From 26421fb2dc995c4fc10195f451c4d7dce07034bf Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 13 Feb 2006 00:08:16 +0000
Subject: r13481: As far as I can tell, my changes in -r 12863 were dangerously
 untested.

We do need the gsskrb5_get_initiator_subkey() routine.  But we should
ensure that we do always get a valid key, to prevent any segfaults.

Without this code, we get a different session key compared with
Win2k3, and so kerberised smb signing fails.

Andrew Bartlett
(This used to be commit cfd0df16b74b0432670b33c7bf26316b741b1bde)
---
 source4/heimdal/lib/gssapi/gssapi.h | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'source4/heimdal/lib/gssapi/gssapi.h')

diff --git a/source4/heimdal/lib/gssapi/gssapi.h b/source4/heimdal/lib/gssapi/gssapi.h
index 6d48359b32..b93ad4e481 100644
--- a/source4/heimdal/lib/gssapi/gssapi.h
+++ b/source4/heimdal/lib/gssapi/gssapi.h
@@ -815,8 +815,10 @@ gsskrb5_extract_authtime_from_sec_context(OM_uint32 *minor_status,
 					  gss_ctx_id_t context_handle,
 					  time_t *authtime);
 OM_uint32
-gss_krb5_get_subkey(const gss_ctx_id_t context_handle,
-		    struct EncryptionKey **key);
+gsskrb5_get_initiator_subkey
+        (OM_uint32 * /*minor_status*/,
+	 const gss_ctx_id_t context_handle,
+	 gss_buffer_t /* subkey */);
 
 #define GSS_C_KRB5_COMPAT_DES3_MIC 1
 
-- 
cgit