From 0e27b06f717da888f7959d9f44e940f646e9551c Mon Sep 17 00:00:00 2001
From: Karl Ramm <kcr@mit.edu>
Date: Thu, 25 Dec 2008 21:00:13 +0000
Subject: hack at traditional heimdal crypto

---
 configure      |  3 ++-
 configure.in   |  2 +-
 h/config.h.in  |  3 +++
 server/bdump.c | 18 ++++++++++++++++++
 4 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/configure b/configure
index 44b9778..fd0033e 100755
--- a/configure
+++ b/configure
@@ -26362,7 +26362,8 @@ fi
 done
 
 
-for ac_func in krb5_crypto_init
+
+for ac_func in krb5_crypto_init krb5_c_decrypt
 do
 as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
 { echo "$as_me:$LINENO: checking for $ac_func" >&5
diff --git a/configure.in b/configure.in
index 7768afa..72e9dd5 100644
--- a/configure.in
+++ b/configure.in
@@ -130,7 +130,7 @@ AC_FUNC_SETPGRP
 AC_CHECK_FUNCS(putenv strchr memcpy memmove waitpid getlogin strerror random)
 AC_CHECK_FUNCS(lrand48 gethostid getsid getpgid krb_get_err_text krb_log)
 AC_CHECK_FUNCS(krb5_free_data krb5_c_make_checksum krb5_cc_set_default_name)
-AC_CHECK_FUNCS(krb5_crypto_init)
+AC_CHECK_FUNCS(krb5_crypto_init krb5_c_decrypt)
 
 AC_MSG_CHECKING(for krb5_auth_con_getauthenticator taking double pointer)
 AC_CACHE_VAL(ac_cv_krb5_auth_con_getauthenticator_takes_double_pointer, [
diff --git a/h/config.h.in b/h/config.h.in
index ec4faad..bf03675 100644
--- a/h/config.h.in
+++ b/h/config.h.in
@@ -23,6 +23,9 @@
 /* Define to 1 if you have the `krb5_crypto_init' function. */
 #undef HAVE_KRB5_CRYPTO_INIT
 
+/* Define to 1 if you have the `krb5_c_decrypt' function. */
+#undef HAVE_KRB5_C_DECRYPT
+
 /* Define to 1 if `krb5_auth_con_getauthenticator' takes a double pointer third arg. */
 #undef KRB5_AUTH_CON_GETAUTHENTICATOR_TAKES_DOUBLE_POINTER
 
diff --git a/server/bdump.c b/server/bdump.c
index 8df2e87..76f83e6 100644
--- a/server/bdump.c
+++ b/server/bdump.c
@@ -1677,6 +1677,7 @@ setup_file_pointers (void)
 static int des_service_decrypt(unsigned char *in, unsigned char *out) {
 #ifndef HAVE_KRB4
     krb5_data dout;
+#ifdef HAS_KRB5_C_DECRYPT
     krb5_enc_data din;
 
     dout.length = 8;
@@ -1691,6 +1692,23 @@ static int des_service_decrypt(unsigned char *in, unsigned char *out) {
 #else
     return krb5_c_decrypt(Z_krb5_ctx, server_key, 0, 0, &din, &dout);
 #endif
+#elif defined(HAVE_KRB5_CRYPTO_INIT)
+    int ret;
+    krb5_crypto crypto;
+
+    dout.length = 8;
+    dout.data = out;
+
+    ret = krb5_crypto_init(Z_krb5_ctx, server_key, Z_enctype(server_key), &crypto);
+    if (ret)
+	return ret;
+
+    ret = krb5_decrypt_ivec(Z_krb5_ctx, crypto, 0, in, 8, &dout, NULL);
+
+    krb5_crypto_destroy(Z_krb5_ctx, crypto);
+
+    return ret;
+#endif
 #else
     des_ecb_encrypt((C_Block *)in, (C_Block *)out, serv_ksched.s, DES_DECRYPT);
     return 0; /* sigh */
-- 
cgit v1.2.3