oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Merge pull request #154 from metze-samba/heimdal-for-upstream

Browse Source 
lib/krb5: allow predefined PAC_{LOGON_NAME,PRIVSVR_CHECKSUM,SERVER_CH…
This commit is contained in:
Andrew Bartlett
2016-05-14 22:32:13 +12:00
parent b01d527a35 7cd40a6105
commit 2ff110cfa6
1 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
lib/krb5/pac.c
View File

@@ -986,6 +986,40 @@ _krb5_pac_sign(krb5_context context,
krb5_data_zero(&logon);
for (i = 0; i < p->pac->numbuffers; i++) {
if (p->pac->buffers[i].type == PAC_SERVER_CHECKSUM) {
if (p->server_checksum == NULL) {
p->server_checksum = &p->pac->buffers[i];
}
if (p->server_checksum != &p->pac->buffers[i]) {
ret = EINVAL;
krb5_set_error_message(context, ret,
N_("PAC have two server checksums", ""));
goto out;
}
} else if (p->pac->buffers[i].type == PAC_PRIVSVR_CHECKSUM) {
if (p->privsvr_checksum == NULL) {
p->privsvr_checksum = &p->pac->buffers[i];
}
if (p->privsvr_checksum != &p->pac->buffers[i]) {
ret = EINVAL;
krb5_set_error_message(context, ret,
N_("PAC have two KDC checksums", ""));
goto out;
}
} else if (p->pac->buffers[i].type == PAC_LOGON_NAME) {
if (p->logon_name == NULL) {
p->logon_name = &p->pac->buffers[i];
}
if (p->logon_name != &p->pac->buffers[i]) {
ret = EINVAL;
krb5_set_error_message(context, ret,
N_("PAC have two logon names", ""));
goto out;
}
}
}
if (p->logon_name == NULL)
num++;
if (p->server_checksum == NULL)