From 1ae4e73fbba885b5f8bee0b09504b41948b224b7 Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Tue, 29 Sep 1992 14:38:48 +0000 Subject: [PATCH] Added support for alternate key/salt; attempt to use a V4 salttype if possible. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@2438 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kdc/kerberos_v4.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index dfd4ac984..928d97da1 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -636,9 +636,24 @@ kerb_get_principal(name, inst, principal, maxn, more) (int) name, (int) inst, entries.key.keytype); nprinc = 0; goto cleanup; - } else if (! compat_decrypt_key( &entries.key, k)) { - bcopy( k, &principal->key_low, LONGLEN); - bcopy((long *) k + 1, &principal->key_high, LONGLEN); + } else { + /* + * If the primary key's salt type is not V4, use the alternate + * key instead, if it exists. + */ + if (entries.salt_type != KRB5_KDB_SALTTYPE_V4 && + entries.alt_key.length) { + if (! compat_decrypt_key( &entries.alt_key,k)){ + bcopy( k, &principal->key_low, LONGLEN); + bcopy((long *) k + 1, &principal->key_high, LONGLEN); + } + } + else { + if (! compat_decrypt_key( &entries.key, k)) { + bcopy( k, &principal->key_low, LONGLEN); + bcopy((long *) k + 1, &principal->key_high, LONGLEN); + } + } } /* convert v5's entries struct to v4's Principal struct: * v5's time-unit for lifetimes is 1 sec, while v4 uses 5 minutes. -- 2.26.2