From: Marc Horowitz Date: Tue, 27 Oct 1998 08:08:29 +0000 (+0000) Subject: do the old protocol compatibly: don't pass an ivec to the underlying X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=01b6391bc2da51fc1629eccb6278138fcbc5aa88;p=thirdparty%2Fkrb5.git do the old protocol compatibly: don't pass an ivec to the underlying encryption functions if the enctype is similar to DES. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/marc-3des@10995 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c index 8cbaccad50..5b448c8567 100644 --- a/src/appl/bsd/kcmd.c +++ b/src/appl/bsd/kcmd.c @@ -723,6 +723,7 @@ void rcmd_stream_init_krb5(in_keyblock, encrypt_flag, lencheck) { krb5_error_code status; size_t blocksize; + krb5_boolean similar; if (!encrypt_flag) { rcmd_stream_init_normal(); @@ -736,6 +737,18 @@ void rcmd_stream_init_krb5(in_keyblock, encrypt_flag, lencheck) input = v5_des_read; output = v5_des_write; + if (status = krb5_c_enctype_compare(bsd_context, ENCTYPE_DES_CBC_CRC, + keyblock->enctype, + &similar)) { + /* XXX what do I do? */ + abort(); + } + + if (similar) { + encivec.length = 0; + return; + } + if (status = krb5_c_block_size(bsd_context, keyblock->enctype, &blocksize)) { /* XXX what do I do? */ @@ -866,7 +879,8 @@ static int v5_des_read(fd, buf, len) plain.data = storage; /* decrypt info */ - if (krb5_c_decrypt(bsd_context, keyblock, KCMD_KEYUSAGE, &encivec, + if (krb5_c_decrypt(bsd_context, keyblock, KCMD_KEYUSAGE, + encivec.length?&encivec:0, &cipher, &plain)) { /* probably out of sync */ errno = EIO; @@ -905,7 +919,8 @@ static int v5_des_write(fd, buf, len) cipher.ciphertext.length = sizeof(des_outpkt)-4; cipher.ciphertext.data = desoutbuf.data; - if (krb5_c_encrypt(bsd_context, keyblock, KCMD_KEYUSAGE, &encivec, + if (krb5_c_encrypt(bsd_context, keyblock, KCMD_KEYUSAGE, + encivec.length?&encivec:0, &plain, &cipher)) { errno = EIO; return(-1);