From 5a341becfda1deaf4dd590b70939c0c622597d1e Mon Sep 17 00:00:00 2001 From: Theodore Tso Date: Thu, 9 Nov 1995 05:04:28 +0000 Subject: [PATCH] * get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument from the call to krb5_obtain_padata. * preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO preauth, if it exists, to determine which salt type to use when encrypting the preauthentication data. Remove the etype_info argument. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7071 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/krb/ChangeLog | 10 ++++++++++ src/lib/krb5/krb/get_in_tkt.c | 2 +- src/lib/krb5/krb/preauth.c | 24 ++++++++++++++++++------ 3 files changed, 29 insertions(+), 7 deletions(-) diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 4f127349c..de1828dc6 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,13 @@ +Thu Nov 9 00:02:43 1995 Theodore Y. Ts'o + + * get_in_tkt.c (krb5_get_in_tkt): Remove the etype_info argument + from the call to krb5_obtain_padata. + + * preauth.c (krb5_obtain_padata): Use the PADATA_ETYPE_INFO + preauth, if it exists, to determine which salt type to use + when encrypting the preauthentication data. Remove the + etype_info argument. + Wed Nov 8 02:50:59 1995 Theodore Y. Ts'o * krbconfig.c: Removed the krb5_clockskew variable. diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index e1c253b20..18095ef8e 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -451,7 +451,7 @@ krb5_get_in_tkt(context, options, addrs, ktypes, ptypes, key_proc, keyseed, goto cleanup; } - if ((retval = krb5_obtain_padata(context, preauth_to_use, 0, key_proc, + if ((retval = krb5_obtain_padata(context, preauth_to_use, key_proc, keyseed, creds, &request)) != 0) goto cleanup; if (preauth_to_use) diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c index ae961a6ce..d02a7197d 100644 --- a/src/lib/krb5/krb/preauth.c +++ b/src/lib/krb5/krb/preauth.c @@ -101,17 +101,17 @@ cleanup: } -krb5_error_code krb5_obtain_padata(context, preauth_to_use, etype_info, - key_proc, key_seed, creds, request) +krb5_error_code krb5_obtain_padata(context, preauth_to_use, key_proc, + key_seed, creds, request) krb5_context context; krb5_pa_data ** preauth_to_use; - krb5_etype_info etype_info; git_key_proc key_proc; krb5_const_pointer key_seed; krb5_creds * creds; krb5_kdc_req * request; { krb5_error_code retval; + krb5_etype_info etype_info = 0; krb5_pa_data ** pa; krb5_pa_data ** send_pa_list; krb5_pa_data ** send_pa; @@ -119,13 +119,22 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, etype_info, krb5_keyblock * def_enc_key = 0; krb5_enctype enctype; krb5_data salt; + krb5_data scratch; int size; int f_salt = 0; if (preauth_to_use == NULL) return 0; - for (pa = preauth_to_use, size=0; *pa; pa++, size++); + for (pa = preauth_to_use, size=0; *pa; pa++, size++) { + if ((*pa)->pa_type == KRB5_PADATA_ETYPE_INFO) { + scratch.length = (*pa)->length; + scratch.data = (*pa)->contents; + retval = decode_krb5_etype_info(&scratch, &etype_info); + if (retval) + return retval; + } + } if ((send_pa_list = malloc((size+1) * sizeof(krb5_pa_data *))) == NULL) return ENOMEM; @@ -133,12 +142,15 @@ krb5_error_code krb5_obtain_padata(context, preauth_to_use, etype_info, send_pa = send_pa_list; *send_pa = 0; + enctype = request->ktype[0]; + salt.data = 0; + salt.length = -1; if (etype_info) { enctype = etype_info[0]->etype; salt.data = etype_info[0]->salt; salt.length = etype_info[0]->length; - } else { - enctype = request->ktype[0]; + } + if (salt.length == -1) { if ((retval = krb5_principal2salt(context, request->client, &salt))) return(retval); f_salt = 1; -- 2.26.2