From 3bfded269711f9f3413775127696339862c71835 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Fri, 21 Oct 2005 17:14:19 +0000
Subject: [PATCH] (get_dh_param): Pass down config so this function can check
 pkinit_dh_min_bits

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16210 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 kdc/pkinit.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/kdc/pkinit.c b/kdc/pkinit.c
index 91a7754d6..2896fc28b 100644
--- a/kdc/pkinit.c
+++ b/kdc/pkinit.c
@@ -322,7 +322,9 @@ integer_to_BN(krb5_context context, const char *field, heim_integer *f)
 }
 
 static krb5_error_code
-get_dh_param(krb5_context context, SubjectPublicKeyInfo *dh_key_info,
+get_dh_param(krb5_context context,
+	     krb5_kdc_configuration *config,
+	     SubjectPublicKeyInfo *dh_key_info,
 	     pk_client_params *client_params)
 {
     DomainParameters dhparam;
@@ -362,7 +364,7 @@ get_dh_param(krb5_context context, SubjectPublicKeyInfo *dh_key_info,
     }
 
 
-    ret = _krb5_dh_group_ok(context, 0, 
+    ret = _krb5_dh_group_ok(context, config->pkinit_dh_min_bits, 
 			    &dhparam.p, &dhparam.g, &dhparam.q, moduli,
 			    &client_params->dh_group_name);
     if (ret)
@@ -699,7 +701,8 @@ _kdc_pk_rd_padata(krb5_context context,
 	client_params->nonce = ap.pkAuthenticator.nonce;
 
 	if (ap.clientPublicValue) {
-	    ret = get_dh_param(context, ap.clientPublicValue, client_params);
+	    ret = get_dh_param(context, config, 
+			       ap.clientPublicValue, client_params);
 	    if (ret) {
 		free_AuthPack(&ap);
 		goto out;