diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2009-11-17 15:36:48 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2009-11-17 16:21:29 +1100 |
| commit | dc351a579dbdffc5505205d3e1d5548f5e62336e (patch) | |
| tree | 4d8d77db2520d23620ad292b39e9a39532d3aa77 /source4/heimdal/lib/krb5 | |
| parent | b9e262c51261af275db4d0e7e6e2c7318a41bed0 (diff) | |
| download | samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.gz samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.tar.bz2 samba-dc351a579dbdffc5505205d3e1d5548f5e62336e.zip | |
s4:heimdal: import lorikeet-heimdal-200911170333 (commit b532c294d974cead40a1183c71be644c6ccc2832)
This fixes up connections to Windows 2003, because the previous import
had a broken arcfour-hmac-md5 implementation (fixed in Heimdal
316fc6ff8ffb0cbb1ef3689685e9977c37405bc4)
Andrew Bartlett
Diffstat (limited to 'source4/heimdal/lib/krb5')
| -rw-r--r-- | source4/heimdal/lib/krb5/crypto.c | 1 | ||||
| -rw-r--r-- | source4/heimdal/lib/krb5/get_cred.c | 19 |
2 files changed, 7 insertions, 13 deletions
diff --git a/source4/heimdal/lib/krb5/crypto.c b/source4/heimdal/lib/krb5/crypto.c index 68233c290d..8cc7b06026 100644 --- a/source4/heimdal/lib/krb5/crypto.c +++ b/source4/heimdal/lib/krb5/crypto.c @@ -2386,7 +2386,6 @@ usage2arcfour (krb5_context context, unsigned *usage) { switch (*usage) { case KRB5_KU_AS_REP_ENC_PART : /* 3 */ - case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY : /* 9 */ *usage = 8; return 0; case KRB5_KU_USAGE_SEAL : /* 22 */ diff --git a/source4/heimdal/lib/krb5/get_cred.c b/source4/heimdal/lib/krb5/get_cred.c index 63152bbfa6..7072137338 100644 --- a/source4/heimdal/lib/krb5/get_cred.c +++ b/source4/heimdal/lib/krb5/get_cred.c @@ -244,16 +244,12 @@ init_tgs_req (krb5_context context, if(ret) goto fail; - ret = krb5_generate_subkey_extended(context, &krbtgt->session, - ETYPE_NULL, &key); + ret = krb5_auth_con_generatelocalsubkey(context, ac, &krbtgt->session); if (ret) goto fail; - ret = krb5_auth_con_setlocalsubkey(context, ac, key); - if (ret) - goto fail; - - ret = set_auth_data (context, &t->req_body, &in_creds->authdata, key); + ret = set_auth_data (context, &t->req_body, &in_creds->authdata, + ac->local_subkey); if (ret) goto fail; @@ -265,12 +261,11 @@ init_tgs_req (krb5_context context, if(ret) goto fail; - *subkey = key; - key = NULL; - + ret = krb5_auth_con_getlocalsubkey(context, ac, subkey); + if (ret) + goto fail; + fail: - if (key) - krb5_free_keyblock (context, key); if (ac) krb5_auth_con_free(context, ac); if (ret) { |