Always use the encype we selected
This commit is contained in:
Robbie Harwood
parent
d6ea90094c
commit
c783ca786a
|
|
@ -0,0 +1,43 @@
|
|||
From 64bf7f099fe52a214794486d16e3383ff25e8682 Mon Sep 17 00:00:00 2001
|
||||
From: Simo Sorce <simo@redhat.com>
|
||||
Date: Tue, 27 Feb 2018 11:59:25 -0500
|
||||
Subject: [PATCH] Always use the encype we selected
|
||||
|
||||
The enctype is selected from the keytab or from the fallback code.
|
||||
Either way make sure to use the enctype stored in the key block.
|
||||
|
||||
Signed-off-by: Simo Sorce <simo@redhat.com>
|
||||
Reviewed-by: Robbie Harwood <rharwood@redhat.com>
|
||||
Merges: #226
|
||||
(cherry picked from commit d73c96d658059ce64ecd41ff2924071d86f2b54f)
|
||||
---
|
||||
src/gp_export.c | 7 +++----
|
||||
1 file changed, 3 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/gp_export.c b/src/gp_export.c
|
||||
index c9f5fd4..5e8e160 100644
|
||||
--- a/src/gp_export.c
|
||||
+++ b/src/gp_export.c
|
||||
@@ -168,11 +168,10 @@ uint32_t gp_init_creds_handle(uint32_t *min, const char *svc_name,
|
||||
GP_CREDS_HANDLE_KEY_ENCTYPE, 0,
|
||||
&handle->key);
|
||||
if (ret == 0) {
|
||||
- ret = krb5_c_make_random_key(handle->context,
|
||||
- GP_CREDS_HANDLE_KEY_ENCTYPE,
|
||||
+ ret = krb5_c_make_random_key(handle->context, handle->key->enctype,
|
||||
handle->key);
|
||||
GPDEBUG("Service: %s, Enckey: [ephemeral], Enctype: %d\n",
|
||||
- svc_name, GP_CREDS_HANDLE_KEY_ENCTYPE);
|
||||
+ svc_name, handle->key->enctype);
|
||||
}
|
||||
if (ret) {
|
||||
ret_min = ret;
|
||||
@@ -254,7 +253,7 @@ static int gp_decrypt_buffer(krb5_context context, krb5_keyblock *key,
|
||||
|
||||
memset(&enc_handle, '\0', sizeof(krb5_enc_data));
|
||||
|
||||
- enc_handle.enctype = GP_CREDS_HANDLE_KEY_ENCTYPE;
|
||||
+ enc_handle.enctype = key->enctype;
|
||||
enc_handle.ciphertext.data = in->octet_string_val;
|
||||
enc_handle.ciphertext.length = in->octet_string_len;
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
Name: gssproxy
|
||||
|
||||
Version: 0.8.0
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Summary: GSSAPI Proxy
|
||||
|
||||
Group: System Environment/Libraries
|
||||
|
|
@ -108,6 +108,9 @@ mkdir -p %{buildroot}%{gpstatedir}/rcache
|
|||
%systemd_postun_with_restart gssproxy.service
|
||||
|
||||
%changelog
|
||||
* Tue Feb 27 2018 Robbie Harwood <rharwood@redhat.com> - 0.8.0-2
|
||||
- Always use the encype we selected
|
||||
|
||||
* Fri Feb 09 2018 Robbie Harwood <rharwood@redhat.com> - 0.8.0-1
|
||||
- Release version 0.8.0
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue