From: Karolin Seeger Date: Wed, 21 Feb 2018 09:15:22 +0000 (+0100) Subject: Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the... X-Git-Tag: samba-4.6.15~46 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb65808bb2d1daf5bbf56b59ac3d9501da101cb4;p=thirdparty%2Fsamba.git Revert "HEIMDAL:kdc: let _kdc_encode_reply() use the encryption type based on the server key" This reverts commit 03484706e4ff546fc7fe41124d896e9f7840fe80. --- diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c index db2c6262116..3282d5e0800 100644 --- a/source4/heimdal/kdc/kerberos5.c +++ b/source4/heimdal/kdc/kerberos5.c @@ -322,6 +322,7 @@ krb5_error_code _kdc_encode_reply(krb5_context context, krb5_kdc_configuration *config, KDC_REP *rep, const EncTicketPart *et, EncKDCRepPart *ek, + krb5_enctype etype, int skvno, const EncryptionKey *skey, int ckvno, const EncryptionKey *reply_key, int rk_is_subkey, @@ -348,7 +349,7 @@ _kdc_encode_reply(krb5_context context, return KRB5KRB_ERR_GENERIC; } - ret = krb5_crypto_init(context, skey, 0, &crypto); + ret = krb5_crypto_init(context, skey, etype, &crypto); if (ret) { const char *msg; free(buf); @@ -1719,7 +1720,7 @@ _kdc_as_rep(krb5_context context, log_as_req(context, config, reply_key->keytype, setype, b); ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, server->entry.kvno, + &rep, &et, &ek, setype, server->entry.kvno, &skey->key, client->entry.kvno, reply_key, 0, &e_text, reply); free_EncTicketPart(&et); diff --git a/source4/heimdal/kdc/krb5tgs.c b/source4/heimdal/kdc/krb5tgs.c index a71cfbff66c..d59eb9731be 100644 --- a/source4/heimdal/kdc/krb5tgs.c +++ b/source4/heimdal/kdc/krb5tgs.c @@ -987,7 +987,7 @@ tgs_make_reply(krb5_context context, etype list, even if we don't want a session key with DES3? */ ret = _kdc_encode_reply(context, config, - &rep, &et, &ek, + &rep, &et, &ek, et.key.keytype, kvno, serverkey, 0, replykey, rk_is_subkey, e_text, reply);