+Mon May 01 15:56:32 1995 Chris Provenzano (proven@mit.edu)
+
+ * init_sec_context.c (krb5_gss_init_sec_context()) :
+ The krb5_mk_rep() routine must always encode the data in
+ the keyblock of the ticket, not the subkey.
+
Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com)
* *.[ch]: removed unneeded INTERFACE from non-api functions.
krb5_timestamp now;
gss_buffer_desc token;
int i;
-/* Remove this when server is fixed and this function goes away */
-krb5_error_code krb5_auth_con_setkey ();
/* set up return values so they can be "freed" successfully */
sptr = (char *) ptr; /* PC compiler bug */
TREAD_STR(sptr, ap_rep.data, ap_rep.length);
-/* A hack. Don't forget to remove the prototype for it above */
-krb5_auth_con_setkey(context, ctx->auth_context, ctx->subkey);
- /* decode the ap_rep */
- if (code = krb5_rd_rep(context,ctx->auth_context,&ap_rep,&ap_rep_data)) {
- (void)krb5_gss_delete_sec_context(context, minor_status,
- context_handle, NULL);
- *minor_status = code;
- return(GSS_S_FAILURE);
+ /* decode the ap_rep */
+ if (code = krb5_rd_rep(context,ctx->auth_context,&ap_rep,&ap_rep_data)){
+ /*
+ * XXX A hack for backwards compatiblity.
+ * To be removed in 1999 -- proven
+ */
+ krb5_auth_con_setuseruserkey(context,ctx->auth_context,ctx->subkey);
+ if (code = krb5_rd_rep(context, ctx->auth_context, &ap_rep,
+ &ap_rep_data)) {
+ (void)krb5_gss_delete_sec_context(context, minor_status,
+ context_handle, NULL);
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+ }
+ }
+
+ /* store away the sequence number */
+ ctx->seq_recv = ap_rep_data->seq_number;
+
+ /* free the ap_rep_data */
+ krb5_free_ap_rep_enc_part(context, ap_rep_data);
+
+ /* set established */
+ ctx->established = 1;
+
+ /* set returns */
+
+ if (time_rec) {
+ if (code = krb5_timeofday(context, &now)) {
+ (void)krb5_gss_delete_sec_context(context, minor_status,
+ (gss_ctx_id_t) ctx, NULL);
+ *minor_status = code;
+ return(GSS_S_FAILURE);
+
+ }
}
/* store away the sequence number */
projects / krb5.git / commitdiff