summaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/krb5/krb/ChangeLog10
-rw-r--r--src/lib/krb5/krb/gc_via_tkt.c11
-rw-r--r--src/lib/krb5/krb/get_creds.c5
3 files changed, 23 insertions, 3 deletions
diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index a1979242c..5a2c90ed0 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,13 @@
+Thu Jan 25 01:35:52 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * gc_via_tkt.c (krb5_get_cred_via_tkt): If the keyblock.enctype is
+ non-null in in_cred, then request that particular key.
+
+Wed Jan 24 21:48:53 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * get_creds.c (krb5_get_credentials): Only match against enctype
+ if it is non-null in increds.
+
Sun Jan 21 23:32:53 1996 Tom Yu <tlyu@dragons-lair.MIT.EDU>
* gc_via_tkt.c (krb5_kdcrep2creds): Set is_skey so get_creds won't
diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c
index 6ba87cf0a..cd8a18c8d 100644
--- a/src/lib/krb5/krb/gc_via_tkt.c
+++ b/src/lib/krb5/krb/gc_via_tkt.c
@@ -111,6 +111,7 @@ krb5_get_cred_via_tkt (context, tkt, kdcoptions, address, in_cred, out_cred)
krb5_kdc_rep *dec_rep;
krb5_error *err_reply;
krb5_response tgsrep;
+krb5_enctype *enctypes = 0;
/* tkt->client must be equal to in_cred->client */
if (!krb5_principal_compare(context, tkt->client, in_cred->client))
@@ -143,7 +144,15 @@ krb5_get_cred_via_tkt (context, tkt, kdcoptions, address, in_cred, out_cred)
}
*/
- if ((retval = krb5_send_tgs(context, kdcoptions, &in_cred->times, NULL,
+ if (in_cred->keyblock.enctype) {
+ enctypes = (krb5_enctype *) malloc(sizeof(krb5_enctype)*2);
+ if (!enctypes)
+ return ENOMEM;
+ enctypes[0] = in_cred->keyblock.enctype;
+ enctypes[1] = 0;
+ }
+
+ if ((retval = krb5_send_tgs(context, kdcoptions, &in_cred->times, enctypes,
in_cred->server, address, in_cred->authdata,
0, /* no padata */
(kdcoptions & KDC_OPT_ENC_TKT_IN_SKEY) ?
diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c
index 169e926c3..32bac9dad 100644
--- a/src/lib/krb5/krb/get_creds.c
+++ b/src/lib/krb5/krb/get_creds.c
@@ -72,8 +72,9 @@ krb5_get_credentials(context, options, ccache, in_creds, out_creds)
mcreds.client = in_creds->client;
fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */
- | KRB5_TC_MATCH_AUTHDATA | KRB5_TC_MATCH_KTYPE;
-
+ | KRB5_TC_MATCH_AUTHDATA ;
+ if (mcreds.keyblock.enctype)
+ fields |= KRB5_TC_MATCH_KTYPE;
if (options & KRB5_GC_USER_USER) {
/* also match on identical 2nd tkt and tkt encrypted in a
session key */
generated by cgit (git 2.34.1) at 2026-03-18 13:55:23 +0000