diff options
| author |  Karl Ramm <kcr@mit.edu> | 2008-12-25 21:00:13 +0000 |
|---|---|---|
| committer | Karl Ramm <kcr@mit.edu> | 2008-12-25 21:00:13 +0000 |
| commit | 0e27b06f717da888f7959d9f44e940f646e9551c (patch) | |
| tree | 7411d058bf3e2396fa04d8f4fdb4fb530d091cbd | |
| parent | 1e7536c431c7915086bad850b3dc78f0e6ee8ff8 (diff) | |
hack at traditional heimdal crypto
| -rwxr-xr-x | configure | 3 | ||||
| -rw-r--r-- | configure.in | 2 | ||||
| -rw-r--r-- | h/config.h.in | 3 | ||||
| -rw-r--r-- | server/bdump.c | 18 |
4 files changed, 24 insertions, 2 deletions
@@ -26362,7 +26362,8 @@ fi done -for ac_func in krb5_crypto_init + +for ac_func in krb5_crypto_init krb5_c_decrypt do as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` { echo "$as_me:$LINENO: checking for $ac_func" >&5 diff --git a/configure.in b/configure.in index 7768afa..72e9dd5 100644 --- a/configure.in +++ b/configure.in @@ -130,7 +130,7 @@ AC_FUNC_SETPGRP AC_CHECK_FUNCS(putenv strchr memcpy memmove waitpid getlogin strerror random) AC_CHECK_FUNCS(lrand48 gethostid getsid getpgid krb_get_err_text krb_log) AC_CHECK_FUNCS(krb5_free_data krb5_c_make_checksum krb5_cc_set_default_name) -AC_CHECK_FUNCS(krb5_crypto_init) +AC_CHECK_FUNCS(krb5_crypto_init krb5_c_decrypt) AC_MSG_CHECKING(for krb5_auth_con_getauthenticator taking double pointer) AC_CACHE_VAL(ac_cv_krb5_auth_con_getauthenticator_takes_double_pointer, [ diff --git a/h/config.h.in b/h/config.h.in index ec4faad..bf03675 100644 --- a/h/config.h.in +++ b/h/config.h.in @@ -23,6 +23,9 @@ /* Define to 1 if you have the `krb5_crypto_init' function. */ #undef HAVE_KRB5_CRYPTO_INIT +/* Define to 1 if you have the `krb5_c_decrypt' function. */ +#undef HAVE_KRB5_C_DECRYPT + /* Define to 1 if `krb5_auth_con_getauthenticator' takes a double pointer third arg. */ #undef KRB5_AUTH_CON_GETAUTHENTICATOR_TAKES_DOUBLE_POINTER diff --git a/server/bdump.c b/server/bdump.c index 8df2e87..76f83e6 100644 --- a/server/bdump.c +++ b/server/bdump.c @@ -1677,6 +1677,7 @@ setup_file_pointers (void) static int des_service_decrypt(unsigned char *in, unsigned char *out) { #ifndef HAVE_KRB4 krb5_data dout; +#ifdef HAS_KRB5_C_DECRYPT krb5_enc_data din; dout.length = 8; @@ -1691,6 +1692,23 @@ static int des_service_decrypt(unsigned char *in, unsigned char *out) { #else return krb5_c_decrypt(Z_krb5_ctx, server_key, 0, 0, &din, &dout); #endif +#elif defined(HAVE_KRB5_CRYPTO_INIT) + int ret; + krb5_crypto crypto; + + dout.length = 8; + dout.data = out; + + ret = krb5_crypto_init(Z_krb5_ctx, server_key, Z_enctype(server_key), &crypto); + if (ret) + return ret; + + ret = krb5_decrypt_ivec(Z_krb5_ctx, crypto, 0, in, 8, &dout, NULL); + + krb5_crypto_destroy(Z_krb5_ctx, crypto); + + return ret; +#endif #else des_ecb_encrypt((C_Block *)in, (C_Block *)out, serv_ksched.s, DES_DECRYPT); return 0; /* sigh */ |