From: Ezra Peisach <epeisach@mit.edu>
Date: Tue, 22 Aug 2000 13:58:24 +0000 (+0000)
Subject: 	* rd_svc_key.c (krb54_get_service_keyblock): If the keytab
X-Git-Tag: krb5-1.3-alpha1~1916
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b478311714a6d653bf74bb2ead74d58e51e2a447;p=krb5.git

	* rd_svc_key.c (krb54_get_service_keyblock): If the keytab
 	encryption type is a non-raw des3 key, bash its enctype. This
 	matches kdc/kerberos_v4.c.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12624 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog
index 25ad9f284..9b091bfcd 100644
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,15 @@
+Tue Aug 22 09:56:14 2000  Ezra Peisach  <epeisach@mit.edu>
+
+	* rd_svc_key.c (krb54_get_service_keyblock): If the keytab
+ 	encryption type is a non-raw des3 key, bash its enctype. This
+ 	matches kdc/kerberos_v4.c.
+
+Mon Aug 14 12:13:20 2000  Ezra Peisach  <epeisach@mit.edu>
+
+	* cr_tkt.c (krb_cr_tkt_int): When prototypes were changed to not
+ 	include a narrow prototype, the flags were being sent OTW as four
+ 	bytes instead of one.
+
 2000-08-02  Ezra Peisach  <epeisach@mit.edu>
 
 	* tf_util.c (tf_init): Add KRB5_DLLIMP/KRB5_CALLCONV definitions
diff --git a/src/lib/krb4/rd_svc_key.c b/src/lib/krb4/rd_svc_key.c
index 831becdf0..a9b6fd5d5 100644
--- a/src/lib/krb4/rd_svc_key.c
+++ b/src/lib/krb4/rd_svc_key.c
@@ -183,7 +183,7 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock)
     
     if ((retval = krb5_kt_resolve(krb5__krb4_context, keytabname, &kt_id)))
 	    goto errout;
-    
+
     if ((retval = krb5_kt_get_entry(krb5__krb4_context, kt_id, princ, kvno,
 				    0, &kt_entry))) {
 	krb5_kt_close(krb5__krb4_context, kt_id);
@@ -192,6 +192,12 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock)
 
     retval = krb5_copy_keyblock_contents(krb5__krb4_context,
 					 &kt_entry.key, keyblock);
+    /* Bash types */
+    /* KLUDGE! If it's a non-raw des3 key, bash its enctype */
+    /* See kdc/kerberos_v4.c */
+    if (keyblock->enctype == ENCTYPE_DES3_CBC_SHA1 ||
+	keyblock->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1)
+      keyblock->enctype = ENCTYPE_DES3_CBC_RAW;
     
     krb5_kt_free_entry(krb5__krb4_context, &kt_entry);
     krb5_kt_close (krb5__krb4_context, kt_id);