rpms / gssproxy

Clone
Source Code
GIT

Blame SOURCES/Always-use-the-encype-we-selected.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   45f3a6ea7096cc1cd77239438662b56ff1c0de4a
  2.   SOURCES
  3.   Always-use-the-encype-we-selected.patch
Blob History Raw
472fdf 
From d8166808a98fd1c3772de5d75e27656ed2ab124d Mon Sep 17 00:00:00 2001
472fdf 
From: Simo Sorce <simo@redhat.com>
472fdf 
Date: Tue, 27 Feb 2018 11:59:25 -0500
472fdf 
Subject: [PATCH] Always use the encype we selected
472fdf
472fdf 
The enctype is selected from the keytab or from the fallback code.
472fdf 
Either way make sure to use the enctype stored in the key block.
472fdf
472fdf 
Signed-off-by: Simo Sorce <simo@redhat.com>
472fdf 
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
472fdf 
Merges: #226
472fdf 
(cherry picked from commit d73c96d658059ce64ecd41ff2924071d86f2b54f)
472fdf 
---
472fdf 
 proxy/src/gp_export.c | 7 +++----
472fdf 
 1 file changed, 3 insertions(+), 4 deletions(-)
472fdf
472fdf 
diff --git a/proxy/src/gp_export.c b/proxy/src/gp_export.c
472fdf 
index c9f5fd4..5e8e160 100644
472fdf 
--- a/proxy/src/gp_export.c
472fdf 
+++ b/proxy/src/gp_export.c
472fdf 
@@ -168,11 +168,10 @@ uint32_t gp_init_creds_handle(uint32_t *min, const char *svc_name,
472fdf 
                                  GP_CREDS_HANDLE_KEY_ENCTYPE, 0,
472fdf 
                                  &handle->key);
472fdf 
         if (ret == 0) {
472fdf 
-            ret = krb5_c_make_random_key(handle->context,
472fdf 
-                                         GP_CREDS_HANDLE_KEY_ENCTYPE,
472fdf 
+            ret = krb5_c_make_random_key(handle->context, handle->key->enctype,
472fdf 
                                          handle->key);
472fdf 
             GPDEBUG("Service: %s, Enckey: [ephemeral], Enctype: %d\n",
472fdf 
-                    svc_name, GP_CREDS_HANDLE_KEY_ENCTYPE);
472fdf 
+                    svc_name, handle->key->enctype);
472fdf 
         }
472fdf 
         if (ret) {
472fdf 
             ret_min = ret;
472fdf 
@@ -254,7 +253,7 @@ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
472fdf
472fdf 
     memset(&enc_handle, '\0', sizeof(krb5_enc_data));
472fdf
472fdf 
-    enc_handle.enctype = GP_CREDS_HANDLE_KEY_ENCTYPE;
472fdf 
+    enc_handle.enctype = key->enctype;
472fdf 
     enc_handle.ciphertext.data = in->octet_string_val;
472fdf 
     enc_handle.ciphertext.length = in->octet_string_len;
472fdf

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation