From: Tom Yu Date: Wed, 9 Aug 1995 01:36:43 +0000 (+0000) Subject: * kdb_cpw.c (add_key_rnd): remove bletcherous aggregate X-Git-Tag: krb5-1.0-beta6~1352 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=835d6c5ddb0f0c1603969b4a109297882d52bbcd;p=krb5.git * kdb_cpw.c (add_key_rnd): remove bletcherous aggregate initializer stuff and use build_principal_ext like we should have in the first place to build the tgt principal. Why are we using the TGS key to seed the random number generator? This makes randomized service keys have data that is derived from the TGS key. Do we really want that? Or am I missing something here? git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6474 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog index 5c11b1208..fbf9815ce 100644 --- a/src/lib/kdb/ChangeLog +++ b/src/lib/kdb/ChangeLog @@ -1,3 +1,8 @@ +Tue Aug 8 21:32:30 1995 Tom Yu + + * kdb_cpw.c (add_key_rnd): remove bletcherous aggregate + initializer stuff and use build_principal_ext like we + should have in the first place to build the tgt principal. Tue Aug 8 17:35:58 EDT 1995 Paul Park (pjpark@mit.edu) * encrypt_key.c - When allocating the actual key_data_contents use the diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c index f507cc6d1..e75192f1c 100644 --- a/src/lib/kdb/kdb_cpw.c +++ b/src/lib/kdb/kdb_cpw.c @@ -75,17 +75,7 @@ add_key_rnd(context, master_eblock, ks_tuple, ks_tuple_count, db_entry, kvno) krb5_db_entry * db_entry; int kvno; { - krb5_data krbtgt_princ_entries[] = { - { 0, KRB5_TGS_NAME_SIZE, KRB5_TGS_NAME }, - { 0, 0, 0 }, - }; - krb5_principal_data krbtgt_princ = { - 0, /* magic number */ - {0, 0, 0}, /* krb5_data realm */ - (krb5_data *) NULL, /* krb5_data *data */ - 2, /* int length */ - KRB5_NT_SRV_INST /* int type */ - }; + krb5_principal krbtgt_princ; krb5_keyblock krbtgt_keyblock, * key; krb5_pointer krbtgt_seed; krb5_encrypt_block krbtgt_eblock; @@ -94,20 +84,23 @@ add_key_rnd(context, master_eblock, ks_tuple, ks_tuple_count, db_entry, kvno) int max_kvno, one, i, j; krb5_error_code retval; - krbtgt_princ.data = krbtgt_princ_entries; - krb5_princ_set_realm_length(context, &krbtgt_princ, - db_entry->princ->realm.length); - krb5_princ_set_realm_data(context, &krbtgt_princ, - db_entry->princ->realm.data); - krb5_princ_component(context, &krbtgt_princ, 1)->length = - db_entry->princ->realm.length; - krb5_princ_component(context, &krbtgt_princ, 1)->data = - db_entry->princ->realm.data; + retval = krb5_build_principal_ext(context, &krbtgt_princ, + db_entry->princ->realm.length, + db_entry->princ->realm.data, + KRB5_TGS_NAME_SIZE, + KRB5_TGS_NAME, + db_entry->princ->realm.length, + db_entry->princ->realm.data); + if (retval) + return retval; /* Get tgt from database */ - if (retval = krb5_db_get_principal(context, &krbtgt_princ, &krbtgt_entry, - &one, &more)) + retval = krb5_db_get_principal(context, krbtgt_princ, &krbtgt_entry, + &one, &more)) { + krb5_free_principal(krbtgt_princ); /* don't need it anymore */ + if (retval) return(retval); + } if ((one > 1) || (more)) { krb5_db_free_principal(context, &krbtgt_entry, one); return KRB5KDC_ERR_PRINCIPAL_NOT_UNIQUE;