+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * krcp.c (main): Rename getlocalsubkey -> getsendsubkey.
+
+ * krlogin.c (main): Rename getlocalsubkey -> getsendsubkey.
+
+ * krlogind.c (recvauth): Rename getremotesubkey -> getrecvsubkey.
+
+ * krsh.c (main): Rename getlocalsubkey -> getsendsubkey.
+
+ * krshd.c (recvauth): Rename getremotesubkey -> getrecvsubkey.
+
2003-04-08 Ken Raeburn <raeburn@mit.edu>
* krshd.c (main): Use LOG_AUTH syslog facility, not LOG_DAEMON,
try_normal(orig_argv); /* doesn't return */
if (!similar) {
- status = krb5_auth_con_getlocalsubkey (bsd_context,
- auth_context,
- &key);
+ status = krb5_auth_con_getsendsubkey (bsd_context,
+ auth_context,
+ &key);
if ((status || !key) && encryptflag)
try_normal(orig_argv);
}
krb5_keyblock *key = &cred->keyblock;
if (kcmd_proto == KCMD_NEW_PROTOCOL) {
- status = krb5_auth_con_getlocalsubkey (bsd_context,
- auth_context,
- &key);
+ status = krb5_auth_con_getsendsubkey (bsd_context,
+ auth_context,
+ &key);
if (status) {
com_err (argv[0], status,
"determining subkey for session");
if (kcmd_proto == KCMD_NEW_PROTOCOL) {
do_inband = 1;
- status = krb5_auth_con_getlocalsubkey (bsd_context, auth_context,
- &key);
+ status = krb5_auth_con_getsendsubkey (bsd_context, auth_context,
+ &key);
if ((status || !key) && encrypt_flag)
try_normal(orig_argv);
}
return status;
key = 0;
- status = krb5_auth_con_getremotesubkey (bsd_context, auth_context, &key);
+ status = krb5_auth_con_getrecvsubkey (bsd_context, auth_context, &key);
if (status)
fatal (netf, "Server can't get session subkey");
if (!key && do_encrypt && kcmd_proto == KCMD_NEW_PROTOCOL)
krb5_keyblock *key = &cred->keyblock;
if (kcmd_proto == KCMD_NEW_PROTOCOL) {
- status = krb5_auth_con_getlocalsubkey (bsd_context, auth_context,
- &key);
+ status = krb5_auth_con_getsendsubkey (bsd_context, auth_context,
+ &key);
if (status) {
com_err (argv[0], status, "determining subkey for session");
exit (1);
{
krb5_keyblock *key;
- status = krb5_auth_con_getremotesubkey (bsd_context, auth_context,
- &key);
+ status = krb5_auth_con_getrecvsubkey (bsd_context, auth_context,
+ &key);
if (status)
fatal (netfd, "Server can't get session subkey");
if (!key && do_encrypt && kcmd_proto == KCMD_NEW_PROTOCOL)
+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * kerberos5.c (kerberos5_send): Rename getlocalsubkey ->
+ getsendsubkey.
+ (kerberos5_is): Rename getremotesubkey -> getrecvsubkey.
+
2003-04-10 Tom Yu <tlyu@mit.edu>
* Makefile.in: Use library build framework.
&check_data, new_creds, &auth);
#ifdef ENCRYPTION
- krb5_auth_con_getlocalsubkey(telnet_context, auth_context, &newkey);
+ krb5_auth_con_getsendsubkey(telnet_context, auth_context, &newkey);
if (session_key) {
krb5_free_keyblock(telnet_context, session_key);
session_key = 0;
if (name)
free(name);
- krb5_auth_con_getremotesubkey(telnet_context, auth_context,
+ krb5_auth_con_getrecvsubkey(telnet_context, auth_context,
&newkey);
if (session_key) {
krb5_free_keyblock(telnet_context, session_key);
+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * krb5.hin: Add krb5_auth_con_getsendsubkey,
+ krb5_auth_con_getrecvsubkey, krb5_auth_con_setsendsubkey,
+ krb5_auth_con_setrecvsubkey. Mark krb5_auth_con_getlocalsubkey
+ and krb5_auth_con_getremotesubkey as deprecated.
+
2003-05-06 Sam Hartman <hartmans@mit.edu>
* k5-int.h: Add s2kparams to
krb5_auth_context,
krb5_keyblock **);
+krb5_error_code KRB5_CALLCONV krb5_auth_con_getsendsubkey(
+ krb5_context, krb5_auth_context, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV krb5_auth_con_getrecvsubkey(
+ krb5_context, krb5_auth_context, krb5_keyblock **);
+
+krb5_error_code KRB5_CALLCONV krb5_auth_con_setsendsubkey(
+ krb5_context, krb5_auth_context, krb5_keyblock *);
+
+krb5_error_code KRB5_CALLCONV krb5_auth_con_setrecvsubkey(
+ krb5_context, krb5_auth_context, krb5_keyblock *);
+
+#if KRB5_DEPRECATED
krb5_error_code KRB5_CALLCONV krb5_auth_con_getlocalsubkey
(krb5_context,
krb5_auth_context,
krb5_keyblock **);
+krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey
+ (krb5_context,
+ krb5_auth_context,
+ krb5_keyblock **);
+#endif
+
#if KRB5_PRIVATE
krb5_error_code KRB5_CALLCONV krb5_auth_con_set_req_cksumtype
(krb5_context,
krb5_auth_context,
krb5_authenticator **);
-krb5_error_code KRB5_CALLCONV krb5_auth_con_getremotesubkey
- (krb5_context,
- krb5_auth_context,
- krb5_keyblock **);
-
#define KRB5_REALM_BRANCH_CHAR '.'
/*
+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * kdc_util.c (kdc_process_tgs_req): Rename getremotesubkey ->
+ getrecvsubkey.
+
2003-05-07 Sam Hartman <hartmans@mit.edu>
* kdc_preauth.c (get_etype_info): Patch from Sun to reorganize
goto cleanup_auth_context;
}
- if ((retval = krb5_auth_con_getremotesubkey(kdc_context,
- auth_context, subkey)))
+ if ((retval = krb5_auth_con_getrecvsubkey(kdc_context,
+ auth_context, subkey)))
goto cleanup_auth_context;
if ((retval = krb5_auth_con_getauthenticator(kdc_context, auth_context,
+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * krb5_32.def: Add krb5_auth_con_getrecvsubkey,
+ krb5_auth_con_getsendsubkey, krb5_auth_con_setrecvsubkey,
+ krb5_auth_con_setsendsubkey.
+
2003-04-15 Sam Hartman <hartmans@mit.edu>
* krb5_32.def: Add krb5_set_password and krb5_set_password_using_ccache
+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * accept_sec_context.c (krb5_gss_accept_sec_context): Rename
+ remote_subkey -> recv_subkey.
+
+ * init_sec_context.c (krb5_gss_init_sec_context): Rename
+ local_subkey -> send_subkey.
+
2003-03-14 Sam Hartman <hartmans@mit.edu>
* accept_sec_context.c (krb5_gss_accept_sec_context): Set
* By the time krb5_rd_cred is called here (after krb5_rd_req has been
* called in krb5_gss_accept_sec_context), the "keyblock" field of
* auth_context contains a pointer to the session key, and the
- * "remote_subkey" field might contain a session subkey. Either of
- * these (the "remote_subkey" if it isn't NULL, otherwise the
+ * "recv_subkey" field might contain a session subkey. Either of
+ * these (the "recv_subkey" if it isn't NULL, otherwise the
* "keyblock") might have been used to encrypt the encrypted part of
* the KRB_CRED message that contains the forwarded credentials. (The
* Java Crypto and Security Implementation from the DSTC in Australia
goto fail;
}
- if ((code = krb5_auth_con_getremotesubkey(context, auth_context,
- &ctx->subkey))) {
+ if ((code = krb5_auth_con_getrecvsubkey(context, auth_context,
+ &ctx->subkey))) {
major_status = GSS_S_FAILURE;
goto fail;
}
krb5_auth_con_getlocalseqnumber(context, ctx->auth_context,
&ctx->seq_send);
- krb5_auth_con_getlocalsubkey(context, ctx->auth_context,
- &ctx->subkey);
+ krb5_auth_con_getsendsubkey(context, ctx->auth_context,
+ &ctx->subkey);
/* fill in the encryption descriptors */
+2003-05-09 Tom Yu <tlyu@mit.edu>
+
+ * auth_con.c (krb5_auth_con_setsendsubkey)
+ (krb5_auth_con_setrecvsubkey, krb5_auth_con_getsendsubkey)
+ (krb5_auth_con_getrecvsubkey): New functions. Set or retrieve
+ subkeys from an auth_context.
+ (krb5_auth_con_getlocalsubkey, krb5_auth_con_getremotesubkey):
+ Reimplement in terms of the above.
+
+ * auth_con.h, ser_actx.c: Rename {local,remote}_subkey ->
+ {send,recv}_subkey.
+
+ * chpw.c (krb5int_rd_chpw_rep): Save send_subkey prior to rd_rep;
+ use saved send_subkey to smash recv_subkey obtained from rd_rep.
+
+ * mk_req_ext.c (krb5_mk_req_extended): Rename
+ {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if
+ subkey generation is requested.
+
+ * mk_cred.c, mk_priv.c, mk_safe.c: Rename {local,remote}_subkey ->
+ {send,recv}_subkey. Use either send_subkey or keyblock, in that
+ order.
+
+ * rd_cred.c, rd_priv.c, rd_safe.c: Rename {local,remote}_subkey ->
+ {send,recv}_subkey. Use either recv_subkey or keyblock, in that
+ order.
+
+ * rd_rep.c (krb5_rd_rep): Rename {local,remote}_subkey ->
+ {send,recv}_subkey. Set both subkeys if a subkey is present in
+ the AP-REP message.
+
+ * rd_req_dec.c (krb5_rd_req_decoded_opt): Rename
+ {local,remote}_subkey -> {send,recv}_subkey. Set both subkeys if
+ a subkey is present in the AP-REQ message.
+
2003-05-06 Sam Hartman <hartmans@mit.edu>
* kfree.c (krb5_free_etype_info): Free s2kparams
krb5_free_authenticator(context, auth_context->authentp);
if (auth_context->keyblock)
krb5_free_keyblock(context, auth_context->keyblock);
- if (auth_context->local_subkey)
- krb5_free_keyblock(context, auth_context->local_subkey);
- if (auth_context->remote_subkey)
- krb5_free_keyblock(context, auth_context->remote_subkey);
+ if (auth_context->send_subkey)
+ krb5_free_keyblock(context, auth_context->send_subkey);
+ if (auth_context->recv_subkey)
+ krb5_free_keyblock(context, auth_context->recv_subkey);
if (auth_context->rcache)
krb5_rc_close(context, auth_context->rcache);
if (auth_context->permitted_etypes)
krb5_error_code KRB5_CALLCONV
krb5_auth_con_getlocalsubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock)
{
- if (auth_context->local_subkey)
- return krb5_copy_keyblock(context,auth_context->local_subkey,keyblock);
+ return krb5_auth_con_getsendsubkey(context, auth_context, keyblock);
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock)
+{
+ return krb5_auth_con_getrecvsubkey(context, auth_context, keyblock);
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock)
+{
+ if (ac->send_subkey != NULL)
+ krb5_free_keyblock(ctx, ac->send_subkey);
+ ac->send_subkey = NULL;
+ if (keyblock !=NULL)
+ return krb5_copy_keyblock(ctx, keyblock, &ac->send_subkey);
+ else
+ return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_setrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock *keyblock)
+{
+ if (ac->recv_subkey != NULL)
+ krb5_free_keyblock(ctx, ac->recv_subkey);
+ ac->recv_subkey = NULL;
+ if (keyblock != NULL)
+ return krb5_copy_keyblock(ctx, keyblock, &ac->recv_subkey);
+ else
+ return 0;
+}
+
+krb5_error_code KRB5_CALLCONV
+krb5_auth_con_getsendsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock)
+{
+ if (ac->send_subkey != NULL)
+ return krb5_copy_keyblock(ctx, ac->send_subkey, keyblock);
*keyblock = NULL;
return 0;
}
krb5_error_code KRB5_CALLCONV
-krb5_auth_con_getremotesubkey(krb5_context context, krb5_auth_context auth_context, krb5_keyblock **keyblock)
+krb5_auth_con_getrecvsubkey(krb5_context ctx, krb5_auth_context ac, krb5_keyblock **keyblock)
{
- if (auth_context->remote_subkey)
- return krb5_copy_keyblock(context,auth_context->remote_subkey,keyblock);
+ if (ac->recv_subkey != NULL)
+ return krb5_copy_keyblock(ctx, ac->recv_subkey, keyblock);
*keyblock = NULL;
return 0;
}
krb5_address * local_addr;
krb5_address * local_port;
krb5_keyblock * keyblock;
- krb5_keyblock * local_subkey;
- krb5_keyblock * remote_subkey;
+ krb5_keyblock * send_subkey;
+ krb5_keyblock * recv_subkey;
krb5_int32 auth_context_flags;
krb5_int32 remote_seq_number;
ap_rep.data = ptr;
ptr += ap_rep.length;
- if ((ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc)))
+ /*
+ * Save send_subkey to later smash recv_subkey.
+ */
+ ret = krb5_auth_con_getsendsubkey(context, auth_context, &tmp);
+ if (ret)
+ return ret;
+
+ ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc);
+ if (ret) {
+ krb5_free_keyblock(context, tmp);
return(ret);
+ }
krb5_free_ap_rep_enc_part(context, ap_rep_enc);
cipherresult.data = ptr;
cipherresult.length = (packet->data + packet->length) - ptr;
- /* XXX there's no api to do this right. The problem is that
- if there's a remote subkey, it will be used. This is
- not what the spec requires */
-
- tmp = auth_context->remote_subkey;
- auth_context->remote_subkey = NULL;
+ /*
+ * Smash recv_subkey to be send_subkey, per spec.
+ */
+ ret = krb5_auth_con_setrecvsubkey(context, auth_context, tmp);
+ krb5_free_keyblock(context, tmp);
+ if (ret)
+ return ret;
ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult,
&replay);
- auth_context->remote_subkey = tmp;
-
if (ret)
return(ret);
} else {
krb5_data cipherresult;
krb5_data clearresult;
krb5_replay_data replay;
+ krb5_keyblock *tmpkey;
/*
** validate the packet length -
*/
ap_rep.data = ptr;
ptr += ap_rep.length;
- if (ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc))
+ /*
+ * Save send_subkey to later smash recv_subkey.
+ */
+ ret = krb5_auth_con_getsendsubkey(context, auth_context, &tmpkey);
+ if (ret)
+ return ret;
+
+ ret = krb5_rd_rep(context, auth_context, &ap_rep, &ap_rep_enc);
+ if (ret) {
+ krb5_free_keyblock(context, tmpkey);
return(ret);
+ }
krb5_free_ap_rep_enc_part(context, ap_rep_enc);
/*
cipherresult.data = ptr;
cipherresult.length = (packet->data + packet->length) - ptr;
- {
- krb5_keyblock *saved_remote_subkey;
-/*
-** save the remote_subkey, so it doesn't get used when decoding
-*/
- saved_remote_subkey = auth_context->remote_subkey;
- auth_context->remote_subkey = NULL;
-
- ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult,
- NULL);
- auth_context->remote_subkey = saved_remote_subkey;
- }
+ /*
+ * Smash recv_subkey to be send_subkey, per spec.
+ */
+ ret = krb5_auth_con_setrecvsubkey(context, auth_context, tmpkey);
+ krb5_free_keyblock(context, tmpkey);
+ if (ret)
+ return ret;
+ ret = krb5_rd_priv(context, auth_context, &cipherresult, &clearresult,
+ NULL);
if (ret)
return(ret);
} /*We got an ap_rep*/
memset(pcred->tickets, 0, sizeof(krb5_ticket *) * (ncred +1));
/* Get keyblock */
- if ((keyblock = auth_context->local_subkey) == NULL)
- if ((keyblock = auth_context->remote_subkey) == NULL)
- keyblock = auth_context->keyblock;
+ if ((keyblock = auth_context->send_subkey) == NULL)
+ keyblock = auth_context->keyblock;
/* Get replay info */
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) &&
memset((char *) &replaydata, 0, sizeof(krb5_replay_data));
/* Get keyblock */
- if ((keyblock = auth_context->local_subkey) == NULL)
- if ((keyblock = auth_context->remote_subkey) == NULL)
- keyblock = auth_context->keyblock;
+ if ((keyblock = auth_context->send_subkey) == NULL)
+ keyblock = auth_context->keyblock;
/* Get replay info */
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) &&
goto cleanup;
}
- if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->local_subkey)) {
+ if ((ap_req_options & AP_OPTS_USE_SUBKEY)&&(!(*auth_context)->send_subkey)) {
/* Provide some more fodder for random number code.
This isn't strong cryptographically; the point here is not
to guarantee randomness, but to make it less likely that multiple
(void) krb5_c_random_add_entropy (context, KRB5_C_RANDSOURCE_TIMING, &d);
if ((retval = krb5_generate_subkey(context, &(in_creds)->keyblock,
- &(*auth_context)->local_subkey)))
+ &(*auth_context)->send_subkey)))
goto cleanup;
+ retval = krb5_copy_keyblock(context, (*auth_context)->send_subkey,
+ &((*auth_context)->recv_subkey));
+ if (retval) {
+ krb5_free_keyblock(context, (*auth_context)->send_subkey);
+ (*auth_context)->send_subkey = NULL;
+ goto cleanup;
+ }
}
if ((retval = krb5_generate_authenticator(context,
(*auth_context)->authentp,
(in_creds)->client, checksump,
- (*auth_context)->local_subkey,
+ (*auth_context)->send_subkey,
(*auth_context)->local_seq_number,
(in_creds)->authdata)))
goto cleanup_cksum;
memset((char *) &replaydata, 0, sizeof(krb5_replay_data));
/* Get keyblock */
- if ((keyblock = auth_context->local_subkey) == NULL)
- if ((keyblock = auth_context->remote_subkey) == NULL)
- keyblock = auth_context->keyblock;
+ if ((keyblock = auth_context->send_subkey) == NULL)
+ keyblock = auth_context->keyblock;
/* Get replay info */
if ((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_DO_TIME) &&
krb5_replay_data replaydata;
/* Get keyblock */
- if ((keyblock = auth_context->remote_subkey) == NULL)
- if ((keyblock = auth_context->local_subkey) == NULL)
- keyblock = auth_context->keyblock;
+ if ((keyblock = auth_context->recv_subkey) == NULL)
+ keyblock = auth_context->keyblock;
if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) &&
krb5_replay_data replaydata;
/* Get keyblock */
- if ((keyblock = auth_context->remote_subkey) == NULL)
- if ((keyblock = auth_context->local_subkey) == NULL)
- keyblock = auth_context->keyblock;
+ if ((keyblock = auth_context->recv_subkey) == NULL)
+ keyblock = auth_context->keyblock;
if (((auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_TIME) ||
(auth_context->auth_context_flags & KRB5_AUTH_CONTEXT_RET_SEQUENCE)) &&
/* Set auth subkey */
if ((*repl)->subkey) {
retval = krb5_copy_keyblock(context, (*repl)->subkey,
- &auth_context->remote_subkey);
+ &auth_context->recv_subkey);
+ if (retval)
+ goto clean_scratch;
+ retval = krb5_copy_keyblock(context, (*repl)->subkey,
+ &auth_context->send_subkey);
+ if (retval) {
+ krb5_free_keyblock(context, auth_context->send_subkey);
+ auth_context->send_subkey = NULL;
+ }
}
/* Get remote sequence number */
if ((*auth_context)->authentp->subkey) {
if ((retval = krb5_copy_keyblock(context,
(*auth_context)->authentp->subkey,
- &((*auth_context)->remote_subkey))))
+ &((*auth_context)->recv_subkey))))
goto cleanup;
+ retval = krb5_copy_keyblock(context, (*auth_context)->authentp->subkey,
+ &((*auth_context)->send_subkey));
+ if (retval) {
+ krb5_free_keyblock(context, (*auth_context)->recv_subkey);
+ (*auth_context)->recv_subkey = NULL;
+ goto cleanup;
+ }
} else {
- (*auth_context)->remote_subkey = 0;
+ (*auth_context)->recv_subkey = 0;
+ (*auth_context)->send_subkey = 0;
}
if ((retval = krb5_copy_keyblock(context, req->ticket->enc_part2->session,
return KRB5_RC_REQUIRED;
/* Get keyblock */
- if ((keyblock = auth_context->remote_subkey) == NULL)
- if ((keyblock = auth_context->local_subkey) == NULL)
- keyblock = auth_context->keyblock;
+ if ((keyblock = auth_context->recv_subkey) == NULL)
+ keyblock = auth_context->keyblock;
{
krb5_address * premote_fulladdr = NULL;
required += sizeof(krb5_int32);
}
- /* Calculate size required by local_subkey, if appropriate */
- if (!kret && auth_context->local_subkey) {
+ /* Calculate size required by send_subkey, if appropriate */
+ if (!kret && auth_context->send_subkey) {
kret = krb5_size_opaque(kcontext,
KV5M_KEYBLOCK,
- (krb5_pointer) auth_context->local_subkey,
+ (krb5_pointer) auth_context->send_subkey,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
- /* Calculate size required by remote_subkey, if appropriate */
- if (!kret && auth_context->remote_subkey) {
+ /* Calculate size required by recv_subkey, if appropriate */
+ if (!kret && auth_context->recv_subkey) {
kret = krb5_size_opaque(kcontext,
KV5M_KEYBLOCK,
- (krb5_pointer) auth_context->remote_subkey,
+ (krb5_pointer) auth_context->recv_subkey,
&required);
if (!kret)
required += sizeof(krb5_int32);
}
/* Now handle subkey, if appropriate */
- if (!kret && auth_context->local_subkey) {
+ if (!kret && auth_context->send_subkey) {
(void) krb5_ser_pack_int32(TOKEN_LSKBLOCK, &bp, &remain);
kret = krb5_externalize_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer)
- auth_context->local_subkey,
+ auth_context->send_subkey,
&bp,
&remain);
}
/* Now handle subkey, if appropriate */
- if (!kret && auth_context->remote_subkey) {
+ if (!kret && auth_context->recv_subkey) {
(void) krb5_ser_pack_int32(TOKEN_RSKBLOCK, &bp, &remain);
kret = krb5_externalize_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer)
- auth_context->remote_subkey,
+ auth_context->recv_subkey,
&bp,
&remain);
}
kret = krb5_ser_unpack_int32(&tag, &bp, &remain);
}
- /* This is the local_subkey */
+ /* This is the send_subkey */
if (!kret && (tag == TOKEN_LSKBLOCK)) {
if (!(kret = krb5_internalize_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer *)
&auth_context->
- local_subkey,
+ send_subkey,
&bp,
&remain)))
kret = krb5_ser_unpack_int32(&tag, &bp, &remain);
}
- /* This is the remote_subkey */
+ /* This is the recv_subkey */
if (!kret) {
if (tag == TOKEN_RSKBLOCK) {
kret = krb5_internalize_opaque(kcontext,
KV5M_KEYBLOCK,
(krb5_pointer *)
&auth_context->
- remote_subkey,
+ recv_subkey,
&bp,
&remain);
}
krb5_auth_con_getlocalseqnumber
krb5_auth_con_getlocalsubkey
krb5_auth_con_getrcache ; KRB5_CALLCONV_WRONG
+ krb5_auth_con_getrecvsubkey
krb5_auth_con_getremoteseqnumber
krb5_auth_con_getremotesubkey
+ krb5_auth_con_getsendsubkey
krb5_auth_con_init
krb5_auth_con_initivector ; DEPRECATED
krb5_auth_con_setaddrs ; KRB5_CALLCONV_WRONG
krb5_auth_con_setflags
krb5_auth_con_setports
krb5_auth_con_setrcache
+ krb5_auth_con_setrecvsubkey
+ krb5_auth_con_setsendsubkey
krb5_auth_con_setuseruserkey
krb5_build_principal
krb5_build_principal_ext
_krb5_auth_con_getremotesubkey
_krb5_auth_con_getlocalseqnumber
_krb5_auth_con_getremoteseqnumber
+ _krb5_auth_con_getrecvsubkey
+ _krb5_auth_con_getsendsubkey
+ _krb5_auth_con_setrecvsubkey
+ _krb5_auth_con_setsendsubkey
_krb5_auth_con_setrcache
_krb5_auth_con_getrcache
_krb5_auth_con_getauthenticator
projects / krb5.git / commitdiff