From 2a252ebe41ee5550b5c83e1bb760aeb11d06b83c Mon Sep 17 00:00:00 2001
From: Ezra Peisach <epeisach@mit.edu>
Date: Tue, 22 Aug 2000 15:38:59 +0000
Subject: [PATCH] 	* ftpd.c (auth_data): Iterate over all krb4 services
 instead of  	trying to examine the srvtab file for a particular key (which 
 	failes when falling back on the v5 keytab for des3 services).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12625 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/appl/gssftp/ftpd/ChangeLog |  6 ++++++
 src/appl/gssftp/ftpd/ftpd.c    | 33 ++++++++++++++++-----------------
 2 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/src/appl/gssftp/ftpd/ChangeLog b/src/appl/gssftp/ftpd/ChangeLog
index 70f2112ce..3a4508cdd 100644
--- a/src/appl/gssftp/ftpd/ChangeLog
+++ b/src/appl/gssftp/ftpd/ChangeLog
@@ -1,3 +1,9 @@
+Tue Aug 22 11:37:35 2000  Ezra Peisach  <epeisach@mit.edu>
+
+	* ftpd.c (auth_data): Iterate over all krb4 services instead of
+ 	trying to examine the srvtab file for a particular key (which
+ 	failes when falling back on the v5 keytab for des3 services).
+
 2000-06-14  Tom Yu  <tlyu@mit.edu>
 
 	* ftpcmd.y (nonguest): Return $1, not 1, if (!guest).
diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c
index 047be3562..17f6e009b 100644
--- a/src/appl/gssftp/ftpd/ftpd.c
+++ b/src/appl/gssftp/ftpd/ftpd.c
@@ -2174,7 +2174,7 @@ char *data;
 	int kerror, length;
 #ifdef KRB5_KRB4_COMPAT
 	int i;
-	static char *service;
+	static char **service=NULL;
 	char instance[INST_SZ];
 	u_long cksum;
 	char buf[FTP_BUFSIZ];
@@ -2200,23 +2200,22 @@ char *data;
 		}
 		(void) memcpy((char *)ticket.dat, (char *)out_buf, ticket.length = length);
 		strcpy(instance, "*");
-		if (!service) {
-			char realm[REALM_SZ];
-			des_cblock key;
-			
-			service = "ftp";
-			if (krb_get_lrealm(realm, 1) == KSUCCESS &&
-			    read_service_key(service, instance, realm, 0, keyfile, key))
-				service = "rcmd";
-			else
-				(void) memset(key, 0, sizeof(key));
-		}
-		if (kerror = krb_rd_req(&ticket, service, instance,
-					his_addr.sin_addr.s_addr, &kdata, keyfile)) {
-			secure_error("ADAT: Kerberos V4 krb_rd_req: %s",
-				     krb_get_err_text(kerror));
-			return(0);
+
+		kerror = 255;
+		for (service = krb4_services; *service; service++) {
+		  kerror = krb_rd_req(&ticket, *service, instance,
+				      his_addr.sin_addr.s_addr, 
+				      &kdata, keyfile);
+		  /* Success */
+		  if(!kerror) break;
+		} 
+		/* rd_req failed.... */
+		if(kerror) {
+		  secure_error("ADAT: Kerberos V4 krb_rd_req: %s",
+			       krb_get_err_text(kerror));
+		  return(0);
 		}
+
 		/* add one to the (formerly) sealed checksum, and re-seal it */
 		cksum = kdata.checksum + 1;
 		cksum = htonl(cksum);
-- 
2.26.2