* rd_svc_key.c (krb54_get_service_keyblock): If the keytab

author Ezra Peisach <epeisach@mit.edu>

Tue, 22 Aug 2000 13:58:24 +0000 (13:58 +0000)

committer Ezra Peisach <epeisach@mit.edu>

Tue, 22 Aug 2000 13:58:24 +0000 (13:58 +0000)
author Ezra Peisach <epeisach@mit.edu>
Tue, 22 Aug 2000 13:58:24 +0000 (13:58 +0000)
committer Ezra Peisach <epeisach@mit.edu>
Tue, 22 Aug 2000 13:58:24 +0000 (13:58 +0000)
diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog

index 25ad9f284d96f8ee5d72368c901273f01497c8fd..9b091bfcd459b7a080a6929bdc8c48ba831091d4 100644 (file)
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,15 @@
+Tue Aug 22 09:56:14 2000  Ezra Peisach  <epeisach@mit.edu>
+
+       * rd_svc_key.c (krb54_get_service_keyblock): If the keytab
+       encryption type is a non-raw des3 key, bash its enctype. This
+       matches kdc/kerberos_v4.c.
+
+Mon Aug 14 12:13:20 2000  Ezra Peisach  <epeisach@mit.edu>
+
+       * cr_tkt.c (krb_cr_tkt_int): When prototypes were changed to not
+       include a narrow prototype, the flags were being sent OTW as four
+       bytes instead of one.
+
  2000-08-02  Ezra Peisach  <epeisach@mit.edu>
  
         * tf_util.c (tf_init): Add KRB5_DLLIMP/KRB5_CALLCONV definitions
diff --git a/src/lib/krb4/rd_svc_key.c b/src/lib/krb4/rd_svc_key.c

index 831becdf02d96565a51c8ad9e4ce0a7ddc32c97f..a9b6fd5d54dc1319b6da6e400c2775e3a2990086 100644 (file)
--- a/src/lib/krb4/rd_svc_key.c
+++ b/src/lib/krb4/rd_svc_key.c
@@ -183,7 +183,7 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock)
      
      if ((retval = krb5_kt_resolve(krb5__krb4_context, keytabname, &kt_id)))
             goto errout;
-    
+
      if ((retval = krb5_kt_get_entry(krb5__krb4_context, kt_id, princ, kvno,
                                     0, &kt_entry))) {
         krb5_kt_close(krb5__krb4_context, kt_id);
@@ -192,6 +192,12 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock)
  
      retval = krb5_copy_keyblock_contents(krb5__krb4_context,
                                          &kt_entry.key, keyblock);
+    /* Bash types */
+    /* KLUDGE! If it's a non-raw des3 key, bash its enctype */
+    /* See kdc/kerberos_v4.c */
+    if (keyblock->enctype == ENCTYPE_DES3_CBC_SHA1 ||
+       keyblock->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1)
+      keyblock->enctype = ENCTYPE_DES3_CBC_RAW;
      
      krb5_kt_free_entry(krb5__krb4_context, &kt_entry);
      krb5_kt_close (krb5__krb4_context, kt_id);
author	Ezra Peisach <epeisach@mit.edu>
	Tue, 22 Aug 2000 13:58:24 +0000 (13:58 +0000)
committer	Ezra Peisach <epeisach@mit.edu>
	Tue, 22 Aug 2000 13:58:24 +0000 (13:58 +0000)
src/lib/krb4/ChangeLog		patch \| blob \| history
src/lib/krb4/rd_svc_key.c		patch \| blob \| history