use krb5_encrypt

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1271 ec53bebd-3082-4978-b11e-865c3cabbd6b
1997-03-08 04:00:37 +00:00
parent 970c998f48
commit 2c974bc55b
2 changed files with 42 additions and 13 deletions
--- a/lib/krb5/build_auth.c
+++ b/lib/krb5/build_auth.c
@@ -1,10 +1,10 @@
 #include <krb5_locl.h>
 #include <krb5_error.h>
-#include <md4.h>

 krb5_error_code
 krb5_build_authenticator (krb5_context context,
-			  krb5_principal client,
+			  krb5_auth_context auth_context,
+			  krb5_creds *cred,
 			  Checksum *cksum,
 			  Authenticator **auth_result,
 			  krb5_data *result)
@@ -12,18 +12,14 @@ krb5_build_authenticator (krb5_context context,
  struct timeval tv;
  Authenticator *auth = malloc(sizeof(*auth));
  char buf[1024];
-  unsigned char *p;
  int len;
-  struct md4 m;
-  u_int32_t crc;
+  krb5_error_code ret;

-  if (auth_result)
-    *auth_result = auth;
  auth->authenticator_vno = 5;
-  auth->crealm = malloc(client->realm.length + 1);
-  strncpy(auth->crealm, client->realm.data, client->realm.length);
-  auth->crealm[client->realm.length] = '\0';
-  krb5_principal2principalname(&auth->cname, client);
+  auth->crealm = malloc(cred->client->realm.length + 1);
+  strncpy(auth->crealm, cred->client->realm.data, cred->client->realm.length);
+  auth->crealm[cred->client->realm.length] = '\0';
+  krb5_principal2principalname(&auth->cname, cred->client);

  gettimeofday(&tv, NULL);
  auth->cusec = tv.tv_usec;
@@ -33,10 +29,34 @@ krb5_build_authenticator (krb5_context context,
  auth->authorization_data = NULL;
  auth->cksum = cksum;

+  /* XXX - Copy more to auth_context? */
+
+  if (auth_context) {
+    auth_context->authenticator->cusec = tv.tv_usec;
+    auth_context->authenticator->ctime = tv.tv_sec;
+  }
+
  memset (buf, 0, sizeof(buf));
+  len = encode_Authenticator (buf + sizeof(buf) - 1, sizeof(buf), auth);
+
+  ret = krb5_encrypt (context, buf + sizeof(buf) - len, len, &cred->session, result);
+
+  if (auth_result)
+    *auth_result = auth;
+  else
+    free (auth);
+  return ret;
+}
+#if 0
+
+  /*
  len = encode_Authenticator(buf + sizeof(buf) - 9,
 			     sizeof(buf) - 8 - 12,
 			     auth);
+
+			     */
+  
+
  p = buf + sizeof(buf) - 8 - len;
  
  p -= 12;
@@ -54,5 +74,7 @@ krb5_build_authenticator (krb5_context context,
  result->length = len;
  result->data = malloc(len);
  memcpy(result->data, p, len);
-  return 0;
+
 }
+
+#endif
--- a/lib/krb5/mk_rep.c
+++ b/lib/krb5/mk_rep.c
@@ -22,10 +22,16 @@ krb5_mk_rep(krb5_context context,
  body.subkey = NULL;
  body.seq_number = NULL;

-  ap.enc_part.etype = 1;	/* XXX */
+  ap.enc_part.etype = (*auth_context)->key.keytype;
  ap.enc_part.kvno  = NULL;
  len = encode_EncAPRepPart (buf + sizeof(buf) - 1,
 			     sizeof(buf), &body);
+  ret = krb5_encrypt (context, buf + sizeof(buf) - len, len,
+		      &(*auth_context)->key, &ap.enc_part.cipher);
+  if (ret)
+    return ret;
+
+#if 0
  len += 12;			/* XXX */
  ap.enc_part.cipher.length = len;
  ap.enc_part.cipher.data   = malloc(len);
@@ -38,6 +44,7 @@ krb5_mk_rep(krb5_context context,
 		   ap.enc_part.cipher.data,
 		   ap.enc_part.cipher.length,
 		   schedule, &key, DES_ENCRYPT);
+#endif

  len = encode_AP_REP (buf + sizeof(buf) - 1,
 		       sizeof(buf), &ap);