(_kdc_pk_rd_padata): Pick up supportedCMSTypes and pass in into

hx509_cms_create_signed_1 via hx509_peer_info blob. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19125 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-11-26 16:38:51 +00:00
parent d71ddea187
commit 480aff7f9b
1 changed files with 22 additions and 2 deletions
--- a/kdc/pkinit.c
+++ b/kdc/pkinit.c
@@ -68,6 +68,7 @@ struct pk_client_params {
    DH *dh;
    EncryptionKey reply_key;
    char *dh_group_name;
    hx509_peer_info peer;
 };
 struct pk_principal_mapping {
@@ -180,6 +181,8 @@ _kdc_pk_free_client_param(krb5_context context,
    krb5_free_keyblock_contents(context, &client_params->reply_key);
    if (client_params->dh_group_name)
 	free(client_params->dh_group_name);
    if (client_params->peer)
 	hx509_peer_info_free(client_params->peer);
    memset(client_params, 0, sizeof(*client_params));
    free(client_params);
 }
@@ -611,6 +614,23 @@ _kdc_pk_rd_padata(krb5_context context,
 		goto out;
 	    }
 	}
 	if (ap.supportedCMSTypes) {
 	    ret = hx509_peer_info_alloc(kdc_identity->hx509ctx,
 					&client_params->peer);
 	    if (ret) {
 		free_AuthPack(&ap);
 		goto out;
 	    }
 	    ret = hx509_peer_info_set_cms_algs(kdc_identity->hx509ctx,
 					       client_params->peer,
 					       ap.supportedCMSTypes->val,
 					       ap.supportedCMSTypes->len);
 	    if (ret) {
 		free_AuthPack(&ap);
 		goto out;
 	    }
 	}
 	free_AuthPack(&ap);
    } else
 	krb5_abortx(context, "internal pkinit error");
@@ -752,7 +772,7 @@ pk_mk_pa_reply_enckey(krb5_context context,
 					buf.length,
 					NULL,
 					cert,
-					NULL,
+					client_params->peer,
 					kdc_identity->anchors,
 					kdc_identity->certpool,
 					&signed_data);
@@ -865,7 +885,7 @@ pk_mk_pa_reply_dh(krb5_context context,
 					buf.length,
 					NULL,
 					cert,
-					NULL,
+					client_params->peer,
 					kdc_identity->anchors,
 					kdc_identity->certpool,
 					&signed_data);