From df9b71b72459612d2226c1dcc0db002e08333b7a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 20 Apr 2007 17:33:59 +0000
Subject: [PATCH] move where hash is calculated to make it easier to add ccache
 support.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20479 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/gssapi/ntlm/init_sec_context.c | 25 +++++++++----------------
 1 file changed, 9 insertions(+), 16 deletions(-)

diff --git a/lib/gssapi/ntlm/init_sec_context.c b/lib/gssapi/ntlm/init_sec_context.c
index 029116ffb..cea8b357b 100644
--- a/lib/gssapi/ntlm/init_sec_context.c
+++ b/lib/gssapi/ntlm/init_sec_context.c
@@ -118,6 +118,7 @@ _gss_ntlm_init_sec_context
 	struct ntlm_type1 type1;
 	struct ntlm_buf data;
 	uint32_t flags = 0;
+	char *password;
 	
 	ctx = calloc(1, sizeof(*ctx));
 	if (ctx == NULL) {
@@ -126,13 +127,17 @@ _gss_ntlm_init_sec_context
 	}
 	*context_handle = (gss_ctx_id_t)ctx;
 
-	ret = get_userinfo(name->domain, &ctx->username, &ctx->password);
+	ret = get_userinfo(name->domain, &ctx->username, &password);
 	if (ret) {
 	    _gss_ntlm_delete_sec_context(minor_status, context_handle, NULL);
 	    *minor_status = ret;
 	    return GSS_S_FAILURE;
 	}
 
+	heim_ntlm_nt_key(password, &ctx->key);
+	memset(password, 0, strlen(password));
+	free(password);
+
 	if (req_flags & GSS_C_CONF_FLAG)
 	    flags |= NTLM_NEG_SEAL;
 	if (req_flags & GSS_C_INTEG_FLAG)
@@ -199,13 +204,9 @@ _gss_ntlm_init_sec_context
 	 */
 
 	if (1 || type2.targetinfo.length == 0) {
-	    struct ntlm_buf key;
 	    struct ntlm_buf sessionkey;
 	    unsigned char challange[8];
 
-	    heim_ntlm_nt_key(ctx->password, &key);
-	    memset(ctx->password, 0, strlen(ctx->password));
-
 	    if (type2.flags & NTLM_NEG_NTLM2_SESSION) {
 		unsigned char sessionhash[MD5_DIGEST_LENGTH];
 		MD5_CTX md5ctx;
@@ -238,15 +239,13 @@ _gss_ntlm_init_sec_context
 	    }
 
 
-	    heim_ntlm_calculate_ntlm1(key.data, key.length,
+	    heim_ntlm_calculate_ntlm1(ctx->key.data, ctx->key.length,
 				      challange,
 				      &type3.ntlm);
 
-	    ret = heim_ntlm_build_ntlm1_master(key.data, key.length,
+	    ret = heim_ntlm_build_ntlm1_master(ctx->key.data, ctx->key.length,
 					       &sessionkey,
 					       &type3.sessionkey);
-	    memset(key.data, 0, key.length);
-	    free(key.data);
 	    if (ret) {
 		if (type3.lm.data)
 		    free(type3.lm.data);
@@ -268,7 +267,6 @@ _gss_ntlm_init_sec_context
 	    ctx->status |= STATUS_SESSIONKEY; 
 
 	} else {
-	    struct ntlm_buf key;
 	    struct ntlm_buf sessionkey;
 	    unsigned char ntlmv2[16];
 	    struct ntlm_targetinfo ti;
@@ -290,18 +288,13 @@ _gss_ntlm_init_sec_context
 		return GSS_S_FAILURE;
 	    }
 
-	    heim_ntlm_nt_key(ctx->password, &key);
-	    memset(ctx->password, 0, strlen(ctx->password));
-
-	    ret = heim_ntlm_calculate_ntlm2(key.data, key.length,
+	    ret = heim_ntlm_calculate_ntlm2(ctx->key.data, ctx->key.length,
 					    ctx->username,
 					    name->domain,
 					    type2.challange,
 					    &type2.targetinfo,
 					    ntlmv2,
 					    &type3.ntlm);
-	    memset(key.data, 0, key.length);
-	    free(key.data);
 	    if (ret) {
 		_gss_ntlm_delete_sec_context(minor_status, 
 					     context_handle, NULL);