1 files changed, 16 insertions, 5 deletions

diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c
index 3a1c8f2..ad36aed 100644
--- a/src/appl/telnet/libtelnet/kerberos5.c
+++ b/src/appl/telnet/libtelnet/kerberos5.c
@@ -327,7 +327,7 @@ kerberos5_send(ap)
 				 &check_data, new_creds, &auth);
 
 #ifdef	ENCRYPTION
-	krb5_auth_con_getlocalsubkey(telnet_context, auth_context, &newkey);
+	krb5_auth_con_getsendsubkey(telnet_context, auth_context, &newkey);
 	if (session_key) {
 		krb5_free_keyblock(telnet_context, session_key);
 		session_key = 0;
@@ -446,6 +446,10 @@ kerberos5_is(ap, data, cnt)
 		 * first component of a service name especially since
 		 * the default is of length 4.
 		 */
+		if (krb5_princ_size(telnet_context,ticket->server) < 1) {
+		    (void) strcpy(errbuf, "malformed service name");
+		    goto errout;
+		}
 		if (krb5_princ_component(telnet_context,ticket->server,0)->length < 256) {
 		    char princ[256];
 		    strncpy(princ,	
@@ -548,7 +552,7 @@ kerberos5_is(ap, data, cnt)
 		
 		if (name)
 		    free(name);
-		krb5_auth_con_getremotesubkey(telnet_context, auth_context,
+		krb5_auth_con_getrecvsubkey(telnet_context, auth_context,
 					      &newkey);
 		if (session_key) {
 		    krb5_free_keyblock(telnet_context, session_key);
@@ -727,13 +731,20 @@ kerberos5_status(ap, name, level)
 	if (level < AUTH_USER)
 		return(level);
 
+	/*
+	 * Always copy in UserNameRequested if the authentication
+	 * is valid, because the higher level routines need it.
+	 * the name buffer comes from telnetd/telnetd{-ktd}.c
+	 */
+	if (UserNameRequested) {
+		strncpy(name, UserNameRequested, 255);
+		name[255] = '\0';
+	}
+
 	if (UserNameRequested &&
 	    krb5_kuserok(telnet_context, ticket->enc_part2->client, 
 			 UserNameRequested))
 	{
-		/* the name buffer comes from telnetd/telnetd{-ktd}.c */
-		strncpy(name, UserNameRequested, 255);
-		name[255] = '\0';
 		return(AUTH_VALID);
 	} else
 		return(AUTH_USER);