#include <krb5/kdb5_err.h>
#include <errno.h>
+/*
+ * Verify that the master key in *mkey matches the database entry
+ * for mprinc.
+ *
+ * eblock points to an encrypt_block used for the realm in question.
+ */
+
krb5_error_code
-krb5_db_verify_master_key(mprinc, mkey)
+krb5_db_verify_master_key(mprinc, mkey, eblock)
krb5_principal mprinc;
krb5_keyblock *mkey;
+krb5_encrypt_block *eblock;
{
krb5_error_code retval;
krb5_db_entry master_entry;
int nprinc, more;
- krb5_encrypt_block eblock;
- extern krb5_encrypt_block master_encblock;
krb5_keyblock tempkey;
nprinc = 1;
return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE);
}
- eblock = master_encblock;
-
/* do any necessary key pre-processing */
- if (retval = (*eblock.crypto_entry->process_key)(&eblock, mkey)) {
+ if (retval = (*eblock->crypto_entry->process_key)(eblock, mkey)) {
return(retval);
}
- if (retval = krb5_kdb_decrypt_key(&master_entry.key, &tempkey, &eblock)) {
- (void) (*eblock.crypto_entry->finish_key)(&eblock);
+ if (retval = krb5_kdb_decrypt_key(&master_entry.key, &tempkey, eblock)) {
+ (void) (*eblock->crypto_entry->finish_key)(eblock);
return retval;
}
if (!bcmp(mkey->contents, tempkey.contents, mkey->length)) {
retval = KRB5_KDB_BADMASTERKEY;
- (void) (*eblock.crypto_entry->finish_key)(&eblock);
+ (void) (*eblock->crypto_entry->finish_key)(eblock);
} else
- retval = (*eblock.crypto_entry->finish_key)(&eblock);
+ retval = (*eblock->crypto_entry->finish_key)(eblock);
return retval;
}
projects / krb5.git / commitdiff