oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

implement `krb5_init_etype'

Browse Source 
Change encryption type of pa_enc_timestamp to DES-CBC-MD5


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2336 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1997-07-16 01:14:05 +00:00
parent 73c0d5222a
commit 23b81dac0e
1 changed files with 44 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
lib/krb5/get_in_tkt.c
View File

@@ -2,6 +2,38 @@
RCSID("$Id$");
krb5_error_code
krb5_init_etype (krb5_context context,
unsigned *len,
unsigned **val,
const krb5_enctype *etypes)
{
int i;
krb5_error_code ret;
const krb5_enctype *tmp;
if (etypes)
tmp = etypes;
else {
ret = krb5_get_default_in_tkt_etypes(context,
&tmp);
if (ret)
return ret;
}
for (i = 0; tmp[i]; ++i)
;
*len = i;
*val = malloc(i * sizeof(unsigned));
memmove (*val,
tmp,
i * sizeof(*tmp));
if (etypes == NULL)
free (tmp);
return 0;
}
static krb5_error_code
decrypt_tkt (krb5_context context,
const krb5_keyblock *key,
@@ -165,16 +197,11 @@ krb5_get_in_tkt(krb5_context context,
a.req_body.till = creds->times.endtime;
krb5_generate_random_block (&a.req_body.nonce, sizeof(a.req_body.nonce));
if (etypes)
abort ();
else {
ret = krb5_get_default_in_tkt_etypes (context,
(krb5_enctype**)&a.req_body.etype.val);
if (ret)
return ret;
a.req_body.etype.len = 1;
}
krb5_init_etype (context,
&a.req_body.etype.len,
&a.req_body.etype.val,
etypes);
a.req_body.addresses = malloc(sizeof(*a.req_body.addresses));
if (addrs)
@@ -236,7 +263,13 @@ krb5_get_in_tkt(krb5_context context,
a.padata->val->padata_type = pa_enc_timestamp;
a.padata->val->padata_value.length = 0;
encdata.etype = ETYPE_DES_CBC_CRC;
/*
* According to the spec this is the only encryption method
* that must be supported so it's the safest choice. On the
* other hand, old KDCs might not support it.
*/
encdata.etype = ETYPE_DES_CBC_MD5;
encdata.kvno = NULL;
ret = krb5_encrypt (context,
buf + sizeof(buf) - len,