summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/krb5
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2009-11-17 15:36:48 +1100
committerAndrew Bartlett <abartlet@samba.org>2009-11-17 16:21:29 +1100
commitdc351a579dbdffc5505205d3e1d5548f5e62336e (patch)
tree4d8d77db2520d23620ad292b39e9a39532d3aa77 /source4/heimdal/lib/krb5
parentb9e262c51261af275db4d0e7e6e2c7318a41bed0 (diff)
downloadsamba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.gz
samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.bz2
samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.zip
s4:heimdal: import lorikeet-heimdal-200911170333 (commit b532c294d974cead40a1183c71be644c6ccc2832)
This fixes up connections to Windows 2003, because the previous import had a broken arcfour-hmac-md5 implementation (fixed in Heimdal 316fc6ff8ffb0cbb1ef3689685e9977c37405bc4) Andrew Bartlett
Diffstat (limited to 'source4/heimdal/lib/krb5')
-rw-r--r--source4/heimdal/lib/krb5/crypto.c1
-rw-r--r--source4/heimdal/lib/krb5/get_cred.c19
2 files changed, 7 insertions, 13 deletions
diff --git a/source4/heimdal/lib/krb5/crypto.c b/source4/heimdal/lib/krb5/crypto.c
index 68233c290d..8cc7b06026 100644
--- a/source4/heimdal/lib/krb5/crypto.c
+++ b/source4/heimdal/lib/krb5/crypto.c
@@ -2386,7 +2386,6 @@ usage2arcfour (krb5_context context, unsigned *usage)
{
switch (*usage) {
case KRB5_KU_AS_REP_ENC_PART : /* 3 */
- case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : /* 9 */
*usage = 8;
return 0;
case KRB5_KU_USAGE_SEAL : /* 22 */
diff --git a/source4/heimdal/lib/krb5/get_cred.c b/source4/heimdal/lib/krb5/get_cred.c
index 63152bbfa6..7072137338 100644
--- a/source4/heimdal/lib/krb5/get_cred.c
+++ b/source4/heimdal/lib/krb5/get_cred.c
@@ -244,16 +244,12 @@ init_tgs_req (krb5_context context,
if(ret)
goto fail;
- ret = krb5_generate_subkey_extended(context, &krbtgt->session,
- ETYPE_NULL, &key);
+ ret = krb5_auth_con_generatelocalsubkey(context, ac, &krbtgt->session);
if (ret)
goto fail;
- ret = krb5_auth_con_setlocalsubkey(context, ac, key);
- if (ret)
- goto fail;
-
- ret = set_auth_data (context, &t->req_body, &in_creds->authdata, key);
+ ret = set_auth_data (context, &t->req_body, &in_creds->authdata,
+ ac->local_subkey);
if (ret)
goto fail;
@@ -265,12 +261,11 @@ init_tgs_req (krb5_context context,
if(ret)
goto fail;
- *subkey = key;
- key = NULL;
-
+ ret = krb5_auth_con_getlocalsubkey(context, ac, subkey);
+ if (ret)
+ goto fail;
+
fail:
- if (key)
- krb5_free_keyblock (context, key);
if (ac)
krb5_auth_con_free(context, ac);
if (ret) {