no need for credentials; use keyblock directly

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@1155 dc483132-0cff-0310-8789-dd5450dbe970

diff --git a/src/lib/krb5/krb/mk_rep.c b/src/lib/krb5/krb/mk_rep.c
index f68b21565a086f30c87ea166be56dea2cffe9c1c..fe8d4fdf2483c58c43e70bd584ae4e74bbee75fe 100644 (file)
--- a/src/lib/krb5/krb/mk_rep.c
+++ b/src/lib/krb5/krb/mk_rep.c
@@ -27,7 +27,7 @@ static char rcsid_mk_rep_c[] =
 /*
  Formats a KRB_AP_REP message into outbuf.
 
- The reply in repl is encrypted under the key in creds, and the resulting
+ The reply in repl is encrypted under the key in kblock, and the resulting
  message encoded and left in outbuf.
 
  The outbuf buffer storage is allocated, and should be freed by the
@@ -37,9 +37,9 @@ static char rcsid_mk_rep_c[] =
 */
 
 krb5_error_code
-krb5_mk_rep(repl, creds, outbuf)
+krb5_mk_rep(repl, kblock, outbuf)
 const krb5_ap_rep_enc_part *repl;
-const krb5_creds *creds;
+const krb5_keyblock *kblock;
 krb5_data *outbuf;
 {
     krb5_error_code retval;
@@ -50,10 +50,10 @@ krb5_data *outbuf;
     krb5_data *toutbuf;
 
     /* verify a valid etype is available */
-    if (!valid_keytype(creds->keyblock.keytype))
+    if (!valid_keytype(kblock->keytype))
        return KRB5_PROG_KEYTYPE_NOSUPP;
 
-    etype = krb5_keytype_array[creds->keyblock.keytype]->system->proto_enctype;
+    etype = krb5_keytype_array[kblock->keytype]->system->proto_enctype;
 
     if (!valid_etype(etype))
        return KRB5_PROG_ETYPE_NOSUPP;
@@ -85,7 +85,7 @@ krb5_data *outbuf;
 #define cleanup_encpart() {(void) bzero(reply.enc_part.data, reply.enc_part.length); free(reply.enc_part.data); reply.enc_part.length = 0; reply.enc_part.data = 0;}
 
     /* do any necessary key pre-processing */
-    if (retval = krb5_process_key(&eblock, &creds->keyblock)) {
+    if (retval = krb5_process_key(&eblock, kblock)) {
        goto clean_encpart;
     }
 

diff --git a/src/lib/krb5/krb/rd_rep.c b/src/lib/krb5/krb/rd_rep.c
index 78cc9d78f97491ff2b519976379b4b4c4d5ddd99..db8791cb6f5a3bc631ed8db4283094eecf1f04f1 100644 (file)
--- a/src/lib/krb5/krb/rd_rep.c
+++ b/src/lib/krb5/krb/rd_rep.c
@@ -26,15 +26,15 @@ static char rcsid_rd_req_dec_c[] =
 
  repl is filled in with the fields from the encrypted response.
 
- creds supplies the encryption key used to decrypt the message.
+ the key in kblock is used to decrypt the message.
 
  returns system errors, encryption errors, replay errors
  */
 
 krb5_error_code
-krb5_rd_rep(inbuf, creds, repl)
+krb5_rd_rep(inbuf, kblock, repl)
 const krb5_data *inbuf;
-const krb5_creds *creds;
+const krb5_keyblock *kblock;
 krb5_ap_rep_enc_part *repl;
 {
     krb5_error_code retval;
@@ -46,7 +46,7 @@ krb5_ap_rep_enc_part *repl;
     if (!krb5_is_ap_rep(inbuf))
        return KRB5KRB_AP_ERR_MSG_TYPE;
 
-    if (!valid_keytype(creds->keyblock.keytype))
+    if (!valid_keytype(kblock->keytype))
        return KRB5_PROG_KEYTYPE_NOSUPP;
     
     /* decode it */
@@ -56,7 +56,7 @@ krb5_ap_rep_enc_part *repl;
 
     /* put together an eblock for this encryption */
 
-    eblock.crypto_entry = krb5_keytype_array[creds->keyblock.keytype]->system;
+    eblock.crypto_entry = krb5_keytype_array[kblock->keytype]->system;
 
     scratch.length = reply->enc_part.length;
     if (!(scratch.data = malloc(scratch.length))) {
@@ -65,7 +65,7 @@ krb5_ap_rep_enc_part *repl;
     }
 
     /* do any necessary key pre-processing */
-    if (retval = krb5_process_key(&eblock, &creds->keyblock)) {
+    if (retval = krb5_process_key(&eblock, kblock)) {
     errout:
        free(scratch.data);
        krb5_free_ap_rep(reply);