oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

try handle ts preauth better, still not good, but at least it work

Browse Source 
with older heimdal releases that doesn't send back
KRB5KDC_ERR_PREAUTH_REQUIRED when preauth was sent


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13226 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2003-12-17 20:44:37 +00:00
parent d24119eb2b
commit 1d9702acee
1 changed files with 20 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
lib/krb5/init_creds_pw.c
View File

@@ -1089,7 +1089,7 @@ process_pa_data_to_md(krb5_context context,
(*out_md)->len = 0; (*out_md)->len = 0;
(*out_md)->val = NULL; (*out_md)->val = NULL;
if (in_md->len == 0) { if (in_md->len != 0) {
struct pa_info_data paid, *ppaid; struct pa_info_data paid, *ppaid;
memset(&paid, 0, sizeof(paid)); memset(&paid, 0, sizeof(paid));
@@ -1209,6 +1209,13 @@ init_cred_loop(krb5_context context,
* KRB5_PA_ENC_TIMESTAMP. * KRB5_PA_ENC_TIMESTAMP.
*/ */
/* Set a new nonce. */
krb5_generate_random_block (&ctx->nonce, sizeof(ctx->nonce));
ctx->nonce &= 0xffffffff;
ctx->as_req.req_body.nonce = ctx->nonce;
krb5_generate_random_block (&ctx->pk_nonce, sizeof(ctx->pk_nonce));
ctx->pk_nonce &= 0xffffffff;
#define MAX_PA_COUNTER 3 #define MAX_PA_COUNTER 3
ctx->pa_counter = 0; ctx->pa_counter = 0;
@@ -1223,11 +1230,6 @@ init_cred_loop(krb5_context context,
} }
/* Set a new nonce. */ /* Set a new nonce. */
krb5_generate_random_block (&ctx->pk_nonce, sizeof(ctx->pk_nonce));
ctx->pk_nonce &= 0xffffffff;
krb5_generate_random_block (&ctx->nonce, sizeof(ctx->nonce));
ctx->nonce &= 0xffffffff;
ctx->as_req.req_body.nonce = ctx->nonce; ctx->as_req.req_body.nonce = ctx->nonce;
/* fill_in_md_data */ /* fill_in_md_data */
@@ -1278,16 +1280,20 @@ init_cred_loop(krb5_context context,
free_METHOD_DATA(&md); free_METHOD_DATA(&md);
memset(&md, 0, sizeof(md)); memset(&md, 0, sizeof(md));
ret = decode_METHOD_DATA(error.e_data->data, if (error.e_data) {
error.e_data->length, ret = decode_METHOD_DATA(error.e_data->data,
&md, error.e_data->length,
NULL); &md,
krb5_free_error_contents(context, &error); NULL);
if (ret) { if (ret)
krb5_set_error_string(context, krb5_set_error_string(context,
"failed to decode METHOD DATA"); "failed to decode METHOD DATA");
goto out; } else {
/* XXX guess what the server want here add add md */
} }
krb5_free_error_contents(context, &error);
if (ret)
goto out;
} else if (ret == KRB5KRB_ERR_RESPONSE_TOO_BIG) { } else if (ret == KRB5KRB_ERR_RESPONSE_TOO_BIG) {
if (send_to_kdc_flags & KRB5_KRBHST_FLAGS_LARGE_MSG) { if (send_to_kdc_flags & KRB5_KRBHST_FLAGS_LARGE_MSG) {
if (ret_as_reply) if (ret_as_reply)