Update.

1998-06-01  Thorsten Kukuk  <kukuk@vt.uni-paderborn.de>

	* nis/nis_call.c: Make directory search faster.

	* nis/nis_callback.c: Insert public key of user in callback data.

	* nis/nis_clone_obj.c: Make size from type u_long, not u_int.

	* nis/nis_creategroup.c: Check for NULL pointer, fill in more fields.

	* nis/nis_findserv.c: Rename __pmap_getport to __pmap_getnisport.

	* nis/nis_intern.h: Remove duplicated prototype.

1998-06-01  Thorsten Kukuk  <kukuk@vt.uni-paderborn.de>

	* sunrpc/auth_des.c: Move prototypes from here ...
	* sunrpc/rpc/auth.h: ... to here.

	* sunrpc/clnt_tcp.c: Add more control flags.
	* sunrpc/clnt_udp.c: Likewise.

	* sunrpc/netname.c (host2netname): Remove prefixing dot from
	domainname.

	* sunrpc/rpc/clnt.h: Document, which control flags are not
	implementable.

	* sunrpc/svcauth_des.c: Use key_decryptsession_pk to avoid deadlock.

1 files changed, 12 insertions, 2 deletions

diff --git a/sunrpc/svcauth_des.c b/sunrpc/svcauth_des.c
index 7160726e86..c74e06b5c1 100644
--- a/sunrpc/svcauth_des.c
+++ b/sunrpc/svcauth_des.c
@@ -174,9 +174,19 @@ _svcauth_des (register struct svc_req *rqst, register struct rpc_msg *msg)
    */
   if (cred->adc_namekind == ADN_FULLNAME)
     {
+      netobj pkey;
+      char pkey_data[1024];
+
       sessionkey = &cred->adc_fullname.key;
-      if (key_decryptsession (cred->adc_fullname.name,
-			      sessionkey) < 0)
+      if (!getpublickey (cred->adc_fullname.name, pkey_data))
+	{
+	  debug("getpublickey");
+	  return AUTH_BADCRED;
+	}
+      pkey.n_bytes = pkey_data;
+      pkey.n_len = strlen (pkey_data) + 1;
+      if (key_decryptsession_pk (cred->adc_fullname.name, &pkey,
+				 sessionkey) < 0)
 	{
 	  debug ("decryptsessionkey");
 	  return AUTH_BADCRED;	/* key not found */