From bc096a77ffdab283d77c2e0fc1fdd15b9f77eb41 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Fri, 27 Apr 2012 21:11:04 +0000 Subject: Stop using SALT_TYPE_AFS_LENGTH In krb5_init_creds_ctx and krb5_clpreauth_rock_st, use a boolean to track whether we're still using the default salt instead of overloading salt.length. In preauth2.c, process afs3 salt values like we would in krb5int_des_string_to_key, and set an s2kparams indicator instead of overloading salt.length. Also use an s2kparams indicator in kdb_cpw.c's add_key_pwd. Remove the s2k code to handle overloaded salt lengths, except for a sanity check. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25837 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/k5-int.h | 1 + src/include/krb5/krb5.hin | 7 +------ 2 files changed, 2 insertions(+), 6 deletions(-) (limited to 'src/include') diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 752b40efc..23869c79c 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -754,6 +754,7 @@ struct krb5_clpreauth_rock_st { krb5_keyblock *as_key; krb5_gic_get_as_key_fct *gak_fct; void **gak_data; + krb5_boolean *default_salt; krb5_data *salt; krb5_data *s2kparams; krb5_principal client; diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin index bdd42063e..94a78a004 100644 --- a/src/include/krb5/krb5.hin +++ b/src/include/krb5/krb5.hin @@ -218,12 +218,7 @@ typedef struct _krb5_octet_data { krb5_octet *data; } krb5_octet_data; -/* - * Hack length for crypto library to use the afs_string_to_key It is - * equivalent to -1 without possible sign extension - * We also overload for an unset salt type length - which is also -1, but - * hey, why not.... - */ +/* Originally used to recognize AFS and default salts. No longer used. */ #define SALT_TYPE_AFS_LENGTH UINT_MAX #define SALT_TYPE_NO_LENGTH UINT_MAX -- cgit