krb5: import Heimdal-597.121.1 AS/TGS client

Sync with most changes in AS/TGS client from Apple's Heimdal-597.121.1 (opensource.apple.com). Changes include: - FAST support in TGS client - Refactored pre-auth client to be more easily extensible - Pin KDC host and AD site name in API calls Note the completely refactored TGS client loop is not imported as that was considered too intrusive.
2021-08-09 19:32:21 +10:00
parent b5a58df8eb
commit 47282cae34
15 changed files with 3028 additions and 1351 deletions
--- a/lib/base/heim_err.et
+++ b/lib/base/heim_err.et
@@ -22,6 +22,9 @@ error_code TOO_BIG,		"Offset too large"
 error_code BAD_HDBENT_ENCODING,	"Invalid HDB entry encoding"
 error_code RANDOM_OFFLINE,	"No random source available"
 error_code CONFIG_BADFORMAT,    "Improper format of configuration file"
+error_code PA_CONTINUE_NEEDED,  "Need to continue preauth stepping"
+error_code PA_CANT_CONTINUE,    "Can't continue with this preauth"
+error_code NO_MORE_PA_MECHS,    "No more PA mechanisms available"

 index 64
 prefix HEIM_PKINIT
--- a/lib/base/heimbasepriv.h
+++ b/lib/base/heimbasepriv.h
@@ -64,6 +64,7 @@ enum {
    HEIM_TID_ERROR = 133,
    HEIM_TID_DATA = 134,
    HEIM_TID_DB = 135,
+    HEIM_TID_PA_AUTH_MECH = 136,
    HEIM_TID_USER = 255

 };