krb5 commit [krb5-1.12]: Fix krb5int_c_combine_keys

Tom Yu tlyu at MIT.EDU
Fri Jun 27 12:34:51 EDT 2014


https://github.com/krb5/krb5/commit/c72126bf1a4a4e40006e1bc12dd5a3ef96d98aa2
commit c72126bf1a4a4e40006e1bc12dd5a3ef96d98aa2
Author: Ken Hornstein <kenh at cmf.nrl.navy.mil>
Date:   Tue May 20 14:50:22 2014 -0400

    Fix krb5int_c_combine_keys
    
    When krb5int_c_combine_keys was updated to use the new crypto
    interface, a small bug was introduced.  It turns out the temporary
    keyblock created needs to have its enctype set; otherwise, when
    krb5int_derive_keyblock() is called later, it will fail with
    KRB5_BAD_ENCTYPE.
    
    (cherry picked from commit 89803a5a781107365d5a4534eebf48dbaf010f96)
    
    ticket: 7914
    version_fixed: 1.12.2
    status: resolved

 src/lib/crypto/krb/combine_keys.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c
index 0c44e8b..9ab0ac4 100644
--- a/src/lib/crypto/krb/combine_keys.c
+++ b/src/lib/crypto/krb/combine_keys.c
@@ -155,6 +155,7 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
     randbits.data = (char *) rnd;
     tkeyblock.length = keylength;
     tkeyblock.contents = output;
+    tkeyblock.enctype = key1->enctype;
 
     ret = (*ktp->rand2key)(&randbits, &tkeyblock);
     if (ret)


More information about the cvs-krb5 mailing list