oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

split signedpath from PAC verification

Browse Source
This commit is contained in:
Love Hornquist Astrand
2010-06-12 21:34:55 -07:00
parent a70b912972
commit 4c43f933d3
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
kdc/krb5tgs.c
View File

@@ -312,6 +312,7 @@ check_PAC(krb5_context context,
for (j = 0; j < child.len; j++) { for (j = 0; j < child.len; j++) {
if (child.val[j].ad_type == KRB5_AUTHDATA_WIN2K_PAC) { if (child.val[j].ad_type == KRB5_AUTHDATA_WIN2K_PAC) {
int signed_pac = 0;
krb5_pac pac; krb5_pac pac;
/* Found PAC */ /* Found PAC */
@@ -332,7 +333,7 @@ check_PAC(krb5_context context,
} }
ret = _kdc_pac_verify(context, client_principal, ret = _kdc_pac_verify(context, client_principal,
client, server, &pac, signedpath); client, server, &pac, &signed_pac);
if (ret) { if (ret) {
krb5_pac_free(context, pac); krb5_pac_free(context, pac);
return ret; return ret;
@@ -344,11 +345,12 @@ check_PAC(krb5_context context,
* a PAC from cross realm from a Windows domain and * a PAC from cross realm from a Windows domain and
* that there is no PAC verification function. * that there is no PAC verification function.
*/ */
if (*signedpath) if (signed_pac) {
*signedpath = 1;
ret = _krb5_pac_sign(context, pac, tkt->authtime, ret = _krb5_pac_sign(context, pac, tkt->authtime,
client_principal, client_principal,
server_key, krbtgt_key, rspac); server_key, krbtgt_key, rspac);
}
krb5_pac_free(context, pac); krb5_pac_free(context, pac);
return ret; return ret;