+Wed Aug 17 17:58:22 1994 Theodore Y. Ts'o (tytso at tsx-11)
+
+ * encode_kdc.c (krb5_encode_kdc_rep): Pass in to
+ encode_krb5_enc_kdc_rep_part the msg_type which should be used.
+ Old versions of Kerberos always assume TGS_REP; this merely allows
+ the right msg_type to be passed down to the encoding routines.
+ For now, the encoding routines will ignore this value and do
+ things the old way, for compatibility's sake.
+
Mon Aug 8 22:38:16 1994 Theodore Y. Ts'o (tytso at tsx-11)
* preauth.c: Renamed preauthentication mechanism names to match
krb5_data *scratch;
krb5_encrypt_block eblock;
krb5_error_code retval;
+ krb5_enc_kdc_rep_part tmp_encpart;
if (!valid_etype(dec_rep->enc_part.etype))
return KRB5_PROG_ETYPE_NOSUPP;
return KRB5_BADMSGTYPE;
}
- retval = encode_krb5_enc_kdc_rep_part(encpart, &scratch);
+ /*
+ * We don't want to modify encpart, but we need to be able to pass
+ * in the message type to the encoder, so it can set the ASN.1
+ * type correct.
+ *
+ * Although note that it may be doing nothing with the message
+ * type, to be compatible with old versions of Kerberos that ways
+ * encode this as a TGS_REP regardly of what it really should be;
+ * also note that the reason why we are passing it in a structure
+ * instead of as an argument to encode_krb5_enc_kdc_rep_part (the
+ * way we should) is for compatibility with the ISODE version of
+ * this fuction. Ah, compatibility....
+ */
+ tmp_encpart = *encpart;
+ tmp_encpart.msg_type = type;
+ retval = encode_krb5_enc_kdc_rep_part(&tmp_encpart, &scratch);
if (retval) {
return retval;
}
+ memset(&tmp_encpart, 0, sizeof(tmp_encpart));
#define cleanup_scratch() { (void) memset(scratch->data, 0, scratch->length); \
krb5_free_data(scratch); }