oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Try both ReplyKey and ReplyKey-Win2k for the Windows case to support

Browse Source 
the updated -09 protocol (using asChecksum). Tell KDC we support this
by sending KRB5-PADATA-PK-AS-09-BINDING in the pa-data.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16192 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2005-10-19 21:15:41 +00:00
parent 2c6670fb89
commit 79146c3e71
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/krb5/pkinit.c
View File

@@ -764,6 +764,10 @@ pk_mk_padata(krb5_context context,
ret = krb5_padata_add(context, md, pa_type, buf.data, buf.length); ret = krb5_padata_add(context, md, pa_type, buf.data, buf.length);
if (ret) if (ret)
free(buf.data); free(buf.data);
if (ret == 0 && compat == COMPAT_WIN2K)
krb5_padata_add(context, md, KRB5_PADATA_PK_AS_09_BINDING, NULL, 0);
out: out:
free_ContentInfo(&content_info); free_ContentInfo(&content_info);
@@ -1180,7 +1184,7 @@ _krb5_pk_verify_sign(krb5_context context,
return ret; return ret;
} }
static krb5_error_code static krb5_error_code
get_reply_key_win(krb5_context context, get_reply_key_win(krb5_context context,
const krb5_data *content, const krb5_data *content,
unsigned nonce, unsigned nonce,
@@ -1502,7 +1506,9 @@ pk_rd_pa_reply_enckey(krb5_context context,
switch(type) { switch(type) {
case COMPAT_WIN2K: case COMPAT_WIN2K:
ret = get_reply_key_win(context, &content, nonce, key); ret = get_reply_key(context, &content, req_buffer, key);
if (ret != 0)
ret = get_reply_key_win(context, &content, nonce, key);
break; break;
case COMPAT_IETF: case COMPAT_IETF:
ret = get_reply_key(context, &content, req_buffer, key); ret = get_reply_key(context, &content, req_buffer, key);