From: Sam Hartman <hartmans@mit.edu>
Date: Mon, 26 Nov 2001 20:43:10 +0000 (+0000)
Subject:  2001-11-24  Sam Hartman  <hartmans@mit.edu>
X-Git-Tag: krb5-1.3-alpha1~935
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=0b5e96d5aca08b684b0eca9030bf1fc08b7bd8dc;p=krb5.git

 2001-11-24  Sam Hartman  <hartmans@mit.edu>

 	* fwd_tgt.c (krb5_fwd_tgt_creds): Get a session key for the
 	forwarded tgt that is the same as the  session key for  the
 	auth_context.  This  is an enctype we know the remote side
 	supports.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14019 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog
index e27110bb7..1f607302f 100644
--- a/src/lib/krb5/krb/ChangeLog
+++ b/src/lib/krb5/krb/ChangeLog
@@ -1,3 +1,10 @@
+ 2001-11-24  Sam Hartman  <hartmans@mit.edu>
+ 
+ 	* fwd_tgt.c (krb5_fwd_tgt_creds): Get a session key for the
+ 	forwarded tgt that is the same as the  session key for  the
+ 	auth_context.  This  is an enctype we know the remote side
+ 	supports.  
+ 
 2001-11-26  Sam Hartman  <hartmans@mit.edu>
 
 	* gen_seqnum.c (krb5_generate_seq_number):  add entropy source id
diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c
index 9dd9e116b..9c8a1046b 100644
--- a/src/lib/krb5/krb/fwd_tgt.c
+++ b/src/lib/krb5/krb/fwd_tgt.c
@@ -55,6 +55,8 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc,
     krb5_flags kdcoptions;
     int close_cc = 0;
     int free_rhost = 0;
+    krb5_enctype enctype = 0;
+    krb5_keyblock *session_key;
 
     memset((char *)&creds, 0, sizeof(creds));
     memset((char *)&tgt, 0, sizeof(creds));
@@ -73,7 +75,15 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc,
 	memcpy(rhost, server->data[1].data, server->data[1].length);
 	rhost[server->data[1].length] = '\0';
     }
-
+    retval = krb5_auth_con_getkey (context, auth_context, &session_key);
+    if (retval)
+      goto errout;
+    if (session_key) {
+      enctype = session_key->enctype;
+      krb5_free_keyblock (context, session_key);
+      session_key = NULL;
+    }
+    
     retval = krb5_os_hostaddr(context, rhost, &addrs);
     if (retval)
 	goto errout;
@@ -113,7 +123,8 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc,
 	retval = KRB5_NO_TKT_SUPPLIED;
 	goto errout;
     }
-
+    
+    creds.keyblock.enctype = enctype;
     creds.times = tgt.times;
     creds.times.starttime = 0;
     creds.keyblock.enctype = tgt.keyblock.enctype;