krb5 commit [krb5-1.11]: Fix krb5int_c_combine_keys
Tom Yu
tlyu at mit.edu
Fri Feb 6 18:11:39 EST 2015
https://github.com/krb5/krb5/commit/60e6d8c3695dbdd2c1f0d7a737c68a408dc084b3
commit 60e6d8c3695dbdd2c1f0d7a737c68a408dc084b3
Author: Ken Hornstein <kenh at cmf.nrl.navy.mil>
Date: Tue May 20 14:50:22 2014 -0400
Fix krb5int_c_combine_keys
When krb5int_c_combine_keys was updated to use the new crypto
interface, a small bug was introduced. It turns out the temporary
keyblock created needs to have its enctype set; otherwise, when
krb5int_derive_keyblock() is called later, it will fail with
KRB5_BAD_ENCTYPE.
(cherry picked from commit 89803a5a781107365d5a4534eebf48dbaf010f96)
ticket: 8098 (new)
version_fixed: 1.11.6
status: resolved
src/lib/crypto/krb/combine_keys.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/src/lib/crypto/krb/combine_keys.c b/src/lib/crypto/krb/combine_keys.c
index d9235dd..baf39ff 100644
--- a/src/lib/crypto/krb/combine_keys.c
+++ b/src/lib/crypto/krb/combine_keys.c
@@ -155,6 +155,7 @@ krb5int_c_combine_keys(krb5_context context, krb5_keyblock *key1,
randbits.data = (char *) rnd;
tkeyblock.length = keylength;
tkeyblock.contents = output;
+ tkeyblock.enctype = key1->enctype;
ret = (*ktp->rand2key)(&randbits, &tkeyblock);
if (ret)
More information about the cvs-krb5
mailing list