From: Sam Hartman Date: Tue, 3 Jun 2003 21:36:00 +0000 (+0000) Subject: Save a copy of the ciphertext from the kdc rather than trying to X-Git-Tag: krb5-1.4-beta1~887 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=242abeb6abea8f895b1402e014a09fde778d8c6e;p=krb5.git Save a copy of the ciphertext from the kdc rather than trying to decrypt the already decrypted text each time through the loop. Ticket: 1554 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15551 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog index f16f07c45..d72159141 100644 --- a/src/lib/krb4/ChangeLog +++ b/src/lib/krb4/ChangeLog @@ -1,3 +1,8 @@ +2003-06-03 Sam Hartman + + * g_in_tkt.c (krb_get_in_tkt_preauth_creds): Keep copy of + ciphertext while trying different keyprocs + 2003-06-02 Tom Yu * change_password.c (krb_change_password): Explicitly zero the diff --git a/src/lib/krb4/g_in_tkt.c b/src/lib/krb4/g_in_tkt.c index 4d5286a98..58a91b00d 100644 --- a/src/lib/krb4/g_in_tkt.c +++ b/src/lib/krb4/g_in_tkt.c @@ -424,6 +424,9 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, /* Attempt to decrypt the reply. Loop trying password_to_key algorithms until we succeed or we get an error other than "bad password" */ do { + KTEXT_ST cip_copy_st; + memcpy(&cip_copy_st, &cip_st, sizeof(cip_st)); + cip = &cip_copy_st; if (decrypt_proc == NULL) { decrypt_tkt (user, instance, realm, arg, keyprocs[i], &cip); } else { @@ -432,6 +435,7 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, kerror = krb_parse_in_tkt_creds(user, instance, realm, service, sinstance, life, cip, byteorder, creds); } while ((keyprocs [++i] != NULL) && (kerror == INTK_BADPW)); + cip = &cip_st; /* Fill in the local address if the caller wants it */ if (laddrp != NULL) {