From: Greg Hudson Date: Thu, 13 May 2010 17:34:33 +0000 (+0000) Subject: Negative enctypes improperly read from keytabs X-Git-Tag: krb5-1.9-beta1~238 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=aa53b05e76d809172e15c626750d1800a92246dc;p=krb5.git Negative enctypes improperly read from keytabs When reading enctypes from keytabs, we need to ntohs() the 16-bit value we read in before sign-extending it to a 32-bit value in the keyblock, or we run the risk of extending the wrong sign. ticket: 6720 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24016 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c index 3583506a4..80070bcf5 100644 --- a/src/lib/krb5/keytab/kt_file.c +++ b/src/lib/krb5/keytab/kt_file.c @@ -1362,10 +1362,9 @@ krb5_ktfileint_internal_read_entry(krb5_context context, krb5_keytab id, krb5_ke error = KRB5_KT_END; goto fail; } - ret_entry->key.enctype = (krb5_enctype)enctype; - if (KTVERSION(id) != KRB5_KT_VNO_1) - ret_entry->key.enctype = ntohs(ret_entry->key.enctype); + enctype = ntohs(enctype); + ret_entry->key.enctype = (krb5_enctype)enctype; /* key contents */ ret_entry->key.magic = KV5M_KEYBLOCK;