oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

(add_padata): loop over all enctypes instead of just taking the first

Browse Source 
one.  fix all callers.  From "Brandon S. Allbery KF8NH"
<allbery@kf8nh.apk.net>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5987 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1999-04-19 10:26:01 +00:00
parent f67c5d0577
commit f4020ed93d
1 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
lib/krb5/get_in_tkt.c
View File

@@ -352,20 +352,33 @@ add_padata(krb5_context context,
krb5_principal client, krb5_principal client,
krb5_key_proc key_proc, krb5_key_proc key_proc,
krb5_const_pointer keyseed, krb5_const_pointer keyseed,
krb5_enctype enctype, krb5_enctype *enctypes,
unsigned netypes,
krb5_salt *salt) krb5_salt *salt)
{ {
krb5_error_code ret; krb5_error_code ret;
PA_DATA *pa2; PA_DATA *pa2;
krb5_keyblock *key; krb5_keyblock *key;
krb5_salt salt2; krb5_salt salt2;
krb5_enctype *ep;
if(salt == NULL) { if(salt == NULL) {
/* default to standard salt */ /* default to standard salt */
ret = krb5_get_pw_salt (context, client, &salt2); ret = krb5_get_pw_salt (context, client, &salt2);
salt = &salt2; salt = &salt2;
} }
ret = (*key_proc)(context, enctype, *salt, keyseed, &key); if (!enctypes) {
enctypes = context->etypes; /* XXX */
netypes = 0;
for (ep = enctypes; *ep != ETYPE_NULL; ep++)
netypes++;
}
while (netypes--) {
ret = (*key_proc)(context, *enctypes, *salt, keyseed, &key);
if (ret != KRB5_KT_NOTFOUND)
break;
enctypes++;
}
if(salt == &salt2) if(salt == &salt2)
krb5_free_salt(context, salt2); krb5_free_salt(context, salt2);
if (ret) if (ret)
@@ -374,7 +387,7 @@ add_padata(krb5_context context,
if(pa2 == NULL) if(pa2 == NULL)
return ENOMEM; return ENOMEM;
md->val = pa2; md->val = pa2;
ret = make_pa_enc_timestamp(context, &md->val[md->len], enctype, key); ret = make_pa_enc_timestamp(context, &md->val[md->len], *enctypes, key);
krb5_free_keyblock (context, key); krb5_free_keyblock (context, key);
if(ret) if(ret)
return ret; return ret;
@@ -397,7 +410,6 @@ init_as_req (krb5_context context,
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_salt salt; krb5_salt salt;
krb5_enctype etype;
memset(a, 0, sizeof(*a)); memset(a, 0, sizeof(*a));
@@ -452,8 +464,6 @@ init_as_req (krb5_context context,
if (ret) if (ret)
goto fail; goto fail;
etype = a->req_body.etype.val[0]; /* XXX */
a->req_body.addresses = malloc(sizeof(*a->req_body.addresses)); a->req_body.addresses = malloc(sizeof(*a->req_body.addresses));
if (a->req_body.addresses == NULL) { if (a->req_body.addresses == NULL) {
ret = ENOMEM; ret = ENOMEM;
@@ -504,7 +514,7 @@ init_as_req (krb5_context context,
krb5_data_zero(&salt.saltvalue); krb5_data_zero(&salt.saltvalue);
add_padata(context, a->padata, creds->client, add_padata(context, a->padata, creds->client,
key_proc, keyseed, key_proc, keyseed,
preauth->val[i].info.val[j].etype, &preauth->val[i].info.val[j].etype, 1,
sp); sp);
} }
} }
@@ -524,13 +534,15 @@ init_as_req (krb5_context context,
/* make a v5 salted pa-data */ /* make a v5 salted pa-data */
add_padata(context, a->padata, creds->client, add_padata(context, a->padata, creds->client,
key_proc, keyseed, etype, NULL); key_proc, keyseed, a->req_body.etype.val,
a->req_body.etype.len, NULL);
/* make a v4 salted pa-data */ /* make a v4 salted pa-data */
salt.salttype = KRB5_PW_SALT; salt.salttype = KRB5_PW_SALT;
krb5_data_zero(&salt.saltvalue); krb5_data_zero(&salt.saltvalue);
add_padata(context, a->padata, creds->client, add_padata(context, a->padata, creds->client,
key_proc, keyseed, etype, &salt); key_proc, keyseed, a->req_body.etype.val,
a->req_body.etype.len, &salt);
} else { } else {
ret = KRB5_PREAUTH_BAD_TYPE; ret = KRB5_PREAUTH_BAD_TYPE;
goto fail; goto fail;