From: Theodore Tso Date: Thu, 15 Sep 1994 04:24:09 +0000 (+0000) Subject: Fix bug in V4 emulation where it was always assuming the master key X-Git-Tag: krb5-1.0-beta4.3~118 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=3d20b8d1838d625fe607d9940965bfdaa4060fd4;p=krb5.git Fix bug in V4 emulation where it was always assuming the master key version number was zero. Now it actually reads it in from the master key database entry. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4238 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index b48ad04b5..6c4228947 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -93,7 +93,8 @@ static C_Block session_key; static C_Block user_key; static C_Block service_key; */ -static u_char master_key_version; +extern u_char master_key_version; +u_char master_key_version; /* static char k_instance[INST_SZ]; */ diff --git a/src/kdc/main.c b/src/kdc/main.c index 55106f8a6..a3da6cf41 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -291,6 +291,9 @@ krb5_keyblock *masterkeyblock; int nprincs; krb5_boolean more; krb5_db_entry server; +#ifdef KRB4 + extern unsigned char master_key_version; +#endif /* set db name if appropriate */ if (dbname && (retval = krb5_db_set_name(dbname))) @@ -306,6 +309,26 @@ krb5_keyblock *masterkeyblock; return(retval); } +#ifdef KRB4 + /* get the master key, to extract the master key version number */ + nprincs = 1; + if (retval = krb5_db_get_principal(masterkeyname, + &server, &nprincs, + &more)) { + return(retval); + } + if (nprincs != 1) { + if (nprincs) + krb5_db_free_principal(&server, nprincs); + return(KRB5_KDB_NOMASTERKEY); + } else if (more) { + krb5_db_free_principal(&server, nprincs); + return(KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE); + } + master_key_version = server.kvno; + krb5_db_free_principal(&server, nprincs); +#endif + /* do any necessary key pre-processing */ if (retval = krb5_process_key(&master_encblock, masterkeyblock)) { master_encblock.crypto_entry = 0;