summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2008-08-08 15:22:39 +0200
committerStefan Metzmacher <metze@samba.org>2008-08-08 15:29:16 +0200
commit610b1ada1535b2ae1b38adde4de112ee6dc23a2c (patch)
treef95f2716e983e1e4e4565a1030e438ebe9175a45
parent4ad02f51857322b3d63b435f1e3ea60ead2e1993 (diff)
downloadsamba-610b1ada1535b2ae1b38adde4de112ee6dc23a2c.tar.gz
samba-610b1ada1535b2ae1b38adde4de112ee6dc23a2c.tar.bz2
samba-610b1ada1535b2ae1b38adde4de112ee6dc23a2c.zip
krb5: always generate the acceptor subkey as the same enctype as the used service key
With this patch samba4 can use gsskrb5_get_subkey() to get the session key. metze (This used to be commit dbb94133e0313cae933d261af0bf1210807a6d11)
-rw-r--r--source4/heimdal/lib/krb5/rd_req.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/source4/heimdal/lib/krb5/rd_req.c b/source4/heimdal/lib/krb5/rd_req.c
index ddf1f69ae4..e80aaa6789 100644
--- a/source4/heimdal/lib/krb5/rd_req.c
+++ b/source4/heimdal/lib/krb5/rd_req.c
@@ -463,6 +463,8 @@ krb5_verify_ap_req2(krb5_context context,
ac->keytype = ETYPE_NULL;
+#if 0
+/* it's bad to use a different enctype as the client */
if (etypes.val) {
int i;
@@ -473,6 +475,7 @@ krb5_verify_ap_req2(krb5_context context,
}
}
}
+#endif
/* save key */
ret = krb5_copy_keyblock(context, &t->ticket.key, &ac->keyblock);