void
redirect_errors(const char *who, afs_int32 code, const char *fmt, va_list ap)
{
+ krb5_context context;
+
if (who) {
fputs(who, stderr);
fputs(": ", stderr);
int freestr = 0;
char *str = (char *)afs_error_message(code);
if (strncmp(str, "unknown", strlen(str)) == 0) {
- str = krb5_get_error_message(NULL, code);
- freestr = 1;
+ if (!krb5_init_context(&context))
+ {
+ str = krb5_get_error_message(NULL, code);
+ freestr = 1;
+ }
}
fputs(str, stderr);
fputs(" ", stderr);
- if (freestr)
- krb5_free_error_message(NULL, str);
+ if (freestr) {
+ krb5_free_error_message(context, str);
+ krb5_free_context(context);
+ }
}
if (fmt) {
vfprintf(stderr, fmt, ap);
increds.client = client_principal;
increds.times.endtime = 0;
/* Ask for DES since that is what V4 understands */
- increds.session.keytype = ENCTYPE_DES_CBC_CRC;
+ if (c != NULL)
+ increds.session.keytype = ENCTYPE_DES_CBC_CRC;
r = krb5_get_credentials(context, 0, _krb425_ccache, &increds, creds);
if (r) {
atoken.kvno = RXKAD_TKT_TYPE_KERBEROS_V5;
atoken.startTime = v5cred->times.starttime;
atoken.endTime = v5cred->times.endtime;
- memcpy(&atoken.sessionKey, v5cred->session.keyvalue.data, v5cred->session.keyvalue.length);
+ if (tkt_DeriveDesKey(v5cred->session.keytype,
+ v5cred->session.keyvalue.data,
+ v5cred->session.keyvalue.length, &atoken.sessionKey)) {
+ status = AKLOG_MISC;
+ goto done;
+ }
atoken.ticketLen = v5cred->ticket.length;
memcpy(atoken.ticket, v5cred->ticket.data, atoken.ticketLen);
} else {