--r--src/lib/crypto/old/old_decrypt.c9
2 files changed, 17 insertions, 1 deletions
diff --git a/src/lib/crypto/old/ChangeLog b/src/lib/crypto/old/ChangeLog
index 088c59617..699aaebaa 100644
--- a/src/lib/crypto/old/ChangeLog
+++ b/src/lib/crypto/old/ChangeLog
@@ -1,3 +1,12 @@
+Wed Dec 16 16:14:02 1998 Tom Yu <tlyu@mit.edu>
+
+ * old_decrypt.c (krb5_old_decrypt): Initialize the ivec to the key
+ if we're using DES_CBC_CRC, for backwards compatibility. We
+ weren't noticing this before because it only trashes the first
+ block, which is the confounder, which we weren't actually
+ verifying because checksum was unconditionally succeeding prior to
+ the other patch.
+
Thu Dec 10 22:16:14 1998 Tom Yu <tlyu@mit.edu>
* old_decrypt.c (krb5_old_decrypt): Actually compare the
diff --git a/src/lib/crypto/old/old_decrypt.c b/src/lib/crypto/old/old_decrypt.c
index ad0b39ebf..26019e164 100644
--- a/src/lib/crypto/old/old_decrypt.c
+++ b/src/lib/crypto/old/old_decrypt.c
@@ -40,7 +40,7 @@ krb5_old_decrypt(enc, hash, key, usage, ivec, input, arg_output)
krb5_error_code ret;
size_t blocksize, hashsize, plainsize;
unsigned char *plaintext, *cksumdata;
- krb5_data output, cksum;
+ krb5_data output, cksum, crcivec;
int alloced;
(*(enc->block_size))(&blocksize);
@@ -76,6 +76,13 @@ krb5_old_decrypt(enc, hash, key, usage, ivec, input, arg_output)
/* decrypt it */
+ /* XXX this is gross, but I don't have much choice */
+ if ((key->enctype == ENCTYPE_DES_CBC_CRC) && (ivec == 0)) {
+ crcivec.length = key->length;
+ crcivec.data = key->contents;
+ ivec = &crcivec;
+ }
+
if (ret = ((*(enc->decrypt))(key, ivec, input, &output)))
goto cleanup;
generated by cgit (git 2.34.1) at 2026-01-06 14:59:28 +0000