From 23490da7190389714c55be54fc94cbd020ca9046 Mon Sep 17 00:00:00 2001 From: Assar Westerlund Date: Wed, 21 Jun 2000 02:20:04 +0000 Subject: [PATCH] be more compatible with MIT code. From Daniel Kouril git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8428 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/krb5/get_for_creds.c | 32 ++++++++++++++++++-------------- lib/krb5/rd_cred.c | 35 ++++++++++++++++++++++++----------- 2 files changed, 42 insertions(+), 25 deletions(-) diff --git a/lib/krb5/get_for_creds.c b/lib/krb5/get_for_creds.c index ecbbf100c..dd3d78884 100644 --- a/lib/krb5/get_for_creds.c +++ b/lib/krb5/get_for_creds.c @@ -201,22 +201,26 @@ krb5_get_forwarded_creds (krb5_context context, } *enc_krb_cred_part.usec = usec; - ret = krb5_make_addrport (&enc_krb_cred_part.s_address, - auth_context->local_address, - auth_context->local_port); - if (ret) - goto out4; - - ALLOC(enc_krb_cred_part.r_address, 1); - if (enc_krb_cred_part.r_address == NULL) { - ret = ENOMEM; - goto out4; + if (auth_context->local_address && auth_context->local_port) { + ret = krb5_make_addrport (&enc_krb_cred_part.s_address, + auth_context->local_address, + auth_context->local_port); + if (ret) + goto out4; } - ret = krb5_copy_address (context, auth_context->remote_address, - enc_krb_cred_part.r_address); - if (ret) - goto out4; + if (auth_context->remote_address) { + ALLOC(enc_krb_cred_part.r_address, 1); + if (enc_krb_cred_part.r_address == NULL) { + ret = ENOMEM; + goto out4; + } + + ret = krb5_copy_address (context, auth_context->remote_address, + enc_krb_cred_part.r_address); + if (ret) + goto out4; + } /* fill ticket_info.val[0] */ diff --git a/lib/krb5/rd_cred.c b/lib/krb5/rd_cred.c index 1f8837c45..9e04042e1 100644 --- a/lib/krb5/rd_cred.c +++ b/lib/krb5/rd_cred.c @@ -64,16 +64,27 @@ krb5_rd_cred (krb5_context context, goto out; } - krb5_crypto_init(context, auth_context->remote_subkey, 0, &crypto); - ret = krb5_decrypt_EncryptedData(context, - crypto, - KRB5_KU_KRB_CRED, - &cred.enc_part, - &enc_krb_cred_part_data); - krb5_crypto_destroy(context, crypto); - if (ret) - goto out; - + if (cred.enc_part.etype == ETYPE_NULL) { + /* DK: MIT GSS-API Compatibility */ + enc_krb_cred_part_data.length = cred.enc_part.cipher.length; + enc_krb_cred_part_data.data = cred.enc_part.cipher.data; + } else { + if (auth_context->remote_subkey) + krb5_crypto_init(context, auth_context->remote_subkey, 0, &crypto); + else + krb5_crypto_init(context, auth_context->keyblock, 0, &crypto); + /* DK: MIT rsh */ + + ret = krb5_decrypt_EncryptedData(context, + crypto, + KRB5_KU_KRB_CRED, + &cred.enc_part, + &enc_krb_cred_part_data); + + krb5_crypto_destroy(context, crypto); + if (ret) + goto out; + } ret = krb5_decode_EncKrbCredPart (context, enc_krb_cred_part_data.data, @@ -86,7 +97,8 @@ krb5_rd_cred (krb5_context context, /* check sender address */ if (enc_krb_cred_part.s_address - && auth_context->remote_address) { + && auth_context->remote_address + && auth_context->remote_port) { krb5_address *a; int cmp; @@ -113,6 +125,7 @@ krb5_rd_cred (krb5_context context, /* check receiver address */ if (enc_krb_cred_part.r_address + && auth_context->local_address && !krb5_address_compare (context, auth_context->local_address, enc_krb_cred_part.r_address)) {