diff options
| author | Matthieu Patou <mat@matws.net> | 2010-08-15 18:31:28 +0400 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-10-03 01:15:04 +0000 |
| commit | ab6e3fce040f9ad27cbce44e9038a24f15b601c8 (patch) | |
| tree | ab99a431c9610927b5d0d26335d2712b509fd6dc /source4/heimdal/lib/hdb/mkey.c | |
| parent | 197a1514d62494cc8b862d169c841a26e04b8925 (diff) | |
| download | samba-ab6e3fce040f9ad27cbce44e9038a24f15b601c8.tar.gz samba-ab6e3fce040f9ad27cbce44e9038a24f15b601c8.tar.bz2 samba-ab6e3fce040f9ad27cbce44e9038a24f15b601c8.zip | |
s4:heimdal: import lorikeet-heimdal-201009250123 (commit 42cabfb5b683dbcb97d583c397b897507689e382)
I based this on Matthieu's import of lorikeet-heimdal, and then
updated it to this commit.
Andrew Bartlett
Diffstat (limited to 'source4/heimdal/lib/hdb/mkey.c')
| -rw-r--r-- | source4/heimdal/lib/hdb/mkey.c | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/source4/heimdal/lib/hdb/mkey.c b/source4/heimdal/lib/hdb/mkey.c index 360bb33a3a..760eccfd43 100644 --- a/source4/heimdal/lib/hdb/mkey.c +++ b/source4/heimdal/lib/hdb/mkey.c @@ -146,7 +146,7 @@ read_master_keytab(krb5_context context, const char *filename, /* read a MIT master keyfile */ static krb5_error_code read_master_mit(krb5_context context, const char *filename, - hdb_master_key *mkey) + int byteorder, hdb_master_key *mkey) { int fd; krb5_error_code ret; @@ -166,20 +166,16 @@ read_master_mit(krb5_context context, const char *filename, close(fd); return errno; } - krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER); + krb5_storage_set_flags(sp, byteorder); /* could possibly use ret_keyblock here, but do it with more checks for now */ { ret = krb5_ret_int16(sp, &enctype); if (ret) goto out; - if((htons(enctype) & 0xff00) == 0x3000) { - ret = HEIM_ERR_BAD_MKEY; - krb5_set_error_message(context, ret, "unknown keytype in %s: " - "%#x, expected %#x", - filename, htons(enctype), 0x3000); - goto out; - } + ret = krb5_enctype_valid(context, enctype); + if (ret) + goto out; key.keytype = enctype; ret = krb5_ret_data(sp, &key.keyvalue); if(ret) @@ -330,7 +326,14 @@ hdb_read_master_key(krb5_context context, const char *filename, } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) { ret = read_master_keytab(context, filename, mkey); } else { - ret = read_master_mit(context, filename, mkey); + /* + * Check both LittleEndian and BigEndian since they key file + * might be moved from a machine with diffrent byte order, or + * its running on MacOS X that always uses BE master keys. + */ + ret = read_master_mit(context, filename, KRB5_STORAGE_BYTEORDER_LE, mkey); + if (ret) + ret = read_master_mit(context, filename, KRB5_STORAGE_BYTEORDER_BE, mkey); } return ret; } |