diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-11-08 11:57:08 +0100 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2018-02-20 12:52:17 +0100 |
commit | 8ac00b066c893f9da5ac44f9391e41ad018d08bc (patch) | |
tree | c97baacc2e40e45ec87cb70d3c119a9e680f2b2c /source4 | |
parent | 9f3571aa20a209901c6ab7c776200afeac54eca4 (diff) | |
download | samba-8ac00b066c893f9da5ac44f9391e41ad018d08bc.tar.gz |
HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key
Currently the value is the same anyway as the session key is always of the
same type as server key up to now, but that will change shortly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13135
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Diffstat (limited to 'source4')
-rw-r--r-- | source4/heimdal/kdc/kerberos5.c | 5 | ||||
-rw-r--r-- | source4/heimdal/kdc/krb5tgs.c | 2 |
2 files changed, 3 insertions, 4 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index 3282d5e0800..db2c6262116 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -322,7 +322,6 @@ krb5_error_code _kdc_encode_reply(krb5_context context, krb5_kdc_configuration *config, KDC_REP *rep, const EncTicketPart *et, EncKDCRepPart *ek, - krb5_enctype etype, int skvno, const EncryptionKey *skey, int ckvno, const EncryptionKey *reply_key, int rk_is_subkey, @@ -349,7 +348,7 @@ _kdc_encode_reply(krb5_context context, return KRB5KRB_ERR_GENERIC; } - ret = krb5_crypto_init(context, skey, etype, &crypto); + ret = krb5_crypto_init(context, skey, 0, &crypto); if (ret) { const char *msg; free(buf); @@ -1720,7 +1719,7 @@ _kdc_as_rep(krb5_context context, log_as_req(context, config, reply_key->keytype, setype, b); ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, setype, server->entry.kvno, + &rep, &et, &ek, server->entry.kvno, &skey->key, client->entry.kvno, reply_key, 0, &e_text, reply); free_EncTicketPart(&et); diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index d59eb9731be..a71cfbff66c 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -987,7 +987,7 @@ tgs_make_reply(krb5_context context, etype list, even if we don't want a session key with DES3? */ ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, et.key.keytype, + &rep, &et, &ek, kvno, serverkey, 0, replykey, rk_is_subkey, e_text, reply); |