the kdc request used the enctype of the tgt, not of the session key.
Considering that the request is encrypted in the session key of the
tgt, this is incorrect.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7704
dc483132-0cff-0310-8789-
dd5450dbe970
+Sun Mar 24 01:34:14 1996 Sam Hartman <hartmans@tertius.mit.edu>
+
+ * send_tgs.c (krb5_send_tgs_basic): You want to setup the eblock
+ used for the authenticator using the in_cred->keyblock, *not*
+ request.ticket.enc_part.enctype. Under a multi-enctype system,
+ the session key may be different from the ticket key.
+
Wed Mar 20 23:00:59 1996 Theodore Y. Ts'o <tytso@dcl>
* walk_rtree.c (krb5_walk_realm_tree): Fix 16bit vs. 32bit error.
goto cleanup_data;
/* put together an eblock for this encryption */
- krb5_use_enctype(context, &eblock, request.ticket->enc_part.enctype);
- request.authenticator.enctype = request.ticket->enc_part.enctype;
+ krb5_use_enctype(context, &eblock, in_cred->keyblock.enctype);
+ request.authenticator.enctype = in_cred->keyblock.enctype;
request.authenticator.ciphertext.length =
krb5_encrypt_size(scratch->length, eblock.crypto_entry);